diff --git a/README.md b/README.md deleted file mode 100644 index 5f685ba9..00000000 --- a/README.md +++ /dev/null @@ -1,2 +0,0 @@ -小米路由器4 openwrt-ss固件 -引用 https://github.com/coolsnowwolf/lede diff --git a/feeds.conf.default b/feeds.conf.default index 050b3ee4..586e5084 100644 --- a/feeds.conf.default +++ b/feeds.conf.default @@ -1,4 +1,4 @@ -src-git packages https://git.openwrt.org/feed/packages.git^99efce0cd27adfcc53384fba93f37e5ee2e517de -src-git luci https://git.openwrt.org/project/luci.git^13dd17fca148965d38f0d4e578b19679a7c4daa2 -src-git routing https://git.openwrt.org/feed/routing.git^efa6e5445adda9c6545f551808829ec927cbade8 -src-git telephony https://git.openwrt.org/feed/telephony.git^6f95d6ab3f359ee2ce81c20522700937424d1591 +src-git packages https://git.openwrt.org/feed/packages.git^2e6bd4cb86682b224803325127d3f777d40b3231 +src-git luci https://git.openwrt.org/project/luci.git^fb2f36306756d0d0782dcab8413a8bb7ec379e54 +src-git routing https://git.openwrt.org/feed/routing.git^3f8571194c2765ed31aa73459e86c2ebf943d27d +src-git telephony https://git.openwrt.org/feed/telephony.git^036cd451c35b82b3d8cac519864986894d9f6958 diff --git a/include/kernel-version.mk b/include/kernel-version.mk index ec8fe4f7..8ae5e0e0 100644 --- a/include/kernel-version.mk +++ b/include/kernel-version.mk @@ -6,9 +6,9 @@ ifdef CONFIG_TESTING_KERNEL KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER) endif -LINUX_VERSION-4.14 = .171 +LINUX_VERSION-4.14 = .180 -LINUX_KERNEL_HASH-4.14.171 = 4fe02489e4b4a187eccf0ef87df6100534c9d485e76d876b1fa247c7635332a0 +LINUX_KERNEL_HASH-4.14.180 = 444ef973d9b6a6ea174e4a9086f0aea980d8575d13302e431ad688f22e27ed0e remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1)))) sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1))))))) diff --git a/include/prereq-build.mk b/include/prereq-build.mk index d626ab02..50173996 100644 --- a/include/prereq-build.mk +++ b/include/prereq-build.mk @@ -28,15 +28,8 @@ $(eval $(call TestHostCommand,proper-umask, \ $(eval $(call SetupHostCommand,gcc, \ Please install the GNU C Compiler (gcc) 4.8 or later, \ - $(CC) -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?)', \ - gcc -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?)', \ - gcc48 --version | grep gcc, \ - gcc49 --version | grep gcc, \ - gcc5 --version | grep gcc, \ - gcc6 --version | grep gcc, \ - gcc7 --version | grep gcc, \ - gcc8 --version | grep gcc, \ - gcc9 --version | grep gcc, \ + $(CC) -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?|10\.?)', \ + gcc -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?|10\.?)', \ gcc --version | grep -E 'Apple.(LLVM|clang)' )) $(eval $(call TestHostCommand,working-gcc, \ @@ -47,15 +40,8 @@ $(eval $(call TestHostCommand,working-gcc, \ $(eval $(call SetupHostCommand,g++, \ Please install the GNU C++ Compiler (g++) 4.8 or later, \ - $(CXX) -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?)', \ - g++ -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?)', \ - g++48 --version | grep g++, \ - g++49 --version | grep g++, \ - g++5 --version | grep g++, \ - g++6 --version | grep g++, \ - g++7 --version | grep g++, \ - g++8 --version | grep g++, \ - g++9 --version | grep g++, \ + $(CXX) -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?|10\.?)', \ + g++ -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?|10\.?)', \ g++ --version | grep -E 'Apple.(LLVM|clang)' )) $(eval $(call TestHostCommand,working-g++, \ diff --git a/include/version.mk b/include/version.mk index 4b90056c..94622c18 100644 --- a/include/version.mk +++ b/include/version.mk @@ -26,13 +26,13 @@ PKG_CONFIG_DEPENDS += \ sanitize = $(call tolower,$(subst _,-,$(subst $(space),-,$(1)))) VERSION_NUMBER:=$(call qstrip,$(CONFIG_VERSION_NUMBER)) -VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),19.07.2) +VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),19.07.3) VERSION_CODE:=$(call qstrip,$(CONFIG_VERSION_CODE)) -VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r10947-65030d81f3) +VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r11063-85e04e9f46) VERSION_REPO:=$(call qstrip,$(CONFIG_VERSION_REPO)) -VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),http://downloads.openwrt.org/releases/19.07.2) +VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),http://downloads.openwrt.org/releases/19.07.3) VERSION_DIST:=$(call qstrip,$(CONFIG_VERSION_DIST)) VERSION_DIST:=$(if $(VERSION_DIST),$(VERSION_DIST),OpenWrt) diff --git a/package/base-files/image-config.in b/package/base-files/image-config.in index 84e344f0..e3dc6636 100644 --- a/package/base-files/image-config.in +++ b/package/base-files/image-config.in @@ -183,7 +183,7 @@ if VERSIONOPT config VERSION_REPO string prompt "Release repository" - default "http://downloads.openwrt.org/releases/19.07.2" + default "http://downloads.openwrt.org/releases/19.07.3" help This is the repository address embedded in the image, it defaults to the trunk snapshot repo; the url may contain the following placeholders: diff --git a/package/boot/uboot-envtools/files/ramips b/package/boot/uboot-envtools/files/ramips index be30273e..dbb85849 100644 --- a/package/boot/uboot-envtools/files/ramips +++ b/package/boot/uboot-envtools/files/ramips @@ -35,7 +35,8 @@ zbt-wg2626) ;; xiaomi,mir3p|\ xiaomi,mir3g|\ -xiaomi,mir4) +xiaomi,mir4|\ +xiaomi,rm2100) ubootenv_add_uci_config "/dev/mtd1" "0x0" "0x1000" "0x20000" ;; esac diff --git a/package/boot/uboot-kirkwood/Makefile b/package/boot/uboot-kirkwood/Makefile index 4ce1485a..1b660bd9 100644 --- a/package/boot/uboot-kirkwood/Makefile +++ b/package/boot/uboot-kirkwood/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_VERSION:=2019.01 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_HASH:=50bd7e5a466ab828914d080d5f6a432345b500e8fba1ad3b7b61e95e60d51c22 diff --git a/package/boot/uboot-kirkwood/patches/001-ARM-kirkwood-disable-dcache-for-Kirkwood-boards.patch b/package/boot/uboot-kirkwood/patches/001-ARM-kirkwood-disable-dcache-for-Kirkwood-boards.patch new file mode 100644 index 00000000..731f083a --- /dev/null +++ b/package/boot/uboot-kirkwood/patches/001-ARM-kirkwood-disable-dcache-for-Kirkwood-boards.patch @@ -0,0 +1,38 @@ +From 599f7aa541bb5a658cbfd2af73bd9d2f6e828d43 Mon Sep 17 00:00:00 2001 +From: Chris Packham +Date: Mon, 18 Mar 2019 20:51:58 +1300 +Subject: [PATCH] ARM: kirkwood: disable dcache for Kirkwood boards + +Prior to commit 93b283d49f93 ("ARM: CPU: arm926ejs: Consolidate cache +routines to common file") the kirkwood boards didn't have and dcache +support. The network and usb drivers rely on this. Set +CONFIG_SYS_DCACHE_OFF in the Kirkwood specific config.h. + +Reported-by: Leigh Brown +Signed-off-by: Chris Packham +Reviewed-by: Stefan Roese +Signed-off-by: Stefan Roese +--- + arch/arm/mach-kirkwood/include/mach/config.h | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/arch/arm/mach-kirkwood/include/mach/config.h b/arch/arm/mach-kirkwood/include/mach/config.h +index fcd903887b..aea60688c2 100644 +--- a/arch/arm/mach-kirkwood/include/mach/config.h ++++ b/arch/arm/mach-kirkwood/include/mach/config.h +@@ -26,6 +26,12 @@ + #define CONFIG_KIRKWOOD_EGIGA_INIT /* Enable GbePort0/1 for kernel */ + #define CONFIG_KIRKWOOD_RGMII_PAD_1V8 /* Set RGMII Pad voltage to 1.8V */ + #define CONFIG_KIRKWOOD_PCIE_INIT /* Enable PCIE Port0 for kernel */ ++/* ++ * Disable the dcache. Currently the network driver (mvgbe.c) and USB ++ * EHCI driver (ehci-marvell.c) and possibly others rely on the data ++ * cache being disabled. ++ */ ++#define CONFIG_SYS_DCACHE_OFF + + /* + * By default kwbimage.cfg from board specific folder is used +-- +2.20.1 + diff --git a/package/devel/binutils/Makefile b/package/devel/binutils/Makefile index 291f4520..e04611f5 100644 --- a/package/devel/binutils/Makefile +++ b/package/devel/binutils/Makefile @@ -49,6 +49,7 @@ define Package/binutils CATEGORY:=Development TITLE:=binutils DEPENDS:=+objdump +ar + ALTERNATIVES:=200:/usr/bin/strings:/usr/bin/binutils-strings endef define Package/objdump @@ -114,7 +115,7 @@ endef define Package/binutils/install $(INSTALL_DIR) $(1)/usr $(1)/bin $(CP) $(PKG_INSTALL_DIR)/usr/bin/ $(1)/usr/ - mv $(1)/usr/bin/strings $(1)/bin/strings + mv $(1)/usr/bin/strings $(1)/usr/bin/binutils-strings rm -f $(1)/usr/bin/objdump rm -f $(1)/usr/bin/ar endef diff --git a/package/devel/perf/Makefile b/package/devel/perf/Makefile index 3d711058..ff5eb2e0 100644 --- a/package/devel/perf/Makefile +++ b/package/devel/perf/Makefile @@ -52,6 +52,7 @@ MAKE_FLAGS = \ NO_LIBAUDIT=1 \ NO_LIBCRYPTO=1 \ NO_LIBUNWIND=1 \ + NO_LIBCAP=1 \ CROSS_COMPILE="$(TARGET_CROSS)" \ CC="$(TARGET_CC)" \ LD="$(TARGET_CROSS)ld" \ diff --git a/package/firmware/ath10k-firmware/Makefile b/package/firmware/ath10k-firmware/Makefile index 5a6c18a4..b6a7c94e 100644 --- a/package/firmware/ath10k-firmware/Makefile +++ b/package/firmware/ath10k-firmware/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ath10k-firmware PKG_SOURCE_DATE:=2019-10-03 PKG_SOURCE_VERSION:=d622d160e9f552ead68d9ae81b715422892dc2ef -PKG_MIRROR_HASH:=9d56a9942b7be7effdeed6d0688a9bdcfae76a2921a630714c3e2d8390ea8934 +PKG_MIRROR_HASH:=2e504e071c3f896d629c4cfffe7ff4b5f1acdb4fecd3f01e8ff8c73e87a67cc7 PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git diff --git a/package/firmware/wireless-regdb/Makefile b/package/firmware/wireless-regdb/Makefile index 26f470af..86343be0 100644 --- a/package/firmware/wireless-regdb/Makefile +++ b/package/firmware/wireless-regdb/Makefile @@ -2,6 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wireless-regdb PKG_VERSION:=2019.06.03 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/software/network/wireless-regdb/ diff --git a/package/firmware/wireless-regdb/patches/600-wireless-regdb-Fix-overlapping-ranges-for-Switzerlan.patch b/package/firmware/wireless-regdb/patches/600-wireless-regdb-Fix-overlapping-ranges-for-Switzerlan.patch new file mode 100644 index 00000000..6febcc06 --- /dev/null +++ b/package/firmware/wireless-regdb/patches/600-wireless-regdb-Fix-overlapping-ranges-for-Switzerlan.patch @@ -0,0 +1,47 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Martin Willi +Date: Tue, 2 Jul 2019 16:19:44 +0200 +Subject: [PATCH] wireless-regdb: Fix overlapping ranges for Switzerland and + Liechtenstein + +The commit referenced below changes the 5GHz frequency range 5250-5330 +to 5150-5330, making that range overlapping with the existing range +5170-5250. This imposes DFS limitations and a reduced maximum power +level for the range 5170-5250. + +The change of the frequency range seems not intentional. Instead the +commit should have changed the 5170-5250 range to 5150-5250, and the +5250-5330 range to 5250-5350 (see [1]). + +[1] https://www.ofcomnet.ch/api/rir/1010/05 + +Fixes: 957a7cff72a3 ("wireless-regdb: update regulatory rules for Switzerland (CH), and Liechtenstein (LI) on 5GHz") +Signed-off-by: Martin Willi +Signed-off-by: Seth Forshee + +diff --git a/db.txt b/db.txt +index d47ab94c3aa5..37393e6a793e 100644 +--- a/db.txt ++++ b/db.txt +@@ -271,8 +271,8 @@ country CF: DFS-FCC + # transmitter power control is in use: 5250-5330@23db, 5490-5710@30db + country CH: DFS-ETSI + (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- (5150 - 5330 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI + (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI + # 60 GHz band channels 1-4, ref: Etsi En 302 567 + (57000 - 66000 @ 2160), (40) +@@ -747,8 +747,8 @@ country LC: DFS-ETSI + # transmitter power control is in use: 5250-5330@23db, 5490-5710@30db + country LI: DFS-ETSI + (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- (5150 - 5330 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI + (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI + # 60 GHz band channels 1-4, ref: Etsi En 302 567 + (57000 - 66000 @ 2160), (40) diff --git a/package/firmware/wireless-regdb/patches/601-wireless-regdb-Fix-ranges-of-EU-countries-as-they-ar.patch b/package/firmware/wireless-regdb/patches/601-wireless-regdb-Fix-ranges-of-EU-countries-as-they-ar.patch new file mode 100644 index 00000000..f9b97bc8 --- /dev/null +++ b/package/firmware/wireless-regdb/patches/601-wireless-regdb-Fix-ranges-of-EU-countries-as-they-ar.patch @@ -0,0 +1,843 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Emil Petersky +Date: Tue, 17 Sep 2019 09:49:19 +0200 +Subject: [PATCH] wireless-regdb: Fix ranges of EU countries as they are + harmonized since 2014 + +This patch unites entries for EU countries, as they have been harmonized +latest by July 2014... + +EU decision 2005/513/EC: +https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 +EU decision 2006/771/EC: +https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 + +Signed-off-by: Emil Petersky +Signed-off-by: Seth Forshee + +diff --git a/db.txt b/db.txt +index 2e149b6e0ea2..a57452479a9b 100644 +--- a/db.txt ++++ b/db.txt +@@ -87,12 +87,20 @@ country AS: DFS-FCC + (5490 - 5730 @ 160), (24), DFS + (5735 - 5835 @ 80), (30) + ++# AT as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# AT: https://www.rtr.at/en/tk/Spektrum5GHz/1997_bmvit-info-052010en.pdf ++# AT: acceptance https://www.ris.bka.gv.at/Dokumente/BgblAuth/BGBLA_2014_II_63/BGBLA_2014_II_63.pdfsig + country AT: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + # Source: +@@ -139,12 +147,22 @@ country BD: DFS-JP + (2402 - 2482 @ 40), (20) + (5735 - 5835 @ 80), (30) + ++# BE as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# BE: https://www.ibpt.be/public/files/en/21760/B03-01_2.1_EN.pdf ++# BE: https://www.ibpt.be/public/files/en/21761/B03-02_2.1_EN.pdf ++# BE: https://www.ibpt.be/public/files/en/21762/B03-03_2.1_EN.pdf ++# BE: https://www.ibpt.be/public/files/en/22165/B01-28_3.1_EN.pdf + country BE: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country BF: DFS-FCC +@@ -167,22 +185,29 @@ country BF: DFS-FCC + # + # Note: The transmit power limits in the 5250-5350 MHz and 5470-5725 MHz bands + # can be raised by 3 dBm if TPC is enabled. Refer to BDS EN 301 893 for details. ++# ++# BG as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# BG: https://crc.bg/files/_en/Electronic_Communications_Revised_EN1.pdf ++# BG: acceptance of 2006/771/EC https://crc.bg/files/Pravila_06_12_2018.pdf + country BG: DFS-ETSI + # Wideband data transmission systems (WDTS) in the 2.4GHz ISM band, ref: + # I.22 of the List, BDS EN 300 328 +- (2402 - 2482 @ 40), (20) ++ (2400 - 2483.5 @ 40), (100 mW) + # 5 GHz Radio Local Area Networks (RLANs), ref: + # II.H01 of the List, BDS EN 301 893 +- (5170 - 5250 @ 80), (23), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI + # II.H01 of the List, I.54 from the List, BDS EN 301 893 +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # Short range devices (SRDs) in the 5725-5875 MHz frequency range, ref: ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) + # I.43 of the List, BDS EN 300 440-2, BDS EN 300 440-1 +- (5725 - 5875 @ 80), (14) +- # 60 GHz Multiple-Gigabit RLAN Systems, ref: ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + # II.H03 of the List, BDS EN 302 567-2 +- (57000 - 66000 @ 2160), (40), NO-OUTDOOR ++ (57000 - 66000 @ 2160), (40) + + country BH: DFS-JP + (2402 - 2482 @ 40), (20) +@@ -265,16 +290,22 @@ country CF: DFS-FCC + (5490 - 5730 @ 40), (24), DFS + (5735 - 5835 @ 40), (30) + +-# Source: +-# https://www.ofcomnet.ch/#/fatTable +-# Note that the maximum transmitter power can be doubled for 5250-5710MHz if +-# transmitter power control is in use: 5250-5330@23db, 5490-5710@30db ++# CH as part of CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# CH: https://www.ofcomnet.ch/api/rir/1010/05 ++# CH: https://www.ofcomnet.ch/api/rir/1010/04 ++# CH: https://www.ofcomnet.ch/api/rir/1008/12 ++# CH: https://www.ofcomnet.ch/#/fatTable + country CH: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country CI: DFS-FCC +@@ -329,26 +360,42 @@ country CX: DFS-FCC + (5490 - 5730 @ 160), (24), DFS + (5735 - 5835 @ 80), (30) + ++# CY as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# CY: http://www.mcw.gov.cy/mcw/dec/dec.nsf/all/292484CFC7013DD4C2256EBA0023D447/$file/Sxedio%20Radiosyxnothtwn%20ths%20Dhmokratias-3-8-2018-E2.2(English%20Unified%20Unofficial).pdf?openelement + country CY: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + +-# Data from http://www.ctu.eu/164/download/VOR/VOR-12-08-2005-34.pdf +-# and http://www.ctu.eu/164/download/VOR/VOR-12-05-2007-6-AN.pdf +-# Power at 5250 - 5350 MHz and 5470 - 5725 MHz can be doubled if TPC is +-# implemented. ++# CZ as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# CZ: https://www.ctu.cz/cs/download/vseobecna-opravneni/archiv/vo-r_12-06_2010-09.pdf ++# CZ: https://www.ctu.cz/sites/default/files/obsah/ctu/vseobecne-opravneni-c.vo-r/10/12.2017-10/obrazky/vo-r10-122017-10.pdf + country CZ: DFS-ETSI + (2400 - 2483.5 @ 40), (100 mW) + (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI + (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI + (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + ++# DE as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# + # Allocation for the 2.4 GHz band (Vfg 10 / 2013, Allgemeinzuteilung von + # Frequenzen für die Nutzung in lokalen Netzwerken; Wireless Local Area + # Networks (WLAN-Funkanwendungen). +@@ -379,16 +426,22 @@ country DE: DFS-ETSI + # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + +-# Sources: ++# DK as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# DK: https://ens.dk/sites/ens.dk/files/Tele/frekvensplan_0.pdf + # 5GHz: https://erhvervsstyrelsen.dk/sites/default/files/007_interface-datanet_5-6_ghz.pdf.pdf + # 60GHz: https://erhvervsstyrelsen.dk/sites/default/files/radiograenseflader-63.pdf + country DK: DFS-ETSI +- (2400 - 2483.5 @ 40), (20) +- (5150 - 5250 @ 80), (23), AUTO-BW, wmmrule=ETSI +- (5250 - 5350 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5470 - 5725 @ 160), (27), DFS, wmmrule=ETSI ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) + # 60 GHz band channels 1-4 (ETSI EN 302 567) +- (57000 - 66000 @ 2160), (40), NO-OUTDOOR ++ (57000 - 66000 @ 2160), (40) + + # Source: + # http://www.ntrcdom.org/index.php?option=com_content&view=category&layout=blog&id=10&Itemid=55 +@@ -417,12 +470,20 @@ country EC: DFS-FCC + (5490 - 5730 @ 20), (24), DFS + (5735 - 5835 @ 20), (30) + ++# EE as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# EE: https://www.ttja.ee/et/ettevottele-organisatsioonile/sideteenused/raadioseadmed/wifi-seade ++# EE: https://www.itu.int/ITU-D/study_groups/SGP_1998-2002/JGRES09/pdf/estonia.pdf + country EE: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country EG: DFS-ETSI +@@ -430,17 +491,19 @@ country EG: DFS-ETSI + (5170 - 5250 @ 40), (20) + (5250 - 5330 @ 40), (20), DFS + +-# Source: +-# Cuadro nacional de atribución de frecuencias (CNAF) +-# https://avancedigital.gob.es/espectro/Paginas/cnaf.aspx ++# ES as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# ES: https://avancedigital.gob.es/espectro/Paginas/cnaf.aspx + country ES: DFS-ETSI + (2400 - 2483.5 @ 40), (100 mW) + (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI + (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI + (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI +- # Short Range Devices (SRD) (ETSI EN 300 440) ++ # short range devices (ETSI EN 300 440-1) + (5725 - 5875 @ 80), (25 mW) +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country ET: DFS-ETSI +@@ -449,14 +512,18 @@ country ET: DFS-ETSI + (5250 - 5330 @ 80), (20), DFS, AUTO-BW + (5490 - 5710 @ 160), (27), DFS + ++# FI as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 + country FI: DFS-ETSI +- (2400 - 2483.5 @ 40), (20) +- (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI +- (5470 - 5725 @ 160), (27), DFS, wmmrule=ETSI ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI + # short range devices (ETSI EN 300 440-1) + (5725 - 5875 @ 80), (25 mW) +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country FM: DFS-FCC +@@ -466,22 +533,34 @@ country FM: DFS-FCC + (5490 - 5730 @ 160), (24), DFS + (5735 - 5835 @ 80), (30) + ++# FR as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 + country FR: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI +- (5470 - 5725 @ 160), (27), DFS, wmmrule=ETSI +- # short range devices (ETSI EN 300 440) ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) + (5725 - 5875 @ 80), (25 mW) +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + ++# GB as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# GB: https://www.ofcom.org.uk/__data/assets/pdf_file/0019/136009/Ofcom-Information-Sheet-5-GHz-RLANs.pdf ++# GB: https://www.ofcom.org.uk/__data/assets/pdf_file/0028/84970/ir-2030.pdf + country GB: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country GD: DFS-FCC +@@ -523,12 +602,20 @@ country GP: DFS-ETSI + (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI + (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI + ++# GR as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# GR: https://www.eett.gr/opencms/export/sites/default/EETT_EN/Electronic_Communications/Radio_Communications/TelecommunicationEquipment/Radio_equipment_interface_requirement_2012.pdf ++# GR: https://www.eett.gr/opencms/export/sites/default/EETT_EN/Electronic_Communications/Radio_Communications/TelecommunicationEquipment/Radio_equipment_interface_requirement_107.pdf + country GR: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country GT: DFS-FCC +@@ -563,11 +650,18 @@ country HN: DFS-FCC + (5735 - 5835 @ 80), (30) + + country HR: DFS-ETSI +- (2400 - 2483.5 @ 40), (20) +- (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI +- (5470 - 5725 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++# HR as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# HR: http://tablice.hakom.hr:8080/vis?lang=en ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country HT: DFS-FCC +@@ -577,37 +671,42 @@ country HT: DFS-FCC + (5490 - 5730 @ 160), (24), DFS + (5735 - 5835 @ 80), (30) + +-# http://stir.nmhh.hu/?oldal=dokumentumGeneralo&root_rendeletelem_id=3&hatalyos=1 +-# http://english.nmhh.hu/cikk/297/Eljarasi_tajekoztato_a_24_GHzes_es_az_5_GHzes_savban_mukodo_berendezesek_engedelyezeserol +-# http://nmhh.hu/dokumentum/319/kis_hatotavolsagu_eszkozok_srdk.pdf ++# HU as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# HU: http://stir.nmhh.hu/?oldal=dokumentumGeneralo&root_rendeletelem_id=3&hatalyos=1 ++# HU: http://english.nmhh.hu/cikk/297/Eljarasi_tajekoztato_a_24_GHzes_es_az_5_GHzes_savban_mukodo_berendezesek_engedelyezeserol ++# HU: http://nmhh.hu/dokumentum/319/kis_hatotavolsagu_eszkozok_srdk.pdf + country HU: DFS-ETSI +- # ref: 2006/771/EK, (EU) 2017/1483, MSZ EN 300 328 +- # additionally: 100mW @ 10MHz channels, 50mW @ 5MHz (max. 10mW/MHz) +- (2400 - 2483.5 @ 40), (20) +- # ref: 2005/513/EK +- # note: TPC not needed @ 5150-5250 +- (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- # note: max would be +3dB with TPC @ 5250-5725 +- (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI +- (5470 - 5725 @ 160), (27), DFS, wmmrule=ETSI +- # "Short Range Devices (SRD)" +- # ref: 2006/771/EK, (EU) 2017/1483, MSZ EN 300 440, MSZ EN 302 064 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) + (5725 - 5875 @ 80), (25 mW) +- # 60 GHz band channels 1-4, "Fixed outdoor installation not allowed" +- # ref: 2006/771/EK, (EU) 2017/1483, MSZ EN 302 567 +- (57000 - 66000 @ 2160), (40), NO-OUTDOOR ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) ++ (57000 - 66000 @ 2160), (40) + + country ID: DFS-JP + # ref: http://www.postel.go.id/content/ID/regulasi/standardisasi/kepdir/bwa%205,8%20ghz.pdf + (2402 - 2482 @ 20), (20) + (5735 - 5815 @ 20), (23) + ++# IE as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# IE: https://www.comreg.ie/publication-download/interface-requirements-for-radio-services-in-ireland ++# IE: https://www.comreg.ie/publication-download/permitted-short-range-devices-ireland + country IE: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country IL: DFS-ETSI +@@ -626,20 +725,33 @@ country IR: DFS-JP + (2402 - 2482 @ 40), (20) + (5735 - 5835 @ 80), (30) + ++# IS as part of CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# IS: https://www.pfs.is/library/Skrar/Tidnir-og-taekni/MHZ_21022019.pdf + country IS: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + ++# IT as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 + country IT: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country JM: DFS-FCC +@@ -741,16 +853,22 @@ country LC: DFS-ETSI + (5490 - 5710 @ 160), (30), DFS + (5735 - 5815 @ 80), (30) + +-# Source: +-# https://www.ofcomnet.ch/#/fatTable +-# Note that the maximum transmitter power can be doubled for 5250-5710MHz if +-# transmitter power control is in use: 5250-5330@23db, 5490-5710@30db ++# LI as part of CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# LI: https://www.ofcomnet.ch/api/rir/1010/05 ++# LI: https://www.ofcomnet.ch/api/rir/1010/04 ++# LI: https://www.ofcomnet.ch/api/rir/1008/12 ++# LI: https://www.ofcomnet.ch/#/fatTable + country LI: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country LK: DFS-FCC +@@ -768,28 +886,50 @@ country LS: DFS-ETSI + (5250 - 5330 @ 80), (20), DFS, AUTO-BW + (5490 - 5710 @ 160), (27), DFS + ++# LT as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# LT: https://www.rrt.lt/en/radio-spectrum/frequency-management/ or direct link: ++# LT: https://www.e-tar.lt/portal/lt/legalAct/6e718fd037a011e69101aaab2992cbcd/dGRioCBBHb + country LT: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + ++# LU as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# LU: https://assets.ilr.lu/frequences/Documents/ILRLU-1723895916-183.pdf#search=en%20300%20440 + country LU: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + ++# LV as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# LV: http://likumi.lv/doc.php?id=198903 + country LV: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country MA: DFS-ETSI +@@ -875,12 +1015,19 @@ country MR: DFS-ETSI + (5250 - 5330 @ 80), (20), DFS, AUTO-BW + (5490 - 5710 @ 160), (27), DFS + ++# MT as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# MT: https://www.mca.org.mt/sites/default/files/NFP_edition%206-1.pdf + country MT: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country MU: DFS-FCC +@@ -930,34 +1077,36 @@ country NI: DFS-FCC + (5490 - 5730 @ 160), (24), DFS + (5735 - 5835 @ 80), (30) + +-# Regulation on the use of frequency space without a license and +-# without notification 2015 +-# +-# http://wetten.overheid.nl/BWBR0036378/2015-03-05 +- ++# NL as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# NL: http://wetten.overheid.nl/BWBR0036378/2015-03-05 + country NL: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI + # short range devices (ETSI EN 300 440-1) + (5725 - 5875 @ 80), (25 mW) +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + +-# Data from http://www.lovdata.no/dokument/SF/forskrift/2012-01-19-77 +-# Power at 5250 - 5350 MHz, 5470 - 5725 MHz and 5815 – 5850 MHz can +-# be doubled if TPC is implemented. +-# Up to 2W (or 4W with TPC) is allowed in the 5725 – 5795 MHz band +-# which has been merged with 5470 - 5725 MHz to allow wide channels ++# NO as part of CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# NO: https://eng.nkom.no/technical/temporary-licenses/mobile-videolink/wireless-cameras-mobile-video-links/_attachment/9947 ++# NO: http://www.lovdata.no/dokument/SF/forskrift/2012-01-19-77 ++# In addition to EU NO can use 5725–5795 MHz and 5815–5850 bands with limit of 4 W EIRP (with DFS and TPC) + country NO: DFS-ETSI + (2400 - 2483.5 @ 40), (100 mW) +- (5150 - 5250 @ 80), (200 mW), AUTO-BW, wmmrule=ETSI +- (5250 - 5350 @ 80), (100 mW), DFS, AUTO-BW, wmmrule=ETSI +- (5470 - 5795 @ 160), (500 mW), DFS, wmmrule=ETSI +- (5815 - 5850 @ 35), (2000 mW), DFS +- (17100 - 17300 @ 200), (100 mW) +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country NP: DFS-JP +@@ -1020,12 +1169,18 @@ country PK: DFS-JP + (2402 - 2482 @ 40), (20) + (5735 - 5835 @ 80), (30) + ++# PL as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 + country PL: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country PM: DFS-ETSI +@@ -1041,14 +1196,19 @@ country PR: DFS-FCC + (5490 - 5730 @ 160), (24), DFS + (5735 - 5835 @ 80), (30) + ++# PT as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# PT: https://www.anacom.pt/render.jsp?categoryId=336334 + country PT: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI + # short range devices (ETSI EN 300 440-1) + (5725 - 5875 @ 80), (25 mW) +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + country PW: DFS-FCC +@@ -1079,15 +1239,21 @@ country RE: DFS-ETSI + (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI + (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI + ++# RO as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# RO: http://www.ancom.org.ro/en/uploads/links_files/ordin_262_2006.pdf + country RO: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + +- + # Source: + # http://www.ratel.rs/upload/documents/Plan_namene/Plan_namene-sl_glasnik.pdf + country RS: DFS-ETSI +@@ -1119,18 +1285,20 @@ country SA: DFS-ETSI + (5250 - 5330 @ 80), (20), DFS, AUTO-BW + (5490 - 5710 @ 160), (27), DFS + +-# Source: +-# https://pts.se/globalassets/startpage/dokument/legala-dokument/foreskrifter/radio/beslutade_ptsfs-2018-3-undantagsforeskrifter.pdf ++# SE as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# SE: https://pts.se/globalassets/startpage/dokument/legala-dokument/foreskrifter/radio/beslutade_ptsfs-2018-3-undantagsforeskrifter.pdf + country SE: DFS-ETSI +- (2400 - 2483.5 @ 40), (20) +- (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI +- # note: max would be +3dB with TPC @ 5250-5725 +- (5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI +- (5470 - 5725 @ 160), (27), DFS, wmmrule=ETSI +- # short range devices (ETSI EN 300 440) ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) + (5725 - 5875 @ 80), (25 mW) +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 +- (57000 - 66000 @ 2160), (40), NO-OUTDOOR ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) ++ (57000 - 66000 @ 2160), (40) + + # Source + # https://www.imda.gov.sg/~/media/imda/files/regulation%20licensing%20and%20consultations/ict%20standards/telecommunication%20standards/radio-comms/imdatssrd.pdf?la=en +@@ -1144,20 +1312,36 @@ country SG: DFS-FCC + # (5470 - 5725 @ 160), (30), DFS + (5725 - 5850 @ 80), (30) + ++# SI as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# SI: https://www.akos-rs.si/bwa + country SI: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + ++# SK as part of EU/CEPT accepted decisions 2005/513/EC (5GHz RLAN, EN 301 893) ++# and 2006/771/EC (amended by 2008/432/EC, Short-Range Devices, EN 300 440) ++# EU decision 2005/513/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02005D0513-20070213 ++# EU decision 2006/771/EC: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02008D0432-20080611 ++# SK: https://www.teleoff.gov.sk/data/files/25911.pdf ++# SK: https://www.teleoff.gov.sk/data/files/41072.pdf ++# SK: https://www.teleoff.gov.sk/data/files/49125_vpr-01_2018-rusi-vpr-10_2014a21_2012-nespecifik-srd_021018.pdf + country SK: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW, wmmrule=ETSI +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW, wmmrule=ETSI +- (5490 - 5710 @ 160), (27), DFS, wmmrule=ETSI +- # 60 GHz band channels 1-4, ref: Etsi En 302 567 ++ (2400 - 2483.5 @ 40), (100 mW) ++ (5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW, wmmrule=ETSI ++ (5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW, wmmrule=ETSI ++ (5470 - 5725 @ 160), (500 mW), DFS, wmmrule=ETSI ++ # short range devices (ETSI EN 300 440-1) ++ (5725 - 5875 @ 80), (25 mW) ++ # 60 GHz band channels 1-4 (ETSI EN 302 567) + (57000 - 66000 @ 2160), (40) + + # Source: diff --git a/package/firmware/wireless-regdb/patches/602-wireless-regdb-Update-regulatory-rules-for-Russia-RU.patch b/package/firmware/wireless-regdb/patches/602-wireless-regdb-Update-regulatory-rules-for-Russia-RU.patch new file mode 100644 index 00000000..7b883e60 --- /dev/null +++ b/package/firmware/wireless-regdb/patches/602-wireless-regdb-Update-regulatory-rules-for-Russia-RU.patch @@ -0,0 +1,44 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Tunin +Date: Sat, 24 Aug 2019 11:48:10 +0300 +Subject: [PATCH] wireless-regdb: Update regulatory rules for Russia (RU) + +Russian entry is incorrect. According to the last regulations +document of Feb 29, 2016, 160 MHz channels and 802.11ad are allowed. + +http://rfs-rf.ru/upload/medialibrary/c1a/prilozhenie-1-k-resheniyu-gkrch-_-16_36_03.pdf + +Note that there was never a DFS requirement in Russia, but always was +NO-OUTDOOR on 5GHz. +Maximum power is 200mW that is ~23dBm on all 5GHz channels. +Also Russia has never been regulated by ETSI. + +EIRP has been reduced by 4dBm because of TPC requirement. + +Signed-off-by: Dmitry Tunin +Signed-off-by: Seth Forshee + +diff --git a/db.txt b/db.txt +index f6b2f921416c..9c4b447536e4 100644 +--- a/db.txt ++++ b/db.txt +@@ -1349,14 +1349,12 @@ country RS: DFS-ETSI + # 60 GHz band channels 1-4, ref: Etsi En 302 567 + (57000 - 66000 @ 2160), (40) + +-country RU: DFS-ETSI +- (2402 - 2482 @ 40), (20) +- (5170 - 5250 @ 80), (20), AUTO-BW +- (5250 - 5330 @ 80), (20), DFS, AUTO-BW +- (5650 - 5730 @ 80), (30), DFS +- (5735 - 5835 @ 80), (30) ++country RU: ++ (2400 - 2483.5 @ 40), (20) ++ (5150 - 5350 @ 160), (20), NO-OUTDOOR ++ (5650 - 5850 @ 160), (20), NO-OUTDOOR + # 60 GHz band channels 1-4, ref: Changes to NLA 124_Order №129_22042015.pdf +- (57000 - 66000 @ 2160), (40) ++ (57000 - 66000 @ 2160), (40), NO-OUTDOOR + + country RW: DFS-FCC + (2402 - 2482 @ 40), (20) diff --git a/package/kernel/mac80211/Makefile b/package/kernel/mac80211/Makefile index 97072aac..b5812b85 100644 --- a/package/kernel/mac80211/Makefile +++ b/package/kernel/mac80211/Makefile @@ -10,10 +10,10 @@ include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=mac80211 -PKG_VERSION:=4.19.98-1 +PKG_VERSION:=4.19.120-1 PKG_RELEASE:=1 -PKG_SOURCE_URL:=@KERNEL/linux/kernel/projects/backports/stable/v4.19.98/ -PKG_HASH:=256d77e9cd3918d6a361e029850aba4568e8a00167ab3ed55495a359511c5bd2 +PKG_SOURCE_URL:=@KERNEL/linux/kernel/projects/backports/stable/v4.19.120/ +PKG_HASH:=2bafd75da301a30a5f2b98f433b6545d7b58c1fc3af15e9e9aa085df7f9db1d4 PKG_SOURCE:=backports-$(PKG_VERSION).tar.xz PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/backports-$(PKG_VERSION) diff --git a/package/kernel/mac80211/patches/ath/404-regd_no_assoc_hints.patch b/package/kernel/mac80211/patches/ath/404-regd_no_assoc_hints.patch index 266b750e..dc4068e5 100644 --- a/package/kernel/mac80211/patches/ath/404-regd_no_assoc_hints.patch +++ b/package/kernel/mac80211/patches/ath/404-regd_no_assoc_hints.patch @@ -1,6 +1,6 @@ --- a/net/wireless/reg.c +++ b/net/wireless/reg.c -@@ -3027,6 +3027,8 @@ void regulatory_hint_country_ie(struct w +@@ -3034,6 +3034,8 @@ void regulatory_hint_country_ie(struct w enum environment_cap env = ENVIRON_ANY; struct regulatory_request *request = NULL, *lr; @@ -9,7 +9,7 @@ /* IE len must be evenly divisible by 2 */ if (country_ie_len & 0x01) return; -@@ -3252,6 +3254,7 @@ static bool is_wiphy_all_set_reg_flag(en +@@ -3259,6 +3261,7 @@ static bool is_wiphy_all_set_reg_flag(en void regulatory_hint_disconnect(void) { diff --git a/package/kernel/mac80211/patches/ath/561-ath9k-dynack-set-ackto-to-max-timeout-in-ath_dynack_.patch b/package/kernel/mac80211/patches/ath/561-ath9k-dynack-set-ackto-to-max-timeout-in-ath_dynack_.patch index 6495bf01..4a843376 100644 --- a/package/kernel/mac80211/patches/ath/561-ath9k-dynack-set-ackto-to-max-timeout-in-ath_dynack_.patch +++ b/package/kernel/mac80211/patches/ath/561-ath9k-dynack-set-ackto-to-max-timeout-in-ath_dynack_.patch @@ -29,7 +29,7 @@ Signed-off-by: Lorenzo Bianconi - an->ackto = ackto; + an->ackto = da->ackto; - spin_lock(&da->qlock); + spin_lock_bh(&da->qlock); list_add_tail(&an->list, &da->nodes); @@ -356,20 +354,26 @@ EXPORT_SYMBOL(ath_dynack_node_deinit); */ diff --git a/package/kernel/mac80211/patches/ath/922-ath10k-increase-rx-buffer-size-to-2048.patch b/package/kernel/mac80211/patches/ath/922-ath10k-increase-rx-buffer-size-to-2048.patch new file mode 100644 index 00000000..f7c842f4 --- /dev/null +++ b/package/kernel/mac80211/patches/ath/922-ath10k-increase-rx-buffer-size-to-2048.patch @@ -0,0 +1,37 @@ +From: Linus Lüssing +Date: Wed, 5 Feb 2020 20:10:43 +0100 +Subject: ath10k: increase rx buffer size to 2048 + +Before, only frames with a maximum size of 1528 bytes could be +transmitted between two 802.11s nodes. + +For batman-adv for instance, which adds its own header to each frame, +we typically need an MTU of at least 1532 bytes to be able to transmit +without fragmentation. + +This patch now increases the maxmimum frame size from 1528 to 1656 +bytes. + +Tested with two ath10k devices in 802.11s mode, as well as with +batman-adv on top of 802.11s with forwarding disabled. + +Fix originally found and developed by Ben Greear. + +Link: https://github.com/greearb/ath10k-ct/issues/89 +Link: https://github.com/greearb/ath10k-ct/commit/9e5ab25027e0971fa24ccf93373324c08c4e992d +Cc: Ben Greear +Signed-off-by: Linus Lüssing + +Forwarded: https://patchwork.kernel.org/patch/11367055/ + +--- a/drivers/net/wireless/ath/ath10k/htt.h ++++ b/drivers/net/wireless/ath/ath10k/htt.h +@@ -2004,7 +2004,7 @@ struct htt_rx_desc { + * Should be: sizeof(struct htt_host_rx_desc) + max rx MSDU size, + * rounded up to a cache line size. + */ +-#define HTT_RX_BUF_SIZE 1920 ++#define HTT_RX_BUF_SIZE 2048 + #define HTT_RX_MSDU_SIZE (HTT_RX_BUF_SIZE - (int)sizeof(struct htt_rx_desc)) + + /* Refill a bunch of RX buffers for each refill round so that FW/HW can handle diff --git a/package/kernel/mac80211/patches/brcm/305-v4.20-0001-brcmfmac-remove-set-but-not-used-variables-sfdoff-an.patch b/package/kernel/mac80211/patches/brcm/305-v4.20-0001-brcmfmac-remove-set-but-not-used-variables-sfdoff-an.patch index 659cdabd..2eb93736 100644 --- a/package/kernel/mac80211/patches/brcm/305-v4.20-0001-brcmfmac-remove-set-but-not-used-variables-sfdoff-an.patch +++ b/package/kernel/mac80211/patches/brcm/305-v4.20-0001-brcmfmac-remove-set-but-not-used-variables-sfdoff-an.patch @@ -39,7 +39,7 @@ Signed-off-by: Kalle Valo num = 0; /* Validate all the subframe headers */ -@@ -3422,7 +3421,6 @@ static int brcmf_sdio_bus_preinit(struct +@@ -3426,7 +3425,6 @@ static int brcmf_sdio_bus_preinit(struct struct brcmf_sdio_dev *sdiodev = bus_if->bus_priv.sdio; struct brcmf_sdio *bus = sdiodev->bus; struct brcmf_core *core = bus->sdio_core; @@ -47,7 +47,7 @@ Signed-off-by: Kalle Valo u32 value; int err; -@@ -3465,7 +3463,6 @@ static int brcmf_sdio_bus_preinit(struct +@@ -3467,7 +3465,6 @@ static int brcmf_sdio_bus_preinit(struct if (sdiodev->sg_support) { bus->txglom = false; value = 1; diff --git a/package/kernel/mac80211/patches/brcm/320-v5.0-0004-brcmfmac-Set-board_type-used-for-nvram-file-selectio.patch b/package/kernel/mac80211/patches/brcm/320-v5.0-0004-brcmfmac-Set-board_type-used-for-nvram-file-selectio.patch index fe930508..5dcff90c 100644 --- a/package/kernel/mac80211/patches/brcm/320-v5.0-0004-brcmfmac-Set-board_type-used-for-nvram-file-selectio.patch +++ b/package/kernel/mac80211/patches/brcm/320-v5.0-0004-brcmfmac-Set-board_type-used-for-nvram-file-selectio.patch @@ -67,7 +67,7 @@ Signed-off-by: Kalle Valo fwreq->bus_nr = devinfo->pdev->bus->number; --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c -@@ -4210,6 +4210,7 @@ brcmf_sdio_prepare_fw_request(struct brc +@@ -4213,6 +4213,7 @@ brcmf_sdio_prepare_fw_request(struct brc fwreq->items[BRCMF_SDIO_FW_CODE].type = BRCMF_FW_TYPE_BINARY; fwreq->items[BRCMF_SDIO_FW_NVRAM].type = BRCMF_FW_TYPE_NVRAM; diff --git a/package/kernel/mac80211/patches/brcm/329-v5.0-0004-brcmfmac-add-support-for-CYW43012-SDIO-chipset.patch b/package/kernel/mac80211/patches/brcm/329-v5.0-0004-brcmfmac-add-support-for-CYW43012-SDIO-chipset.patch index 2c7828cf..daf1cddb 100644 --- a/package/kernel/mac80211/patches/brcm/329-v5.0-0004-brcmfmac-add-support-for-CYW43012-SDIO-chipset.patch +++ b/package/kernel/mac80211/patches/brcm/329-v5.0-0004-brcmfmac-add-support-for-CYW43012-SDIO-chipset.patch @@ -20,7 +20,7 @@ Signed-off-by: Kalle Valo --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c -@@ -972,6 +972,7 @@ static const struct sdio_device_id brcmf +@@ -970,6 +970,7 @@ static const struct sdio_device_id brcmf BRCMF_SDIO_DEVICE(SDIO_DEVICE_ID_BROADCOM_4354), BRCMF_SDIO_DEVICE(SDIO_DEVICE_ID_BROADCOM_4356), BRCMF_SDIO_DEVICE(SDIO_DEVICE_ID_CYPRESS_4373), @@ -100,7 +100,7 @@ Signed-off-by: Kalle Valo if (on) { /* device WAKEUP through KSO: * write bit 0 & read back until -@@ -2413,6 +2423,14 @@ static int brcmf_sdio_tx_ctrlframe(struc +@@ -2414,6 +2424,14 @@ static int brcmf_sdio_tx_ctrlframe(struc return ret; } @@ -115,7 +115,7 @@ Signed-off-by: Kalle Valo static void brcmf_sdio_bus_stop(struct device *dev) { struct brcmf_bus *bus_if = dev_get_drvdata(dev); -@@ -2420,7 +2438,7 @@ static void brcmf_sdio_bus_stop(struct d +@@ -2421,7 +2439,7 @@ static void brcmf_sdio_bus_stop(struct d struct brcmf_sdio *bus = sdiodev->bus; struct brcmf_core *core = bus->sdio_core; u32 local_hostintmask; @@ -124,7 +124,7 @@ Signed-off-by: Kalle Valo int err; brcmf_dbg(TRACE, "Enter\n"); -@@ -2447,9 +2465,14 @@ static void brcmf_sdio_bus_stop(struct d +@@ -2448,9 +2466,14 @@ static void brcmf_sdio_bus_stop(struct d /* Force backplane clocks to assure F2 interrupt propagates */ saveclk = brcmf_sdiod_readb(sdiodev, SBSDIO_FUNC1_CHIPCLKCSR, &err); @@ -142,7 +142,7 @@ Signed-off-by: Kalle Valo if (err) brcmf_err("Failed to force clock for F2: err %d\n", err); -@@ -3339,20 +3362,45 @@ err: +@@ -3343,20 +3366,45 @@ err: return bcmerror; } @@ -190,7 +190,7 @@ Signed-off-by: Kalle Valo brcmf_sdiod_writeb(bus->sdiodev, SBSDIO_FUNC1_WAKEUPCTRL, val, &err); if (err) { brcmf_err("error writing SBSDIO_FUNC1_WAKEUPCTRL\n"); -@@ -3361,8 +3409,7 @@ static void brcmf_sdio_sr_init(struct br +@@ -3365,8 +3413,7 @@ static void brcmf_sdio_sr_init(struct br /* Add CMD14 Support */ brcmf_sdiod_func0_wb(bus->sdiodev, SDIO_CCCR_BRCM_CARDCAP, @@ -200,7 +200,7 @@ Signed-off-by: Kalle Valo &err); if (err) { brcmf_err("error writing SDIO_CCCR_BRCM_CARDCAP\n"); -@@ -3370,7 +3417,7 @@ static void brcmf_sdio_sr_init(struct br +@@ -3374,7 +3421,7 @@ static void brcmf_sdio_sr_init(struct br } brcmf_sdiod_writeb(bus->sdiodev, SBSDIO_FUNC1_CHIPCLKCSR, @@ -209,7 +209,7 @@ Signed-off-by: Kalle Valo if (err) { brcmf_err("error writing SBSDIO_FUNC1_CHIPCLKCSR\n"); return; -@@ -4062,7 +4109,7 @@ static void brcmf_sdio_firmware_callback +@@ -4065,7 +4112,7 @@ static void brcmf_sdio_firmware_callback const struct firmware *code; void *nvram; u32 nvram_len; @@ -218,7 +218,7 @@ Signed-off-by: Kalle Valo u8 devctl; brcmf_dbg(TRACE, "Enter: dev=%s, err=%d\n", dev_name(dev), err); -@@ -4096,8 +4143,11 @@ static void brcmf_sdio_firmware_callback +@@ -4099,8 +4146,11 @@ static void brcmf_sdio_firmware_callback /* Force clocks on backplane to be sure F2 interrupt propagates */ saveclk = brcmf_sdiod_readb(sdiod, SBSDIO_FUNC1_CHIPCLKCSR, &err); if (!err) { diff --git a/package/kernel/mac80211/patches/brcm/329-v5.0-0006-brcmfmac-update-43012-F2-watermark-setting-to-fix-DM.patch b/package/kernel/mac80211/patches/brcm/329-v5.0-0006-brcmfmac-update-43012-F2-watermark-setting-to-fix-DM.patch index c43f0668..defee898 100644 --- a/package/kernel/mac80211/patches/brcm/329-v5.0-0006-brcmfmac-update-43012-F2-watermark-setting-to-fix-DM.patch +++ b/package/kernel/mac80211/patches/brcm/329-v5.0-0006-brcmfmac-update-43012-F2-watermark-setting-to-fix-DM.patch @@ -29,7 +29,7 @@ Signed-off-by: Kalle Valo #ifdef DEBUG -@@ -4184,6 +4185,17 @@ static void brcmf_sdio_firmware_callback +@@ -4187,6 +4188,17 @@ static void brcmf_sdio_firmware_callback CY_4373_F2_WATERMARK | SBSDIO_MESBUSYCTRL_ENAB, &err); break; diff --git a/package/kernel/mac80211/patches/brcm/329-v5.0-0008-brcmfmac-disable-command-decode-in-sdio_aos.patch b/package/kernel/mac80211/patches/brcm/329-v5.0-0008-brcmfmac-disable-command-decode-in-sdio_aos.patch index 63f30fb8..d99a0142 100644 --- a/package/kernel/mac80211/patches/brcm/329-v5.0-0008-brcmfmac-disable-command-decode-in-sdio_aos.patch +++ b/package/kernel/mac80211/patches/brcm/329-v5.0-0008-brcmfmac-disable-command-decode-in-sdio_aos.patch @@ -30,7 +30,7 @@ Signed-off-by: Kalle Valo --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c -@@ -3365,7 +3365,11 @@ err: +@@ -3369,7 +3369,11 @@ err: static bool brcmf_sdio_aos_no_decode(struct brcmf_sdio *bus) { diff --git a/package/kernel/mac80211/patches/brcm/341-v5.1-brcmfmac-add-a-check-for-the-status-of-usb_register.patch b/package/kernel/mac80211/patches/brcm/341-v5.1-brcmfmac-add-a-check-for-the-status-of-usb_register.patch index 5104666b..159bef6d 100644 --- a/package/kernel/mac80211/patches/brcm/341-v5.1-brcmfmac-add-a-check-for-the-status-of-usb_register.patch +++ b/package/kernel/mac80211/patches/brcm/341-v5.1-brcmfmac-add-a-check-for-the-status-of-usb_register.patch @@ -14,7 +14,7 @@ Signed-off-by: Kalle Valo --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -@@ -1557,6 +1557,10 @@ void brcmf_usb_exit(void) +@@ -1558,6 +1558,10 @@ void brcmf_usb_exit(void) void brcmf_usb_register(void) { diff --git a/package/kernel/mac80211/patches/brcm/347-v5.1-brcmfmac-fix-typos.patch b/package/kernel/mac80211/patches/brcm/347-v5.1-brcmfmac-fix-typos.patch index e21c1ee6..3a4c2d4a 100644 --- a/package/kernel/mac80211/patches/brcm/347-v5.1-brcmfmac-fix-typos.patch +++ b/package/kernel/mac80211/patches/brcm/347-v5.1-brcmfmac-fix-typos.patch @@ -51,7 +51,7 @@ Signed-off-by: Kalle Valo * @ifidx: interface index. --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -@@ -508,7 +508,7 @@ static void brcmf_usb_rx_complete(struct +@@ -509,7 +509,7 @@ static void brcmf_usb_rx_complete(struct skb = req->skb; req->skb = NULL; diff --git a/package/kernel/mac80211/patches/brcm/349-v5.1-0003-brcmfmac-create-debugfs-files-for-bus-specific-layer.patch b/package/kernel/mac80211/patches/brcm/349-v5.1-0003-brcmfmac-create-debugfs-files-for-bus-specific-layer.patch deleted file mode 100644 index 487aa004..00000000 --- a/package/kernel/mac80211/patches/brcm/349-v5.1-0003-brcmfmac-create-debugfs-files-for-bus-specific-layer.patch +++ /dev/null @@ -1,101 +0,0 @@ -From aaf6a5e86e36766abbeedf220462bde8031f9a72 Mon Sep 17 00:00:00 2001 -From: Arend van Spriel -Date: Thu, 14 Feb 2019 13:43:49 +0100 -Subject: [PATCH] brcmfmac: create debugfs files for bus-specific layer - -Since we moved the drivers debugfs directory under ieee80211 debugfs the -debugfs entries need to be added after wiphy_register() has been called. -For most part that has been done accordingly, but for the debugfs entries -added by SDIO it was not and failed silently. This patch fixes that by -adding a bus-layer callback for it. - -Fixes: 856d5a011c86 ("brcmfmac: allocate struct brcmf_pub instance using wiphy_new()") -Reported-by: Russel King -Reviewed-by: Franky Lin -Signed-off-by: Arend van Spriel -Signed-off-by: Kalle Valo ---- - .../net/wireless/broadcom/brcm80211/brcmfmac/bus.h | 10 ++++++++++ - .../net/wireless/broadcom/brcm80211/brcmfmac/core.c | 1 + - .../net/wireless/broadcom/brcm80211/brcmfmac/sdio.c | 12 +++++++----- - 3 files changed, 18 insertions(+), 5 deletions(-) - ---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bus.h -+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bus.h -@@ -90,6 +90,7 @@ struct brcmf_bus_ops { - int (*get_memdump)(struct device *dev, void *data, size_t len); - int (*get_fwname)(struct device *dev, const char *ext, - unsigned char *fw_name); -+ void (*debugfs_create)(struct device *dev); - }; - - -@@ -235,6 +236,15 @@ int brcmf_bus_get_fwname(struct brcmf_bu - return bus->ops->get_fwname(bus->dev, ext, fw_name); - } - -+static inline -+void brcmf_bus_debugfs_create(struct brcmf_bus *bus) -+{ -+ if (!bus->ops->debugfs_create) -+ return; -+ -+ return bus->ops->debugfs_create(bus->dev); -+} -+ - /* - * interface functions from common layer - */ ---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c -+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c -@@ -1181,6 +1181,7 @@ static int brcmf_bus_started(struct brcm - brcmf_debugfs_add_entry(drvr, "revinfo", brcmf_revinfo_read); - brcmf_feat_debugfs_create(drvr); - brcmf_proto_debugfs_create(drvr); -+ brcmf_bus_debugfs_create(bus_if); - - return 0; - ---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c -+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c -@@ -3154,9 +3154,12 @@ static int brcmf_debugfs_sdio_count_read - return 0; - } - --static void brcmf_sdio_debugfs_create(struct brcmf_sdio *bus) -+static void brcmf_sdio_debugfs_create(struct device *dev) - { -- struct brcmf_pub *drvr = bus->sdiodev->bus_if->drvr; -+ struct brcmf_bus *bus_if = dev_get_drvdata(dev); -+ struct brcmf_pub *drvr = bus_if->drvr; -+ struct brcmf_sdio_dev *sdiodev = bus_if->bus_priv.sdio; -+ struct brcmf_sdio *bus = sdiodev->bus; - struct dentry *dentry = brcmf_debugfs_get_devdir(drvr); - - if (IS_ERR_OR_NULL(dentry)) -@@ -3176,7 +3179,7 @@ static int brcmf_sdio_checkdied(struct b - return 0; - } - --static void brcmf_sdio_debugfs_create(struct brcmf_sdio *bus) -+static void brcmf_sdio_debugfs_create(struct device *dev) - { - } - #endif /* DEBUG */ -@@ -3488,8 +3491,6 @@ static int brcmf_sdio_bus_preinit(struct - if (bus->rxbuf) - bus->rxblen = value; - -- brcmf_sdio_debugfs_create(bus); -- - /* the commands below use the terms tx and rx from - * a device perspective, ie. bus:txglom affects the - * bus transfers from device to host. -@@ -4099,6 +4100,7 @@ static const struct brcmf_bus_ops brcmf_ - .get_ramsize = brcmf_sdio_bus_get_ramsize, - .get_memdump = brcmf_sdio_bus_get_memdump, - .get_fwname = brcmf_sdio_get_fwname, -+ .debugfs_create = brcmf_sdio_debugfs_create - }; - - #define BRCMF_SDIO_FW_CODE 0 diff --git a/package/kernel/mac80211/patches/brcm/349-v5.1-0005-brcmfmac-check-and-dump-trap-info-during-sdio-probe.patch b/package/kernel/mac80211/patches/brcm/349-v5.1-0005-brcmfmac-check-and-dump-trap-info-during-sdio-probe.patch index c9757db9..2f48fdc9 100644 --- a/package/kernel/mac80211/patches/brcm/349-v5.1-0005-brcmfmac-check-and-dump-trap-info-during-sdio-probe.patch +++ b/package/kernel/mac80211/patches/brcm/349-v5.1-0005-brcmfmac-check-and-dump-trap-info-during-sdio-probe.patch @@ -18,7 +18,7 @@ Signed-off-by: Kalle Valo --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c -@@ -3010,21 +3010,35 @@ static int brcmf_sdio_trap_info(struct s +@@ -3011,21 +3011,35 @@ static int brcmf_sdio_trap_info(struct s if (error < 0) return error; @@ -69,7 +69,7 @@ Signed-off-by: Kalle Valo return 0; } -@@ -3078,8 +3092,10 @@ static int brcmf_sdio_checkdied(struct b +@@ -3079,8 +3093,10 @@ static int brcmf_sdio_checkdied(struct b else if (sh.flags & SDPCM_SHARED_ASSERT) brcmf_err("assertion in dongle\n"); @@ -81,7 +81,7 @@ Signed-off-by: Kalle Valo return 0; } -@@ -4210,7 +4226,7 @@ static void brcmf_sdio_firmware_callback +@@ -4211,7 +4227,7 @@ static void brcmf_sdio_firmware_callback } else { /* Disable F2 again */ sdio_disable_func(sdiod->func2); @@ -90,7 +90,7 @@ Signed-off-by: Kalle Valo } if (brcmf_chip_sr_capable(bus->ci)) { -@@ -4231,8 +4247,10 @@ static void brcmf_sdio_firmware_callback +@@ -4232,8 +4248,10 @@ static void brcmf_sdio_firmware_callback } /* If we didn't come up, turn off backplane clock */ @@ -102,7 +102,7 @@ Signed-off-by: Kalle Valo sdio_release_host(sdiod->func1); -@@ -4246,12 +4264,15 @@ static void brcmf_sdio_firmware_callback +@@ -4247,12 +4265,15 @@ static void brcmf_sdio_firmware_callback err = brcmf_attach(sdiod->dev, sdiod->settings); if (err != 0) { brcmf_err("brcmf_attach failed\n"); diff --git a/package/kernel/mac80211/patches/brcm/353-v5.1-brcmfmac-remove-set-but-not-used-variable-old_state.patch b/package/kernel/mac80211/patches/brcm/353-v5.1-brcmfmac-remove-set-but-not-used-variable-old_state.patch index 2a46378e..c0701951 100644 --- a/package/kernel/mac80211/patches/brcm/353-v5.1-brcmfmac-remove-set-but-not-used-variable-old_state.patch +++ b/package/kernel/mac80211/patches/brcm/353-v5.1-brcmfmac-remove-set-but-not-used-variable-old_state.patch @@ -20,7 +20,7 @@ Signed-off-by: Kalle Valo --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -@@ -575,7 +575,6 @@ static void +@@ -576,7 +576,6 @@ static void brcmf_usb_state_change(struct brcmf_usbdev_info *devinfo, int state) { struct brcmf_bus *bcmf_bus = devinfo->bus_pub.bus; @@ -28,7 +28,7 @@ Signed-off-by: Kalle Valo brcmf_dbg(USB, "Enter, current state=%d, new state=%d\n", devinfo->bus_pub.state, state); -@@ -583,7 +582,6 @@ brcmf_usb_state_change(struct brcmf_usbd +@@ -584,7 +583,6 @@ brcmf_usb_state_change(struct brcmf_usbd if (devinfo->bus_pub.state == state) return; diff --git a/package/kernel/mac80211/patches/brcm/362-v5.2-0002-brcmfmac-remove-pending-parameter-from-brcmf_usb_fre.patch b/package/kernel/mac80211/patches/brcm/362-v5.2-0002-brcmfmac-remove-pending-parameter-from-brcmf_usb_fre.patch index 088e7313..5208ce29 100644 --- a/package/kernel/mac80211/patches/brcm/362-v5.2-0002-brcmfmac-remove-pending-parameter-from-brcmf_usb_fre.patch +++ b/package/kernel/mac80211/patches/brcm/362-v5.2-0002-brcmfmac-remove-pending-parameter-from-brcmf_usb_fre.patch @@ -14,7 +14,7 @@ Signed-off-by: Kalle Valo --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -@@ -445,9 +445,10 @@ fail: +@@ -446,9 +446,10 @@ fail: } @@ -26,7 +26,7 @@ Signed-off-by: Kalle Valo int i = 0; list_for_each_entry_safe(req, next, q, list) { if (!req->urb) { -@@ -455,12 +456,8 @@ static void brcmf_usb_free_q(struct list +@@ -456,12 +457,8 @@ static void brcmf_usb_free_q(struct list break; } i++; @@ -41,7 +41,7 @@ Signed-off-by: Kalle Valo } } -@@ -1029,8 +1026,8 @@ static void brcmf_usb_detach(struct brcm +@@ -1030,8 +1027,8 @@ static void brcmf_usb_detach(struct brcm brcmf_dbg(USB, "Enter, devinfo %p\n", devinfo); /* free the URBS */ diff --git a/package/kernel/mac80211/patches/brcm/362-v5.2-0003-brcmfmac-remove-unused-variable-i-from-brcmf_usb_fre.patch b/package/kernel/mac80211/patches/brcm/362-v5.2-0003-brcmfmac-remove-unused-variable-i-from-brcmf_usb_fre.patch index 4c8d0739..c6de4150 100644 --- a/package/kernel/mac80211/patches/brcm/362-v5.2-0003-brcmfmac-remove-unused-variable-i-from-brcmf_usb_fre.patch +++ b/package/kernel/mac80211/patches/brcm/362-v5.2-0003-brcmfmac-remove-unused-variable-i-from-brcmf_usb_fre.patch @@ -13,7 +13,7 @@ Signed-off-by: Kalle Valo --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -@@ -449,13 +449,11 @@ static void brcmf_usb_free_q(struct list +@@ -450,13 +450,11 @@ static void brcmf_usb_free_q(struct list { struct brcmf_usbreq *req, *next; diff --git a/package/kernel/mac80211/patches/brcm/368-v5.2-brcmfmac-fix-leak-of-mypkt-on-error-return-path.patch b/package/kernel/mac80211/patches/brcm/368-v5.2-brcmfmac-fix-leak-of-mypkt-on-error-return-path.patch deleted file mode 100644 index a9a9d74c..00000000 --- a/package/kernel/mac80211/patches/brcm/368-v5.2-brcmfmac-fix-leak-of-mypkt-on-error-return-path.patch +++ /dev/null @@ -1,41 +0,0 @@ -From a927e8d8ab57e696800e20cf09a72b7dfe3bbebb Mon Sep 17 00:00:00 2001 -From: Colin Ian King -Date: Tue, 9 Apr 2019 12:43:33 +0100 -Subject: [PATCH] brcmfmac: fix leak of mypkt on error return path - -Currently if the call to brcmf_sdiod_set_backplane_window fails then -error return path leaks mypkt. Fix this by returning by a new -error path labelled 'out' that calls brcmu_pkt_buf_free_skb to free -mypkt. Also remove redundant check on err before calling -brcmf_sdiod_skbuff_write. - -Addresses-Coverity: ("Resource Leak") -Fixes: a7c3aa1509e2 ("brcmfmac: Remove brcmf_sdiod_addrprep()") -Signed-off-by: Colin Ian King -Reviewed-by: Mukesh Ojha -Signed-off-by: Kalle Valo ---- - drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 8 +++----- - 1 file changed, 3 insertions(+), 5 deletions(-) - ---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c -+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c -@@ -617,15 +617,13 @@ int brcmf_sdiod_send_buf(struct brcmf_sd - - err = brcmf_sdiod_set_backplane_window(sdiodev, addr); - if (err) -- return err; -+ goto out; - - addr &= SBSDIO_SB_OFT_ADDR_MASK; - addr |= SBSDIO_SB_ACCESS_2_4B_FLAG; - -- if (!err) -- err = brcmf_sdiod_skbuff_write(sdiodev, sdiodev->func2, addr, -- mypkt); -- -+ err = brcmf_sdiod_skbuff_write(sdiodev, sdiodev->func2, addr, mypkt); -+out: - brcmu_pkt_buf_free_skb(mypkt); - - return err; diff --git a/package/kernel/mac80211/patches/brcm/392-v5.4-0002-brcmfmac-split-brcmf_attach-and-brcmf_detach-functio.patch b/package/kernel/mac80211/patches/brcm/392-v5.4-0002-brcmfmac-split-brcmf_attach-and-brcmf_detach-functio.patch index e0211fad..11d1b9db 100644 --- a/package/kernel/mac80211/patches/brcm/392-v5.4-0002-brcmfmac-split-brcmf_attach-and-brcmf_detach-functio.patch +++ b/package/kernel/mac80211/patches/brcm/392-v5.4-0002-brcmfmac-split-brcmf_attach-and-brcmf_detach-functio.patch @@ -153,7 +153,7 @@ Signed-off-by: Kalle Valo kfree(bus->msgbuf->flowrings); --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c -@@ -4251,17 +4251,26 @@ static void brcmf_sdio_firmware_callback +@@ -4252,17 +4252,26 @@ static void brcmf_sdio_firmware_callback sdiod->bus_if->chip = bus->ci->chip; sdiod->bus_if->chiprev = bus->ci->chiprev; @@ -185,7 +185,7 @@ Signed-off-by: Kalle Valo release: --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -@@ -1178,8 +1178,12 @@ static void brcmf_usb_probe_phase2(struc +@@ -1179,8 +1179,12 @@ static void brcmf_usb_probe_phase2(struc if (ret) goto error; @@ -199,7 +199,7 @@ Signed-off-by: Kalle Valo if (ret) goto error; -@@ -1251,7 +1255,10 @@ static int brcmf_usb_probe_cb(struct brc +@@ -1252,7 +1256,10 @@ static int brcmf_usb_probe_cb(struct brc } if (!brcmf_usb_dlneeded(devinfo)) { @@ -211,7 +211,7 @@ Signed-off-by: Kalle Valo if (ret) goto fail; /* we are done */ -@@ -1279,6 +1286,7 @@ static int brcmf_usb_probe_cb(struct brc +@@ -1280,6 +1287,7 @@ static int brcmf_usb_probe_cb(struct brc fail: /* Release resources in reverse order */ @@ -219,7 +219,7 @@ Signed-off-by: Kalle Valo kfree(bus); brcmf_usb_detach(devinfo); return ret; -@@ -1292,6 +1300,7 @@ brcmf_usb_disconnect_cb(struct brcmf_usb +@@ -1293,6 +1301,7 @@ brcmf_usb_disconnect_cb(struct brcmf_usb brcmf_dbg(USB, "Enter, bus_pub %p\n", devinfo); brcmf_detach(devinfo->dev); @@ -227,7 +227,7 @@ Signed-off-by: Kalle Valo kfree(devinfo->bus_pub.bus); brcmf_usb_detach(devinfo); } -@@ -1435,10 +1444,12 @@ static int brcmf_usb_suspend(struct usb_ +@@ -1436,10 +1445,12 @@ static int brcmf_usb_suspend(struct usb_ brcmf_dbg(USB, "Enter\n"); devinfo->bus_pub.state = BRCMFMAC_USB_STATE_SLEEP; @@ -242,7 +242,7 @@ Signed-off-by: Kalle Valo return 0; } -@@ -1451,8 +1462,19 @@ static int brcmf_usb_resume(struct usb_i +@@ -1452,8 +1463,19 @@ static int brcmf_usb_resume(struct usb_i struct brcmf_usbdev_info *devinfo = brcmf_usb_get_businfo(&usb->dev); brcmf_dbg(USB, "Enter\n"); diff --git a/package/kernel/mac80211/patches/brcm/411-v5.6-brcmfmac-Fix-use-after-free-in-brcmf_sdio_readframes.patch b/package/kernel/mac80211/patches/brcm/411-v5.6-brcmfmac-Fix-use-after-free-in-brcmf_sdio_readframes.patch deleted file mode 100644 index 1b56f6d7..00000000 --- a/package/kernel/mac80211/patches/brcm/411-v5.6-brcmfmac-Fix-use-after-free-in-brcmf_sdio_readframes.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 216b44000ada87a63891a8214c347e05a4aea8fe Mon Sep 17 00:00:00 2001 -From: Dan Carpenter -Date: Tue, 3 Dec 2019 12:58:55 +0300 -Subject: [PATCH] brcmfmac: Fix use after free in brcmf_sdio_readframes() - -The brcmu_pkt_buf_free_skb() function frees "pkt" so it leads to a -static checker warning: - - drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c:1974 brcmf_sdio_readframes() - error: dereferencing freed memory 'pkt' - -It looks like there was supposed to be a continue after we free "pkt". - -Fixes: 4754fceeb9a6 ("brcmfmac: streamline SDIO read frame routine") -Signed-off-by: Dan Carpenter -Acked-by: Franky Lin -Signed-off-by: Kalle Valo ---- - drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c | 1 + - 1 file changed, 1 insertion(+) - ---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c -+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c -@@ -1935,6 +1935,7 @@ static uint brcmf_sdio_readframes(struct - BRCMF_SDIO_FT_NORMAL)) { - rd->len = 0; - brcmu_pkt_buf_free_skb(pkt); -+ continue; - } - bus->sdcnt.rx_readahead_cnt++; - if (rd->len != roundup(rd_new.len, 16)) { diff --git a/package/kernel/mac80211/patches/brcm/413-v5.6-brcmfmac-fix-interface-sanity-check.patch b/package/kernel/mac80211/patches/brcm/413-v5.6-brcmfmac-fix-interface-sanity-check.patch deleted file mode 100644 index e1dfe84c..00000000 --- a/package/kernel/mac80211/patches/brcm/413-v5.6-brcmfmac-fix-interface-sanity-check.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 3428fbcd6e6c0850b1a8b2a12082b7b2aabb3da3 Mon Sep 17 00:00:00 2001 -From: Johan Hovold -Date: Tue, 10 Dec 2019 12:44:22 +0100 -Subject: [PATCH] brcmfmac: fix interface sanity check - -Make sure to use the current alternate setting when verifying the -interface descriptors to avoid binding to an invalid interface. - -Failing to do so could cause the driver to misbehave or trigger a WARN() -in usb_submit_urb() that kernels with panic_on_warn set would choke on. - -Fixes: 71bb244ba2fd ("brcm80211: fmac: add USB support for bcm43235/6/8 chipsets") -Cc: stable # 3.4 -Cc: Arend van Spriel -Signed-off-by: Johan Hovold -Signed-off-by: Kalle Valo ---- - drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - ---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -@@ -1348,7 +1348,7 @@ brcmf_usb_probe(struct usb_interface *in - goto fail; - } - -- desc = &intf->altsetting[0].desc; -+ desc = &intf->cur_altsetting->desc; - if ((desc->bInterfaceClass != USB_CLASS_VENDOR_SPEC) || - (desc->bInterfaceSubClass != 2) || - (desc->bInterfaceProtocol != 0xff)) { -@@ -1361,7 +1361,7 @@ brcmf_usb_probe(struct usb_interface *in - - num_of_eps = desc->bNumEndpoints; - for (ep = 0; ep < num_of_eps; ep++) { -- endpoint = &intf->altsetting[0].endpoint[ep].desc; -+ endpoint = &intf->cur_altsetting->endpoint[ep].desc; - endpoint_num = usb_endpoint_num(endpoint); - if (!usb_endpoint_xfer_bulk(endpoint)) - continue; diff --git a/package/kernel/mac80211/patches/brcm/415-v5.6-brcmfmac-Fix-memory-leak-in-brcmf_usbdev_qinit.patch b/package/kernel/mac80211/patches/brcm/415-v5.6-brcmfmac-Fix-memory-leak-in-brcmf_usbdev_qinit.patch deleted file mode 100644 index a55d286e..00000000 --- a/package/kernel/mac80211/patches/brcm/415-v5.6-brcmfmac-Fix-memory-leak-in-brcmf_usbdev_qinit.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 4282dc057d750c6a7dd92953564b15c26b54c22c Mon Sep 17 00:00:00 2001 -From: Navid Emamdoost -Date: Sat, 14 Dec 2019 19:51:14 -0600 -Subject: [PATCH] brcmfmac: Fix memory leak in brcmf_usbdev_qinit - -In the implementation of brcmf_usbdev_qinit() the allocated memory for -reqs is leaking if usb_alloc_urb() fails. Release reqs in the error -handling path. - -Fixes: 71bb244ba2fd ("brcm80211: fmac: add USB support for bcm43235/6/8 chipsets") -Signed-off-by: Navid Emamdoost -Signed-off-by: Kalle Valo ---- - drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c | 1 + - 1 file changed, 1 insertion(+) - ---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c -@@ -430,6 +430,7 @@ fail: - usb_free_urb(req->urb); - list_del(q->next); - } -+ kfree(reqs); - return NULL; - - } diff --git a/package/kernel/mac80211/patches/brcm/500-brcmfmac-add-stub-for-monitor-interface-xmit.patch b/package/kernel/mac80211/patches/brcm/500-brcmfmac-add-stub-for-monitor-interface-xmit.patch new file mode 100644 index 00000000..8280918f --- /dev/null +++ b/package/kernel/mac80211/patches/brcm/500-brcmfmac-add-stub-for-monitor-interface-xmit.patch @@ -0,0 +1,100 @@ +From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= +Date: Fri, 27 Mar 2020 13:40:50 +0100 +Subject: [PATCH] brcmfmac: add stub for monitor interface xmit +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +According to the struct net_device_ops documentation .ndo_start_xmit is +"Required; cannot be NULL.". Missing it may crash kernel easily: + +[ 341.216709] Unable to handle kernel NULL pointer dereference at virtual address 00000000 +[ 341.224836] pgd = 26088755 +[ 341.227544] [00000000] *pgd=00000000 +[ 341.231135] Internal error: Oops: 80000007 [#1] SMP ARM +[ 341.236367] Modules linked in: pppoe ppp_async iptable_nat brcmfmac xt_state xt_nat xt_conntrack xt_REDIRECT xt_MASQU +[ 341.304689] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.4.24 #0 +[ 341.310621] Hardware name: BCM5301X +[ 341.314116] PC is at 0x0 +[ 341.316664] LR is at dev_hard_start_xmit+0x8c/0x11c +[ 341.321546] pc : [<00000000>] lr : [] psr: 60000113 +[ 341.327821] sp : c0801c30 ip : c610cf00 fp : c08048e4 +[ 341.333051] r10: c073a63a r9 : c08044dc r8 : c6c04e00 +[ 341.338283] r7 : 00000000 r6 : c60f5000 r5 : 00000000 r4 : c6a9c3c0 +[ 341.344820] r3 : 00000000 r2 : bf25a13c r1 : c60f5000 r0 : c6a9c3c0 +[ 341.351358] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none +[ 341.358504] Control: 10c5387d Table: 0611c04a DAC: 00000051 +[ 341.364257] Process swapper/0 (pid: 0, stack limit = 0xc68ed0ca) +[ 341.370271] Stack: (0xc0801c30 to 0xc0802000) +[ 341.374633] 1c20: c6e7d480 c0802d00 c60f5050 c0801c6c +[ 341.382825] 1c40: c60f5000 c6a9c3c0 c6f90000 c6f9005c c6c04e00 c60f5000 00000000 c6f9005c +[ 341.391015] 1c60: 00000000 c04a033c 00f90200 00000010 c6a9c3c0 c6a9c3c0 c6f90000 00000000 +[ 341.399205] 1c80: 00000000 00000000 00000000 c046a7ac c6f9005c 00000001 fffffff4 00000000 +[ 341.407395] 1ca0: c6f90200 00000000 c60f5000 c0479550 00000000 c6f90200 c6a9c3c0 16000000 +[ 341.415586] 1cc0: 0000001c 6f4ad52f c6197040 b6df9387 36000000 c0520404 c073a80c c6a9c3c0 +[ 341.423777] 1ce0: 00000000 c6d643c0 c6a9c3c0 c0800024 00000001 00000001 c6d643c8 c6a9c3c0 +[ 341.431967] 1d00: c081b9c0 c7abca80 c610c840 c081b9c0 0000001c 00400000 c6bc5e6c c0522fb4 +[ 341.440157] 1d20: c6d64400 00000004 c6bc5e0a 00000000 c60f5000 c7abca80 c081b9c0 c0522f54 +[ 341.448348] 1d40: c6a9c3c0 c7abca80 c0803e48 c0549c94 c610c828 0000000a c0801d74 00000003 +[ 341.456538] 1d60: c6ec8f0a 00000000 c60f5000 c7abca80 c081b9c0 c0548520 0000000a 00000000 +[ 341.464728] 1d80: 00000000 003a0000 00000000 00000000 00000000 00000000 00000000 00000000 +[ 341.472919] 1da0: 000002ff 00000000 00000000 16000000 00000000 00000000 00000000 00000000 +[ 341.481110] 1dc0: 00000000 0000008f 00000000 00000000 00000000 2d132a69 c6bc5e40 00000000 +[ 341.489300] 1de0: c6bc5e40 c6a9c3c0 00000000 c6ec8e50 00000001 c054b070 00000001 00000000 +[ 341.497490] 1e00: c0807200 c6bc5e00 00000000 ffffe000 00000100 c054aea4 00000000 00000000 +[ 341.505681] 1e20: 00000122 00400000 c0802d00 c0172e80 6f56a70e ffffffff 6f56a70e c7eb9cc0 +[ 341.513871] 1e40: c7eb82c0 00000000 c0801e60 c017309c 00000000 00000000 07780000 c07382c0 +[ 341.522061] 1e60: 00000000 c7eb9cc0 c0739cc0 c0803f74 c0801e70 c0801e70 c0801ea4 c013d380 +[ 341.530253] 1e80: 00000000 000000a0 00000001 c0802084 c0802080 40000001 ffffe000 00000100 +[ 341.538443] 1ea0: c0802080 c01021e8 c8803100 10c5387d 00000000 c07341f0 c0739880 0000000a +[ 341.546633] 1ec0: c0734180 00001017 c0802d00 c062aa98 00200002 c062aa60 c8803100 c073984c +[ 341.554823] 1ee0: 00000000 00000001 00000000 c7810000 c8803100 10c5387d 00000000 c011c188 +[ 341.563014] 1f00: c073984c c015f0f8 c0804244 c0815ae4 c880210c c8802100 c0801f40 c037c584 +[ 341.571204] 1f20: c01035f8 60000013 ffffffff c0801f74 c080afd4 c0800000 10c5387d c0101a8c +[ 341.579395] 1f40: 00000000 004ac9dc c7eba4b4 c010ee60 ffffe000 c0803e68 c0803ea8 00000001 +[ 341.587587] 1f60: c080afd4 c062ca20 10c5387d 00000000 00000000 c0801f90 c01035f4 c01035f8 +[ 341.595776] 1f80: 60000013 ffffffff 00000051 00000000 ffffe000 c013ff50 000000ce c0803e40 +[ 341.603967] 1fa0: c082216c 00000000 00000001 c072ba38 10c5387d c0140214 c0822184 c0700df8 +[ 341.612157] 1fc0: ffffffff ffffffff 00000000 c070058c c072ba38 2d162e71 00000000 c0700330 +[ 341.620348] 1fe0: 00000051 10c0387d 000000ff 00a521d0 413fc090 00000000 00000000 00000000 +[ 341.628558] [] (dev_hard_start_xmit) from [] (sch_direct_xmit+0xe4/0x2bc) +[ 341.637106] [] (sch_direct_xmit) from [] (__dev_queue_xmit+0x6a4/0x72c) +[ 341.645481] [] (__dev_queue_xmit) from [] (ip6_finish_output2+0x18c/0x434) +[ 341.654112] [] (ip6_finish_output2) from [] (ip6_output+0x5c/0xd0) +[ 341.662053] [] (ip6_output) from [] (mld_sendpack+0x1a0/0x1a8) +[ 341.669640] [] (mld_sendpack) from [] (mld_ifc_timer_expire+0x1cc/0x2e4) +[ 341.678111] [] (mld_ifc_timer_expire) from [] (call_timer_fn.constprop.3+0x24/0x98) +[ 341.687527] [] (call_timer_fn.constprop.3) from [] (run_timer_softirq+0x1a8/0x1e4) +[ 341.696860] [] (run_timer_softirq) from [] (__do_softirq+0x120/0x2b0) +[ 341.705066] [] (__do_softirq) from [] (irq_exit+0x78/0x84) +[ 341.712317] [] (irq_exit) from [] (__handle_domain_irq+0x60/0xb4) +[ 341.720179] [] (__handle_domain_irq) from [] (gic_handle_irq+0x4c/0x90) +[ 341.728549] [] (gic_handle_irq) from [] (__irq_svc+0x6c/0x90) + +Fixes: 20f2c5fa3af0 ("brcmfmac: add initial support for monitor mode") +Signed-off-by: Rafał Miłecki +--- + drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c ++++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c +@@ -746,9 +746,18 @@ static int brcmf_net_mon_stop(struct net + return err; + } + ++static netdev_tx_t brcmf_net_mon_start_xmit(struct sk_buff *skb, ++ struct net_device *ndev) ++{ ++ dev_kfree_skb_any(skb); ++ ++ return NETDEV_TX_OK; ++} ++ + static const struct net_device_ops brcmf_netdev_ops_mon = { + .ndo_open = brcmf_net_mon_open, + .ndo_stop = brcmf_net_mon_stop, ++ .ndo_start_xmit = brcmf_net_mon_start_xmit, + }; + + int brcmf_net_mon_attach(struct brcmf_if *ifp) diff --git a/package/kernel/mac80211/patches/brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch b/package/kernel/mac80211/patches/brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch index a1bcbfae..c18a5bfa 100644 --- a/package/kernel/mac80211/patches/brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch +++ b/package/kernel/mac80211/patches/brcm/860-brcmfmac-register-wiphy-s-during-module_init.patch @@ -13,7 +13,7 @@ Signed-off-by: Rafał Miłecki --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c -@@ -1545,6 +1545,7 @@ int __init brcmf_core_init(void) +@@ -1554,6 +1554,7 @@ int __init brcmf_core_init(void) { if (!schedule_work(&brcmf_driver_work)) return -EBUSY; diff --git a/package/kernel/mac80211/patches/build/015-ipw200-mtu.patch b/package/kernel/mac80211/patches/build/015-ipw200-mtu.patch index d57d821f..410f4e42 100644 --- a/package/kernel/mac80211/patches/build/015-ipw200-mtu.patch +++ b/package/kernel/mac80211/patches/build/015-ipw200-mtu.patch @@ -1,6 +1,6 @@ --- a/drivers/net/wireless/intel/ipw2x00/ipw2200.c +++ b/drivers/net/wireless/intel/ipw2x00/ipw2200.c -@@ -11498,6 +11498,15 @@ static const struct attribute_group ipw_ +@@ -11499,6 +11499,15 @@ static const struct attribute_group ipw_ .attrs = ipw_sysfs_entries, }; @@ -16,7 +16,7 @@ #ifdef CPTCFG_IPW2200_PROMISCUOUS static int ipw_prom_open(struct net_device *dev) { -@@ -11546,15 +11555,6 @@ static netdev_tx_t ipw_prom_hard_start_x +@@ -11547,15 +11556,6 @@ static netdev_tx_t ipw_prom_hard_start_x return NETDEV_TX_OK; } diff --git a/package/kernel/mac80211/patches/build/060-no_local_ssb_bcma.patch b/package/kernel/mac80211/patches/build/060-no_local_ssb_bcma.patch index 06636060..9c86379f 100644 --- a/package/kernel/mac80211/patches/build/060-no_local_ssb_bcma.patch +++ b/package/kernel/mac80211/patches/build/060-no_local_ssb_bcma.patch @@ -140,7 +140,7 @@ # LED support --- a/drivers/net/wireless/broadcom/b43legacy/main.c +++ b/drivers/net/wireless/broadcom/b43legacy/main.c -@@ -1937,7 +1937,7 @@ static int b43legacy_gpio_init(struct b4 +@@ -1938,7 +1938,7 @@ static int b43legacy_gpio_init(struct b4 if (dev->dev->id.revision >= 2) mask |= 0x0010; /* FIXME: This is redundant. */ @@ -149,7 +149,7 @@ pcidev = bus->pcicore.dev; #endif gpiodev = bus->chipco.dev ? : pcidev; -@@ -1956,7 +1956,7 @@ static void b43legacy_gpio_cleanup(struc +@@ -1957,7 +1957,7 @@ static void b43legacy_gpio_cleanup(struc struct ssb_bus *bus = dev->dev->bus; struct ssb_device *gpiodev, *pcidev = NULL; diff --git a/package/kernel/mac80211/patches/mwl/801-libertas-configure-sysfs-links.patch b/package/kernel/mac80211/patches/mwl/801-libertas-configure-sysfs-links.patch index c3e6db8f..a22707e2 100644 --- a/package/kernel/mac80211/patches/mwl/801-libertas-configure-sysfs-links.patch +++ b/package/kernel/mac80211/patches/mwl/801-libertas-configure-sysfs-links.patch @@ -1,6 +1,6 @@ --- a/drivers/net/wireless/marvell/libertas/cfg.c +++ b/drivers/net/wireless/marvell/libertas/cfg.c -@@ -2041,6 +2041,8 @@ struct wireless_dev *lbs_cfg_alloc(struc +@@ -2053,6 +2053,8 @@ struct wireless_dev *lbs_cfg_alloc(struc goto err_wiphy_new; } diff --git a/package/kernel/mac80211/patches/mwl/802-libertas-set-wireless-macaddr.patch b/package/kernel/mac80211/patches/mwl/802-libertas-set-wireless-macaddr.patch index f1966d88..c2d0a589 100644 --- a/package/kernel/mac80211/patches/mwl/802-libertas-set-wireless-macaddr.patch +++ b/package/kernel/mac80211/patches/mwl/802-libertas-set-wireless-macaddr.patch @@ -1,6 +1,6 @@ --- a/drivers/net/wireless/marvell/libertas/cfg.c +++ b/drivers/net/wireless/marvell/libertas/cfg.c -@@ -2117,6 +2117,8 @@ int lbs_cfg_register(struct lbs_private +@@ -2129,6 +2129,8 @@ int lbs_cfg_register(struct lbs_private wdev->wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites); wdev->wiphy->reg_notifier = lbs_reg_notifier; diff --git a/package/kernel/mac80211/patches/rt2x00/020-cfg80211-add-ratelimited-variants-of-err-and-warn.patch b/package/kernel/mac80211/patches/rt2x00/020-cfg80211-add-ratelimited-variants-of-err-and-warn.patch index 8411f00c..ec9159c5 100644 --- a/package/kernel/mac80211/patches/rt2x00/020-cfg80211-add-ratelimited-variants-of-err-and-warn.patch +++ b/package/kernel/mac80211/patches/rt2x00/020-cfg80211-add-ratelimited-variants-of-err-and-warn.patch @@ -25,7 +25,7 @@ Signed-off-by: Stanislaw Gruszka --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h -@@ -6627,6 +6627,11 @@ bool cfg80211_iftype_allowed(struct wiph +@@ -6632,6 +6632,11 @@ bool cfg80211_iftype_allowed(struct wiph #define wiphy_info(wiphy, format, args...) \ dev_info(&(wiphy)->dev, format, ##args) diff --git a/package/kernel/mac80211/patches/subsys/140-tweak-TSQ-setting.patch b/package/kernel/mac80211/patches/subsys/140-tweak-TSQ-setting.patch index f78ba82d..a1c01e28 100644 --- a/package/kernel/mac80211/patches/subsys/140-tweak-TSQ-setting.patch +++ b/package/kernel/mac80211/patches/subsys/140-tweak-TSQ-setting.patch @@ -1,6 +1,6 @@ --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c -@@ -3800,6 +3800,12 @@ out: +@@ -3822,6 +3822,12 @@ out: netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb, struct net_device *dev) { diff --git a/package/kernel/mac80211/patches/subsys/300-mac80211-add-stop-start-logic-for-software-TXQs.patch b/package/kernel/mac80211/patches/subsys/300-mac80211-add-stop-start-logic-for-software-TXQs.patch index e57a33ec..afb88dbe 100644 --- a/package/kernel/mac80211/patches/subsys/300-mac80211-add-stop-start-logic-for-software-TXQs.patch +++ b/package/kernel/mac80211/patches/subsys/300-mac80211-add-stop-start-logic-for-software-TXQs.patch @@ -77,7 +77,7 @@ Signed-off-by: Johannes Berg atomic_t agg_queue_stop[IEEE80211_MAX_QUEUES]; -@@ -2046,6 +2048,7 @@ void ieee80211_txq_remove_vlan(struct ie +@@ -2047,6 +2049,7 @@ void ieee80211_txq_remove_vlan(struct ie struct ieee80211_sub_if_data *sdata); void ieee80211_fill_txq_stats(struct cfg80211_txq_stats *txqstats, struct txq_info *txqi); @@ -100,7 +100,7 @@ Signed-off-by: Johannes Berg (unsigned long) local); --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c -@@ -3485,13 +3485,19 @@ struct sk_buff *ieee80211_tx_dequeue(str +@@ -3487,13 +3487,19 @@ struct sk_buff *ieee80211_tx_dequeue(str struct ieee80211_tx_info *info; struct ieee80211_tx_data tx; ieee80211_tx_result r; @@ -122,7 +122,7 @@ Signed-off-by: Johannes Berg /* Make sure fragments stay together. */ skb = __skb_dequeue(&txqi->frags); if (skb) -@@ -3586,6 +3592,7 @@ begin: +@@ -3606,6 +3612,7 @@ begin: } IEEE80211_SKB_CB(skb)->control.vif = vif; diff --git a/package/kernel/mac80211/patches/subsys/305-mac80211-fix-tx-status-for-no-ack-cases.patch b/package/kernel/mac80211/patches/subsys/305-mac80211-fix-tx-status-for-no-ack-cases.patch new file mode 100644 index 00000000..5b5daf8a --- /dev/null +++ b/package/kernel/mac80211/patches/subsys/305-mac80211-fix-tx-status-for-no-ack-cases.patch @@ -0,0 +1,82 @@ +From: Markus Theil +Date: Wed, 18 Dec 2019 15:27:36 +0100 +Subject: [PATCH] mac80211: fix tx status for no ack cases + +Before this patch, frames which where successfully transmitted without +requiring acks where accounted as lost frames. + +Signed-off-by: Markus Theil +Link: https://lore.kernel.org/r/20191218142736.15843-1-markus.theil@tu-ilmenau.de +Signed-off-by: Johannes Berg +--- + +--- a/net/mac80211/status.c ++++ b/net/mac80211/status.c +@@ -719,6 +719,7 @@ static void __ieee80211_tx_status(struct + int rates_idx; + bool send_to_cooked; + bool acked; ++ bool noack_success; + struct ieee80211_bar *bar; + int shift = 0; + int tid = IEEE80211_NUM_TIDS; +@@ -736,6 +737,8 @@ static void __ieee80211_tx_status(struct + clear_sta_flag(sta, WLAN_STA_SP); + + acked = !!(info->flags & IEEE80211_TX_STAT_ACK); ++ noack_success = !!(info->flags & ++ IEEE80211_TX_STAT_NOACK_TRANSMITTED); + + /* mesh Peer Service Period support */ + if (ieee80211_vif_is_mesh(&sta->sdata->vif) && +@@ -800,12 +803,12 @@ static void __ieee80211_tx_status(struct + ieee80211_handle_filtered_frame(local, sta, skb); + return; + } else { +- if (!acked) ++ if (!acked && !noack_success) + sta->status_stats.retry_failed++; + sta->status_stats.retry_count += retry_count; + + if (ieee80211_is_data_present(fc)) { +- if (!acked) ++ if (!acked && !noack_success) + sta->status_stats.msdu_failed[tid]++; + + sta->status_stats.msdu_retries[tid] += +@@ -826,7 +829,7 @@ static void __ieee80211_tx_status(struct + acked, info->status.tx_time); + + if (ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS)) { +- if (info->flags & IEEE80211_TX_STAT_ACK) { ++ if (acked) { + if (sta->status_stats.lost_packets) + sta->status_stats.lost_packets = 0; + +@@ -834,6 +837,8 @@ static void __ieee80211_tx_status(struct + if (test_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH)) + sta->status_stats.last_tdls_pkt_time = + jiffies; ++ } else if (noack_success) { ++ /* nothing to do here, do not account as lost */ + } else { + ieee80211_lost_packet(sta, info); + } +@@ -959,7 +964,7 @@ void ieee80211_tx_status_ext(struct ieee + + sta = container_of(pubsta, struct sta_info, sta); + +- if (!acked) ++ if (!acked && !noack_success) + sta->status_stats.retry_failed++; + sta->status_stats.retry_count += retry_count; + +@@ -974,6 +979,8 @@ void ieee80211_tx_status_ext(struct ieee + sta->status_stats.last_tdls_pkt_time = jiffies; + } else if (test_sta_flag(sta, WLAN_STA_PS_STA)) { + return; ++ } else if (noack_success) { ++ /* nothing to do here, do not account as lost */ + } else { + ieee80211_lost_packet(sta, info); + } diff --git a/package/kernel/mac80211/patches/subsys/313-mac80211-minstrel_ht-fix-per-group-max-throughput-ra.patch b/package/kernel/mac80211/patches/subsys/313-mac80211-minstrel_ht-fix-per-group-max-throughput-ra.patch deleted file mode 100644 index 5ae29918..00000000 --- a/package/kernel/mac80211/patches/subsys/313-mac80211-minstrel_ht-fix-per-group-max-throughput-ra.patch +++ /dev/null @@ -1,22 +0,0 @@ -From: Felix Fietkau -Date: Fri, 14 Jun 2019 21:12:04 +0200 -Subject: [PATCH] mac80211: minstrel_ht: fix per-group max throughput rate - initialization - -The group number needs to be multiplied by the number of rates per group -to get the full rate index - -Signed-off-by: Felix Fietkau ---- - ---- a/net/mac80211/rc80211_minstrel_ht.c -+++ b/net/mac80211/rc80211_minstrel_ht.c -@@ -542,7 +542,7 @@ minstrel_ht_update_stats(struct minstrel - - /* (re)Initialize group rate indexes */ - for(j = 0; j < MAX_THR_RATES; j++) -- tmp_group_tp_rate[j] = group; -+ tmp_group_tp_rate[j] = MCS_GROUP_RATES * group; - - for (i = 0; i < MCS_GROUP_RATES; i++) { - if (!(mi->supported[group] & BIT(i))) diff --git a/package/kernel/mac80211/patches/subsys/320-mac80211-Add-TXQ-scheduling-API.patch b/package/kernel/mac80211/patches/subsys/320-mac80211-Add-TXQ-scheduling-API.patch index 4566e993..3c38a9f7 100644 --- a/package/kernel/mac80211/patches/subsys/320-mac80211-Add-TXQ-scheduling-API.patch +++ b/package/kernel/mac80211/patches/subsys/320-mac80211-Add-TXQ-scheduling-API.patch @@ -191,7 +191,7 @@ Signed-off-by: Johannes Berg --- a/net/mac80211/sta_info.c +++ b/net/mac80211/sta_info.c -@@ -1244,7 +1244,7 @@ void ieee80211_sta_ps_deliver_wakeup(str +@@ -1249,7 +1249,7 @@ void ieee80211_sta_ps_deliver_wakeup(str if (!txq_has_queue(sta->sta.txq[i])) continue; @@ -229,7 +229,7 @@ Signed-off-by: Johannes Berg return true; } -@@ -3600,6 +3604,60 @@ out: +@@ -3620,6 +3624,60 @@ out: } EXPORT_SYMBOL(ieee80211_tx_dequeue); @@ -289,4 +289,4 @@ Signed-off-by: Johannes Berg + void __ieee80211_subif_start_xmit(struct sk_buff *skb, struct net_device *dev, - u32 info_flags) + u32 info_flags, diff --git a/package/kernel/mac80211/patches/subsys/321-cfg80211-Add-airtime-statistics-and-settings.patch b/package/kernel/mac80211/patches/subsys/321-cfg80211-Add-airtime-statistics-and-settings.patch index 9dac4684..ff2dc351 100644 --- a/package/kernel/mac80211/patches/subsys/321-cfg80211-Add-airtime-statistics-and-settings.patch +++ b/package/kernel/mac80211/patches/subsys/321-cfg80211-Add-airtime-statistics-and-settings.patch @@ -148,7 +148,7 @@ Signed-off-by: Johannes Berg MAX_NL80211_EXT_FEATURES = NUM_NL80211_EXT_FEATURES - 1 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c -@@ -463,6 +463,7 @@ static const struct nla_policy nl80211_p +@@ -469,6 +469,7 @@ static const struct nla_policy nl80211_p [NL80211_ATTR_TXQ_QUANTUM] = { .type = NLA_U32 }, [NL80211_ATTR_HE_CAPABILITY] = { .type = NLA_BINARY, .len = NL80211_HE_MAX_CAPABILITY_LEN }, @@ -156,7 +156,7 @@ Signed-off-by: Johannes Berg }; /* policy for the key attributes */ -@@ -4703,6 +4704,11 @@ static int nl80211_send_station(struct s +@@ -4709,6 +4710,11 @@ static int nl80211_send_station(struct s PUT_SINFO(PLID, plid, u16); PUT_SINFO(PLINK_STATE, plink_state, u8); PUT_SINFO_U64(RX_DURATION, rx_duration); @@ -168,7 +168,7 @@ Signed-off-by: Johannes Berg switch (rdev->wiphy.signal_type) { case CFG80211_SIGNAL_TYPE_MBM: -@@ -5339,6 +5345,15 @@ static int nl80211_set_station(struct sk +@@ -5345,6 +5351,15 @@ static int nl80211_set_station(struct sk nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]); } @@ -184,7 +184,7 @@ Signed-off-by: Johannes Berg /* Include parameters for TDLS peer (will check later) */ err = nl80211_set_station_tdls(info, ¶ms); if (err) -@@ -5477,6 +5492,15 @@ static int nl80211_new_station(struct sk +@@ -5483,6 +5498,15 @@ static int nl80211_new_station(struct sk return -EINVAL; } diff --git a/package/kernel/mac80211/patches/subsys/322-mac80211-Add-airtime-accounting-and-scheduling-to-TX.patch b/package/kernel/mac80211/patches/subsys/322-mac80211-Add-airtime-accounting-and-scheduling-to-TX.patch index 955ae2a3..3b2f3824 100644 --- a/package/kernel/mac80211/patches/subsys/322-mac80211-Add-airtime-accounting-and-scheduling-to-TX.patch +++ b/package/kernel/mac80211/patches/subsys/322-mac80211-Add-airtime-accounting-and-scheduling-to-TX.patch @@ -302,7 +302,7 @@ Signed-off-by: Johannes Berg } for (i = 0; i < IEEE80211_NUM_TIDS; i++) -@@ -1821,6 +1821,27 @@ void ieee80211_sta_set_buffered(struct i +@@ -1826,6 +1826,27 @@ void ieee80211_sta_set_buffered(struct i } EXPORT_SYMBOL(ieee80211_sta_set_buffered); @@ -330,7 +330,7 @@ Signed-off-by: Johannes Berg int sta_info_move_state(struct sta_info *sta, enum ieee80211_sta_state new_state) { -@@ -2187,6 +2208,23 @@ void sta_set_sinfo(struct sta_info *sta, +@@ -2192,6 +2213,23 @@ void sta_set_sinfo(struct sta_info *sta, sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED); } @@ -385,7 +385,7 @@ Signed-off-by: Johannes Berg */ --- a/net/mac80211/status.c +++ b/net/mac80211/status.c -@@ -825,6 +825,12 @@ static void __ieee80211_tx_status(struct +@@ -828,6 +828,12 @@ static void __ieee80211_tx_status(struct ieee80211_sta_tx_notify(sta->sdata, (void *) skb->data, acked, info->status.tx_time); @@ -396,7 +396,7 @@ Signed-off-by: Johannes Berg + info->status.tx_time, 0); + if (ieee80211_hw_check(&local->hw, REPORTS_TX_ACK_STATUS)) { - if (info->flags & IEEE80211_TX_STAT_ACK) { + if (acked) { if (sta->status_stats.lost_packets) --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c @@ -412,7 +412,7 @@ Signed-off-by: Johannes Berg spin_lock_bh(&local->active_txq_lock[txqi->txq.ac]); list_del_init(&txqi->schedule_order); spin_unlock_bh(&local->active_txq_lock[txqi->txq.ac]); -@@ -3611,11 +3614,28 @@ struct ieee80211_txq *ieee80211_next_txq +@@ -3631,11 +3634,28 @@ struct ieee80211_txq *ieee80211_next_txq lockdep_assert_held(&local->active_txq_lock[ac]); @@ -442,7 +442,7 @@ Signed-off-by: Johannes Berg return NULL; list_del_init(&txqi->schedule_order); -@@ -3633,12 +3653,74 @@ void ieee80211_return_txq(struct ieee802 +@@ -3653,12 +3673,74 @@ void ieee80211_return_txq(struct ieee802 lockdep_assert_held(&local->active_txq_lock[txq->ac]); if (list_empty(&txqi->schedule_order) && diff --git a/package/kernel/mac80211/patches/subsys/323-mac80211-Expose-ieee80211_schedule_txq-function.patch b/package/kernel/mac80211/patches/subsys/323-mac80211-Expose-ieee80211_schedule_txq-function.patch index b5b06cdd..06981fdc 100644 --- a/package/kernel/mac80211/patches/subsys/323-mac80211-Expose-ieee80211_schedule_txq-function.patch +++ b/package/kernel/mac80211/patches/subsys/323-mac80211-Expose-ieee80211_schedule_txq-function.patch @@ -51,7 +51,7 @@ Signed-off-by: Johannes Berg --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c -@@ -3673,6 +3673,19 @@ void ieee80211_return_txq(struct ieee802 +@@ -3693,6 +3693,19 @@ void ieee80211_return_txq(struct ieee802 } EXPORT_SYMBOL(ieee80211_return_txq); diff --git a/package/kernel/mac80211/patches/subsys/350-mac80211-add-hdrlen-to-ieee80211_tx_data.patch b/package/kernel/mac80211/patches/subsys/350-mac80211-add-hdrlen-to-ieee80211_tx_data.patch index 7b2a4a1c..7520b4dd 100644 --- a/package/kernel/mac80211/patches/subsys/350-mac80211-add-hdrlen-to-ieee80211_tx_data.patch +++ b/package/kernel/mac80211/patches/subsys/350-mac80211-add-hdrlen-to-ieee80211_tx_data.patch @@ -48,15 +48,15 @@ Signed-off-by: Felix Fietkau if (likely(sta)) { if (!IS_ERR(sta)) tx->sta = sta; -@@ -3523,6 +3523,7 @@ begin: +@@ -3525,6 +3525,7 @@ begin: tx.local = local; tx.skb = skb; tx.sdata = vif_to_sdata(info->control.vif); + tx.hdrlen = ieee80211_hdrlen(hdr->frame_control); - if (txq->sta) + if (txq->sta) { tx.sta = container_of(txq->sta, struct sta_info, sta); -@@ -3549,7 +3550,7 @@ begin: +@@ -3569,7 +3570,7 @@ begin: if (tx.key && (tx.key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) @@ -65,7 +65,7 @@ Signed-off-by: Felix Fietkau ieee80211_xmit_fast_finish(sta->sdata, sta, pn_offs, tx.key, skb); -@@ -4006,6 +4007,7 @@ ieee80211_build_data_template(struct iee +@@ -4028,6 +4029,7 @@ ieee80211_build_data_template(struct iee hdr = (void *)skb->data; tx.sta = sta_info_get(sdata, hdr->addr1); tx.skb = skb; @@ -75,7 +75,7 @@ Signed-off-by: Felix Fietkau rcu_read_unlock(); --- a/net/mac80211/util.c +++ b/net/mac80211/util.c -@@ -1390,6 +1390,7 @@ void ieee80211_send_auth(struct ieee8021 +@@ -1396,6 +1396,7 @@ void ieee80211_send_auth(struct ieee8021 struct ieee80211_local *local = sdata->local; struct sk_buff *skb; struct ieee80211_mgmt *mgmt; @@ -83,7 +83,7 @@ Signed-off-by: Felix Fietkau int err; /* 24 + 6 = header + auth_algo + auth_transaction + status_code */ -@@ -1413,8 +1414,10 @@ void ieee80211_send_auth(struct ieee8021 +@@ -1419,8 +1420,10 @@ void ieee80211_send_auth(struct ieee8021 skb_put_data(skb, extra, extra_len); if (auth_alg == WLAN_AUTH_SHARED_KEY && transaction == 3) { diff --git a/package/kernel/mac80211/patches/subsys/351-mac80211-add-TX_NEEDS_ALIGNED4_SKBS-hw-flag.patch b/package/kernel/mac80211/patches/subsys/351-mac80211-add-TX_NEEDS_ALIGNED4_SKBS-hw-flag.patch index e1e846e0..a9ebfac3 100644 --- a/package/kernel/mac80211/patches/subsys/351-mac80211-add-TX_NEEDS_ALIGNED4_SKBS-hw-flag.patch +++ b/package/kernel/mac80211/patches/subsys/351-mac80211-add-TX_NEEDS_ALIGNED4_SKBS-hw-flag.patch @@ -236,7 +236,7 @@ Signed-off-by: Felix Fietkau if (skb->len < len_rthdr + hdrlen) goto fail; -@@ -2440,7 +2439,7 @@ static struct sk_buff *ieee80211_build_h +@@ -2441,7 +2440,7 @@ static struct sk_buff *ieee80211_build_h struct ieee80211_chanctx_conf *chanctx_conf; struct ieee80211_sub_if_data *ap_sdata; enum nl80211_band band; @@ -245,7 +245,7 @@ Signed-off-by: Felix Fietkau if (IS_ERR(sta)) sta = NULL; -@@ -2739,7 +2738,9 @@ static struct sk_buff *ieee80211_build_h +@@ -2740,7 +2739,9 @@ static struct sk_buff *ieee80211_build_h } skb_pull(skb, skip_header_bytes); @@ -255,7 +255,7 @@ Signed-off-by: Felix Fietkau /* * So we need to modify the skb header and hence need a copy of -@@ -2772,6 +2773,9 @@ static struct sk_buff *ieee80211_build_h +@@ -2773,6 +2774,9 @@ static struct sk_buff *ieee80211_build_h memcpy(skb_push(skb, meshhdrlen), &mesh_hdr, meshhdrlen); #endif @@ -265,7 +265,7 @@ Signed-off-by: Felix Fietkau if (ieee80211_is_data_qos(fc)) { __le16 *qos_control; -@@ -2947,6 +2951,8 @@ void ieee80211_check_fast_xmit(struct st +@@ -2949,6 +2953,8 @@ void ieee80211_check_fast_xmit(struct st fc |= cpu_to_le16(IEEE80211_STYPE_QOS_DATA); } @@ -274,16 +274,16 @@ Signed-off-by: Felix Fietkau /* We store the key here so there's no point in using rcu_dereference() * but that's fine because the code that changes the pointers will call * this function after doing so. For a single CPU that would be enough, -@@ -3523,7 +3529,7 @@ begin: +@@ -3525,7 +3531,7 @@ begin: tx.local = local; tx.skb = skb; tx.sdata = vif_to_sdata(info->control.vif); - tx.hdrlen = ieee80211_hdrlen(hdr->frame_control); + tx.hdrlen = ieee80211_padded_hdrlen(hw, hdr->frame_control); - if (txq->sta) + if (txq->sta) { tx.sta = container_of(txq->sta, struct sta_info, sta); -@@ -4007,7 +4013,7 @@ ieee80211_build_data_template(struct iee +@@ -4029,7 +4035,7 @@ ieee80211_build_data_template(struct iee hdr = (void *)skb->data; tx.sta = sta_info_get(sdata, hdr->addr1); tx.skb = skb; diff --git a/package/kernel/mac80211/patches/subsys/352-mac80211-rework-locking-for-txq-scheduling-airtime-f.patch b/package/kernel/mac80211/patches/subsys/352-mac80211-rework-locking-for-txq-scheduling-airtime-f.patch index 0404afe7..a71748b3 100644 --- a/package/kernel/mac80211/patches/subsys/352-mac80211-rework-locking-for-txq-scheduling-airtime-f.patch +++ b/package/kernel/mac80211/patches/subsys/352-mac80211-rework-locking-for-txq-scheduling-airtime-f.patch @@ -95,7 +95,7 @@ Signed-off-by: Felix Fietkau * ieee80211_txq_may_transmit - check whether TXQ is allowed to transmit --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c -@@ -3617,16 +3617,17 @@ EXPORT_SYMBOL(ieee80211_tx_dequeue); +@@ -3637,16 +3637,17 @@ EXPORT_SYMBOL(ieee80211_tx_dequeue); struct ieee80211_txq *ieee80211_next_txq(struct ieee80211_hw *hw, u8 ac) { struct ieee80211_local *local = hw_to_local(hw); @@ -115,7 +115,7 @@ Signed-off-by: Felix Fietkau if (txqi->txq.sta) { struct sta_info *sta = container_of(txqi->txq.sta, -@@ -3643,21 +3644,25 @@ struct ieee80211_txq *ieee80211_next_txq +@@ -3663,21 +3664,25 @@ struct ieee80211_txq *ieee80211_next_txq if (txqi->schedule_round == local->schedule_round[ac]) @@ -146,7 +146,7 @@ Signed-off-by: Felix Fietkau if (list_empty(&txqi->schedule_order) && (!skb_queue_empty(&txqi->frags) || txqi->tin.backlog_packets)) { -@@ -3677,18 +3682,7 @@ void ieee80211_return_txq(struct ieee802 +@@ -3697,18 +3702,7 @@ void ieee80211_return_txq(struct ieee802 list_add_tail(&txqi->schedule_order, &local->active_txqs[txq->ac]); } @@ -165,7 +165,7 @@ Signed-off-by: Felix Fietkau spin_unlock_bh(&local->active_txq_lock[txq->ac]); } EXPORT_SYMBOL(ieee80211_schedule_txq); -@@ -3701,7 +3695,7 @@ bool ieee80211_txq_may_transmit(struct i +@@ -3721,7 +3715,7 @@ bool ieee80211_txq_may_transmit(struct i struct sta_info *sta; u8 ac = txq->ac; @@ -174,7 +174,7 @@ Signed-off-by: Felix Fietkau if (!txqi->txq.sta) goto out; -@@ -3731,34 +3725,27 @@ bool ieee80211_txq_may_transmit(struct i +@@ -3751,34 +3745,27 @@ bool ieee80211_txq_may_transmit(struct i sta->airtime[ac].deficit += sta->airtime_weight; list_move_tail(&txqi->schedule_order, &local->active_txqs[ac]); diff --git a/package/kernel/mac80211/patches/subsys/353-mac80211-mesh-drop-redundant-rcu_read_lock-unlock-ca.patch b/package/kernel/mac80211/patches/subsys/353-mac80211-mesh-drop-redundant-rcu_read_lock-unlock-ca.patch index 86300be4..bcbec4cd 100644 --- a/package/kernel/mac80211/patches/subsys/353-mac80211-mesh-drop-redundant-rcu_read_lock-unlock-ca.patch +++ b/package/kernel/mac80211/patches/subsys/353-mac80211-mesh-drop-redundant-rcu_read_lock-unlock-ca.patch @@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau --- a/net/mac80211/mesh_hwmp.c +++ b/net/mac80211/mesh_hwmp.c -@@ -1112,16 +1112,13 @@ int mesh_nexthop_resolve(struct ieee8021 +@@ -1115,16 +1115,13 @@ int mesh_nexthop_resolve(struct ieee8021 struct mesh_path *mpath; struct sk_buff *skb_to_free = NULL; u8 *target_addr = hdr->addr3; @@ -28,7 +28,7 @@ Signed-off-by: Felix Fietkau /* no nexthop found, start resolving */ mpath = mesh_path_lookup(sdata, target_addr); -@@ -1129,8 +1126,7 @@ int mesh_nexthop_resolve(struct ieee8021 +@@ -1132,8 +1129,7 @@ int mesh_nexthop_resolve(struct ieee8021 mpath = mesh_path_add(sdata, target_addr); if (IS_ERR(mpath)) { mesh_path_discard_frame(sdata, skb); @@ -38,7 +38,7 @@ Signed-off-by: Felix Fietkau } } -@@ -1143,13 +1139,10 @@ int mesh_nexthop_resolve(struct ieee8021 +@@ -1147,13 +1143,10 @@ int mesh_nexthop_resolve(struct ieee8021 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING; ieee80211_set_qos_hdr(sdata, skb); skb_queue_tail(&mpath->frame_queue, skb); @@ -53,7 +53,7 @@ Signed-off-by: Felix Fietkau } /** -@@ -1169,13 +1162,10 @@ int mesh_nexthop_lookup(struct ieee80211 +@@ -1173,13 +1166,10 @@ int mesh_nexthop_lookup(struct ieee80211 struct sta_info *next_hop; struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; u8 *target_addr = hdr->addr3; @@ -68,7 +68,7 @@ Signed-off-by: Felix Fietkau if (time_after(jiffies, mpath->exp_time - -@@ -1190,12 +1180,10 @@ int mesh_nexthop_lookup(struct ieee80211 +@@ -1194,12 +1184,10 @@ int mesh_nexthop_lookup(struct ieee80211 memcpy(hdr->addr1, next_hop->sta.addr, ETH_ALEN); memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN); ieee80211_mps_set_frame_flags(sdata, next_hop, hdr); diff --git a/package/kernel/mac80211/patches/subsys/354-mac80211-calculate-hash-for-fq-without-holding-fq-lo.patch b/package/kernel/mac80211/patches/subsys/354-mac80211-calculate-hash-for-fq-without-holding-fq-lo.patch index b5a49dbf..2ff37696 100644 --- a/package/kernel/mac80211/patches/subsys/354-mac80211-calculate-hash-for-fq-without-holding-fq-lo.patch +++ b/package/kernel/mac80211/patches/subsys/354-mac80211-calculate-hash-for-fq-without-holding-fq-lo.patch @@ -111,7 +111,7 @@ Signed-off-by: Felix Fietkau schedule_and_wake_txq(local, txqi); -@@ -3198,6 +3199,7 @@ static bool ieee80211_amsdu_aggregate(st +@@ -3200,6 +3201,7 @@ static bool ieee80211_amsdu_aggregate(st u8 max_subframes = sta->sta.max_amsdu_subframes; int max_frags = local->hw.max_tx_fragments; int max_amsdu_len = sta->sta.max_amsdu_len; @@ -119,7 +119,7 @@ Signed-off-by: Felix Fietkau int orig_truesize; __be16 len; void *data; -@@ -3220,6 +3222,8 @@ static bool ieee80211_amsdu_aggregate(st +@@ -3222,6 +3224,8 @@ static bool ieee80211_amsdu_aggregate(st max_amsdu_len = min_t(int, max_amsdu_len, sta->sta.max_rc_amsdu_len); @@ -128,7 +128,7 @@ Signed-off-by: Felix Fietkau spin_lock_bh(&fq->lock); /* TODO: Ideally aggregation should be done on dequeue to remain -@@ -3227,7 +3231,8 @@ static bool ieee80211_amsdu_aggregate(st +@@ -3229,7 +3233,8 @@ static bool ieee80211_amsdu_aggregate(st */ tin = &txqi->tin; diff --git a/package/kernel/mac80211/patches/subsys/355-mac80211-run-late-dequeue-late-tx-handlers-without-h.patch b/package/kernel/mac80211/patches/subsys/355-mac80211-run-late-dequeue-late-tx-handlers-without-h.patch index ba254588..fc7a76a3 100644 --- a/package/kernel/mac80211/patches/subsys/355-mac80211-run-late-dequeue-late-tx-handlers-without-h.patch +++ b/package/kernel/mac80211/patches/subsys/355-mac80211-run-late-dequeue-late-tx-handlers-without-h.patch @@ -10,7 +10,7 @@ Signed-off-by: Felix Fietkau --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c -@@ -3505,6 +3505,7 @@ struct sk_buff *ieee80211_tx_dequeue(str +@@ -3507,6 +3507,7 @@ struct sk_buff *ieee80211_tx_dequeue(str ieee80211_tx_result r; struct ieee80211_vif *vif = txq->vif; @@ -18,7 +18,7 @@ Signed-off-by: Felix Fietkau spin_lock_bh(&fq->lock); if (test_bit(IEEE80211_TXQ_STOP, &txqi->flags) || -@@ -3521,11 +3522,12 @@ struct sk_buff *ieee80211_tx_dequeue(str +@@ -3523,11 +3524,12 @@ struct sk_buff *ieee80211_tx_dequeue(str if (skb) goto out; @@ -32,7 +32,7 @@ Signed-off-by: Felix Fietkau hdr = (struct ieee80211_hdr *)skb->data; info = IEEE80211_SKB_CB(skb); -@@ -3571,8 +3573,11 @@ begin: +@@ -3591,8 +3593,11 @@ begin: skb = __skb_dequeue(&tx.skbs); @@ -45,7 +45,7 @@ Signed-off-by: Felix Fietkau } if (skb && skb_has_frag_list(skb) && -@@ -3611,6 +3616,7 @@ begin: +@@ -3631,6 +3636,7 @@ begin: } IEEE80211_SKB_CB(skb)->control.vif = vif; diff --git a/package/kernel/mac80211/patches/subsys/357-mac80211-optimize-skb-resizing.patch b/package/kernel/mac80211/patches/subsys/357-mac80211-optimize-skb-resizing.patch index 8853ccd0..a2d53b60 100644 --- a/package/kernel/mac80211/patches/subsys/357-mac80211-optimize-skb-resizing.patch +++ b/package/kernel/mac80211/patches/subsys/357-mac80211-optimize-skb-resizing.patch @@ -24,7 +24,7 @@ Signed-off-by: Felix Fietkau --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h -@@ -1761,6 +1761,9 @@ void ieee80211_clear_fast_xmit(struct st +@@ -1762,6 +1762,9 @@ void ieee80211_clear_fast_xmit(struct st int ieee80211_tx_control_port(struct wiphy *wiphy, struct net_device *dev, const u8 *buf, size_t len, const u8 *dest, __be16 proto, bool unencrypted); @@ -143,7 +143,7 @@ Signed-off-by: Felix Fietkau ieee80211_free_txskb(&local->hw, skb); return; } -@@ -2740,30 +2746,14 @@ static struct sk_buff *ieee80211_build_h +@@ -2741,30 +2747,14 @@ static struct sk_buff *ieee80211_build_h skb_pull(skb, skip_header_bytes); padsize = ieee80211_hdr_padsize(&local->hw, hdrlen); @@ -180,7 +180,7 @@ Signed-off-by: Felix Fietkau } if (encaps_data) -@@ -3375,7 +3365,6 @@ static bool ieee80211_xmit_fast(struct i +@@ -3377,7 +3367,6 @@ static bool ieee80211_xmit_fast(struct i struct ieee80211_local *local = sdata->local; u16 ethertype = (skb->data[12] << 8) | skb->data[13]; int extra_head = fast_tx->hdr_len - (ETH_HLEN - 2); @@ -188,7 +188,7 @@ Signed-off-by: Felix Fietkau struct ethhdr eth; struct ieee80211_tx_info *info; struct ieee80211_hdr *hdr = (void *)fast_tx->hdr; -@@ -3427,10 +3416,7 @@ static bool ieee80211_xmit_fast(struct i +@@ -3429,10 +3418,7 @@ static bool ieee80211_xmit_fast(struct i * as the may-encrypt argument for the resize to not account for * more room than we already have in 'extra_head' */ diff --git a/package/kernel/mac80211/patches/subsys/358-mac80211-make-ieee80211_schedule_txq-schedule-empty-.patch b/package/kernel/mac80211/patches/subsys/358-mac80211-make-ieee80211_schedule_txq-schedule-empty-.patch index 46dd151f..29670710 100644 --- a/package/kernel/mac80211/patches/subsys/358-mac80211-make-ieee80211_schedule_txq-schedule-empty-.patch +++ b/package/kernel/mac80211/patches/subsys/358-mac80211-make-ieee80211_schedule_txq-schedule-empty-.patch @@ -72,7 +72,7 @@ Signed-off-by: Felix Fietkau /** --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c -@@ -3653,8 +3653,9 @@ out: +@@ -3673,8 +3673,9 @@ out: } EXPORT_SYMBOL(ieee80211_next_txq); @@ -84,7 +84,7 @@ Signed-off-by: Felix Fietkau { struct ieee80211_local *local = hw_to_local(hw); struct txq_info *txqi = to_txq_info(txq); -@@ -3662,7 +3663,8 @@ void ieee80211_schedule_txq(struct ieee8 +@@ -3682,7 +3683,8 @@ void ieee80211_schedule_txq(struct ieee8 spin_lock_bh(&local->active_txq_lock[txq->ac]); if (list_empty(&txqi->schedule_order) && @@ -94,7 +94,7 @@ Signed-off-by: Felix Fietkau /* If airtime accounting is active, always enqueue STAs at the * head of the list to ensure that they only get moved to the * back by the airtime DRR scheduler once they have a negative -@@ -3682,7 +3684,7 @@ void ieee80211_schedule_txq(struct ieee8 +@@ -3702,7 +3704,7 @@ void ieee80211_schedule_txq(struct ieee8 spin_unlock_bh(&local->active_txq_lock[txq->ac]); } diff --git a/package/kernel/mac80211/patches/subsys/360-mac80211-when-using-iTXQ-select-the-queue-in-ieee802.patch b/package/kernel/mac80211/patches/subsys/360-mac80211-when-using-iTXQ-select-the-queue-in-ieee802.patch index 6009ab74..23414d57 100644 --- a/package/kernel/mac80211/patches/subsys/360-mac80211-when-using-iTXQ-select-the-queue-in-ieee802.patch +++ b/package/kernel/mac80211/patches/subsys/360-mac80211-when-using-iTXQ-select-the-queue-in-ieee802.patch @@ -13,15 +13,15 @@ Signed-off-by: Felix Fietkau --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c -@@ -3751,6 +3751,7 @@ void __ieee80211_subif_start_xmit(struct - u32 info_flags) +@@ -3772,6 +3772,7 @@ void __ieee80211_subif_start_xmit(struct + u32 ctrl_flags) { struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); + struct ieee80211_local *local = sdata->local; struct sta_info *sta; struct sk_buff *next; -@@ -3764,7 +3765,15 @@ void __ieee80211_subif_start_xmit(struct +@@ -3785,7 +3786,15 @@ void __ieee80211_subif_start_xmit(struct if (ieee80211_lookup_ra_sta(sdata, skb, &sta)) goto out_free; diff --git a/package/kernel/mac80211/patches/subsys/365-mac80211-IBSS-send-deauth-when-expiring-inactive-STA.patch b/package/kernel/mac80211/patches/subsys/365-mac80211-IBSS-send-deauth-when-expiring-inactive-STA.patch index 61b6d2b8..20345cf9 100644 --- a/package/kernel/mac80211/patches/subsys/365-mac80211-IBSS-send-deauth-when-expiring-inactive-STA.patch +++ b/package/kernel/mac80211/patches/subsys/365-mac80211-IBSS-send-deauth-when-expiring-inactive-STA.patch @@ -54,7 +54,7 @@ Signed-off-by: Johannes Berg } --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h -@@ -2070,7 +2070,8 @@ void ieee80211_send_auth(struct ieee8021 +@@ -2071,7 +2071,8 @@ void ieee80211_send_auth(struct ieee8021 const u8 *da, const u8 *key, u8 key_len, u8 key_idx, u32 tx_flags); void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, @@ -107,7 +107,7 @@ Signed-off-by: Johannes Berg frame_buf); --- a/net/mac80211/util.c +++ b/net/mac80211/util.c -@@ -1427,7 +1427,8 @@ void ieee80211_send_auth(struct ieee8021 +@@ -1433,7 +1433,8 @@ void ieee80211_send_auth(struct ieee8021 } void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, @@ -117,7 +117,7 @@ Signed-off-by: Johannes Berg bool send_frame, u8 *frame_buf) { struct ieee80211_local *local = sdata->local; -@@ -1438,7 +1439,7 @@ void ieee80211_send_deauth_disassoc(stru +@@ -1444,7 +1445,7 @@ void ieee80211_send_deauth_disassoc(stru mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); mgmt->duration = 0; /* initialize only */ mgmt->seq_ctrl = 0; /* initialize only */ diff --git a/package/kernel/mac80211/patches/subsys/366-mac80211-accept-deauth-frames-in-IBSS-mode.patch b/package/kernel/mac80211/patches/subsys/366-mac80211-accept-deauth-frames-in-IBSS-mode.patch deleted file mode 100644 index 292cf558..00000000 --- a/package/kernel/mac80211/patches/subsys/366-mac80211-accept-deauth-frames-in-IBSS-mode.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 95697f9907bfe3eab0ef20265a766b22e27dde64 Mon Sep 17 00:00:00 2001 -From: Johannes Berg -Date: Fri, 4 Oct 2019 15:37:05 +0300 -Subject: [PATCH] mac80211: accept deauth frames in IBSS mode - -We can process deauth frames and all, but we drop them very -early in the RX path today - this could never have worked. - -Fixes: 2cc59e784b54 ("mac80211: reply to AUTH with DEAUTH if sta allocation fails in IBSS") -Signed-off-by: Johannes Berg -Signed-off-by: Luca Coelho -Link: https://lore.kernel.org/r/20191004123706.15768-2-luca@coelho.fi -Signed-off-by: Johannes Berg ---- - net/mac80211/rx.c | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - ---- a/net/mac80211/rx.c -+++ b/net/mac80211/rx.c -@@ -3407,9 +3407,18 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_ - case cpu_to_le16(IEEE80211_STYPE_PROBE_RESP): - /* process for all: mesh, mlme, ibss */ - break; -+ case cpu_to_le16(IEEE80211_STYPE_DEAUTH): -+ if (is_multicast_ether_addr(mgmt->da) && -+ !is_broadcast_ether_addr(mgmt->da)) -+ return RX_DROP_MONITOR; -+ -+ /* process only for station/IBSS */ -+ if (sdata->vif.type != NL80211_IFTYPE_STATION && -+ sdata->vif.type != NL80211_IFTYPE_ADHOC) -+ return RX_DROP_MONITOR; -+ break; - case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP): - case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP): -- case cpu_to_le16(IEEE80211_STYPE_DEAUTH): - case cpu_to_le16(IEEE80211_STYPE_DISASSOC): - if (is_multicast_ether_addr(mgmt->da) && - !is_broadcast_ether_addr(mgmt->da)) diff --git a/package/kernel/mac80211/patches/subsys/368-cfg80211-add-local-BSS-receive-time-to-survey-inform.patch b/package/kernel/mac80211/patches/subsys/368-cfg80211-add-local-BSS-receive-time-to-survey-inform.patch index e6d38478..7854dbbf 100644 --- a/package/kernel/mac80211/patches/subsys/368-cfg80211-add-local-BSS-receive-time-to-survey-inform.patch +++ b/package/kernel/mac80211/patches/subsys/368-cfg80211-add-local-BSS-receive-time-to-survey-inform.patch @@ -64,7 +64,7 @@ Signed-off-by: Felix Fietkau __NL80211_SURVEY_INFO_AFTER_LAST, --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c -@@ -8367,6 +8367,10 @@ static int nl80211_send_survey(struct sk +@@ -8373,6 +8373,10 @@ static int nl80211_send_survey(struct sk nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_SCAN, survey->time_scan, NL80211_SURVEY_INFO_PAD)) goto nla_put_failure; diff --git a/package/kernel/mac80211/patches/subsys/522-mac80211_configure_antenna_gain.patch b/package/kernel/mac80211/patches/subsys/522-mac80211_configure_antenna_gain.patch index cf4fdc13..07d2af21 100644 --- a/package/kernel/mac80211/patches/subsys/522-mac80211_configure_antenna_gain.patch +++ b/package/kernel/mac80211/patches/subsys/522-mac80211_configure_antenna_gain.patch @@ -8,7 +8,7 @@ * * @set_wds_peer: set the WDS peer for a WDS interface * -@@ -3272,6 +3273,7 @@ struct cfg80211_ops { +@@ -3275,6 +3276,7 @@ struct cfg80211_ops { enum nl80211_tx_power_setting type, int mbm); int (*get_tx_power)(struct wiphy *wiphy, struct wireless_dev *wdev, int *dbm); @@ -77,7 +77,7 @@ static int ieee80211_set_wds_peer(struct wiphy *wiphy, struct net_device *dev, const u8 *addr) { -@@ -3823,6 +3836,7 @@ const struct cfg80211_ops mac80211_confi +@@ -3845,6 +3858,7 @@ const struct cfg80211_ops mac80211_confi .set_wiphy_params = ieee80211_set_wiphy_params, .set_tx_power = ieee80211_set_tx_power, .get_tx_power = ieee80211_get_tx_power, @@ -129,7 +129,7 @@ local->user_power_level = IEEE80211_UNSET_POWER_LEVEL; --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c -@@ -464,6 +464,7 @@ static const struct nla_policy nl80211_p +@@ -470,6 +470,7 @@ static const struct nla_policy nl80211_p [NL80211_ATTR_HE_CAPABILITY] = { .type = NLA_BINARY, .len = NL80211_HE_MAX_CAPABILITY_LEN }, [NL80211_ATTR_AIRTIME_WEIGHT] = NLA_POLICY_MIN(NLA_U16, 1), @@ -137,7 +137,7 @@ }; /* policy for the key attributes */ -@@ -2623,6 +2624,20 @@ static int nl80211_set_wiphy(struct sk_b +@@ -2629,6 +2630,20 @@ static int nl80211_set_wiphy(struct sk_b if (result) return result; } diff --git a/package/kernel/mt76/Makefile b/package/kernel/mt76/Makefile index 54a499ec..59e00cc5 100644 --- a/package/kernel/mt76/Makefile +++ b/package/kernel/mt76/Makefile @@ -8,9 +8,9 @@ PKG_LICENSE_FILES:= PKG_SOURCE_URL:=https://github.com/openwrt/mt76 PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2020-01-04 -PKG_SOURCE_VERSION:=8a78567983a16869b77a0254b4917027df4a7ad9 -PKG_MIRROR_HASH:=0cc48bc7093b99dc7f43a5a83a3a00d205709326f529b91b0b14fe0d89cb783d +PKG_SOURCE_DATE:=2020-03-10 +PKG_SOURCE_VERSION:=08054d5ab1350fcb8563feb90e6ab7f8f4a0a1b7 +PKG_MIRROR_HASH:=b41a3cab1485c68befb1dcb4c1e426d41705db1b2a57851dafd6e8f75eeea3d7 PKG_MAINTAINER:=Felix Fietkau PKG_BUILD_PARALLEL:=1 diff --git a/package/lean/dns2socks/Makefile b/package/lean/dns2socks/Makefile deleted file mode 100755 index a6d5a49f..00000000 --- a/package/lean/dns2socks/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=dns2socks -PKG_VERSION:=2.1 -PKG_RELEASE:=20200218 - -PKG_SOURCE:=SourceCode.zip -PKG_SOURCE_SUBDIR:=DNS2SOCKS -PKG_SOURCE_URL:=@SF/dns2socks -PKG_MD5SUM:=ec82de936ad004cc940502cd2a1bff5b - -PKG_MAINTAINER:=ghostmaker -PKG_LICENSE:=BSD-3-Clause - -PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) - -PKG_INSTALL:=1 -PKG_USE_MIPS16:=0 -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/dns2socks/Default - SECTION:=net - CATEGORY:=Network - SUBMENU:=IP Addresses and Names - TITLE:=The utility to resolve DNS requests via a SOCKS5 tunnel. - URL:=http://dns2socks.sourceforge.net/ - MAINTAINER:=ghostmaker - DEPENDS:=+libpthread -endef - -define Package/dns2socks - $(call Package/dns2socks/Default) -endef - -define Package/dns2socks/description - This is a utility to resolve DNS requests via a SOCKS5 tunnel and caches the answers. -endef - -define Build/Prepare - mkdir -p $(PKG_BUILD_DIR) - unzip $(DL_DIR)/$(PKG_SOURCE) -d $(PKG_BUILD_DIR) -endef - -define Build/Compile - $(TARGET_CC) \ - $(TARGET_CFLAGS) \ - $(TARGET_CPPFLAGS) \ - $(FPIC) \ - -o $(PKG_BUILD_DIR)/$(PKG_SOURCE_SUBDIR)/$(PKG_NAME) \ - $(PKG_BUILD_DIR)/$(PKG_SOURCE_SUBDIR)/DNS2SOCKS.c \ - $(TARGET_LDFLAGS) -pthread -endef - -define Build/Install -endef - -define Package/dns2socks/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(PKG_SOURCE_SUBDIR)/$(PKG_NAME) $(1)/usr/bin/dns2socks -endef - -$(eval $(call BuildPackage,dns2socks)) diff --git a/package/lean/ipt2socks/Makefile b/package/lean/ipt2socks/Makefile deleted file mode 100644 index 10aeef63..00000000 --- a/package/lean/ipt2socks/Makefile +++ /dev/null @@ -1,46 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=ipt2socks -PKG_VERSION:=1.0.2 -PKG_RELEASE:=1 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/zfl9/ipt2socks.git -PKG_SOURCE_VERSION:=e6c9b60444bfe2f30830619aacbc67d26ee1015e -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION) -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION) - -PKG_BUILD_PARALLEL:=1 -PKG_BUILD_DEPENDS:=libuv -PKG_USE_MIPS16:=0 - -PKG_LICENSE:=GPLv3 -PKG_LICENSE_FILES:=LICENSE - - -include $(INCLUDE_DIR)/package.mk - -define Package/ipt2socks - SECTION:=net - CATEGORY:=Network - TITLE:=Utility for converting iptables (REDIRECT/TPROXY) to SOCKS5 - URL:=https://github.com/zfl9/ipt2socks.git -endef - -define Package/ipt2socks/description -Utility for converting iptables (REDIRECT/TPROXY) to SOCKS5. -endef - -define Package/ipt2socks/conffiles -/etc/config/ipt2socks -endef - -MAKE_FLAGS += LIBS="-l:libuv_a.a" - -define Package/ipt2socks/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/ipt2socks $(1)/usr/bin -endef - -$(eval $(call BuildPackage,ipt2socks)) diff --git a/package/lean/kcptun/Makefile b/package/lean/kcptun/Makefile deleted file mode 100644 index 1e8d20ce..00000000 --- a/package/lean/kcptun/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# -# Copyright (C) 2019 Xingwang Liao -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=kcptun -PKG_VERSION:=20200409 -PKG_RELEASE:=1 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://codeload.github.com/xtaci/kcptun/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=312b8f438549225dfd1eac95444dd6a4c50610578ddcf7ff21e19c73a855d4bc - -PKG_LICENSE:=MIT -PKG_LICENSE_FILES:=LICENSE.md -PKG_MAINTAINER:=Xingwang Liao - -PKG_BUILD_DEPENDS:=golang/host -PKG_BUILD_PARALLEL:=1 -PKG_USE_MIPS16:=0 - -GO_PKG:=github.com/xtaci/kcptun - -GO_PKG_LDFLAGS:=-s -w -X 'main.VERSION=$(PKG_VERSION)-$(PKG_RELEASE) for OpenWrt' - -# Can't use GO_PKG_LDFLAGS_X to define X args with space - -include $(INCLUDE_DIR)/package.mk -include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk - -define Package/kcptun/Default - define Package/kcptun-$(1) - SECTION:=net - CATEGORY:=Network - SUBMENU:=Web Servers/Proxies - DEPENDS:=$$(GO_ARCH_DEPENDS) - TITLE:=Simple UDP Tunnel Based On KCP ($1) - URL:=https://github.com/xtaci/kcptun - endef - - define Package/kcptun-$(1)/description - A Stable & Secure Tunnel Based On KCP with N:M Multiplexing. - - This package contains the kcptun $(1). - endef - - define Package/kcptun-$(1)/install - $$(call GoPackage/Package/Install/Bin,$$(PKG_INSTALL_DIR)) - - $$(INSTALL_DIR) $$(1)/usr/bin - $$(INSTALL_BIN) $$(PKG_INSTALL_DIR)/usr/bin/$(1) $$(1)/usr/bin/kcptun-$(1) - endef -endef - -KCPTUN_COMPONENTS:=client server - -$(foreach component,$(KCPTUN_COMPONENTS), \ - $(eval $(call Package/kcptun/Default,$(component))) \ - $(eval $(call GoBinPackage,kcptun-$(component))) \ - $(eval $(call BuildPackage,kcptun-$(component))) \ -) diff --git a/package/lean/luci-app-ssr-plus/Makefile b/package/lean/luci-app-ssr-plus/Makefile deleted file mode 100644 index 8e64aa7d..00000000 --- a/package/lean/luci-app-ssr-plus/Makefile +++ /dev/null @@ -1,120 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=luci-app-ssr-plus -PKG_VERSION:=176 -PKG_RELEASE:=6 - -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME) - -include $(INCLUDE_DIR)/package.mk - -define Package/$(PKG_NAME)/config -config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin - bool "Include Shadowsocks V2ray Plugin" - default y if i386||x86_64||arm||aarch64 - -config PACKAGE_$(PKG_NAME)_INCLUDE_V2ray - bool "Include V2ray" - default y if i386||x86_64||arm||aarch64 - -config PACKAGE_$(PKG_NAME)_INCLUDE_Trojan - bool "Include Trojan" - default y if i386||x86_64||arm||aarch64 - -config PACKAGE_$(PKG_NAME)_INCLUDE_Redsocks2 - bool "Include Redsocks2" - default y if i386||x86_64||arm||aarch64 - -config PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun - bool "Include Kcptun" - default n - -config PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server - bool "Include ShadowsocksR Server" - default y if i386||x86_64||arm||aarch64 -endef - -define Package/$(PKG_NAME) - SECTION:=luci - CATEGORY:=LuCI - SUBMENU:=3. Applications - TITLE:=SS/SSR/V2Ray/Trojan LuCI interface - PKGARCH:=all - DEPENDS:=+shadowsocksr-libev-alt +ipset +ip-full +iptables-mod-tproxy +dnsmasq-full +coreutils +coreutils-base64 +pdnsd-alt +wget +lua +libuci-lua \ - +microsocks +dns2socks +shadowsocks-libev-ss-local +shadowsocksr-libev-ssr-local +shadowsocks-libev-ss-redir +simple-obfs +tcpping \ - +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray_plugin:v2ray-plugin \ - +PACKAGE_$(PKG_NAME)_INCLUDE_V2ray:v2ray \ - +PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:trojan \ - +PACKAGE_$(PKG_NAME)_INCLUDE_Trojan:ipt2socks \ - +PACKAGE_$(PKG_NAME)_INCLUDE_Redsocks2:redsocks2 \ - +PACKAGE_$(PKG_NAME)_INCLUDE_Kcptun:kcptun-client \ - +PACKAGE_$(PKG_NAME)_INCLUDE_ShadowsocksR_Server:shadowsocksr-libev-server -endef - -define Build/Prepare -endef - -define Build/Compile -endef - -define Package/$(PKG_NAME)/conffiles -/etc/ssr_ip -/etc/china_ssr.txt -/etc/config/shadowsocksr -/etc/config/white.list -/etc/config/black.list -/etc/config/netflix.list -/etc/dnsmasq.ssr/ad.conf -/etc/dnsmasq.ssr/gfw_list.conf -endef - -define Package/$(PKG_NAME)/install - $(INSTALL_DIR) $(1)/etc - $(INSTALL_DATA) ./root/etc/china_ssr.txt $(1)/etc/china_ssr.txt - - $(INSTALL_DIR) $(1)/etc/config - $(INSTALL_CONF) ./root/etc/config/shadowsocksr $(1)/etc/config/shadowsocksr - $(INSTALL_DATA) ./root/etc/config/*.list $(1)/etc/config/ - - $(INSTALL_DIR) $(1)/etc/dnsmasq.oversea - $(INSTALL_DATA) ./root/etc/dnsmasq.oversea/* $(1)/etc/dnsmasq.oversea/ - - $(INSTALL_DIR) $(1)/etc/dnsmasq.ssr - $(INSTALL_DATA) ./root/etc/dnsmasq.ssr/* $(1)/etc/dnsmasq.ssr/ - - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./root/etc/init.d/* $(1)/etc/init.d/ - - $(INSTALL_DIR) $(1)/etc/uci-defaults - $(INSTALL_BIN) ./root/etc/uci-defaults/* $(1)/etc/uci-defaults/ - - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) ./root/usr/bin/* $(1)/usr/bin/ - - $(INSTALL_DIR) $(1)/usr/share/shadowsocksr - $(INSTALL_BIN) ./root/usr/share/shadowsocksr/*.sh $(1)/usr/share/shadowsocksr/ - $(INSTALL_DATA) ./root/usr/share/shadowsocksr/*.lua $(1)/usr/share/shadowsocksr/ - - $(INSTALL_DIR) $(1)/usr/share/rpcd/acl.d - $(INSTALL_DATA) ./root/usr/share/rpcd/acl.d/* $(1)/usr/share/rpcd/acl.d - - $(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller - $(INSTALL_DATA) ./luasrc/controller/*.lua $(1)/usr/lib/lua/luci/controller/ - - $(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr - $(INSTALL_DATA) ./luasrc/model/cbi/shadowsocksr/*.lua $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr/ - - $(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/shadowsocksr - $(INSTALL_DATA) ./luasrc/view/shadowsocksr/* $(1)/usr/lib/lua/luci/view/shadowsocksr/ - - $(INSTALL_DIR) $(1)/usr/lib/lua/luci/i18n - po2lmo ./po/zh-cn/ssr-plus.po $(1)/usr/lib/lua/luci/i18n/ssr-plus.zh-cn.lmo -endef - -define Package/$(PKG_NAME)/postrm -#!/bin/sh -rm -rf /etc/china_ssr.txt /etc/dnsmasq.ssr /etc/dnsmasq.oversea /etc/config/shadowsocksr /etc/config/black.list \ - /etc/config/gfw.list /etc/config/white.list /etc/config/netflix.list /etc/config/netflixip.list 2>/dev/null -endef - -$(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua b/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua deleted file mode 100644 index 3176ad45..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/controller/shadowsocksr.lua +++ /dev/null @@ -1,211 +0,0 @@ --- Copyright (C) 2017 yushi studio --- Licensed to the public under the GNU General Public License v3. - -module("luci.controller.shadowsocksr", package.seeall) - -function index() - if not nixio.fs.access("/etc/config/shadowsocksr") then - return - end - entry({"admin", "services", "shadowsocksr"}, alias("admin", "services", "shadowsocksr", "client"),_("ShadowSocksR Plus+"), 10).dependent = true - entry({"admin", "services", "shadowsocksr", "client"}, cbi("shadowsocksr/client"),_("SSR Client"), 10).leaf = true - entry({"admin", "services", "shadowsocksr", "servers"}, arcombine(cbi("shadowsocksr/servers", {autoapply = true}), cbi("shadowsocksr/client-config")),_("Severs Nodes"), 20).leaf = true - entry({"admin", "services", "shadowsocksr", "control"},cbi("shadowsocksr/control"), _("Access Control"), 30).leaf = true - entry({"admin", "services", "shadowsocksr", "advanced"},cbi("shadowsocksr/advanced"),_("Advanced Settings"), 50).leaf = true - entry({"admin", "services", "shadowsocksr", "server"},arcombine(cbi("shadowsocksr/server"), cbi("shadowsocksr/server-config")),_("SSR Server"), 60).leaf = true - entry({"admin", "services", "shadowsocksr", "status"},form("shadowsocksr/status"),_("Status"), 70).leaf = true - entry({"admin", "services", "shadowsocksr", "check"}, call("check_status")) - entry({"admin", "services", "shadowsocksr", "refresh"}, call("refresh_data")) - entry({"admin", "services", "shadowsocksr", "subscribe"}, call("subscribe")) - entry({"admin", "services", "shadowsocksr", "checkport"}, call("check_port")) - entry({"admin", "services", "shadowsocksr", "log"},form("shadowsocksr/log"),_("Log"), 80).leaf = true - entry({"admin", "services", "shadowsocksr","run"},call("act_status")).leaf = true - entry({"admin", "services", "shadowsocksr", "ping"}, call("act_ping")).leaf = true -end - -function subscribe() - luci.sys.call("/usr/bin/lua /usr/share/shadowsocksr/subscribe.lua >> /tmp/ssrplus.log 2>&1") - luci.http.prepare_content("application/json") - luci.http.write_json({ret = 1}) -end - -function act_status() - local e = {} - e.running = luci.sys.call("busybox ps -w | grep ssr-retcp | grep -v grep >/dev/null") == 0 - luci.http.prepare_content("application/json") - luci.http.write_json(e) -end - -function act_ping() - local e = {} - local domain = luci.http.formvalue("domain") - local port = luci.http.formvalue("port") - e.index = luci.http.formvalue("index") - local iret = luci.sys.call(" ipset add ss_spec_wan_ac " .. domain .. " 2>/dev/null") - local socket = nixio.socket("inet", "stream") - socket:setopt("socket", "rcvtimeo", 3) - socket:setopt("socket", "sndtimeo", 3) - e.socket = socket:connect(domain, port) - socket:close() - e.ping = luci.sys.exec("ping -c 1 -W 1 %q 2>&1 | grep -o 'time=[0-9]*.[0-9]' | awk -F '=' '{print$2}'" % domain) - if (e.ping == "") then - e.ping = luci.sys.exec(string.format("echo -n $(tcpping -c 1 -i 1 -p %s %s 2>&1 | grep -o 'ttl=[0-9]* time=[0-9]*.[0-9]' | awk -F '=' '{print$3}') 2>/dev/null",port, domain)) - end - if (iret == 0) then - luci.sys.call(" ipset del ss_spec_wan_ac " .. domain) - end - luci.http.prepare_content("application/json") - luci.http.write_json(e) -end - -function check_status() - local set = "/usr/bin/ssr-check www." .. luci.http.formvalue("set") .. ".com 80 3 1" - sret = luci.sys.call(set) - if sret == 0 then - retstring = "0" - else - retstring = "1" - end - luci.http.prepare_content("application/json") - luci.http.write_json({ret = retstring}) -end - -function refresh_data() - local set = luci.http.formvalue("set") - local uci = luci.model.uci.cursor() - local icount = 0 - if set == "gfw_data" then - refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'gfwlist_url', 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt') .. ' > /tmp/gfw.b64' - sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") - if sret == 0 then - luci.sys.call("/usr/bin/ssr-gfw") - icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l") - if tonumber(icount) > 1000 then - if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then - oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l") - else - oldcount = "0" - end - if tonumber(icount) ~= tonumber(oldcount) then - luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf") - luci.sys.exec("cp -f /tmp/gfwnew.txt /tmp/dnsmasq.ssr/gfw_list.conf") - luci.sys.call("/etc/init.d/dnsmasq restart") - retstring = tostring(tonumber(icount)/2) - else - retstring = "0" - end - else - retstring = "-1" - end - luci.sys.exec("rm -f /tmp/gfwnew.txt") - else - retstring = "-1" - end - end - if set == "ip_data" then - refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'chnroute_url', 'https://ispip.clang.cn/all_cn.txt') .. " > /tmp/china_ssr.txt" - sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") - icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l") - if sret == 0 and tonumber(icount) > 1000 then - if nixio.fs.access("/etc/china_ssr.txt") then - oldcount = luci.sys.exec("cat /etc/china_ssr.txt | wc -l") - else - oldcount = "0" - end - if tonumber(icount) ~= tonumber(oldcount) then - luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt") - luci.sys.exec("/etc/init.d/shadowsocksr restart &") - retstring = tostring(tonumber(icount)) - else - retstring = "0" - end - else - retstring = "-1" - end - luci.sys.exec("rm -f /tmp/china_ssr.txt") - end - if set == "nfip_data" then - refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'nfip_url','https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .." > /tmp/netflixip.list" - sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") - icount = luci.sys.exec("cat /tmp/netflixip.list | wc -l") - if sret == 0 and tonumber(icount) > 5 then - if nixio.fs.access("/etc/config/netflixip.list") then - oldcount = luci.sys.exec("cat /etc/config/netflixip.list | wc -l") - else - oldcount = "0" - end - if tonumber(icount) ~= tonumber(oldcount) then - luci.sys.exec("cp -f /tmp/netflixip.list /etc/config/netflixip.list") - luci.sys.exec("/etc/init.d/shadowsocksr restart &") - retstring = tostring(tonumber(icount)) - else - retstring = "0" - end - else - retstring = "-1" - end - luci.sys.exec("rm -f /tmp/netflixip.list") - end - if set == "ad_data" then - refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .." > /tmp/adnew.conf" - sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") - if sret == 0 then - luci.sys.call("/usr/bin/ssr-ad") - icount = luci.sys.exec("cat /tmp/ad.conf | wc -l") - if tonumber(icount) > 100 then - if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then - oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l") - else - oldcount = "0" - end - if tonumber(icount) ~= tonumber(oldcount) then - luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf") - luci.sys.exec("cp -f /tmp/ad.conf /tmp/dnsmasq.ssr/ad.conf") - luci.sys.call("/etc/init.d/dnsmasq restart") - retstring = tostring(tonumber(icount)) - else - retstring = "0" - end - else - retstring = "-1" - end - luci.sys.exec("rm -f /tmp/ad.conf") - else - retstring = "-1" - end - end - luci.http.prepare_content("application/json") - luci.http.write_json({ret = retstring,retcount = icount}) -end - -function check_port() - local set = "" - local retstring = "

" - local s - local server_name = "" - local uci = luci.model.uci.cursor() - local iret = 1 - uci:foreach("shadowsocksr", "servers", function(s) - if s.alias then - server_name = s.alias - elseif s.server and s.server_port then - server_name = "%s:%s" %{s.server, s.server_port} - end - iret = luci.sys.call("ipset add ss_spec_wan_ac " .. s.server .. " 2>/dev/null") - socket = nixio.socket("inet", "stream") - socket:setopt("socket", "rcvtimeo", 3) - socket:setopt("socket", "sndtimeo", 3) - ret = socket:connect(s.server,s.server_port) - if tostring(ret) == "true" then - socket:close() - retstring = retstring .. "[" .. server_name .. "] OK.
" - else - retstring = retstring .. "[" .. server_name .. "] Error.
" - end - if iret == 0 then - luci.sys.call("ipset del ss_spec_wan_ac " .. s.server) - end - end) - luci.http.prepare_content("application/json") - luci.http.write_json({ret = retstring}) -end diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua deleted file mode 100644 index d7908e5e..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/advanced.lua +++ /dev/null @@ -1,88 +0,0 @@ -local shadowsocksr = "shadowsocksr" -local uci = luci.model.uci.cursor() -local server_table = {} - -uci:foreach(shadowsocksr, "servers", function(s) - if s.alias then - server_table[s[".name"]] = "[%s]:%s" %{string.upper(s.type), s.alias} - elseif s.server and s.server_port then - server_table[s[".name"]] = "[%s]:%s:%s" %{string.upper(s.type), s.server, s.server_port} - end -end) - -local key_table = {} -for key,_ in pairs(server_table) do - table.insert(key_table,key) -end - -table.sort(key_table) - -m = Map("shadowsocksr") --- [[ global ]]-- -s = m:section(TypedSection, "global", translate("Server failsafe auto swith and custom update settings")) -s.anonymous = true - --- o = s:option(Flag, "monitor_enable", translate("Enable Process Deamon")) --- o.rmempty = false --- o.default = "1" - -o = s:option(Flag, "enable_switch", translate("Enable Auto Switch")) -o.rmempty = false -o.default = "1" - -o = s:option(Value, "switch_time", translate("Switch check cycly(second)")) -o.datatype = "uinteger" -o:depends("enable_switch", "1") -o.default = 667 - -o = s:option(Value, "switch_timeout", translate("Check timout(second)")) -o.datatype = "uinteger" -o:depends("enable_switch", "1") -o.default = 5 - -o = s:option(Value, "switch_try_count", translate("Check Try Count")) -o.datatype = "uinteger" -o:depends("enable_switch", "1") -o.default = 3 - -o = s:option(Flag, "adblock", translate("Enable adblock")) -o.rmempty = false - -o = s:option(Value, "adblock_url", translate("adblock_url")) -o:value("https://gitee.com/privacy-protection-tools/anti-ad/raw/master/anti-ad-for-dnsmasq.conf", translate("anti-AD")) -o.default = "https://gitee.com/privacy-protection-tools/anti-ad/raw/master/anti-ad-for-dnsmasq.conf" -o:depends("adblock", "1") -o.description = translate("Support AdGuardHome and DNSMASQ format list") - -o = s:option(Value, "gfwlist_url", translate("gfwlist Update url")) -o:value("https://cdn.jsdelivr.net/gh/Loukky/gfwlist-by-loukky/gfwlist.txt", translate("Loukky/gfwlist-by-loukky")) -o:value("https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt", translate("gfwlist/gfwlist")) -o.default = "https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt" - -o = s:option(Value, "chnroute_url", translate("Chnroute Update url")) -o:value("https://ispip.clang.cn/all_cn.txt", translate("Clang.CN")) -o.default = "https://ispip.clang.cn/all_cn.txt" - -o = s:option(Value, "nfip_url", translate("nfip_url")) -o:value("https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt", translate("Netflix IP Only")) -o:value("https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/getflix.txt", translate("Netflix and AWS")) -o.default = "https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt" -o.description = translate("Customize Netflix IP Url") - --- [[ SOCKS5 Proxy ]]-- -s = m:section(TypedSection, "socks5_proxy", translate("Global SOCKS5 Proxy Server")) -s.anonymous = true - -o = s:option(ListValue, "server", translate("Server")) -o:value("nil", translate("Disable")) -o:value("same", translate("Same as Global Server")) -for _,key in pairs(key_table) do o:value(key,server_table[key]) end -o.default = "nil" -o.rmempty = false - -o = s:option(Value, "local_port", translate("Local Port")) -o.datatype = "port" -o.default = 1080 -o.rmempty = false - -return m diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua deleted file mode 100644 index f42822f5..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua +++ /dev/null @@ -1,500 +0,0 @@ --- Copyright (C) 2017 yushi studio github.com/ywb94 --- Licensed to the public under the GNU General Public License v3. - -local m, s, o,kcp_enable -local shadowsocksr = "shadowsocksr" -local uci = luci.model.uci.cursor() -local fs = require "nixio.fs" -local sys = require "luci.sys" -local sid = arg[1] -local uuid = luci.sys.exec("cat /proc/sys/kernel/random/uuid") -local http = require "luci.http" - -local function isKcptun(file) - if not fs.access(file, "rwx", "rx", "rx") then - fs.chmod(file, 755) - end - - local str = sys.exec(file .. " -v | awk '{printf $1}'") - return (str:lower() == "kcptun") -end - - -local server_table = {} -local encrypt_methods = { - "none", - "table", - "rc4", - "rc4-md5-6", - "rc4-md5", - "aes-128-cfb", - "aes-192-cfb", - "aes-256-cfb", - "aes-128-ctr", - "aes-192-ctr", - "aes-256-ctr", - "bf-cfb", - "camellia-128-cfb", - "camellia-192-cfb", - "camellia-256-cfb", - "cast5-cfb", - "des-cfb", - "idea-cfb", - "rc2-cfb", - "seed-cfb", - "salsa20", - "chacha20", - "chacha20-ietf", -} - -local encrypt_methods_ss = { - -- aead - "aes-128-gcm", - "aes-192-gcm", - "aes-256-gcm", - "chacha20-ietf-poly1305", - "xchacha20-ietf-poly1305", - -- stream - "table", - "rc4", - "rc4-md5", - "aes-128-cfb", - "aes-192-cfb", - "aes-256-cfb", - "aes-128-ctr", - "aes-192-ctr", - "aes-256-ctr", - "bf-cfb", - "camellia-128-cfb", - "camellia-192-cfb", - "camellia-256-cfb", - "salsa20", - "chacha20", - "chacha20-ietf", -} - -local protocol = { - "origin", - "verify_deflate", - "auth_sha1_v4", - "auth_aes128_sha1", - "auth_aes128_md5", - "auth_chain_a", - "auth_chain_b", - "auth_chain_c", - "auth_chain_d", - "auth_chain_e", - "auth_chain_f", -} - -obfs = { - "plain", - "http_simple", - "http_post", - "random_head", - "tls1.2_ticket_auth", -} - -local securitys = { - "auto", - "none", - "aes-128-gcm", - "chacha20-poly1305" -} - - -m = Map(shadowsocksr, translate("Edit ShadowSocksR Server")) -m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/servers") -if m.uci:get(shadowsocksr, sid) ~= "servers" then - luci.http.redirect(m.redirect) - return -end - --- [[ Servers Setting ]]-- -s = m:section(NamedSection, sid, "servers") -s.anonymous = true -s.addremove = false - -o = s:option(DummyValue,"ssr_url","SS/SSR/V2RAY/TROJAN URL") -o.rawhtml = true -o.template = "shadowsocksr/ssrurl" -o.value =sid - -o = s:option(ListValue, "type", translate("Server Node Type")) -o:value("ssr", translate("ShadowsocksR")) -if nixio.fs.access("/usr/bin/ss-redir") then -o:value("ss", translate("Shadowsocks New Version")) -end -if nixio.fs.access("/usr/bin/v2ray/v2ray") or nixio.fs.access("/usr/bin/v2ray") then -o:value("v2ray", translate("V2Ray")) -end -if nixio.fs.access("/usr/sbin/trojan") then -o:value("trojan", translate("Trojan")) -end -if nixio.fs.access("/usr/sbin/redsocks2") then -o:value("socks5", translate("Socks5")) -o:value("tun", translate("Network Tunnel")) -end -o.description = translate("Using incorrect encryption mothod may causes service fail to start") - -o = s:option(Value, "alias", translate("Alias(optional)")) - -o = s:option(ListValue, "iface", translate("Network interface to use")) -for _, e in ipairs(sys.net.devices()) do - if e ~= "lo" then o:value(e) end -end -o:depends("type", "tun") -o.description = translate("Redirect traffic to this network interface") - -o = s:option(Value, "server", translate("Server Address")) -o.datatype = "host" -o.rmempty = false -o:depends("type", "ssr") -o:depends("type", "ss") -o:depends("type", "v2ray") -o:depends("type", "trojan") -o:depends("type", "socks5") - -o = s:option(Value, "server_port", translate("Server Port")) -o.datatype = "port" -o.rmempty = false -o:depends("type", "ssr") -o:depends("type", "ss") -o:depends("type", "v2ray") -o:depends("type", "trojan") -o:depends("type", "socks5") - -o = s:option(Flag, "auth_enable", translate("Enable Authentication")) -o.rmempty = false -o.default = "0" -o:depends("type", "socks5") - -o = s:option(Value, "username", translate("Username")) -o.rmempty = true -o:depends("type", "socks5") - -o = s:option(Value, "password", translate("Password")) -o.password = true -o.rmempty = true -o:depends("type", "ssr") -o:depends("type", "ss") -o:depends("type", "trojan") -o:depends("type", "socks5") - -o = s:option(ListValue, "encrypt_method", translate("Encrypt Method")) -for _, v in ipairs(encrypt_methods) do o:value(v) end -o.rmempty = true -o:depends("type", "ssr") - -o = s:option(ListValue, "encrypt_method_ss", translate("Encrypt Method")) -for _, v in ipairs(encrypt_methods_ss) do o:value(v) end -o.rmempty = true -o:depends("type", "ss") - --- Shadowsocks Plugin -o = s:option(Value, "plugin", translate("Plugin")) -o.rmempty = true -o:depends("type", "ss") - -o = s:option(Value, "plugin_opts", translate("Plugin Opts")) -o.rmempty = true -o:depends("type", "ss") - -o = s:option(ListValue, "protocol", translate("Protocol")) -for _, v in ipairs(protocol) do o:value(v) end -o.rmempty = true -o:depends("type", "ssr") - -o = s:option(Value, "protocol_param", translate("Protocol param(optional)")) -o:depends("type", "ssr") - -o = s:option(ListValue, "obfs", translate("Obfs")) -for _, v in ipairs(obfs) do o:value(v) end -o.rmempty = true -o:depends("type", "ssr") - -o = s:option(Value, "obfs_param", translate("Obfs param(optional)")) -o:depends("type", "ssr") - --- AlterId -o = s:option(Value, "alter_id", translate("AlterId")) -o.datatype = "port" -o.default = 16 -o.rmempty = true -o:depends("type", "v2ray") - --- VmessId -o = s:option(Value, "vmess_id", translate("VmessId (UUID)")) -o.rmempty = true -o.default = uuid -o:depends("type", "v2ray") - --- 加密方式 -o = s:option(ListValue, "security", translate("Encrypt Method")) -for _, v in ipairs(securitys) do o:value(v, v:upper()) end -o.rmempty = true -o:depends("type", "v2ray") - --- 传输协议 -o = s:option(ListValue, "transport", translate("Transport")) -o:value("tcp", "TCP") -o:value("kcp", "mKCP") -o:value("ws", "WebSocket") -o:value("h2", "HTTP/2") -o:value("quic", "QUIC") -o.rmempty = true -o:depends("type", "v2ray") - --- [[ TCP部分 ]]-- - --- TCP伪装 -o = s:option(ListValue, "tcp_guise", translate("Camouflage Type")) -o:depends("transport", "tcp") -o:value("http", "HTTP") -o:value("none", translate("None")) -o.rmempty = true - --- HTTP域名 -o = s:option(Value, "http_host", translate("HTTP Host")) -o:depends("tcp_guise", "http") -o.rmempty = true - --- HTTP路径 -o = s:option(Value, "http_path", translate("HTTP Path")) -o:depends("tcp_guise", "http") -o.rmempty = true - --- [[ WS部分 ]]-- - --- WS域名 -o = s:option(Value, "ws_host", translate("WebSocket Host")) -o:depends("transport", "ws") -o.rmempty = true - --- WS路径 -o = s:option(Value, "ws_path", translate("WebSocket Path")) -o:depends("transport", "ws") -o.rmempty = true - --- [[ H2部分 ]]-- - --- H2域名 -o = s:option(Value, "h2_host", translate("HTTP/2 Host")) -o:depends("transport", "h2") -o.rmempty = true - --- H2路径 -o = s:option(Value, "h2_path", translate("HTTP/2 Path")) -o:depends("transport", "h2") -o.rmempty = true - --- [[ QUIC部分 ]]-- - -o = s:option(ListValue, "quic_security", translate("QUIC Security")) -o:depends("transport", "quic") -o.rmempty = true -o:value("none", translate("None")) -o:value("aes-128-gcm", translate("aes-128-gcm")) -o:value("chacha20-poly1305", translate("chacha20-poly1305")) - -o = s:option(Value, "quic_key", translate("QUIC Key")) -o:depends("transport", "quic") -o.rmempty = true - -o = s:option(ListValue, "quic_guise", translate("Header")) -o:depends("transport", "quic") -o.rmempty = true -o:value("none", translate("None")) -o:value("srtp", translate("VideoCall (SRTP)")) -o:value("utp", translate("BitTorrent (uTP)")) -o:value("wechat-video", translate("WechatVideo")) -o:value("dtls", "DTLS 1.2") -o:value("wireguard", "WireGuard") - --- [[ mKCP部分 ]]-- - -o = s:option(ListValue, "kcp_guise", translate("Camouflage Type")) -o:depends("transport", "kcp") -o:value("none", translate("None")) -o:value("srtp", translate("VideoCall (SRTP)")) -o:value("utp", translate("BitTorrent (uTP)")) -o:value("wechat-video", translate("WechatVideo")) -o:value("dtls", "DTLS 1.2") -o:value("wireguard", "WireGuard") -o.rmempty = true - -o = s:option(Value, "mtu", translate("MTU")) -o.datatype = "uinteger" -o:depends("transport", "kcp") -o.default = 1350 -o.rmempty = true - -o = s:option(Value, "tti", translate("TTI")) -o.datatype = "uinteger" -o:depends("transport", "kcp") -o.default = 50 -o.rmempty = true - -o = s:option(Value, "uplink_capacity", translate("Uplink Capacity")) -o.datatype = "uinteger" -o:depends("transport", "kcp") -o.default = 5 -o.rmempty = true - -o = s:option(Value, "downlink_capacity", translate("Downlink Capacity")) -o.datatype = "uinteger" -o:depends("transport", "kcp") -o.default = 20 -o.rmempty = true - -o = s:option(Value, "read_buffer_size", translate("Read Buffer Size")) -o.datatype = "uinteger" -o:depends("transport", "kcp") -o.default = 2 -o.rmempty = true - -o = s:option(Value, "write_buffer_size", translate("Write Buffer Size")) -o.datatype = "uinteger" -o:depends("transport", "kcp") -o.default = 2 -o.rmempty = true - -o = s:option(Flag, "congestion", translate("Congestion")) -o:depends("transport", "kcp") -o.rmempty = true - --- [[ allowInsecure ]]-- -o = s:option(Flag, "insecure", translate("allowInsecure")) -o.rmempty = true -o:depends("type", "v2ray") -o:depends("type", "trojan") -o.default = "1" - --- [[ TLS ]]-- -o = s:option(Flag, "tls", translate("TLS")) -o.rmempty = true -o.default = "0" -o:depends("type", "v2ray") -o:depends("type", "trojan") - -o = s:option(Value, "tls_host", translate("TLS Host")) ---o:depends("type", "trojan") -o:depends("tls", "1") -o.rmempty = true - --- [[ Mux ]]-- -o = s:option(Flag, "mux", translate("Mux")) -o.rmempty = true -o.default = "0" -o:depends("type", "v2ray") - -o = s:option(Value, "concurrency", translate("Concurrency")) -o.datatype = "uinteger" -o.rmempty = true -o.default = "8" -o:depends("mux", "1") - --- [[ Cert ]]-- -o = s:option(Flag, "certificate", translate("Self-signed Certificate")) -o.rmempty = true -o.default = "0" -o:depends("type", "trojan") -o:depends("type", "v2ray") -o.description = translate("If you have a self-signed certificate,please check the box") - -o = s:option(DummyValue, "upload", translate("Upload")) -o.template = "shadowsocksr/certupload" -o:depends("certificate", 1) - -cert_dir = "/etc/ssl/private/" -local path - -http.setfilehandler( - function(meta, chunk, eof) - if not fd then - if (not meta) or (not meta.name) or (not meta.file) then return end - fd = nixio.open(cert_dir .. meta.file, "w") - if not fd then - path = translate("Create upload file error.") - return - end - end - if chunk and fd then - fd:write(chunk) - end - if eof and fd then - fd:close() - fd = nil - path = '/etc/ssl/private/' .. meta.file .. '' - end - end - ) -if luci.http.formvalue("upload") then - local f = luci.http.formvalue("ulfile") - if #f <= 0 then - path = translate("No specify upload file.") - end -end - -o = s:option(Value, "certpath", translate("Current Certificate Path")) -o:depends("certificate", 1) -o:value("/etc/ssl/private/") -o.description = translate("Please confirm the current certificate path") -o.default = "/etc/ssl/private/" - -o = s:option(Flag, "fast_open", translate("TCP Fast Open")) -o.rmempty = true -o.default = "0" -o:depends("type", "ssr") -o:depends("type", "ss") -o:depends("type", "trojan") - -o = s:option(Flag, "switch_enable", translate("Enable Auto Switch")) -o.rmempty = false -o.default = "1" - -o = s:option(Value, "local_port", translate("Local Port")) -o.datatype = "port" -o.default = 1234 -o.rmempty = false - -if nixio.fs.access("/usr/bin/kcptun-client") then - -kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"), translate("bin:/usr/bin/kcptun-client")) -kcp_enable.rmempty = true -kcp_enable.default = "0" -kcp_enable:depends("type", "ssr") -kcp_enable:depends("type", "ss") - -o = s:option(Value, "kcp_port", translate("KcpTun Port")) -o.datatype = "port" -o.default = 4000 -function o.validate(self, value, section) - local kcp_file="/usr/bin/kcptun-client" - local enable = kcp_enable:formvalue(section) or kcp_enable.disabled - if enable == kcp_enable.enabled then - if not fs.access(kcp_file) then - return nil, translate("Haven't a Kcptun executable file") - elseif not isKcptun(kcp_file) then - return nil, translate("Not a Kcptun executable file") - end - end - - return value -end -o:depends("type", "ssr") -o:depends("type", "ss") - -o = s:option(Value, "kcp_password", translate("KcpTun Password")) -o.password = true -o:depends("type", "ssr") -o:depends("type", "ss") - -o = s:option(Value, "kcp_param", translate("KcpTun Param")) -o.default = "--nocomp" -o:depends("type", "ssr") -o:depends("type", "ss") - -end - -return m diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua deleted file mode 100644 index c73e5e21..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client.lua +++ /dev/null @@ -1,109 +0,0 @@ --- Copyright (C) 2017 yushi studio github.com/ywb94 --- Copyright (C) 2018 lean github.com/coolsnowwolf --- Licensed to the public under the GNU General Public License v3. - -local m, s, sec, o, kcp_enable -local shadowsocksr = "shadowsocksr" -local uci = luci.model.uci.cursor() - -local sys = require "luci.sys" - -m = Map(shadowsocksr, translate("ShadowSocksR Plus+ Settings")) - -m:section(SimpleSection).template = "shadowsocksr/status" - -local server_table = {} -uci:foreach(shadowsocksr, "servers", function(s) - if s.alias then - server_table[s[".name"]] = "[%s]:%s" %{string.upper(s.type), s.alias} - elseif s.server and s.server_port then - server_table[s[".name"]] = "[%s]:%s:%s" %{string.upper(s.type), s.server, s.server_port} - end -end) - -local key_table = {} -for key,_ in pairs(server_table) do - table.insert(key_table,key) -end - -table.sort(key_table) - --- [[ Global Setting ]]-- -s = m:section(TypedSection, "global") -s.anonymous = true - -o = s:option(ListValue, "global_server", translate("Main Server")) -o:value("nil", translate("Disable")) -for _,key in pairs(key_table) do o:value(key,server_table[key]) end -o.default = "nil" -o.rmempty = false - -o = s:option(ListValue, "udp_relay_server", translate("Game Mode UDP Server")) -o:value("", translate("Disable")) -o:value("same", translate("Same as Global Server")) -for _,key in pairs(key_table) do o:value(key,server_table[key]) end - -o = s:option(ListValue, "netflix_server", translate("Netflix Node")) -o:value("nil", translate("Disable")) -o:value("same", translate("Same as Global Server")) -for _,key in pairs(key_table) do o:value(key,server_table[key]) end -o.default = "nil" -o.rmempty = false - -o = s:option(Flag, "netflix_proxy", translate("External Proxy Mode")) -o.rmempty = false -o.description = translate("Forward Netflix Proxy through Main Proxy") -o.default="0" - -o = s:option(ListValue, "threads", translate("Multi Threads Option")) -o:value("0", translate("Auto Threads")) -o:value("1", translate("1 Thread")) -o:value("2", translate("2 Threads")) -o:value("4", translate("4 Threads")) -o:value("8", translate("8 Threads")) -o:value("16", translate("16 Threads")) -o:value("32", translate("32 Threads")) -o:value("64", translate("64 Threads")) -o:value("128", translate("128 Threads")) -o.default = "0" -o.rmempty = false - -o = s:option(ListValue, "run_mode", translate("Running Mode")) -o:value("gfw", translate("GFW List Mode")) -o:value("router", translate("IP Route Mode")) -o:value("all", translate("Global Mode")) -o:value("oversea", translate("Oversea Mode")) -o.default = gfw - -o = s:option(ListValue, "dports", translate("Proxy Ports")) -o:value("1", translate("All Ports")) -o:value("2", translate("Only Common Ports")) -o.default = 1 - -o = s:option(ListValue, "pdnsd_enable", translate("Resolve Dns Mode")) -o:value("1", translate("Use Pdnsd tcp query and cache")) -o:value("2", translate("Use DNS2SOCKS query and cache")) -o:value("0", translate("Use Local DNS Service listen port 5335")) -o.default = 1 - -o = s:option(Value, "tunnel_forward", translate("Anti-pollution DNS Server")) -o:value("8.8.4.4:53", translate("Google Public DNS (8.8.4.4)")) -o:value("8.8.8.8:53", translate("Google Public DNS (8.8.8.8)")) -o:value("208.67.222.222:53", translate("OpenDNS (208.67.222.222)")) -o:value("208.67.220.220:53", translate("OpenDNS (208.67.220.220)")) -o:value("209.244.0.3:53", translate("Level 3 Public DNS (209.244.0.3)")) -o:value("209.244.0.4:53", translate("Level 3 Public DNS (209.244.0.4)")) -o:value("4.2.2.1:53", translate("Level 3 Public DNS (4.2.2.1)")) -o:value("4.2.2.2:53", translate("Level 3 Public DNS (4.2.2.2)")) -o:value("4.2.2.3:53", translate("Level 3 Public DNS (4.2.2.3)")) -o:value("4.2.2.4:53", translate("Level 3 Public DNS (4.2.2.4)")) -o:value("1.1.1.1:53", translate("Cloudflare DNS (1.1.1.1)")) -o:value("114.114.114.114:53", translate("Oversea Mode DNS-1 (114.114.114.114)")) -o:value("114.114.115.115:53", translate("Oversea Mode DNS-2 (114.114.115.115)")) -o:depends("pdnsd_enable", "1") -o:depends("pdnsd_enable", "2") -o.description = translate("Custom DNS Server format as IP:PORT (default: 8.8.4.4:53)") - -return m - - diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua deleted file mode 100644 index 7a5e33b6..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/control.lua +++ /dev/null @@ -1,138 +0,0 @@ -local m, s, o -local NXFS = require "nixio.fs" - -m = Map("shadowsocksr", translate("IP black-and-white list")) - -s = m:section(TypedSection, "access_control") -s.anonymous = true - --- Part of WAN -s:tab("wan_ac", translate("WAN IP AC")) - -o = s:taboption("wan_ac", DynamicList, "wan_bp_ips", translate("WAN White List IP")) -o.datatype = "ip4addr" - -o = s:taboption("wan_ac", DynamicList, "wan_fw_ips", translate("WAN Force Proxy IP")) -o.datatype = "ip4addr" - --- Part of LAN -s:tab("lan_ac", translate("LAN IP AC")) - -o = s:taboption("lan_ac", ListValue, "lan_ac_mode", translate("LAN Access Control")) -o:value("0", translate("Disable")) -o:value("w", translate("Allow listed only")) -o:value("b", translate("Allow all except listed")) -o.rmempty = false - -o = s:taboption("lan_ac", DynamicList, "lan_ac_ips", translate("LAN Host List")) -o.datatype = "ipaddr" -luci.ip.neighbors({ family = 4 }, function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end -end) -o:depends("lan_ac_mode", "w") -o:depends("lan_ac_mode", "b") - -o = s:taboption("lan_ac", DynamicList, "lan_bp_ips", translate("LAN Bypassed Host List")) -o.datatype = "ipaddr" -luci.ip.neighbors({ family = 4 }, function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end -end) - -o = s:taboption("lan_ac", DynamicList, "lan_fp_ips", translate("LAN Force Proxy Host List")) -o.datatype = "ipaddr" -luci.ip.neighbors({ family = 4 }, function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end -end) - -o = s:taboption("lan_ac", DynamicList, "lan_gm_ips", translate("Game Mode Host List")) -o.datatype = "ipaddr" -luci.ip.neighbors({ family = 4 }, function(entry) - if entry.reachable then - o:value(entry.dest:string()) - end -end) - --- Part of Self --- s:tab("self_ac", translate("Router Self AC")) --- o = s:taboption("self_ac",ListValue, "router_proxy", translate("Router Self Proxy")) --- o:value("1", translatef("Normal Proxy")) --- o:value("0", translatef("Bypassed Proxy")) --- o:value("2", translatef("Forwarded Proxy")) --- o.rmempty = false - -s:tab("esc", translate("Bypass Domain List")) - -local escconf = "/etc/config/white.list" -o = s:taboption("esc", TextValue, "escconf") -o.rows = 13 -o.wrap = "off" -o.rmempty = true -o.cfgvalue = function(self, section) - return NXFS.readfile(escconf) or "" -end -o.write = function(self, section, value) - NXFS.writefile(escconf, value:gsub("\r\n", "\n")) -end -o.remove = function(self, section, value) - NXFS.writefile(escconf, "") -end - - -s:tab("block", translate("Black Domain List")) - -local blockconf = "/etc/config/black.list" -o = s:taboption("block", TextValue, "blockconf") -o.rows = 13 -o.wrap = "off" -o.rmempty = true -o.cfgvalue = function(self, section) - return NXFS.readfile(blockconf) or " " -end -o.write = function(self, section, value) - NXFS.writefile(blockconf, value:gsub("\r\n", "\n")) -end -o.remove = function(self, section, value) - NXFS.writefile(blockconf, "") -end - -s:tab("netflix", translate("Netflix Domain List")) - -local netflixconf = "/etc/config/netflix.list" -o = s:taboption("netflix", TextValue, "netflixconf") -o.rows = 13 -o.wrap = "off" -o.rmempty = true -o.cfgvalue = function(self, section) - return NXFS.readfile(netflixconf) or " " -end -o.write = function(self, section, value) - NXFS.writefile(netflixconf, value:gsub("\r\n", "\n")) -end -o.remove = function(self, section, value) - NXFS.writefile(netflixconf, "") -end - -s:tab("netflixip", translate("Netflix IP List")) - -local netflixipconf = "/etc/config/netflixip.list" -o = s:taboption("netflixip", TextValue, "netflixipconf") -o.rows = 13 -o.wrap = "off" -o.rmempty = true -o.cfgvalue = function(self, section) - return NXFS.readfile(netflixipconf) or " " -end -o.write = function(self, section, value) - NXFS.writefile(netflixipconf, value:gsub("\r\n", "\n")) -end -o.remove = function(self, section, value) - NXFS.writefile(netflixipconf, "") -end - -return m diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua deleted file mode 100644 index 6c5938ed..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/log.lua +++ /dev/null @@ -1,20 +0,0 @@ -local fs = require "nixio.fs" - -f = SimpleForm("logview") - -t = f:field(TextValue, "conf") -t.rmempty = true -t.rows = 20 -function t.cfgvalue() - if fs.access("/tmp/ssrplus.log") then - local logs = luci.util.execi("cat /tmp/ssrplus.log") - local s = "" - for line in logs do - s = line .. "\n" .. s - end - return s - end -end -t.readonly="readonly" - -return f \ No newline at end of file diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua deleted file mode 100644 index 8fa5024d..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua +++ /dev/null @@ -1,115 +0,0 @@ --- Copyright (C) 2017 yushi studio --- Licensed to the public under the GNU General Public License v3. -require "luci.http" -require "luci.dispatcher" -require "nixio.fs" - -local m, s, o -local shadowsocksr = "shadowsocksr" -local sid = arg[1] - -local encrypt_methods = { - "rc4-md5", - "rc4-md5-6", - "rc4", - "table", - "aes-128-cfb", - "aes-192-cfb", - "aes-256-cfb", - "aes-128-ctr", - "aes-192-ctr", - "aes-256-ctr", - "bf-cfb", - "camellia-128-cfb", - "camellia-192-cfb", - "camellia-256-cfb", - "cast5-cfb", - "des-cfb", - "idea-cfb", - "rc2-cfb", - "seed-cfb", - "salsa20", - "chacha20", - "chacha20-ietf", -} - -local protocol = { - "origin", -} - -obfs = { - "plain", - "http_simple", - "http_post", -} - -m = Map(shadowsocksr, translate("Edit ShadowSocksR Server")) - -m.redirect = luci.dispatcher.build_url("admin/services/shadowsocksr/server") -if m.uci:get(shadowsocksr, sid) ~= "server_config" then - luci.http.redirect(m.redirect) - return -end - - - - --- [[ Server Setting ]]-- -s = m:section(NamedSection, sid, "server_config") -s.anonymous = true -s.addremove = false - -o = s:option(Flag, "enable", translate("Enable")) -o.default = 1 -o.rmempty = false - -o = s:option(ListValue, "type", translate("Server Type")) -o:value("socks5", translate("Socks5")) -if nixio.fs.access("/usr/bin/ss-server") then -o:value("ssr", translate("ShadowsocksR")) -end -o.default = "socks5" - -o = s:option(Value, "server_port", translate("Server Port")) -o.datatype = "port" -o.default = 8388 -o.rmempty = false - -o = s:option(Value, "timeout", translate("Connection Timeout")) -o.datatype = "uinteger" -o.default = 60 -o.rmempty = false -o:depends("type", "ssr") - -o = s:option(Value, "username", translate("Username")) -o.rmempty = false -o:depends("type", "socks5") - -o = s:option(Value, "password", translate("Password")) -o.password = true -o.rmempty = false - -o = s:option(ListValue, "encrypt_method", translate("Encrypt Method")) -for _, v in ipairs(encrypt_methods) do o:value(v) end -o.rmempty = false -o:depends("type", "ssr") - -o = s:option(ListValue, "protocol", translate("Protocol")) -for _, v in ipairs(protocol) do o:value(v) end -o.rmempty = false -o:depends("type", "ssr") - - -o = s:option(ListValue, "obfs", translate("Obfs")) -for _, v in ipairs(obfs) do o:value(v) end -o.rmempty = false -o:depends("type", "ssr") - -o = s:option(Value, "obfs_param", translate("Obfs param(optional)")) -o:depends("type", "ssr") - -o = s:option(Flag, "fast_open", translate("TCP Fast Open")) -o.rmempty = false -o:depends("type", "ssr") - -return m diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua deleted file mode 100644 index ec273e0f..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua +++ /dev/null @@ -1,112 +0,0 @@ --- Copyright (C) 2017 yushi studio --- Licensed to the public under the GNU General Public License v3. - -local m, sec, o -local shadowsocksr = "shadowsocksr" -local uci = luci.model.uci.cursor() - - -m = Map(shadowsocksr) - -local encrypt_methods = { - "table", - "rc4", - "rc4-md5", - "rc4-md5-6", - "aes-128-cfb", - "aes-192-cfb", - "aes-256-cfb", - "aes-128-ctr", - "aes-192-ctr", - "aes-256-ctr", - "bf-cfb", - "camellia-128-cfb", - "camellia-192-cfb", - "camellia-256-cfb", - "cast5-cfb", - "des-cfb", - "idea-cfb", - "rc2-cfb", - "seed-cfb", - "salsa20", - "chacha20", - "chacha20-ietf", -} - -local protocol = { - "origin", - "verify_deflate", - "auth_sha1_v4", - "auth_aes128_sha1", - "auth_aes128_md5", - "auth_chain_a", -} - -obfs = { - "plain", - "http_simple", - "http_post", - "random_head", - "tls1.2_ticket_auth", - "tls1.2_ticket_fastauth", -} - --- [[ Global Setting ]]-- -sec = m:section(TypedSection, "server_global", translate("Global Setting")) -sec.anonymous = true - -o = sec:option(Flag, "enable_server", translate("Enable Server")) -o.rmempty = false - --- [[ Server Setting ]]-- -sec = m:section(TypedSection, "server_config", translate("Server Setting")) -sec.anonymous = true -sec.addremove = true -sec.template = "cbi/tblsection" -sec.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/server/%s") -function sec.create(...) - local sid = TypedSection.create(...) - if sid then - luci.http.redirect(sec.extedit % sid) - return - end -end - -o = sec:option(Flag, "enable", translate("Enable")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or translate("0") -end -o.rmempty = false - -o = sec:option(DummyValue, "type", translate("Server Type")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or "ssr" -end - -o = sec:option(DummyValue, "server_port", translate("Server Port")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or "-" -end - -o = sec:option(DummyValue, "username", translate("Username")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or "-" -end - -o = sec:option(DummyValue, "encrypt_method", translate("Encrypt Method")) -function o.cfgvalue(...) - local v = Value.cfgvalue(...) - return v and v:upper() or "-" -end - -o = sec:option(DummyValue, "protocol", translate("Protocol")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or "-" -end - -o = sec:option(DummyValue, "obfs", translate("Obfs")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or "-" -end - -return m diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua deleted file mode 100644 index d1ca5046..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/servers.lua +++ /dev/null @@ -1,139 +0,0 @@ --- Licensed to the public under the GNU General Public License v3. - -local m, s, o -local shadowsocksr = "shadowsocksr" - -local uci = luci.model.uci.cursor() -local server_count = 0 -uci:foreach("shadowsocksr", "servers", function(s) - server_count = server_count + 1 -end) - -local fs = require "nixio.fs" -local sys = require "luci.sys" - -local ucic = luci.model.uci.cursor() - -m = Map(shadowsocksr, translate("Servers subscription and manage")) - --- Server Subscribe - -s = m:section(TypedSection, "server_subscribe") -s.anonymous = true - -o = s:option(Flag, "auto_update", translate("Auto Update")) -o.rmempty = false -o.description = translate("Auto Update Server subscription, GFW list and CHN route") - - -o = s:option(ListValue, "auto_update_time", translate("Update time (every day)")) -for t = 0,23 do -o:value(t, t..":00") -end -o.default=2 -o.rmempty = false - -o = s:option(DynamicList, "subscribe_url", translate("Subscribe URL")) -o.rmempty = true - -o = s:option(Value, "filter_words", translate("Subscribe Filter Words")) -o.rmempty = true -o.description = translate("Filter Words splited by /") - -o = s:option(Button,"update_Sub",translate("Update Subscribe List")) -o.inputstyle = "reload" -o.description = translate("Update subscribe url list first") -o.write = function() - luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers")) -end - -o = s:option(Flag, "switch", translate("Subscribe Default Auto-Switch")) -o.rmempty = false -o.description = translate("Subscribe new add server default Auto-Switch on") -o.default="1" - -o = s:option(Flag, "proxy", translate("Through proxy update")) -o.rmempty = false -o.description = translate("Through proxy update list, Not Recommended ") - - -o = s:option(Button,"subscribe", translate("Update All Subscribe Severs")) -o.rawhtml = true -o.template = "shadowsocksr/subscribe" - -o = s:option(Button,"delete",translate("Delete All Subscribe Severs")) -o.inputstyle = "reset" -o.description = string.format(translate("Server Count") .. ": %d", server_count) -o.write = function() -uci:delete_all("shadowsocksr", "servers", function(s) - if s.hashkey or s.isSubscribe then - return true - else - return false - end -end) -uci:save("shadowsocksr") -uci:commit("shadowsocksr") -luci.sys.exec("/etc/init.d/shadowsocksr restart") -luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "servers")) -return -end - --- [[ Servers Manage ]]-- -s = m:section(TypedSection, "servers") -s.anonymous = true -s.addremove = true -s.template = "cbi/tblsection" -s.sortable = true -s.extedit = luci.dispatcher.build_url("admin/services/shadowsocksr/servers/%s") -function s.create(...) - local sid = TypedSection.create(...) - if sid then - luci.http.redirect(s.extedit % sid) - return - end -end - -o = s:option(DummyValue, "type", translate("Type")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or "" -end - -o = s:option(DummyValue, "alias", translate("Alias")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or translate("None") -end - -o = s:option(DummyValue, "server_port", translate("Server Port")) -function o.cfgvalue(...) - return Value.cfgvalue(...) or "N/A" -end - -o = s:option(DummyValue, "server_port", translate("Socket Connected")) -o.template="shadowsocksr/socket" -o.width="10%" - -o = s:option(DummyValue, "server", translate("Ping Latency")) -o.template="shadowsocksr/ping" -o.width="10%" - - -node = s:option(Button,"apply_node",translate("Apply")) -node.inputstyle = "apply" -node.write = function(self, section) - ucic:set("shadowsocksr", '@global[0]', 'global_server', section) - ucic:save("shadowsocksr") - ucic:commit("shadowsocksr") - luci.sys.exec("/etc/init.d/shadowsocksr restart") - luci.http.redirect(luci.dispatcher.build_url("admin", "services", "shadowsocksr", "client")) -end - -o = s:option(Flag, "switch_enable", translate("Auto Switch")) -o.rmempty = false -function o.cfgvalue(...) - return Value.cfgvalue(...) or 1 -end - -m:append(Template("shadowsocksr/server_list")) - -return m \ No newline at end of file diff --git a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua b/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua deleted file mode 100644 index 0ae5219e..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/status.lua +++ /dev/null @@ -1,183 +0,0 @@ --- Copyright (C) 2017 yushi studio --- Licensed to the public under the GNU General Public License v3. - -local m, s, o -local redir_run=0 -local reudp_run=0 -local sock5_run=0 -local server_run=0 -local kcptun_run=0 -local tunnel_run=0 -local gfw_count=0 -local ad_count=0 -local ip_count=0 -local nfip_count=0 -local uci = luci.model.uci.cursor() -local shadowsocksr = "shadowsocksr" --- html constants -font_blue = [[]] -font_off = [[]] -bold_on = [[]] -bold_off = [[]] - -local fs = require "nixio.fs" -local sys = require "luci.sys" -local kcptun_version=translate("Unknown") -local kcp_file="/usr/bin/kcptun-client" -if not fs.access(kcp_file) then -kcptun_version=translate("Not exist") -else -if not fs.access(kcp_file, "rwx", "rx", "rx") then -fs.chmod(kcp_file, 755) -end -kcptun_version=sys.exec(kcp_file .. " -v | awk '{printf $3}'") -if not kcptun_version or kcptun_version == "" then -kcptun_version = translate("Unknown") -end - -end - -if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then -gfw_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l"))/2 -end - -if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then -ad_count = tonumber(sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l")) -end - -if nixio.fs.access("/etc/china_ssr.txt") then -ip_count = tonumber(sys.exec("cat /etc/china_ssr.txt | wc -l")) -end - -if nixio.fs.access("/etc/config/netflixip.list") then -nfip_count = tonumber(sys.exec("cat /etc/config/netflixip.list | wc -l")) -end - -local icount=sys.exec("busybox ps -w | grep ssr-reudp |grep -v grep| wc -l") -if tonumber(icount)>0 then -reudp_run=1 -else -icount=sys.exec("busybox ps -w | grep ssr-retcp |grep \"\\-u\"|grep -v grep| wc -l") -if tonumber(icount)>0 then -reudp_run=1 -end -end - -if luci.sys.call("busybox ps -w | grep ssr-retcp | grep -v grep >/dev/null") == 0 then -redir_run=1 -end - -if luci.sys.call("busybox ps -w | grep ssr-local | grep -v ssr-socksdns |grep -v grep >/dev/null") == 0 then -sock5_run=1 -end - -if luci.sys.call("pidof kcptun-client >/dev/null") == 0 then -kcptun_run=1 -end - -if luci.sys.call("busybox ps -w | grep ssr-server | grep -v grep >/dev/null") == 0 then -server_run=1 -end - -if luci.sys.call("busybox ps -w | grep ssr-tunnel |grep -v grep >/dev/null") == 0 then -tunnel_run=1 -end - -if luci.sys.call("pidof pdnsd >/dev/null") == 0 or (luci.sys.call("busybox ps -w | grep ssr-dns |grep -v grep >/dev/null") == 0 and luci.sys.call("pidof dns2socks >/dev/null") == 0)then -pdnsd_run=1 -end - -m = SimpleForm("Version") -m.reset = false -m.submit = false - -s=m:field(DummyValue,"redir_run",translate("Global Client")) -s.rawhtml = true -if redir_run == 1 then -s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off -else -s.value = translate("Not Running") -end - -s=m:field(DummyValue,"reudp_run",translate("Game Mode UDP Relay")) -s.rawhtml = true -if reudp_run == 1 then -s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off -else -s.value = translate("Not Running") -end - -if uci:get_first(shadowsocksr, 'global', 'pdnsd_enable', '0') ~= '0' then -s=m:field(DummyValue,"pdnsd_run",translate("DNS Anti-pollution")) -s.rawhtml = true -if pdnsd_run == 1 then -s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off -else -s.value = translate("Not Running") -end -end - -s=m:field(DummyValue,"sock5_run",translate("Global SOCKS5 Proxy Server")) -s.rawhtml = true -if sock5_run == 1 then -s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off -else -s.value = translate("Not Running") -end - -s=m:field(DummyValue,"server_run",translate("Local Servers")) -s.rawhtml = true -if server_run == 1 then -s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off -else -s.value = translate("Not Running") -end - -if nixio.fs.access("/usr/bin/kcptun-client") then -s=m:field(DummyValue,"kcp_version",translate("KcpTun Version")) -s.rawhtml = true -s.value =kcptun_version -s=m:field(DummyValue,"kcptun_run",translate("KcpTun")) -s.rawhtml = true -if kcptun_run == 1 then -s.value =font_blue .. bold_on .. translate("Running") .. bold_off .. font_off -else -s.value = translate("Not Running") -end -end - -s=m:field(DummyValue,"google",translate("Google Connectivity")) -s.value = translate("No Check") -s.template = "shadowsocksr/check" - -s=m:field(DummyValue,"baidu",translate("Baidu Connectivity")) -s.value = translate("No Check") -s.template = "shadowsocksr/check" - -s=m:field(DummyValue,"gfw_data",translate("GFW List Data")) -s.rawhtml = true -s.template = "shadowsocksr/refresh" -s.value = gfw_count .. " " .. translate("Records") - -s=m:field(DummyValue,"ip_data",translate("China IP Data")) -s.rawhtml = true -s.template = "shadowsocksr/refresh" -s.value = ip_count .. " " .. translate("Records") - -s=m:field(DummyValue,"nfip_data",translate("Netflix IP Data")) -s.rawhtml = true -s.template = "shadowsocksr/refresh" -s.value = nfip_count .. " " .. translate("Records") - -if uci:get_first(shadowsocksr, 'global', 'adblock', '0') == '1' then -s=m:field(DummyValue,"ad_data",translate("Advertising Data")) -s.rawhtml = true -s.template = "shadowsocksr/refresh" -s.value = ad_count .. " " .. translate("Records") -end - -s=m:field(DummyValue,"check_port",translate("Check Server Port")) -s.template = "shadowsocksr/checkport" -s.value =translate("No Check") - -return m diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm deleted file mode 100644 index f34f04d7..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/certupload.htm +++ /dev/null @@ -1,4 +0,0 @@ -<%+cbi/valueheader%> - - -<%+cbi/valuefooter%> diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/check.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/check.htm deleted file mode 100644 index c75056a8..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/check.htm +++ /dev/null @@ -1,30 +0,0 @@ -<%+cbi/valueheader%> - - -<%=self.value%> - -<%+cbi/valuefooter%> diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm deleted file mode 100644 index ed91a2f2..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/checkport.htm +++ /dev/null @@ -1,36 +0,0 @@ -<%+cbi/valueheader%> - - - -<%=self.value%> - - - -<%+cbi/valuefooter%> \ No newline at end of file diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ping.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ping.htm deleted file mode 100644 index 5b396f7c..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ping.htm +++ /dev/null @@ -1,3 +0,0 @@ -<%+cbi/valueheader%> --- ms -<%+cbi/valuefooter%> diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/refresh.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/refresh.htm deleted file mode 100644 index 3e610d9e..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/refresh.htm +++ /dev/null @@ -1,35 +0,0 @@ -<%+cbi/valueheader%> - - -<%=self.value%> -<%+cbi/valuefooter%> diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm deleted file mode 100644 index 9c5ba66a..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/server_list.htm +++ /dev/null @@ -1,151 +0,0 @@ -<%# - Copyright 2018-2019 Lienol - Licensed to the public under the Apache License 2.0. --%> -<% -local dsp = require "luci.dispatcher" --%> - diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/socket.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/socket.htm deleted file mode 100644 index 714fb56b..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/socket.htm +++ /dev/null @@ -1,3 +0,0 @@ -<%+cbi/valueheader%> -wait -<%+cbi/valuefooter%> diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm deleted file mode 100644 index e734af05..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm +++ /dev/null @@ -1,297 +0,0 @@ -<%+cbi/valueheader%> - - - -<%+cbi/valuefooter%> diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/status.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/status.htm deleted file mode 100644 index 0dab4d55..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/status.htm +++ /dev/null @@ -1,22 +0,0 @@ - - -
-

- <%:Collecting data...%> -

-
diff --git a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/subscribe.htm b/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/subscribe.htm deleted file mode 100644 index 6bbc7d54..00000000 --- a/package/lean/luci-app-ssr-plus/luasrc/view/shadowsocksr/subscribe.htm +++ /dev/null @@ -1,18 +0,0 @@ -<%+cbi/valueheader%> - - - -<%+cbi/valuefooter%> diff --git a/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po b/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po deleted file mode 100644 index 6052702d..00000000 --- a/package/lean/luci-app-ssr-plus/po/zh-cn/ssr-plus.po +++ /dev/null @@ -1,659 +0,0 @@ -msgid "" -msgstr "Content-Type: text/plain; charset=UTF-8\n" - -msgid "ShadowSocksR Client" -msgstr "ShadowSocksR 客户端" - -msgid "Enable" -msgstr "启用" - -msgid "Disable" -msgstr "停用" - -msgid "Log" -msgstr "日志" - -msgid "ShadowSocksR is running" -msgstr "ShadowSocksR 客户端运行中" - -msgid "ShadowSocksR is not running" -msgstr "ShadowSocksR 客户端未运行" - -msgid "Global Setting" -msgstr "全局设置" - -msgid "Global Server" -msgstr "全局服务器" - -msgid "ShadowSocksR SOCK5 Proxy is running" -msgstr "ShadowSocksR SOCK5代理运行中" - -msgid "UDP Relay Server" -msgstr "UDP中继服务器" - -msgid "Same as Global Server" -msgstr "与全局服务器相同" - -msgid "Servers Setting" -msgstr "服务器配置" - -msgid "Alias(optional)" -msgstr "别名(可选)" - -msgid "Onetime Authentication" -msgstr "一次验证" - -msgid "Server Address" -msgstr "服务器地址" - -msgid "Server Port" -msgstr "端口" - -msgid "Local Port" -msgstr "本地端口" - -msgid "Connection Timeout" -msgstr "连接超时" - -msgid "Password" -msgstr "密码" - -msgid "Encrypt Method" -msgstr "加密方式" - -msgid "Protocol" -msgstr "传输协议" - -msgid "Protocol param(optional)" -msgstr "传输协议参数(可选)" - -msgid "Obfs" -msgstr "混淆插件" - -msgid "Obfs param(optional)" -msgstr "混淆参数(可选)" - -msgid "Enable Tunnel(DNS)" -msgstr "启用隧道(DNS)转发" - -msgid "Tunnel Port" -msgstr "隧道(DNS)本地端口" - -msgid "Forwarding Tunnel" -msgstr "隧道(DNS)转发地址" - -msgid "Access Control" -msgstr "访问控制" - -msgid "Interfaces - WAN" -msgstr "接口 - WAN" - -msgid "Bypassed IP List" -msgstr "被忽略IP列表" - -msgid "NULL - As Global Proxy" -msgstr "留空 - 作为全局代理" - -msgid "Bypassed IP" -msgstr "额外被忽略IP" - -msgid "Forwarded IP" -msgstr "强制走代理IP" - -msgid "Interfaces - LAN" -msgstr "接口 - LAN" - -msgid "LAN Access Control" -msgstr "内网客户端分流代理控制" - -msgid "Allow listed only" -msgstr "仅允许列表内主机" - -msgid "Allow all except listed" -msgstr "除列表外主机皆允许" - -msgid "LAN Host List" -msgstr "内网主机列表" - -msgid "SSR Client" -msgstr "客户端" - -msgid "SSR Server" -msgstr "服务端" - -msgid "ShadowSocksR Server" -msgstr "ShadowSocksR 服务端" - -msgid "ShadowSocksR Server is running" -msgstr "ShadowSocksR 服务端运行中" - -msgid "ShadowSocksR Server is not running" -msgstr "ShadowSocksR 服务端未运行" - -msgid "Enable Server" -msgstr "启动服务端" - -msgid "Server Setting" -msgstr "服务端配置" - -msgid "KcpTun Enable" -msgstr "KcpTun 启用" - -msgid "bin:/usr/bin/kcptun-client" -msgstr "二进制文件:/usr/bin/kcptun-client" - -msgid "KcpTun Port" -msgstr "KcpTun 端口" - -msgid "KcpTun Param" -msgstr "KcpTun 参数" - -msgid "KcpTun Password" -msgstr "KcpTun 密码" - -msgid "Haven't a Kcptun executable file" -msgstr "不存在Kcptun可执行文件,请下载Kcptun可执行文件并改名放入/usr/bin/kcptun-client" - -msgid "Not a Kcptun executable file" -msgstr "Kcptun可执行文件格式不正确,请确认是否正确下载了路由器对应的可执行文件" - -msgid "Enable Process Monitor" -msgstr "启用进程监控" - -msgid "Edit ShadowSocksR Server" -msgstr "编辑服务器配置" - -msgid "Alias" -msgstr "别名" - -msgid "Server" -msgstr "服务器" - -msgid "TCP Fast Open" -msgstr "TCP快速打开" - -msgid "Status" -msgstr "状态" - -msgid "Unknown" -msgstr "未知" - -msgid "Running Status" -msgstr "运行状态" - -msgid "Global Client" -msgstr "TCP透明代理" - -msgid "Global SSR Server" -msgstr "SSR服务端" - -msgid "DNS Tunnel" -msgstr "DNS 隧道" - -msgid "IPK Version" -msgstr "IPK 版本号" - -msgid "KcpTun Version" -msgstr "KcpTun 版本号" - -msgid "Not exist" -msgstr "未安装可执行文件" - -msgid "IPK Installation Time" -msgstr "IPK 安装时间" - -msgid "Project" -msgstr "项目地址" - -msgid "Not Running" -msgstr "未运行" - -msgid "Running" -msgstr "运行中" - -msgid "Enable GFW mode" -msgstr "启用 GFW 模式" - -msgid "Running Mode" -msgstr "运行模式" - -msgid "IP Route Mode" -msgstr "绕过中国大陆IP模式" - -msgid "GFW List Mode" -msgstr "GFW列表模式" - -msgid "Global Mode" -msgstr "全局模式" - -msgid "Oversea Mode" -msgstr "海外用户回国模式" - -msgid "Router Proxy" -msgstr "路由器访问控制" - -msgid "Normal Proxy" -msgstr "正常代理" - -msgid "Bypassed Proxy" -msgstr "不走代理" - -msgid "Forwarded Proxy" -msgstr "强制走代理" - -msgid "UDP Relay" -msgstr "UDP中继" - -msgid "Google Connectivity" -msgstr "【谷歌】连通性检查" - -msgid "Baidu Connectivity" -msgstr "【百度】连通性检查" - -msgid "No Check" -msgstr "未检查" - -msgid "Check" -msgstr "检查" - -msgid "Connect OK" -msgstr "连接正常" - -msgid "Connect Error" -msgstr "连接错误" - -msgid "Check..." -msgstr "正在检查.." - -msgid "Proxy Check" -msgstr "代理检查" - -msgid "GFW List Data" -msgstr "【GFW列表】数据库" - -msgid "China IP Data" -msgstr "【国内IP段】数据库" - -msgid "Netflix IP Data" -msgstr "【Netflix IP段】数据库" - -msgid "Advertising Data" -msgstr "【广告屏蔽】数据库" - -msgid "Records" -msgstr "条记录" - -msgid "Refresh Data" -msgstr "更新数据库" - -msgid "Refresh..." -msgstr "正在更新,请稍候.." - -msgid "Refresh OK!" -msgstr "更新成功!" - -msgid "Refresh Error!" -msgstr "更新失败!" - -msgid "No new data!" -msgstr "你已经是最新数据,无需更新!" - -msgid "Total Records:" -msgstr "新的总纪录数:" - -msgid "Check Server Port" -msgstr "【服务器端口】检查" - -msgid "Check Connect" -msgstr "检查连通性" - -msgid "Check Server" -msgstr "检查服务器" - -msgid "Auto Switch" -msgstr "自动切换" - -msgid "Enable Auto Switch" -msgstr "启用自动切换" - -msgid "Switch check cycly(second)" -msgstr "自动切换检查周期(秒)" - -msgid "Check timout(second)" -msgstr "切换检查超时时间(秒)" - -msgid "Check Try Count" -msgstr "切换检查重试次数" - -msgid "Enable adblock" -msgstr "启用广告屏蔽" - -msgid "adblock_url" -msgstr "广告屏蔽更新URL" - -msgid "gfwlist Update url" -msgstr "GFWList更新URL" - -msgid "Chnroute Update url" -msgstr "国内IP段更新URL" - -msgid "nfip_url" -msgstr "Netflix IP段更新URL" - -msgid "Customize Netflix IP Url" -msgstr "自定义Netflix IP更新URL(默认项目地址:https://github.com/QiuSimons/Netflix_IP)" - -msgid "Enable Process Deamon" -msgstr "启用进程自动守护" - -msgid "DNS Server IP and Port" -msgstr "DNS服务器地址和端口" - -msgid "Resolve Dns Mode" -msgstr "DNS解析方式" - -msgid "Use SSR DNS Tunnel" -msgstr "使用SSR-DNS隧道" - -msgid "Use Pdnsd" -msgstr "使用Pdnsd" - -msgid "DNS Anti-pollution" -msgstr "DNS 防污染服务" - -msgid "Use Other DNS Tunnel(Need to install)" -msgstr "使用其他DNS转发(需要自己安装)" - -msgid "Import SSR" -msgstr "导入ssr配置信息" - -msgid "Export SSR" -msgstr "导出ssr配置信息" - -msgid "Import SSR successfully." -msgstr "成功导入SSR。" - -msgid "Invalid SSR format." -msgstr "无效的SSR格式。" - -msgid "User cancelled." -msgstr "用户已取消。" - -msgid "Paste ssr url here" -msgstr "在此处粘贴ssr://网址" - -msgid "Unable to copy SSR to clipboard." -msgstr "无法复制SSR网址到剪贴板。" - -msgid "Copy SSR to clipboard successfully." -msgstr "成功复制SSR网址到剪贴板。" - -msgid "Servers Manage" -msgstr "服务器管理" - -msgid "Auto Update" -msgstr "自动更新" - -msgid "Through proxy update" -msgstr "通过代理更新" - -msgid "GFW List" -msgstr "GFW列表" - -msgid "ShadowSocksR Plus+ Settings" -msgstr "ShadowSocksR Plus+ 设置(支持SS/SSR/V2RAY/TROJAN/SOCKS5/TUN)" - -msgid "Main Server" -msgstr "主服务器" - -msgid "Anti-pollution DNS Server" -msgstr "访问国外域名DNS服务器" - -msgid "Custom DNS Server format as IP:PORT (default: 8.8.4.4:53)" -msgstr "格式为 IP:PORT (默认: 8.8.4.4:53)" - -msgid "Use Pdnsd tcp query and cache" -msgstr "使用PDNSD TCP查询并缓存" - -msgid "Use DNS2SOCKS query and cache" -msgstr "使用 DNS2SOCKS 查询并缓存" - -msgid "DNS Server IP:Port" -msgstr "DNS服务器 IP:Port" - -msgid "Update time (every day)" -msgstr "更新时间 (每天)" - -msgid "Auto Update Server subscription, GFW list and CHN route" -msgstr "自动更新服务器订阅、GFW列表和 CHN路由表" - -msgid "Subscribe URL" -msgstr "SS/SSR/V2/TROJAN订阅URL" - -msgid "Subscribe Filter Words" -msgstr "订阅节点关键字过滤" - -msgid "Filter Words splited by /" -msgstr "命中关键字的节点将被丢弃。多个关键字用 / 分隔" - -msgid "Update" -msgstr "更新" - -msgid "Server Count" -msgstr "服务器节点数量" - -msgid "IP black-and-white list" -msgstr "黑白名单" - -msgid "WAN IP AC" -msgstr "WAN IP访问控制" - -msgid "WAN White List IP" -msgstr "不走代理的WAN IP" - -msgid "WAN Force Proxy IP" -msgstr "强制走代理的WAN IP" - -msgid "LAN Bypassed Host List" -msgstr "不走代理的局域网LAN IP" - -msgid "LAN Force Proxy Host List" -msgstr "全局代理的LAN IP" - -msgid "Router Self AC" -msgstr "路由器自身代理设置" - -msgid "Router Self Proxy" -msgstr "路由器自身代理方式" - -msgid "Normal Proxy" -msgstr "跟随全局设置" - -msgid "Bypassed Proxy" -msgstr "不走代理" - -msgid "Forwarded Proxy" -msgstr "全局代理" - -msgid "GFW Custom List" -msgstr "GFW 用户自定义列表" - -msgid "Please refer to the following writing" -msgstr "每行一个域名,无需写前面的 HTTP(S):// ,提交后即时生效" - -msgid "Servers subscription and manage" -msgstr "服务器节点订阅与管理" - -msgid "Through proxy update list, Not Recommended" -msgstr "通过路由器自身代理更新订阅" - -msgid "LAN IP AC" -msgstr "LAN IP访问控制" - -msgid "Game Mode UDP Server" -msgstr "游戏模式UDP中继服务器" - -msgid "Game Mode UDP Relay" -msgstr "游戏模式UDP中继" - -msgid "Server failsafe auto swith and custom update settings" -msgstr "服务器节点故障自动切换/广告屏蔽/国内IP段数据库更新设置" - -msgid "Support AdGuardHome and DNSMASQ format list" -msgstr "同时支持 AdGuard Home 和 DNSMASQ 格式的过滤列表" - -msgid "Delete All Subscribe Severs" -msgstr "删除所有订阅服务器节点" - -msgid "Severs Nodes" -msgstr "服务器节点" - -msgid "Use Local DNS Service listen port 5335" -msgstr "使用本机端口为5335的DNS服务" - -msgid "Server Node Type" -msgstr "服务器节点类型" - -msgid "Using incorrect encryption mothod may causes service fail to start" -msgstr "输入不正确的参数组合可能会导致服务无法启动" - -msgid "Game Mode Host List" -msgstr "增强游戏模式客户端LAN IP" - -msgid "Multi Threads Option" -msgstr "多线程并发转发" - -msgid "Auto Threads" -msgstr "自动(CPU线程数)" - -msgid "1 Thread" -msgstr "单线程" - -msgid "2 Threads" -msgstr "2 线程" - -msgid "4 Threads" -msgstr "4 线程" - -msgid "8 Threads" -msgstr "8 线程" - -msgid "16 Threads" -msgstr "16 线程" - -msgid "32 Threads" -msgstr "32 线程" - -msgid "64 Threads" -msgstr "64 线程" - -msgid "128 Threads" -msgstr "128 线程" - -msgid "Proxy Ports" -msgstr "需要代理的端口" - -msgid "All Ports" -msgstr "所有端口(默认)" - -msgid "Only Common Ports" -msgstr "仅常用端口(不走P2P流量到代理)" - -msgid "Socket Connected" -msgstr "连接测试" - -msgid "Ping Latency" -msgstr "Ping延迟" - -msgid "Bypass Domain List" -msgstr "不走代理的域名" - -msgid "Black Domain List" -msgstr "强制走代理的域名" - -msgid "Update Subscribe List" -msgstr "更新订阅URL列表" - -msgid "Update subscribe url list first" -msgstr "修改订阅URL和节点关键字后,请先点击更新" - -msgid "Update All Subscribe Severs" -msgstr "更新所有订阅服务器节点" - -msgid "Plugin" -msgstr "插件" - -msgid "Plugin Opts" -msgstr "插件参数" - -msgid "Self-signed Certificate" -msgstr "自签证书" - -msgid "If you have a self-signed certificate,please check the box" -msgstr "如果你使用自签证书,请选择" - -msgid "upload" -msgstr "上传" - -msgid "Upload" -msgstr "上传" - -msgid "No specify upload file." -msgstr "没有上传证书" - -msgid "Current Certificate Path" -msgstr "当前证书路径" - -msgid "Please confirm the current certificate path" -msgstr "请选择确认所传证书,证书不正确将无法运行" - -msgid "Subscribe Default Auto-Switch" -msgstr "订阅新节点自动切换设置" - -msgid "Subscribe new add server default Auto-Switch on" -msgstr "订阅加入的新节点默认开启自动切换" - -msgid "SOCKS5 Proxy Server Settings" -msgstr "SOCKS5 代理服务端设置" - -msgid "SOCKS5 Proxy Server" -msgstr "SOCKS5 代理服务端" - -msgid "Enable SOCKS5 Proxy Server" -msgstr "启用 SOCKS5 代理服务" - -msgid "Enable Authentication" -msgstr "启用用户名/密码认证" - -msgid "Enable SOCKS5 Proxy Server" -msgstr "启用 SOCKS5 代理服务" - -msgid "Enable WAN Access" -msgstr "允许从 WAN 访问" - -msgid "Redirect traffic to this network interface" -msgstr "分流到这个网络接口" - -msgid "Netflix Node" -msgstr "Netflix 分流服务器" - -msgid "Netflix Domain List" -msgstr "Netflix 分流域名列表" - -msgid "Netflix IP List" -msgstr "Netflix 分流IP列表" - -msgid "External Proxy Mode" -msgstr "分流服务器(前置)代理" - -msgid "Forward Netflix Proxy through Main Proxy" -msgstr "分流服务器流量通过主服务节点中转代理转发" - -msgid "Server Type" -msgstr "服务端类型" - -msgid "Local Servers" -msgstr "本机服务端" - -msgid "Global SOCKS5 Proxy Server" -msgstr "SOCKS5 代理服务端(全局)" diff --git a/package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt b/package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt deleted file mode 100644 index c152a07a..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/china_ssr.txt +++ /dev/null @@ -1,8485 +0,0 @@ -1.0.1.0/24 -1.0.2.0/23 -1.0.8.0/21 -1.0.32.0/19 -1.1.0.0/24 -1.1.2.0/23 -1.1.4.0/22 -1.1.8.0/24 -1.1.9.0/24 -1.1.10.0/23 -1.1.12.0/22 -1.1.16.0/20 -1.1.32.0/19 -1.2.0.0/23 -1.2.2.0/24 -1.2.4.0/24 -1.2.5.0/24 -1.2.6.0/23 -1.2.8.0/24 -1.2.9.0/24 -1.2.10.0/23 -1.2.12.0/22 -1.2.16.0/20 -1.2.32.0/19 -1.2.64.0/18 -1.3.0.0/16 -1.4.1.0/24 -1.4.2.0/23 -1.4.4.0/24 -1.4.5.0/24 -1.4.6.0/23 -1.4.8.0/21 -1.4.16.0/20 -1.4.32.0/19 -1.4.64.0/18 -1.8.0.0/16 -1.10.0.0/21 -1.10.8.0/23 -1.10.11.0/24 -1.10.12.0/22 -1.10.16.0/20 -1.10.32.0/19 -1.10.64.0/18 -1.12.0.0/14 -1.24.0.0/13 -1.45.0.0/16 -1.48.0.0/15 -1.50.0.0/16 -1.51.0.0/16 -1.56.0.0/13 -1.68.0.0/14 -1.80.0.0/13 -1.88.0.0/14 -1.92.0.0/15 -1.94.0.0/15 -1.116.0.0/15 -1.118.0.0/16 -1.119.0.0/17 -1.119.128.0/17 -1.180.0.0/14 -1.184.0.0/15 -1.188.0.0/14 -1.192.0.0/13 -1.202.0.0/15 -1.204.0.0/14 -14.0.0.0/21 -14.0.12.0/22 -14.1.0.0/22 -14.1.24.0/22 -14.1.96.0/22 -14.1.108.0/22 -14.16.0.0/12 -14.102.128.0/22 -14.102.156.0/22 -14.102.180.0/22 -14.103.0.0/16 -14.104.0.0/13 -14.112.0.0/12 -14.130.0.0/15 -14.134.0.0/15 -14.144.0.0/12 -14.192.60.0/22 -14.192.76.0/22 -14.196.0.0/15 -14.204.0.0/15 -14.208.0.0/12 -27.0.128.0/22 -27.0.132.0/22 -27.0.160.0/22 -27.0.164.0/22 -27.0.188.0/22 -27.0.204.0/22 -27.0.208.0/22 -27.0.212.0/22 -27.8.0.0/13 -27.16.0.0/12 -27.34.232.0/21 -27.36.0.0/14 -27.40.0.0/13 -27.50.40.0/21 -27.50.128.0/17 -27.54.72.0/21 -27.54.152.0/21 -27.54.192.0/18 -27.98.208.0/20 -27.98.224.0/19 -27.99.128.0/17 -27.103.0.0/16 -27.106.128.0/18 -27.106.204.0/22 -27.109.32.0/19 -27.109.124.0/22 -27.112.0.0/18 -27.112.80.0/20 -27.112.112.0/22 -27.112.116.0/22 -27.113.128.0/18 -27.115.0.0/17 -27.116.44.0/22 -27.121.72.0/21 -27.121.120.0/21 -27.128.0.0/15 -27.131.220.0/22 -27.144.0.0/16 -27.148.0.0/14 -27.152.0.0/13 -27.184.0.0/13 -27.192.0.0/11 -27.224.0.0/14 -36.0.0.0/22 -36.0.8.0/21 -36.0.16.0/20 -36.0.32.0/19 -36.0.64.0/18 -36.0.128.0/17 -36.1.0.0/16 -36.4.0.0/14 -36.16.0.0/12 -36.32.0.0/14 -36.36.0.0/16 -36.37.0.0/19 -36.37.36.0/23 -36.37.39.0/24 -36.37.40.0/21 -36.37.48.0/20 -36.40.0.0/13 -36.48.0.0/15 -36.51.0.0/16 -36.56.0.0/13 -36.96.0.0/11 -36.128.0.0/10 -36.192.0.0/11 -36.248.0.0/14 -36.254.0.0/16 -36.255.116.0/22 -36.255.128.0/22 -36.255.164.0/22 -36.255.172.0/22 -36.255.176.0/22 -39.0.0.0/24 -39.0.2.0/23 -39.0.4.0/22 -39.0.8.0/21 -39.0.16.0/20 -39.0.32.0/19 -39.0.64.0/18 -39.0.128.0/17 -39.64.0.0/11 -39.96.0.0/13 -39.104.0.0/14 -39.108.0.0/16 -39.128.0.0/10 -40.72.0.0/15 -40.125.128.0/17 -40.126.64.0/18 -42.0.0.0/22 -42.0.8.0/21 -42.0.16.0/21 -42.0.24.0/22 -42.0.32.0/19 -42.0.128.0/17 -42.1.0.0/19 -42.1.32.0/20 -42.1.48.0/21 -42.1.56.0/22 -42.1.128.0/17 -42.4.0.0/14 -42.48.0.0/15 -42.50.0.0/16 -42.51.0.0/16 -42.52.0.0/14 -42.56.0.0/14 -42.62.0.0/17 -42.62.128.0/19 -42.62.160.0/20 -42.62.180.0/22 -42.62.184.0/21 -42.63.0.0/16 -42.80.0.0/15 -42.83.64.0/20 -42.83.80.0/22 -42.83.88.0/21 -42.83.96.0/19 -42.83.128.0/17 -42.84.0.0/14 -42.88.0.0/13 -42.96.64.0/19 -42.96.96.0/21 -42.96.108.0/22 -42.96.112.0/20 -42.96.128.0/17 -42.97.0.0/16 -42.99.0.0/18 -42.99.64.0/19 -42.99.96.0/20 -42.99.112.0/22 -42.99.120.0/21 -42.100.0.0/14 -42.120.0.0/15 -42.122.0.0/16 -42.123.0.0/19 -42.123.36.0/22 -42.123.40.0/21 -42.123.48.0/20 -42.123.64.0/18 -42.123.128.0/17 -42.128.0.0/12 -42.156.0.0/19 -42.156.36.0/22 -42.156.40.0/21 -42.156.48.0/20 -42.156.64.0/18 -42.156.128.0/17 -42.157.0.0/16 -42.158.0.0/16 -42.159.0.0/16 -42.160.0.0/12 -42.176.0.0/13 -42.184.0.0/15 -42.186.0.0/16 -42.187.0.0/18 -42.187.64.0/19 -42.187.96.0/20 -42.187.112.0/21 -42.187.120.0/22 -42.187.128.0/17 -42.192.0.0/15 -42.194.0.0/21 -42.194.8.0/22 -42.194.12.0/22 -42.194.16.0/20 -42.194.32.0/19 -42.194.64.0/18 -42.194.128.0/17 -42.195.0.0/16 -42.196.0.0/14 -42.201.0.0/17 -42.202.0.0/15 -42.204.0.0/14 -42.208.0.0/12 -42.224.0.0/12 -42.240.0.0/17 -42.240.128.0/17 -42.242.0.0/15 -42.244.0.0/14 -42.248.0.0/13 -43.224.12.0/22 -43.224.24.0/22 -43.224.44.0/22 -43.224.52.0/22 -43.224.56.0/22 -43.224.64.0/22 -43.224.68.0/22 -43.224.72.0/22 -43.224.80.0/22 -43.224.100.0/22 -43.224.144.0/22 -43.224.160.0/22 -43.224.176.0/22 -43.224.184.0/22 -43.224.200.0/22 -43.224.204.0/22 -43.224.208.0/22 -43.224.212.0/22 -43.224.216.0/22 -43.224.240.0/22 -43.225.76.0/22 -43.225.84.0/22 -43.225.120.0/22 -43.225.124.0/22 -43.225.140.0/22 -43.225.172.0/22 -43.225.180.0/22 -43.225.208.0/22 -43.225.216.0/22 -43.225.220.0/22 -43.225.224.0/22 -43.225.228.0/22 -43.225.232.0/22 -43.225.236.0/22 -43.225.240.0/22 -43.225.244.0/22 -43.225.252.0/22 -43.226.32.0/22 -43.226.36.0/22 -43.226.40.0/22 -43.226.44.0/22 -43.226.48.0/22 -43.226.52.0/22 -43.226.56.0/22 -43.226.60.0/22 -43.226.64.0/22 -43.226.68.0/22 -43.226.72.0/22 -43.226.76.0/22 -43.226.80.0/22 -43.226.84.0/22 -43.226.88.0/22 -43.226.92.0/22 -43.226.96.0/22 -43.226.100.0/22 -43.226.104.0/22 -43.226.108.0/22 -43.226.112.0/22 -43.226.116.0/22 -43.226.120.0/22 -43.226.128.0/22 -43.226.132.0/22 -43.226.136.0/22 -43.226.140.0/22 -43.226.144.0/22 -43.226.148.0/22 -43.226.152.0/22 -43.226.156.0/22 -43.226.160.0/22 -43.226.164.0/22 -43.226.168.0/22 -43.226.172.0/22 -43.226.176.0/22 -43.226.180.0/22 -43.226.184.0/22 -43.226.188.0/22 -43.226.192.0/22 -43.226.196.0/22 -43.226.200.0/22 -43.226.204.0/22 -43.226.208.0/22 -43.226.212.0/22 -43.226.236.0/22 -43.226.240.0/22 -43.226.244.0/22 -43.226.248.0/22 -43.226.252.0/22 -43.227.0.0/22 -43.227.4.0/22 -43.227.8.0/22 -43.227.32.0/22 -43.227.36.0/22 -43.227.40.0/22 -43.227.44.0/22 -43.227.48.0/22 -43.227.52.0/22 -43.227.56.0/22 -43.227.60.0/22 -43.227.64.0/22 -43.227.68.0/22 -43.227.72.0/22 -43.227.76.0/22 -43.227.80.0/22 -43.227.84.0/22 -43.227.88.0/22 -43.227.92.0/22 -43.227.96.0/22 -43.227.100.0/22 -43.227.104.0/22 -43.227.136.0/22 -43.227.140.0/22 -43.227.144.0/22 -43.227.152.0/22 -43.227.156.0/22 -43.227.160.0/22 -43.227.164.0/22 -43.227.168.0/22 -43.227.172.0/22 -43.227.176.0/22 -43.227.180.0/22 -43.227.188.0/22 -43.227.192.0/22 -43.227.196.0/22 -43.227.200.0/22 -43.227.204.0/22 -43.227.208.0/22 -43.227.212.0/22 -43.227.216.0/22 -43.227.220.0/22 -43.227.232.0/22 -43.227.248.0/22 -43.227.252.0/22 -43.228.0.0/22 -43.228.4.0/22 -43.228.8.0/22 -43.228.12.0/22 -43.228.16.0/22 -43.228.20.0/22 -43.228.24.0/22 -43.228.28.0/22 -43.228.32.0/22 -43.228.36.0/22 -43.228.40.0/22 -43.228.44.0/22 -43.228.48.0/22 -43.228.52.0/22 -43.228.56.0/22 -43.228.60.0/22 -43.228.64.0/22 -43.228.68.0/22 -43.228.76.0/22 -43.228.100.0/22 -43.228.116.0/22 -43.228.120.0/22 -43.228.132.0/22 -43.228.136.0/22 -43.228.148.0/22 -43.228.152.0/22 -43.228.188.0/22 -43.229.40.0/22 -43.229.48.0/22 -43.229.56.0/22 -43.229.96.0/22 -43.229.120.0/22 -43.229.136.0/22 -43.229.140.0/22 -43.229.144.0/22 -43.229.168.0/22 -43.229.172.0/22 -43.229.176.0/22 -43.229.180.0/22 -43.229.184.0/22 -43.229.188.0/22 -43.229.192.0/22 -43.229.196.0/22 -43.229.216.0/22 -43.229.220.0/22 -43.229.232.0/22 -43.229.236.0/22 -43.230.20.0/22 -43.230.32.0/22 -43.230.68.0/22 -43.230.72.0/22 -43.230.84.0/22 -43.230.124.0/22 -43.230.136.0/22 -43.230.220.0/22 -43.230.224.0/22 -43.230.228.0/22 -43.230.232.0/22 -43.230.236.0/22 -43.230.240.0/22 -43.230.244.0/22 -43.230.248.0/22 -43.230.252.0/22 -43.231.32.0/22 -43.231.36.0/22 -43.231.40.0/22 -43.231.44.0/22 -43.231.80.0/22 -43.231.84.0/22 -43.231.88.0/22 -43.231.92.0/22 -43.231.96.0/22 -43.231.100.0/22 -43.231.104.0/22 -43.231.108.0/22 -43.231.136.0/22 -43.231.140.0/22 -43.231.144.0/22 -43.231.148.0/22 -43.231.152.0/22 -43.231.156.0/22 -43.231.160.0/22 -43.231.164.0/22 -43.231.168.0/22 -43.231.172.0/22 -43.231.176.0/22 -43.231.180.0/22 -43.236.0.0/22 -43.236.4.0/22 -43.236.8.0/22 -43.236.12.0/22 -43.236.16.0/22 -43.236.20.0/22 -43.236.24.0/22 -43.236.28.0/22 -43.236.32.0/22 -43.236.36.0/22 -43.236.40.0/22 -43.236.44.0/22 -43.236.48.0/22 -43.236.52.0/22 -43.236.56.0/22 -43.236.60.0/22 -43.236.64.0/22 -43.236.68.0/22 -43.236.72.0/22 -43.236.76.0/22 -43.236.80.0/22 -43.236.84.0/22 -43.236.88.0/22 -43.236.92.0/22 -43.236.96.0/22 -43.236.100.0/22 -43.236.104.0/22 -43.236.108.0/22 -43.236.112.0/22 -43.236.116.0/22 -43.236.120.0/22 -43.236.124.0/22 -43.236.128.0/22 -43.236.132.0/22 -43.236.136.0/22 -43.236.140.0/22 -43.236.144.0/22 -43.236.148.0/22 -43.236.152.0/22 -43.236.156.0/22 -43.236.160.0/22 -43.236.164.0/22 -43.236.168.0/22 -43.236.172.0/22 -43.236.176.0/22 -43.236.180.0/22 -43.236.184.0/22 -43.236.188.0/22 -43.236.192.0/22 -43.236.196.0/22 -43.236.200.0/22 -43.236.204.0/22 -43.236.208.0/22 -43.236.212.0/22 -43.236.216.0/22 -43.236.220.0/22 -43.236.224.0/22 -43.236.228.0/22 -43.236.232.0/22 -43.236.236.0/22 -43.236.240.0/22 -43.236.244.0/22 -43.236.248.0/22 -43.236.252.0/22 -43.237.0.0/22 -43.237.4.0/22 -43.237.8.0/22 -43.237.12.0/22 -43.237.16.0/22 -43.237.20.0/22 -43.237.24.0/22 -43.237.28.0/22 -43.237.32.0/22 -43.237.36.0/22 -43.237.40.0/22 -43.237.44.0/22 -43.237.48.0/22 -43.237.52.0/22 -43.237.56.0/22 -43.237.60.0/22 -43.237.64.0/22 -43.237.68.0/22 -43.237.72.0/22 -43.237.76.0/22 -43.237.80.0/22 -43.237.84.0/22 -43.237.88.0/22 -43.237.92.0/22 -43.237.96.0/22 -43.237.100.0/22 -43.237.104.0/22 -43.237.108.0/22 -43.237.112.0/22 -43.237.116.0/22 -43.237.120.0/22 -43.237.124.0/22 -43.237.128.0/22 -43.237.132.0/22 -43.237.136.0/22 -43.237.140.0/22 -43.237.144.0/22 -43.237.148.0/22 -43.237.152.0/22 -43.237.156.0/22 -43.237.160.0/22 -43.237.164.0/22 -43.237.168.0/22 -43.237.172.0/22 -43.237.176.0/22 -43.237.180.0/22 -43.237.184.0/22 -43.237.188.0/22 -43.237.192.0/22 -43.237.196.0/22 -43.237.200.0/22 -43.237.204.0/22 -43.237.208.0/22 -43.237.212.0/22 -43.237.216.0/22 -43.237.220.0/22 -43.237.224.0/22 -43.237.228.0/22 -43.237.232.0/22 -43.237.236.0/22 -43.237.240.0/22 -43.237.244.0/22 -43.237.248.0/22 -43.237.252.0/22 -43.238.0.0/22 -43.238.4.0/22 -43.238.8.0/22 -43.238.12.0/22 -43.238.16.0/22 -43.238.20.0/22 -43.238.24.0/22 -43.238.28.0/22 -43.238.32.0/22 -43.238.36.0/22 -43.238.40.0/22 -43.238.44.0/22 -43.238.48.0/22 -43.238.52.0/22 -43.238.56.0/22 -43.238.60.0/22 -43.238.64.0/22 -43.238.68.0/22 -43.238.72.0/22 -43.238.76.0/22 -43.238.80.0/22 -43.238.84.0/22 -43.238.88.0/22 -43.238.92.0/22 -43.238.96.0/22 -43.238.100.0/22 -43.238.104.0/22 -43.238.108.0/22 -43.238.112.0/22 -43.238.116.0/22 -43.238.120.0/22 -43.238.124.0/22 -43.238.128.0/22 -43.238.132.0/22 -43.238.136.0/22 -43.238.140.0/22 -43.238.144.0/22 -43.238.148.0/22 -43.238.152.0/22 -43.238.156.0/22 -43.238.160.0/22 -43.238.164.0/22 -43.238.168.0/22 -43.238.172.0/22 -43.238.176.0/22 -43.238.180.0/22 -43.238.184.0/22 -43.238.188.0/22 -43.238.192.0/22 -43.238.196.0/22 -43.238.200.0/22 -43.238.204.0/22 -43.238.208.0/22 -43.238.212.0/22 -43.238.216.0/22 -43.238.220.0/22 -43.238.224.0/22 -43.238.228.0/22 -43.238.232.0/22 -43.238.236.0/22 -43.238.240.0/22 -43.238.244.0/22 -43.238.248.0/22 -43.238.252.0/22 -43.239.0.0/22 -43.239.4.0/22 -43.239.8.0/21 -43.239.16.0/22 -43.239.20.0/22 -43.239.24.0/22 -43.239.28.0/22 -43.239.32.0/22 -43.239.36.0/22 -43.239.40.0/22 -43.239.44.0/22 -43.239.48.0/22 -43.239.116.0/22 -43.239.120.0/22 -43.239.172.0/22 -43.239.176.0/22 -43.240.0.0/22 -43.240.56.0/22 -43.240.60.0/22 -43.240.68.0/22 -43.240.72.0/22 -43.240.76.0/22 -43.240.84.0/22 -43.240.124.0/22 -43.240.128.0/22 -43.240.132.0/22 -43.240.136.0/22 -43.240.144.0/22 -43.240.156.0/22 -43.240.160.0/22 -43.240.164.0/22 -43.240.168.0/22 -43.240.172.0/22 -43.240.176.0/22 -43.240.180.0/22 -43.240.184.0/22 -43.240.188.0/22 -43.240.192.0/22 -43.240.196.0/22 -43.240.200.0/22 -43.240.204.0/22 -43.240.208.0/22 -43.240.212.0/22 -43.240.216.0/22 -43.240.220.0/22 -43.240.236.0/22 -43.240.240.0/22 -43.240.244.0/22 -43.240.248.0/22 -43.240.252.0/22 -43.241.0.0/22 -43.241.4.0/22 -43.241.8.0/22 -43.241.12.0/22 -43.241.16.0/22 -43.241.20.0/22 -43.241.48.0/22 -43.241.76.0/22 -43.241.80.0/22 -43.241.84.0/22 -43.241.88.0/22 -43.241.92.0/22 -43.241.112.0/22 -43.241.168.0/22 -43.241.172.0/22 -43.241.176.0/22 -43.241.180.0/22 -43.241.184.0/22 -43.241.196.0/22 -43.241.208.0/22 -43.241.212.0/22 -43.241.216.0/22 -43.241.220.0/22 -43.241.224.0/22 -43.241.228.0/22 -43.241.232.0/22 -43.241.236.0/22 -43.241.240.0/22 -43.241.248.0/22 -43.241.252.0/22 -43.242.8.0/22 -43.242.12.0/22 -43.242.16.0/22 -43.242.20.0/22 -43.242.24.0/22 -43.242.28.0/22 -43.242.44.0/22 -43.242.48.0/22 -43.242.52.0/22 -43.242.56.0/22 -43.242.60.0/22 -43.242.64.0/22 -43.242.72.0/22 -43.242.76.0/22 -43.242.80.0/22 -43.242.84.0/22 -43.242.88.0/22 -43.242.92.0/22 -43.242.96.0/22 -43.242.144.0/22 -43.242.148.0/22 -43.242.152.0/22 -43.242.156.0/22 -43.242.160.0/22 -43.242.164.0/22 -43.242.168.0/22 -43.242.180.0/22 -43.242.188.0/22 -43.242.192.0/22 -43.242.196.0/22 -43.242.204.0/22 -43.242.216.0/22 -43.242.220.0/22 -43.242.252.0/22 -43.243.4.0/22 -43.243.8.0/22 -43.243.12.0/22 -43.243.16.0/22 -43.243.24.0/22 -43.243.88.0/22 -43.243.128.0/22 -43.243.136.0/22 -43.243.144.0/22 -43.243.148.0/22 -43.243.156.0/22 -43.243.168.0/22 -43.243.180.0/22 -43.243.188.0/22 -43.243.228.0/22 -43.243.232.0/22 -43.243.244.0/22 -43.246.0.0/22 -43.246.4.0/22 -43.246.8.0/22 -43.246.12.0/22 -43.246.16.0/22 -43.246.20.0/22 -43.246.24.0/22 -43.246.28.0/22 -43.246.32.0/22 -43.246.36.0/22 -43.246.40.0/22 -43.246.44.0/22 -43.246.48.0/22 -43.246.52.0/22 -43.246.56.0/22 -43.246.60.0/22 -43.246.64.0/22 -43.246.68.0/22 -43.246.72.0/22 -43.246.76.0/22 -43.246.80.0/22 -43.246.84.0/22 -43.246.88.0/22 -43.246.92.0/22 -43.246.96.0/22 -43.246.112.0/22 -43.246.212.0/22 -43.246.228.0/22 -43.247.4.0/22 -43.247.8.0/22 -43.247.44.0/22 -43.247.48.0/22 -43.247.68.0/22 -43.247.76.0/22 -43.247.84.0/22 -43.247.88.0/22 -43.247.92.0/22 -43.247.96.0/22 -43.247.100.0/22 -43.247.108.0/22 -43.247.112.0/22 -43.247.148.0/22 -43.247.152.0/22 -43.247.176.0/22 -43.247.180.0/22 -43.247.184.0/22 -43.247.188.0/22 -43.247.196.0/22 -43.247.200.0/22 -43.247.204.0/22 -43.247.208.0/22 -43.247.212.0/22 -43.247.216.0/22 -43.247.220.0/22 -43.247.224.0/22 -43.247.228.0/22 -43.247.232.0/22 -43.247.236.0/22 -43.247.240.0/22 -43.247.244.0/22 -43.247.248.0/22 -43.247.252.0/22 -43.248.0.0/22 -43.248.4.0/22 -43.248.20.0/22 -43.248.28.0/22 -43.248.48.0/22 -43.248.76.0/22 -43.248.80.0/22 -43.248.84.0/22 -43.248.88.0/22 -43.248.92.0/22 -43.248.96.0/22 -43.248.100.0/22 -43.248.104.0/22 -43.248.108.0/22 -43.248.112.0/22 -43.248.116.0/22 -43.248.120.0/22 -43.248.124.0/22 -43.248.128.0/22 -43.248.132.0/22 -43.248.136.0/22 -43.248.140.0/22 -43.248.144.0/22 -43.248.148.0/22 -43.248.176.0/22 -43.248.180.0/22 -43.248.184.0/22 -43.248.188.0/22 -43.248.192.0/22 -43.248.196.0/22 -43.248.200.0/22 -43.248.204.0/22 -43.248.208.0/22 -43.248.228.0/22 -43.248.232.0/22 -43.248.244.0/22 -43.249.4.0/22 -43.249.8.0/22 -43.249.120.0/22 -43.249.132.0/22 -43.249.136.0/22 -43.249.144.0/22 -43.249.148.0/22 -43.249.152.0/22 -43.249.156.0/22 -43.249.160.0/22 -43.249.164.0/22 -43.249.168.0/22 -43.249.192.0/22 -43.249.236.0/22 -43.250.4.0/22 -43.250.12.0/22 -43.250.16.0/22 -43.250.20.0/22 -43.250.28.0/22 -43.250.32.0/22 -43.250.36.0/22 -43.250.72.0/22 -43.250.96.0/22 -43.250.100.0/22 -43.250.104.0/22 -43.250.108.0/22 -43.250.112.0/22 -43.250.116.0/22 -43.250.128.0/22 -43.250.144.0/22 -43.250.148.0/22 -43.250.160.0/22 -43.250.168.0/22 -43.250.172.0/22 -43.250.176.0/22 -43.250.200.0/22 -43.250.212.0/22 -43.250.216.0/22 -43.250.220.0/22 -43.250.236.0/22 -43.250.244.0/22 -43.251.4.0/22 -43.251.8.0/22 -43.251.36.0/22 -43.251.100.0/22 -43.251.116.0/22 -43.251.192.0/22 -43.251.232.0/22 -43.251.236.0/22 -43.251.244.0/22 -43.252.40.0/22 -43.252.48.0/22 -43.252.56.0/22 -43.252.224.0/22 -43.254.0.0/22 -43.254.4.0/22 -43.254.8.0/22 -43.254.24.0/22 -43.254.36.0/22 -43.254.44.0/22 -43.254.52.0/22 -43.254.64.0/22 -43.254.72.0/22 -43.254.84.0/22 -43.254.88.0/22 -43.254.92.0/22 -43.254.100.0/22 -43.254.104.0/22 -43.254.112.0/22 -43.254.116.0/22 -43.254.128.0/22 -43.254.136.0/22 -43.254.140.0/22 -43.254.144.0/22 -43.254.148.0/22 -43.254.152.0/22 -43.254.156.0/22 -43.254.168.0/22 -43.254.172.0/22 -43.254.180.0/22 -43.254.184.0/22 -43.254.188.0/22 -43.254.192.0/22 -43.254.196.0/22 -43.254.200.0/22 -43.254.208.0/22 -43.254.220.0/22 -43.254.224.0/22 -43.254.228.0/22 -43.254.232.0/22 -43.254.236.0/22 -43.254.240.0/22 -43.254.248.0/22 -43.254.252.0/22 -43.255.0.0/22 -43.255.4.0/22 -43.255.8.0/22 -43.255.16.0/22 -43.255.48.0/22 -43.255.64.0/22 -43.255.68.0/22 -43.255.72.0/22 -43.255.76.0/22 -43.255.84.0/22 -43.255.96.0/22 -43.255.108.0/22 -43.255.144.0/22 -43.255.168.0/22 -43.255.176.0/22 -43.255.184.0/22 -43.255.192.0/22 -43.255.200.0/22 -43.255.204.0/22 -43.255.208.0/22 -43.255.212.0/22 -43.255.224.0/22 -43.255.228.0/22 -43.255.232.0/22 -43.255.244.0/22 -45.40.192.0/18 -45.65.16.0/22 -45.65.20.0/22 -45.65.24.0/22 -45.65.28.0/22 -45.112.132.0/22 -45.112.188.0/22 -45.112.208.0/21 -45.112.216.0/22 -45.112.220.0/22 -45.112.228.0/22 -45.112.232.0/22 -45.112.236.0/22 -45.113.12.0/22 -45.113.16.0/22 -45.113.20.0/22 -45.113.24.0/22 -45.113.28.0/22 -45.113.40.0/22 -45.113.52.0/22 -45.113.56.0/22 -45.113.72.0/22 -45.113.144.0/22 -45.113.148.0/22 -45.113.168.0/22 -45.113.176.0/22 -45.113.184.0/22 -45.113.200.0/22 -45.113.204.0/22 -45.113.208.0/22 -45.113.212.0/22 -45.113.216.0/22 -45.113.220.0/22 -45.113.240.0/22 -45.113.252.0/22 -45.114.0.0/22 -45.114.12.0/22 -45.114.32.0/22 -45.114.40.0/22 -45.114.52.0/22 -45.114.96.0/22 -45.114.104.0/22 -45.114.108.0/22 -45.114.124.0/22 -45.114.136.0/22 -45.114.196.0/22 -45.114.200.0/22 -45.114.228.0/22 -45.114.252.0/22 -45.115.44.0/22 -45.115.100.0/22 -45.115.120.0/22 -45.115.132.0/22 -45.115.144.0/22 -45.115.156.0/22 -45.115.164.0/22 -45.115.200.0/22 -45.115.212.0/22 -45.115.228.0/22 -45.115.236.0/22 -45.115.244.0/22 -45.115.248.0/22 -45.116.16.0/22 -45.116.24.0/22 -45.116.32.0/22 -45.116.36.0/22 -45.116.52.0/22 -45.116.96.0/22 -45.116.100.0/22 -45.116.140.0/22 -45.116.152.0/22 -45.116.208.0/22 -45.117.8.0/22 -45.117.20.0/22 -45.117.68.0/22 -45.117.124.0/22 -45.117.252.0/22 -45.119.52.0/22 -45.119.60.0/22 -45.119.64.0/22 -45.119.68.0/22 -45.119.72.0/22 -45.119.104.0/22 -45.119.116.0/22 -45.119.232.0/22 -45.120.100.0/22 -45.120.140.0/22 -45.120.164.0/22 -45.120.220.0/22 -45.120.240.0/22 -45.121.20.0/22 -45.121.52.0/22 -45.121.64.0/22 -45.121.68.0/22 -45.121.72.0/22 -45.121.92.0/22 -45.121.96.0/22 -45.121.172.0/22 -45.121.176.0/22 -45.121.212.0/22 -45.121.240.0/22 -45.121.244.0/22 -45.121.248.0/22 -45.121.252.0/22 -45.122.0.0/22 -45.122.4.0/22 -45.122.8.0/22 -45.122.12.0/22 -45.122.16.0/22 -45.122.20.0/22 -45.122.24.0/22 -45.122.28.0/22 -45.122.32.0/22 -45.122.36.0/22 -45.122.40.0/22 -45.122.60.0/22 -45.122.64.0/22 -45.122.68.0/22 -45.122.72.0/22 -45.122.76.0/22 -45.122.80.0/22 -45.122.84.0/22 -45.122.88.0/22 -45.122.92.0/22 -45.122.96.0/21 -45.122.104.0/22 -45.122.108.0/22 -45.122.112.0/22 -45.122.116.0/22 -45.122.160.0/22 -45.122.164.0/22 -45.122.168.0/22 -45.122.172.0/22 -45.122.176.0/22 -45.122.180.0/22 -45.122.184.0/22 -45.122.188.0/22 -45.122.192.0/22 -45.122.196.0/22 -45.122.200.0/22 -45.122.204.0/22 -45.122.208.0/22 -45.122.212.0/22 -45.122.216.0/22 -45.123.28.0/22 -45.123.32.0/22 -45.123.36.0/22 -45.123.44.0/22 -45.123.48.0/22 -45.123.52.0/22 -45.123.56.0/22 -45.123.60.0/22 -45.123.64.0/22 -45.123.68.0/22 -45.123.72.0/22 -45.123.76.0/22 -45.123.80.0/22 -45.123.84.0/22 -45.123.88.0/22 -45.123.120.0/22 -45.123.128.0/22 -45.123.132.0/22 -45.123.136.0/22 -45.123.148.0/22 -45.123.152.0/22 -45.123.156.0/22 -45.123.164.0/22 -45.123.168.0/22 -45.123.172.0/22 -45.123.176.0/22 -45.123.180.0/22 -45.123.184.0/22 -45.123.204.0/22 -45.123.212.0/22 -45.123.224.0/22 -45.123.228.0/22 -45.123.232.0/22 -45.123.236.0/22 -45.123.240.0/22 -45.123.244.0/22 -45.123.248.0/22 -45.123.252.0/22 -45.124.0.0/22 -45.124.20.0/22 -45.124.28.0/22 -45.124.32.0/22 -45.124.36.0/22 -45.124.44.0/22 -45.124.68.0/22 -45.124.76.0/22 -45.124.80.0/22 -45.124.100.0/22 -45.124.124.0/22 -45.124.172.0/22 -45.124.176.0/22 -45.124.208.0/22 -45.124.248.0/22 -45.125.12.0/22 -45.125.16.0/22 -45.125.24.0/22 -45.125.28.0/22 -45.125.32.0/22 -45.125.44.0/22 -45.125.52.0/22 -45.125.56.0/22 -45.125.76.0/22 -45.125.80.0/22 -45.125.84.0/22 -45.125.88.0/22 -45.125.92.0/22 -45.125.96.0/22 -45.125.100.0/22 -45.125.104.0/22 -45.125.136.0/22 -45.126.48.0/22 -45.126.52.0/22 -45.126.100.0/22 -45.126.108.0/22 -45.126.112.0/22 -45.126.116.0/22 -45.126.120.0/22 -45.126.212.0/22 -45.126.220.0/22 -45.127.8.0/22 -45.127.12.0/22 -45.127.96.0/22 -45.127.116.0/22 -45.127.124.0/22 -45.127.128.0/22 -45.127.144.0/22 -45.127.148.0/22 -45.127.156.0/22 -45.127.216.0/22 -45.248.8.0/22 -45.248.80.0/22 -45.248.84.0/22 -45.248.88.0/22 -45.248.96.0/22 -45.248.100.0/22 -45.248.104.0/22 -45.248.108.0/22 -45.248.128.0/22 -45.248.132.0/22 -45.248.204.0/22 -45.248.208.0/22 -45.248.212.0/22 -45.248.216.0/22 -45.248.220.0/22 -45.248.224.0/22 -45.248.228.0/22 -45.248.232.0/22 -45.248.236.0/22 -45.248.240.0/22 -45.248.244.0/22 -45.248.248.0/22 -45.248.252.0/22 -45.249.0.0/22 -45.249.4.0/22 -45.249.12.0/22 -45.249.16.0/22 -45.249.20.0/22 -45.249.24.0/22 -45.249.28.0/22 -45.249.32.0/22 -45.249.36.0/22 -45.249.92.0/22 -45.249.112.0/22 -45.249.180.0/22 -45.249.188.0/22 -45.249.192.0/22 -45.249.196.0/22 -45.249.200.0/22 -45.249.204.0/22 -45.249.208.0/22 -45.249.212.0/22 -45.250.12.0/22 -45.250.16.0/22 -45.250.28.0/22 -45.250.32.0/22 -45.250.36.0/22 -45.250.40.0/22 -45.250.76.0/22 -45.250.80.0/22 -45.250.84.0/22 -45.250.88.0/22 -45.250.92.0/22 -45.250.96.0/22 -45.250.104.0/22 -45.250.108.0/22 -45.250.112.0/22 -45.250.116.0/22 -45.250.120.0/22 -45.250.124.0/22 -45.250.128.0/22 -45.250.132.0/22 -45.250.136.0/22 -45.250.140.0/22 -45.250.144.0/22 -45.250.148.0/22 -45.250.152.0/22 -45.250.164.0/22 -45.250.180.0/22 -45.250.184.0/22 -45.250.188.0/22 -45.250.192.0/22 -45.251.0.0/22 -45.251.8.0/22 -45.251.16.0/22 -45.251.20.0/22 -45.251.52.0/22 -45.251.84.0/22 -45.251.88.0/22 -45.251.92.0/22 -45.251.96.0/22 -45.251.100.0/22 -45.251.120.0/22 -45.251.124.0/22 -45.251.136.0/22 -45.251.140.0/22 -45.251.144.0/22 -45.251.148.0/22 -45.251.152.0/22 -45.251.156.0/22 -45.251.160.0/22 -45.251.164.0/22 -45.251.168.0/22 -45.251.172.0/22 -45.251.176.0/22 -45.251.180.0/22 -45.251.184.0/22 -45.251.188.0/22 -45.251.192.0/22 -45.251.196.0/22 -45.251.200.0/22 -45.251.204.0/22 -45.251.208.0/22 -45.251.212.0/22 -45.251.216.0/22 -45.251.220.0/22 -45.251.224.0/22 -45.251.240.0/22 -45.252.0.0/22 -45.252.4.0/22 -45.252.8.0/22 -45.252.12.0/22 -45.252.16.0/22 -45.252.20.0/22 -45.252.24.0/22 -45.252.28.0/22 -45.252.32.0/22 -45.252.36.0/22 -45.252.40.0/22 -45.252.44.0/22 -45.252.48.0/22 -45.252.60.0/22 -45.252.84.0/22 -45.252.88.0/22 -45.252.92.0/22 -45.252.96.0/22 -45.252.100.0/22 -45.252.104.0/22 -45.252.108.0/22 -45.252.112.0/22 -45.252.116.0/22 -45.252.120.0/22 -45.252.124.0/22 -45.252.128.0/22 -45.252.132.0/22 -45.252.136.0/22 -45.252.140.0/22 -45.252.144.0/22 -45.252.148.0/22 -45.252.152.0/22 -45.252.156.0/22 -45.252.160.0/22 -45.252.164.0/22 -45.252.168.0/22 -45.252.172.0/22 -45.252.176.0/22 -45.252.192.0/22 -45.252.196.0/22 -45.252.200.0/22 -45.252.204.0/22 -45.252.208.0/22 -45.252.212.0/22 -45.252.216.0/22 -45.252.220.0/22 -45.252.224.0/22 -45.252.228.0/22 -45.252.232.0/22 -45.253.0.0/22 -45.253.4.0/22 -45.253.8.0/22 -45.253.12.0/22 -45.253.16.0/22 -45.253.20.0/22 -45.253.24.0/22 -45.253.28.0/22 -45.253.32.0/22 -45.253.36.0/22 -45.253.40.0/22 -45.253.44.0/22 -45.253.48.0/22 -45.253.52.0/22 -45.253.56.0/22 -45.253.60.0/22 -45.253.64.0/22 -45.253.68.0/22 -45.253.72.0/22 -45.253.76.0/22 -45.253.80.0/22 -45.253.84.0/22 -45.253.92.0/22 -45.253.96.0/22 -45.253.100.0/22 -45.253.104.0/22 -45.253.108.0/22 -45.253.112.0/22 -45.253.116.0/22 -45.253.120.0/22 -45.253.132.0/22 -45.253.136.0/22 -45.253.140.0/22 -45.253.144.0/22 -45.253.148.0/22 -45.253.152.0/22 -45.253.156.0/22 -45.253.160.0/22 -45.253.164.0/22 -45.253.168.0/22 -45.253.172.0/22 -45.253.176.0/22 -45.253.180.0/22 -45.253.184.0/22 -45.253.188.0/22 -45.253.192.0/22 -45.253.196.0/22 -45.253.200.0/22 -45.253.204.0/22 -45.253.208.0/22 -45.253.212.0/22 -45.253.216.0/22 -45.253.220.0/22 -45.253.224.0/22 -45.253.228.0/22 -45.253.232.0/22 -45.253.236.0/22 -45.253.240.0/22 -45.254.0.0/22 -45.254.4.0/22 -45.254.8.0/22 -45.254.12.0/22 -45.254.16.0/22 -45.254.20.0/22 -45.254.24.0/22 -45.254.28.0/22 -45.254.40.0/22 -45.254.48.0/22 -45.254.52.0/22 -45.254.56.0/22 -45.254.60.0/22 -45.254.64.0/22 -45.254.68.0/22 -45.254.72.0/22 -45.254.76.0/22 -45.254.80.0/22 -45.254.84.0/22 -45.254.88.0/22 -45.254.92.0/22 -45.254.96.0/22 -45.254.100.0/22 -45.254.104.0/22 -45.254.108.0/22 -45.254.112.0/22 -45.254.116.0/22 -45.254.120.0/22 -45.254.124.0/22 -45.254.128.0/22 -45.254.132.0/22 -45.254.136.0/22 -45.254.140.0/22 -45.254.144.0/22 -45.254.148.0/22 -45.254.152.0/22 -45.254.156.0/22 -45.254.160.0/22 -45.254.164.0/22 -45.254.168.0/22 -45.254.172.0/22 -45.254.176.0/22 -45.254.180.0/22 -45.254.184.0/22 -45.254.188.0/22 -45.254.192.0/22 -45.254.196.0/22 -45.254.200.0/22 -45.254.204.0/22 -45.254.208.0/22 -45.254.212.0/22 -45.254.216.0/22 -45.254.220.0/22 -45.254.224.0/22 -45.254.228.0/22 -45.254.236.0/22 -45.254.240.0/22 -45.254.248.0/22 -45.255.0.0/22 -45.255.4.0/22 -45.255.8.0/22 -45.255.12.0/22 -45.255.16.0/22 -45.255.20.0/22 -45.255.24.0/22 -45.255.28.0/22 -45.255.32.0/22 -45.255.36.0/22 -45.255.40.0/22 -45.255.44.0/22 -45.255.48.0/22 -45.255.52.0/22 -45.255.56.0/22 -45.255.60.0/22 -45.255.64.0/22 -45.255.68.0/22 -45.255.72.0/22 -45.255.76.0/22 -45.255.80.0/22 -45.255.84.0/22 -45.255.88.0/22 -45.255.92.0/22 -45.255.96.0/22 -45.255.100.0/22 -45.255.104.0/22 -45.255.108.0/22 -45.255.112.0/22 -45.255.116.0/22 -45.255.120.0/22 -45.255.124.0/22 -45.255.132.0/22 -45.255.136.0/22 -45.255.140.0/22 -45.255.144.0/22 -45.255.148.0/22 -45.255.152.0/22 -45.255.156.0/22 -45.255.160.0/22 -45.255.164.0/22 -45.255.168.0/22 -45.255.172.0/22 -45.255.176.0/22 -45.255.180.0/22 -45.255.184.0/22 -45.255.188.0/22 -45.255.192.0/22 -45.255.196.0/22 -45.255.200.0/22 -45.255.204.0/22 -45.255.208.0/22 -45.255.212.0/22 -45.255.216.0/22 -45.255.220.0/22 -45.255.224.0/22 -45.255.228.0/22 -45.255.232.0/22 -45.255.236.0/22 -45.255.240.0/22 -45.255.244.0/22 -45.255.248.0/22 -47.92.0.0/14 -47.96.0.0/11 -49.4.0.0/14 -49.51.0.0/16 -49.52.0.0/14 -49.64.0.0/11 -49.112.0.0/13 -49.120.0.0/14 -49.128.0.0/24 -49.128.2.0/23 -49.128.4.0/22 -49.140.0.0/15 -49.152.0.0/14 -49.208.0.0/15 -49.210.0.0/15 -49.220.0.0/14 -49.232.0.0/14 -49.239.0.0/18 -49.239.192.0/18 -49.246.224.0/19 -52.80.0.0/15 -52.82.0.0/15 -52.130.0.0/15 -54.222.0.0/15 -58.14.0.0/15 -58.16.0.0/16 -58.17.0.0/17 -58.17.128.0/17 -58.18.0.0/16 -58.19.0.0/16 -58.20.0.0/16 -58.21.0.0/16 -58.22.0.0/15 -58.24.0.0/15 -58.30.0.0/15 -58.32.0.0/13 -58.40.0.0/15 -58.42.0.0/16 -58.43.0.0/16 -58.44.0.0/14 -58.48.0.0/13 -58.56.0.0/15 -58.58.0.0/16 -58.59.0.0/17 -58.59.128.0/17 -58.60.0.0/14 -58.65.232.0/21 -58.66.0.0/15 -58.68.128.0/17 -58.82.0.0/17 -58.83.0.0/17 -58.83.128.0/17 -58.87.64.0/18 -58.99.128.0/17 -58.100.0.0/15 -58.116.0.0/14 -58.128.0.0/13 -58.144.0.0/16 -58.154.0.0/15 -58.192.0.0/15 -58.194.0.0/15 -58.196.0.0/15 -58.198.0.0/15 -58.200.0.0/13 -58.208.0.0/12 -58.240.0.0/15 -58.242.0.0/15 -58.244.0.0/15 -58.246.0.0/15 -58.248.0.0/13 -59.32.0.0/13 -59.40.0.0/15 -59.42.0.0/16 -59.43.0.0/16 -59.44.0.0/14 -59.48.0.0/16 -59.49.0.0/17 -59.49.128.0/17 -59.50.0.0/16 -59.51.0.0/17 -59.51.128.0/17 -59.52.0.0/14 -59.56.0.0/14 -59.60.0.0/15 -59.62.0.0/15 -59.64.0.0/14 -59.68.0.0/14 -59.72.0.0/15 -59.74.0.0/15 -59.76.0.0/16 -59.77.0.0/16 -59.78.0.0/15 -59.80.0.0/15 -59.82.0.0/15 -59.107.0.0/17 -59.107.128.0/17 -59.108.0.0/15 -59.110.0.0/15 -59.151.0.0/17 -59.152.16.0/22 -59.152.20.0/22 -59.152.24.0/22 -59.152.28.0/22 -59.152.32.0/22 -59.152.36.0/22 -59.152.64.0/22 -59.152.68.0/22 -59.152.72.0/22 -59.152.76.0/22 -59.152.112.0/22 -59.152.116.0/22 -59.153.4.0/22 -59.153.32.0/22 -59.153.60.0/22 -59.153.64.0/22 -59.153.68.0/22 -59.153.72.0/22 -59.153.92.0/22 -59.153.116.0/22 -59.153.136.0/22 -59.153.152.0/22 -59.153.156.0/22 -59.153.164.0/22 -59.153.168.0/22 -59.153.172.0/22 -59.153.176.0/22 -59.153.180.0/22 -59.153.184.0/22 -59.153.188.0/22 -59.153.192.0/22 -59.155.0.0/16 -59.172.0.0/15 -59.174.0.0/15 -59.191.0.0/17 -59.191.240.0/20 -59.192.0.0/10 -60.0.0.0/13 -60.8.0.0/15 -60.10.0.0/16 -60.11.0.0/16 -60.12.0.0/16 -60.13.0.0/18 -60.13.64.0/18 -60.13.128.0/17 -60.14.0.0/15 -60.16.0.0/13 -60.24.0.0/14 -60.28.0.0/15 -60.30.0.0/16 -60.31.0.0/16 -60.55.0.0/16 -60.63.0.0/16 -60.160.0.0/15 -60.162.0.0/15 -60.164.0.0/15 -60.166.0.0/15 -60.168.0.0/13 -60.176.0.0/12 -60.194.0.0/15 -60.200.0.0/14 -60.204.0.0/16 -60.205.0.0/16 -60.206.0.0/15 -60.208.0.0/13 -60.216.0.0/15 -60.218.0.0/15 -60.220.0.0/14 -60.232.0.0/15 -60.235.0.0/16 -60.245.128.0/17 -60.247.0.0/16 -60.252.0.0/16 -60.253.128.0/17 -60.255.0.0/16 -61.4.80.0/22 -61.4.84.0/22 -61.4.88.0/21 -61.4.176.0/20 -61.8.160.0/20 -61.14.212.0/22 -61.14.216.0/22 -61.14.220.0/22 -61.14.240.0/22 -61.14.244.0/22 -61.28.0.0/20 -61.28.16.0/20 -61.28.32.0/19 -61.28.64.0/18 -61.29.128.0/18 -61.29.192.0/19 -61.29.224.0/20 -61.45.128.0/18 -61.45.224.0/20 -61.47.128.0/18 -61.48.0.0/14 -61.52.0.0/15 -61.54.0.0/16 -61.55.0.0/16 -61.87.192.0/18 -61.128.0.0/15 -61.130.0.0/15 -61.132.0.0/16 -61.133.0.0/17 -61.133.128.0/17 -61.134.0.0/18 -61.134.64.0/19 -61.134.96.0/19 -61.134.128.0/18 -61.134.192.0/18 -61.135.0.0/16 -61.136.0.0/18 -61.136.64.0/18 -61.136.128.0/17 -61.137.0.0/17 -61.137.128.0/17 -61.138.0.0/18 -61.138.64.0/18 -61.138.128.0/18 -61.138.192.0/18 -61.139.0.0/17 -61.139.128.0/18 -61.139.192.0/18 -61.140.0.0/14 -61.144.0.0/14 -61.148.0.0/15 -61.150.0.0/15 -61.152.0.0/16 -61.153.0.0/16 -61.154.0.0/15 -61.156.0.0/16 -61.157.0.0/16 -61.158.0.0/17 -61.158.128.0/17 -61.159.0.0/18 -61.159.64.0/18 -61.159.128.0/17 -61.160.0.0/16 -61.161.0.0/18 -61.161.64.0/18 -61.161.128.0/17 -61.162.0.0/16 -61.163.0.0/16 -61.164.0.0/16 -61.165.0.0/16 -61.166.0.0/16 -61.167.0.0/16 -61.168.0.0/16 -61.169.0.0/16 -61.170.0.0/15 -61.172.0.0/14 -61.176.0.0/16 -61.177.0.0/16 -61.178.0.0/16 -61.179.0.0/16 -61.180.0.0/17 -61.180.128.0/17 -61.181.0.0/16 -61.182.0.0/16 -61.183.0.0/16 -61.184.0.0/14 -61.188.0.0/16 -61.189.0.0/17 -61.189.128.0/17 -61.190.0.0/15 -61.232.0.0/14 -61.236.0.0/15 -61.240.0.0/14 -62.234.0.0/16 -68.79.0.0/18 -69.230.192.0/18 -69.231.128.0/18 -69.234.192.0/18 -69.235.128.0/18 -71.131.192.0/18 -71.132.0.0/18 -71.136.64.0/18 -71.137.0.0/18 -81.68.0.0/14 -82.156.0.0/15 -94.191.0.0/17 -101.0.0.0/22 -101.1.0.0/22 -101.2.172.0/22 -101.4.0.0/14 -101.16.0.0/12 -101.33.128.0/17 -101.34.0.0/15 -101.36.0.0/18 -101.36.64.0/19 -101.36.128.0/17 -101.37.0.0/16 -101.38.0.0/15 -101.40.0.0/15 -101.42.0.0/15 -101.44.0.0/14 -101.48.0.0/15 -101.50.8.0/22 -101.50.12.0/22 -101.50.56.0/22 -101.52.0.0/16 -101.53.100.0/22 -101.54.0.0/16 -101.55.224.0/21 -101.64.0.0/13 -101.72.0.0/14 -101.76.0.0/15 -101.78.0.0/22 -101.78.32.0/19 -101.80.0.0/12 -101.96.0.0/21 -101.96.8.0/22 -101.96.16.0/20 -101.96.128.0/17 -101.99.96.0/19 -101.101.64.0/19 -101.101.100.0/24 -101.101.102.0/23 -101.101.104.0/21 -101.101.112.0/20 -101.102.64.0/19 -101.102.100.0/23 -101.102.102.0/24 -101.102.104.0/21 -101.102.112.0/20 -101.104.0.0/14 -101.110.64.0/19 -101.110.96.0/20 -101.110.116.0/22 -101.110.120.0/21 -101.120.0.0/14 -101.124.0.0/15 -101.126.0.0/16 -101.128.0.0/22 -101.128.8.0/21 -101.128.16.0/20 -101.128.32.0/19 -101.129.0.0/16 -101.130.0.0/15 -101.132.0.0/14 -101.144.0.0/12 -101.192.0.0/14 -101.196.0.0/16 -101.197.0.0/16 -101.198.0.0/15 -101.200.0.0/15 -101.203.128.0/19 -101.203.160.0/21 -101.203.172.0/22 -101.203.176.0/20 -101.204.0.0/14 -101.224.0.0/13 -101.232.0.0/15 -101.234.64.0/21 -101.234.76.0/22 -101.234.80.0/20 -101.234.96.0/19 -101.236.0.0/14 -101.240.0.0/14 -101.244.0.0/14 -101.248.0.0/15 -101.251.0.0/22 -101.251.8.0/21 -101.251.16.0/20 -101.251.32.0/19 -101.251.64.0/18 -101.251.128.0/17 -101.252.0.0/15 -101.254.0.0/16 -103.1.8.0/22 -103.1.20.0/22 -103.1.24.0/22 -103.1.72.0/22 -103.1.88.0/22 -103.1.168.0/22 -103.2.108.0/22 -103.2.156.0/22 -103.2.164.0/22 -103.2.200.0/22 -103.2.204.0/22 -103.2.208.0/22 -103.2.212.0/22 -103.3.84.0/22 -103.3.88.0/22 -103.3.92.0/22 -103.3.96.0/22 -103.3.100.0/22 -103.3.104.0/22 -103.3.108.0/22 -103.3.112.0/22 -103.3.116.0/22 -103.3.120.0/22 -103.3.124.0/22 -103.3.128.0/22 -103.3.132.0/22 -103.3.136.0/22 -103.3.140.0/22 -103.3.148.0/22 -103.3.152.0/22 -103.3.156.0/22 -103.4.56.0/22 -103.4.168.0/22 -103.4.184.0/22 -103.4.224.0/22 -103.5.36.0/22 -103.5.52.0/22 -103.5.56.0/22 -103.5.152.0/22 -103.5.168.0/22 -103.5.192.0/22 -103.5.252.0/22 -103.6.76.0/22 -103.6.108.0/22 -103.6.220.0/22 -103.6.228.0/22 -103.7.4.0/22 -103.7.28.0/22 -103.7.140.0/22 -103.7.212.0/22 -103.7.216.0/22 -103.7.220.0/22 -103.8.0.0/22 -103.8.4.0/22 -103.8.8.0/22 -103.8.32.0/22 -103.8.52.0/22 -103.8.68.0/22 -103.8.108.0/22 -103.8.156.0/22 -103.8.200.0/22 -103.8.204.0/22 -103.8.220.0/22 -103.9.8.0/22 -103.9.24.0/22 -103.9.108.0/22 -103.9.152.0/22 -103.9.192.0/22 -103.9.248.0/22 -103.9.252.0/22 -103.10.0.0/22 -103.10.16.0/22 -103.10.84.0/22 -103.10.140.0/22 -103.11.16.0/22 -103.11.168.0/22 -103.11.180.0/22 -103.12.32.0/22 -103.12.68.0/22 -103.12.92.0/22 -103.12.136.0/22 -103.12.184.0/22 -103.12.232.0/22 -103.13.12.0/22 -103.13.124.0/22 -103.13.144.0/22 -103.13.196.0/22 -103.13.220.0/22 -103.13.244.0/22 -103.14.32.0/22 -103.14.84.0/22 -103.14.100.0/22 -103.14.132.0/22 -103.14.136.0/22 -103.14.156.0/22 -103.14.240.0/22 -103.15.4.0/22 -103.15.8.0/22 -103.15.16.0/22 -103.15.96.0/22 -103.15.200.0/22 -103.16.52.0/22 -103.16.80.0/22 -103.16.84.0/22 -103.16.88.0/22 -103.16.108.0/22 -103.16.124.0/22 -103.17.40.0/22 -103.17.64.0/22 -103.17.120.0/22 -103.17.136.0/22 -103.17.160.0/22 -103.17.204.0/22 -103.17.228.0/22 -103.18.192.0/22 -103.18.208.0/22 -103.18.212.0/22 -103.18.224.0/22 -103.19.0.0/22 -103.19.12.0/22 -103.19.40.0/22 -103.19.44.0/22 -103.19.64.0/22 -103.19.68.0/22 -103.19.72.0/22 -103.19.232.0/22 -103.20.12.0/22 -103.20.32.0/22 -103.20.44.0/22 -103.20.68.0/22 -103.20.112.0/22 -103.20.128.0/22 -103.20.160.0/22 -103.20.248.0/22 -103.21.112.0/22 -103.21.116.0/22 -103.21.136.0/22 -103.21.140.0/22 -103.21.176.0/22 -103.21.208.0/22 -103.21.240.0/22 -103.22.0.0/22 -103.22.4.0/22 -103.22.8.0/22 -103.22.12.0/22 -103.22.16.0/22 -103.22.20.0/22 -103.22.24.0/22 -103.22.28.0/22 -103.22.32.0/22 -103.22.36.0/22 -103.22.40.0/22 -103.22.44.0/22 -103.22.48.0/22 -103.22.52.0/22 -103.22.56.0/22 -103.22.60.0/22 -103.22.64.0/22 -103.22.68.0/22 -103.22.72.0/22 -103.22.76.0/22 -103.22.80.0/22 -103.22.84.0/22 -103.22.88.0/22 -103.22.92.0/22 -103.22.100.0/22 -103.22.104.0/22 -103.22.108.0/22 -103.22.112.0/22 -103.22.116.0/22 -103.22.120.0/22 -103.22.124.0/22 -103.22.188.0/22 -103.22.228.0/22 -103.22.252.0/22 -103.23.8.0/22 -103.23.56.0/22 -103.23.160.0/22 -103.23.164.0/22 -103.23.176.0/22 -103.23.228.0/22 -103.24.24.0/22 -103.24.116.0/22 -103.24.128.0/22 -103.24.144.0/22 -103.24.176.0/22 -103.24.184.0/22 -103.24.220.0/22 -103.24.228.0/22 -103.24.248.0/22 -103.24.252.0/22 -103.25.8.0/23 -103.25.20.0/22 -103.25.24.0/22 -103.25.28.0/22 -103.25.32.0/22 -103.25.36.0/22 -103.25.40.0/22 -103.25.48.0/22 -103.25.64.0/22 -103.25.68.0/22 -103.25.148.0/22 -103.25.156.0/22 -103.25.216.0/22 -103.26.0.0/22 -103.26.64.0/22 -103.26.76.0/22 -103.26.132.0/22 -103.26.156.0/22 -103.26.160.0/22 -103.26.228.0/22 -103.26.240.0/22 -103.27.4.0/22 -103.27.12.0/22 -103.27.24.0/22 -103.27.56.0/22 -103.27.96.0/22 -103.27.184.0/22 -103.27.208.0/22 -103.27.212.0/22 -103.27.240.0/22 -103.28.4.0/22 -103.28.8.0/22 -103.28.184.0/22 -103.28.204.0/22 -103.28.212.0/22 -103.29.16.0/22 -103.29.128.0/22 -103.29.132.0/22 -103.29.136.0/22 -103.30.20.0/22 -103.30.96.0/22 -103.30.148.0/22 -103.30.200.0/22 -103.30.228.0/22 -103.30.236.0/22 -103.31.0.0/22 -103.31.48.0/22 -103.31.52.0/22 -103.31.56.0/22 -103.31.60.0/22 -103.31.64.0/22 -103.31.68.0/22 -103.31.148.0/22 -103.31.160.0/22 -103.31.168.0/22 -103.31.200.0/22 -103.31.236.0/22 -103.32.0.0/22 -103.32.4.0/22 -103.32.8.0/22 -103.32.12.0/22 -103.32.16.0/22 -103.32.20.0/22 -103.32.24.0/22 -103.32.28.0/22 -103.32.32.0/22 -103.32.36.0/22 -103.32.40.0/22 -103.32.44.0/22 -103.32.48.0/22 -103.32.52.0/22 -103.32.56.0/22 -103.32.60.0/22 -103.32.64.0/22 -103.32.68.0/22 -103.32.72.0/22 -103.32.76.0/22 -103.32.80.0/22 -103.32.84.0/22 -103.32.88.0/22 -103.32.92.0/22 -103.32.96.0/22 -103.32.100.0/22 -103.32.104.0/22 -103.32.108.0/22 -103.32.112.0/22 -103.32.116.0/22 -103.32.120.0/22 -103.32.124.0/22 -103.32.128.0/22 -103.32.132.0/22 -103.32.136.0/22 -103.32.140.0/22 -103.32.144.0/22 -103.32.148.0/22 -103.32.152.0/22 -103.32.156.0/22 -103.32.160.0/22 -103.32.164.0/22 -103.32.168.0/22 -103.32.172.0/22 -103.32.176.0/22 -103.32.180.0/22 -103.32.184.0/22 -103.32.188.0/22 -103.32.192.0/22 -103.32.196.0/22 -103.32.200.0/22 -103.32.204.0/22 -103.32.208.0/22 -103.32.212.0/22 -103.32.216.0/22 -103.32.220.0/22 -103.32.224.0/22 -103.32.228.0/22 -103.32.232.0/22 -103.32.236.0/22 -103.32.240.0/22 -103.32.244.0/22 -103.32.248.0/22 -103.32.252.0/22 -103.33.0.0/22 -103.33.4.0/22 -103.33.8.0/22 -103.33.12.0/22 -103.33.16.0/22 -103.33.20.0/22 -103.33.24.0/22 -103.33.28.0/22 -103.33.32.0/22 -103.33.36.0/22 -103.33.40.0/22 -103.33.44.0/22 -103.33.48.0/22 -103.33.52.0/22 -103.33.56.0/22 -103.33.60.0/22 -103.33.64.0/22 -103.33.68.0/22 -103.33.72.0/22 -103.33.76.0/22 -103.33.80.0/22 -103.33.84.0/22 -103.33.88.0/22 -103.33.92.0/22 -103.33.96.0/22 -103.33.100.0/22 -103.33.104.0/22 -103.33.108.0/22 -103.33.112.0/22 -103.33.116.0/22 -103.33.120.0/22 -103.33.124.0/22 -103.33.128.0/22 -103.33.132.0/22 -103.33.136.0/22 -103.33.140.0/22 -103.33.144.0/22 -103.33.148.0/22 -103.33.152.0/22 -103.33.156.0/22 -103.33.160.0/22 -103.33.164.0/22 -103.33.168.0/22 -103.33.172.0/22 -103.33.176.0/22 -103.33.180.0/22 -103.33.184.0/22 -103.33.188.0/22 -103.33.192.0/22 -103.33.196.0/22 -103.33.200.0/22 -103.33.204.0/22 -103.33.208.0/22 -103.33.212.0/22 -103.33.216.0/22 -103.33.220.0/22 -103.33.224.0/22 -103.33.228.0/22 -103.33.232.0/22 -103.33.236.0/22 -103.33.240.0/22 -103.33.244.0/22 -103.33.248.0/22 -103.33.252.0/22 -103.34.0.0/22 -103.34.4.0/22 -103.34.8.0/22 -103.34.12.0/22 -103.34.16.0/22 -103.34.20.0/22 -103.34.24.0/22 -103.34.28.0/22 -103.34.32.0/22 -103.34.36.0/22 -103.34.40.0/22 -103.34.44.0/22 -103.34.48.0/22 -103.34.52.0/22 -103.34.56.0/22 -103.34.60.0/22 -103.34.64.0/22 -103.34.68.0/22 -103.34.72.0/22 -103.34.76.0/22 -103.34.80.0/22 -103.34.84.0/22 -103.34.88.0/22 -103.34.92.0/22 -103.34.96.0/22 -103.34.100.0/22 -103.34.104.0/22 -103.34.108.0/22 -103.34.112.0/22 -103.34.116.0/22 -103.34.120.0/22 -103.34.124.0/22 -103.34.128.0/22 -103.34.132.0/22 -103.34.136.0/22 -103.34.140.0/22 -103.34.144.0/22 -103.34.148.0/22 -103.34.152.0/22 -103.34.156.0/22 -103.34.160.0/22 -103.34.164.0/22 -103.34.168.0/22 -103.34.172.0/22 -103.34.176.0/22 -103.34.180.0/22 -103.34.184.0/22 -103.34.188.0/22 -103.34.192.0/22 -103.34.196.0/22 -103.34.200.0/22 -103.34.204.0/22 -103.34.208.0/22 -103.34.212.0/22 -103.34.216.0/22 -103.34.220.0/22 -103.34.224.0/22 -103.34.228.0/22 -103.34.232.0/22 -103.34.236.0/22 -103.34.240.0/22 -103.34.244.0/22 -103.34.248.0/22 -103.34.252.0/22 -103.35.0.0/22 -103.35.4.0/22 -103.35.8.0/22 -103.35.12.0/22 -103.35.16.0/22 -103.35.20.0/22 -103.35.24.0/22 -103.35.28.0/22 -103.35.32.0/22 -103.35.36.0/22 -103.35.40.0/22 -103.35.44.0/22 -103.35.48.0/22 -103.35.104.0/22 -103.35.116.0/22 -103.35.180.0/22 -103.35.200.0/22 -103.35.220.0/22 -103.36.28.0/22 -103.36.36.0/22 -103.36.56.0/22 -103.36.60.0/22 -103.36.64.0/22 -103.36.72.0/22 -103.36.96.0/22 -103.36.132.0/22 -103.36.136.0/22 -103.36.160.0/22 -103.36.164.0/22 -103.36.168.0/22 -103.36.172.0/22 -103.36.176.0/22 -103.36.180.0/22 -103.36.184.0/22 -103.36.188.0/22 -103.36.192.0/22 -103.36.196.0/22 -103.36.200.0/22 -103.36.204.0/22 -103.36.208.0/22 -103.36.212.0/22 -103.36.216.0/22 -103.36.220.0/22 -103.36.224.0/22 -103.36.228.0/22 -103.36.232.0/22 -103.36.236.0/22 -103.36.240.0/22 -103.36.244.0/22 -103.37.0.0/22 -103.37.12.0/22 -103.37.16.0/22 -103.37.24.0/22 -103.37.44.0/22 -103.37.52.0/22 -103.37.56.0/22 -103.37.72.0/22 -103.37.100.0/22 -103.37.104.0/22 -103.37.124.0/22 -103.37.136.0/22 -103.37.140.0/22 -103.37.144.0/22 -103.37.148.0/22 -103.37.152.0/22 -103.37.156.0/22 -103.37.160.0/22 -103.37.164.0/22 -103.37.172.0/22 -103.37.176.0/22 -103.37.188.0/22 -103.37.208.0/22 -103.37.212.0/22 -103.37.216.0/22 -103.37.220.0/22 -103.37.248.0/22 -103.37.252.0/22 -103.38.0.0/22 -103.38.32.0/22 -103.38.40.0/22 -103.38.44.0/22 -103.38.56.0/22 -103.38.76.0/22 -103.38.84.0/22 -103.38.92.0/22 -103.38.96.0/22 -103.38.116.0/22 -103.38.132.0/22 -103.38.140.0/22 -103.38.224.0/22 -103.38.228.0/22 -103.38.232.0/22 -103.38.252.0/22 -103.39.16.0/22 -103.39.64.0/22 -103.39.88.0/22 -103.39.100.0/22 -103.39.104.0/22 -103.39.108.0/22 -103.39.160.0/22 -103.39.164.0/22 -103.39.168.0/22 -103.39.172.0/22 -103.39.176.0/22 -103.39.180.0/22 -103.39.184.0/22 -103.39.188.0/22 -103.39.200.0/22 -103.39.204.0/22 -103.39.208.0/22 -103.39.212.0/22 -103.39.216.0/22 -103.39.220.0/22 -103.39.224.0/22 -103.39.228.0/22 -103.39.232.0/22 -103.40.12.0/22 -103.40.16.0/22 -103.40.20.0/22 -103.40.24.0/22 -103.40.28.0/22 -103.40.32.0/22 -103.40.36.0/22 -103.40.40.0/22 -103.40.44.0/22 -103.40.88.0/22 -103.40.100.0/22 -103.40.192.0/22 -103.40.212.0/22 -103.40.220.0/22 -103.40.228.0/22 -103.40.232.0/22 -103.40.236.0/22 -103.40.240.0/22 -103.40.244.0/22 -103.40.248.0/22 -103.40.252.0/22 -103.41.0.0/22 -103.41.16.0/22 -103.41.52.0/22 -103.41.140.0/22 -103.41.148.0/22 -103.41.152.0/22 -103.41.160.0/22 -103.41.164.0/22 -103.41.220.0/22 -103.41.224.0/22 -103.41.228.0/22 -103.41.232.0/22 -103.42.8.0/22 -103.42.24.0/22 -103.42.28.0/22 -103.42.32.0/22 -103.42.64.0/22 -103.42.68.0/22 -103.42.76.0/22 -103.42.104.0/22 -103.42.180.0/22 -103.42.232.0/22 -103.43.16.0/22 -103.43.84.0/22 -103.43.96.0/22 -103.43.100.0/22 -103.43.104.0/22 -103.43.124.0/22 -103.43.184.0/22 -103.43.192.0/22 -103.43.196.0/22 -103.43.208.0/22 -103.43.220.0/22 -103.43.224.0/22 -103.43.240.0/22 -103.44.56.0/22 -103.44.80.0/22 -103.44.88.0/22 -103.44.120.0/22 -103.44.124.0/22 -103.44.132.0/22 -103.44.144.0/22 -103.44.168.0/22 -103.44.176.0/22 -103.44.180.0/22 -103.44.184.0/22 -103.44.188.0/22 -103.44.192.0/22 -103.44.196.0/22 -103.44.200.0/22 -103.44.204.0/22 -103.44.224.0/22 -103.44.236.0/22 -103.44.240.0/22 -103.44.244.0/22 -103.44.248.0/22 -103.44.252.0/22 -103.45.0.0/22 -103.45.4.0/22 -103.45.8.0/22 -103.45.12.0/22 -103.45.16.0/22 -103.45.20.0/22 -103.45.24.0/22 -103.45.28.0/22 -103.45.32.0/22 -103.45.36.0/22 -103.45.40.0/22 -103.45.44.0/22 -103.45.48.0/22 -103.45.52.0/22 -103.45.56.0/22 -103.45.60.0/22 -103.45.72.0/22 -103.45.76.0/22 -103.45.80.0/22 -103.45.84.0/22 -103.45.88.0/22 -103.45.92.0/22 -103.45.96.0/22 -103.45.100.0/22 -103.45.104.0/22 -103.45.108.0/22 -103.45.112.0/22 -103.45.116.0/22 -103.45.120.0/22 -103.45.124.0/22 -103.45.128.0/22 -103.45.132.0/22 -103.45.136.0/22 -103.45.140.0/22 -103.45.144.0/22 -103.45.148.0/22 -103.45.152.0/22 -103.45.156.0/22 -103.45.160.0/22 -103.45.164.0/22 -103.45.168.0/22 -103.45.172.0/22 -103.45.176.0/22 -103.45.180.0/22 -103.45.184.0/22 -103.45.188.0/22 -103.45.192.0/22 -103.45.196.0/22 -103.45.200.0/22 -103.45.204.0/22 -103.45.208.0/22 -103.45.212.0/22 -103.45.216.0/22 -103.45.220.0/22 -103.45.224.0/22 -103.45.248.0/22 -103.46.0.0/22 -103.46.12.0/22 -103.46.16.0/22 -103.46.20.0/22 -103.46.24.0/22 -103.46.28.0/22 -103.46.32.0/22 -103.46.36.0/22 -103.46.40.0/22 -103.46.44.0/22 -103.46.48.0/22 -103.46.52.0/22 -103.46.56.0/22 -103.46.60.0/22 -103.46.64.0/22 -103.46.68.0/22 -103.46.72.0/22 -103.46.76.0/22 -103.46.80.0/22 -103.46.84.0/22 -103.46.88.0/22 -103.46.92.0/22 -103.46.96.0/22 -103.46.100.0/22 -103.46.104.0/22 -103.46.108.0/22 -103.46.112.0/22 -103.46.116.0/22 -103.46.120.0/22 -103.46.124.0/22 -103.46.128.0/22 -103.46.132.0/22 -103.46.136.0/22 -103.46.152.0/22 -103.46.156.0/22 -103.46.160.0/22 -103.46.164.0/22 -103.46.168.0/22 -103.46.172.0/22 -103.46.176.0/22 -103.46.180.0/22 -103.46.244.0/22 -103.46.248.0/22 -103.47.4.0/22 -103.47.20.0/22 -103.47.36.0/22 -103.47.40.0/22 -103.47.48.0/22 -103.47.80.0/22 -103.47.96.0/22 -103.47.108.0/22 -103.47.116.0/22 -103.47.120.0/22 -103.47.136.0/22 -103.47.140.0/22 -103.47.212.0/22 -103.48.52.0/22 -103.48.92.0/22 -103.48.144.0/22 -103.48.148.0/22 -103.48.152.0/22 -103.48.156.0/22 -103.48.202.0/23 -103.48.216.0/22 -103.48.220.0/22 -103.48.224.0/22 -103.48.228.0/22 -103.48.232.0/22 -103.48.236.0/22 -103.48.240.0/22 -103.48.244.0/22 -103.49.12.0/22 -103.49.20.0/22 -103.49.72.0/22 -103.49.76.0/22 -103.49.92.0/22 -103.49.96.0/22 -103.49.108.0/22 -103.49.128.0/22 -103.49.176.0/22 -103.49.180.0/22 -103.49.196.0/22 -103.50.36.0/22 -103.50.44.0/22 -103.50.48.0/22 -103.50.52.0/22 -103.50.56.0/22 -103.50.60.0/22 -103.50.64.0/22 -103.50.68.0/22 -103.50.72.0/22 -103.50.108.0/22 -103.50.112.0/22 -103.50.116.0/22 -103.50.120.0/22 -103.50.124.0/22 -103.50.132.0/22 -103.50.136.0/22 -103.50.140.0/22 -103.50.172.0/22 -103.50.176.0/22 -103.50.180.0/22 -103.50.184.0/22 -103.50.188.0/22 -103.50.192.0/22 -103.50.196.0/22 -103.50.200.0/22 -103.50.220.0/22 -103.50.224.0/22 -103.50.228.0/22 -103.50.232.0/22 -103.50.236.0/22 -103.50.240.0/22 -103.50.244.0/22 -103.50.248.0/22 -103.52.40.0/22 -103.52.72.0/22 -103.52.76.0/22 -103.52.80.0/22 -103.52.84.0/22 -103.52.96.0/22 -103.52.100.0/22 -103.52.104.0/22 -103.52.160.0/22 -103.52.164.0/22 -103.52.172.0/22 -103.52.176.0/22 -103.52.184.0/22 -103.52.196.0/22 -103.53.64.0/22 -103.53.68.0/22 -103.53.92.0/22 -103.53.100.0/22 -103.53.124.0/22 -103.53.128.0/22 -103.53.132.0/22 -103.53.136.0/22 -103.53.140.0/22 -103.53.144.0/22 -103.53.180.0/22 -103.53.204.0/22 -103.53.208.0/22 -103.53.212.0/22 -103.53.216.0/22 -103.53.236.0/22 -103.53.248.0/22 -103.54.8.0/22 -103.54.48.0/22 -103.54.60.0/22 -103.54.160.0/22 -103.54.164.0/22 -103.54.212.0/22 -103.54.240.0/22 -103.55.24.0/22 -103.55.80.0/22 -103.55.120.0/22 -103.55.152.0/22 -103.55.172.0/22 -103.55.204.0/22 -103.55.208.0/22 -103.55.228.0/22 -103.55.236.0/22 -103.56.8.0/22 -103.56.16.0/22 -103.56.20.0/22 -103.56.32.0/22 -103.56.52.0/22 -103.56.56.0/22 -103.56.60.0/22 -103.56.72.0/22 -103.56.76.0/22 -103.56.140.0/22 -103.56.152.0/22 -103.56.184.0/22 -103.56.200.0/22 -103.57.12.0/22 -103.57.52.0/22 -103.57.56.0/22 -103.57.76.0/22 -103.57.136.0/22 -103.57.196.0/22 -103.58.24.0/22 -103.59.76.0/22 -103.59.100.0/22 -103.59.112.0/22 -103.59.116.0/22 -103.59.120.0/22 -103.59.124.0/22 -103.59.128.0/22 -103.59.148.0/22 -103.59.164.0/22 -103.60.32.0/22 -103.60.44.0/22 -103.60.164.0/22 -103.60.228.0/22 -103.60.236.0/22 -103.61.60.0/22 -103.61.104.0/22 -103.61.140.0/22 -103.61.152.0/22 -103.61.156.0/22 -103.61.160.0/22 -103.61.172.0/22 -103.61.176.0/22 -103.61.184.0/22 -103.61.188.0/22 -103.62.24.0/22 -103.62.52.0/22 -103.62.72.0/22 -103.62.76.0/22 -103.62.80.0/22 -103.62.84.0/22 -103.62.88.0/22 -103.62.96.0/22 -103.62.100.0/22 -103.62.104.0/22 -103.62.108.0/22 -103.62.112.0/22 -103.62.116.0/22 -103.62.120.0/22 -103.62.124.0/22 -103.62.128.0/22 -103.62.132.0/22 -103.62.156.0/22 -103.62.160.0/22 -103.62.164.0/22 -103.62.168.0/22 -103.62.172.0/22 -103.62.176.0/22 -103.62.180.0/22 -103.62.184.0/22 -103.62.188.0/22 -103.62.192.0/22 -103.62.204.0/22 -103.62.208.0/22 -103.62.212.0/22 -103.62.216.0/22 -103.62.220.0/22 -103.62.224.0/22 -103.63.32.0/22 -103.63.36.0/22 -103.63.40.0/22 -103.63.44.0/22 -103.63.48.0/22 -103.63.52.0/22 -103.63.56.0/22 -103.63.60.0/22 -103.63.64.0/22 -103.63.68.0/22 -103.63.72.0/22 -103.63.76.0/22 -103.63.80.0/22 -103.63.84.0/22 -103.63.88.0/22 -103.63.140.0/22 -103.63.144.0/22 -103.63.152.0/22 -103.63.160.0/22 -103.63.164.0/22 -103.63.168.0/22 -103.63.172.0/22 -103.63.176.0/22 -103.63.180.0/22 -103.63.184.0/22 -103.63.192.0/22 -103.63.196.0/22 -103.63.200.0/22 -103.63.204.0/22 -103.63.208.0/22 -103.63.240.0/22 -103.63.244.0/22 -103.63.248.0/22 -103.63.252.0/22 -103.64.0.0/22 -103.64.4.0/22 -103.64.24.0/22 -103.64.28.0/22 -103.64.32.0/22 -103.64.36.0/22 -103.64.40.0/22 -103.64.44.0/22 -103.64.48.0/22 -103.64.52.0/22 -103.64.56.0/22 -103.64.60.0/22 -103.64.64.0/22 -103.64.68.0/22 -103.64.72.0/22 -103.64.76.0/22 -103.64.80.0/22 -103.64.84.0/22 -103.64.88.0/22 -103.64.92.0/22 -103.64.96.0/22 -103.64.100.0/22 -103.64.104.0/22 -103.64.108.0/22 -103.64.112.0/22 -103.64.116.0/22 -103.64.120.0/22 -103.64.124.0/22 -103.64.140.0/22 -103.64.144.0/22 -103.64.152.0/22 -103.64.156.0/22 -103.64.160.0/22 -103.64.164.0/22 -103.64.168.0/22 -103.64.172.0/22 -103.64.176.0/22 -103.64.180.0/22 -103.64.184.0/22 -103.64.188.0/22 -103.64.192.0/22 -103.64.196.0/22 -103.64.200.0/22 -103.64.204.0/22 -103.64.208.0/22 -103.64.212.0/22 -103.64.216.0/22 -103.64.220.0/22 -103.64.224.0/22 -103.64.228.0/22 -103.64.232.0/22 -103.64.236.0/22 -103.64.240.0/22 -103.64.244.0/22 -103.64.248.0/22 -103.64.252.0/22 -103.65.0.0/22 -103.65.4.0/22 -103.65.8.0/22 -103.65.12.0/22 -103.65.16.0/22 -103.65.36.0/22 -103.65.40.0/22 -103.65.48.0/22 -103.65.52.0/22 -103.65.56.0/22 -103.65.60.0/22 -103.65.64.0/22 -103.65.68.0/22 -103.65.72.0/22 -103.65.76.0/22 -103.65.80.0/22 -103.65.84.0/22 -103.65.88.0/22 -103.65.92.0/22 -103.65.100.0/22 -103.65.104.0/22 -103.65.108.0/22 -103.65.112.0/22 -103.65.144.0/22 -103.65.148.0/22 -103.65.152.0/22 -103.65.156.0/22 -103.65.160.0/22 -103.65.164.0/22 -103.65.168.0/22 -103.65.172.0/22 -103.66.32.0/22 -103.66.40.0/22 -103.66.92.0/22 -103.66.108.0/22 -103.66.200.0/22 -103.66.216.0/22 -103.66.240.0/22 -103.66.244.0/22 -103.66.248.0/22 -103.66.252.0/22 -103.67.0.0/22 -103.67.4.0/22 -103.67.8.0/22 -103.67.100.0/22 -103.67.104.0/22 -103.67.108.0/22 -103.67.112.0/22 -103.67.116.0/22 -103.67.120.0/22 -103.67.124.0/22 -103.67.128.0/22 -103.67.132.0/22 -103.67.136.0/22 -103.67.140.0/22 -103.67.144.0/22 -103.67.148.0/22 -103.67.172.0/22 -103.67.192.0/22 -103.67.212.0/22 -103.67.252.0/22 -103.68.64.0/22 -103.68.88.0/22 -103.68.100.0/22 -103.68.128.0/22 -103.68.192.0/22 -103.69.16.0/22 -103.69.116.0/22 -103.69.132.0/22 -103.69.152.0/22 -103.69.212.0/22 -103.70.8.0/22 -103.70.148.0/22 -103.70.184.0/22 -103.70.220.0/22 -103.70.224.0/22 -103.70.236.0/22 -103.70.252.0/22 -103.71.0.0/22 -103.71.32.0/22 -103.71.48.0/22 -103.71.68.0/22 -103.71.72.0/22 -103.71.80.0/22 -103.71.84.0/22 -103.71.88.0/22 -103.71.120.0/22 -103.71.124.0/22 -103.71.128.0/22 -103.71.144.0/22 -103.71.196.0/22 -103.71.200.0/22 -103.71.232.0/22 -103.72.12.0/22 -103.72.16.0/22 -103.72.20.0/22 -103.72.24.0/22 -103.72.28.0/22 -103.72.32.0/22 -103.72.36.0/22 -103.72.40.0/22 -103.72.44.0/22 -103.72.48.0/22 -103.72.52.0/22 -103.72.112.0/22 -103.72.116.0/22 -103.72.120.0/22 -103.72.124.0/22 -103.72.128.0/22 -103.72.132.0/22 -103.72.144.0/22 -103.72.148.0/22 -103.72.172.0/22 -103.72.180.0/22 -103.72.224.0/22 -103.72.228.0/22 -103.72.232.0/22 -103.72.236.0/22 -103.72.240.0/22 -103.72.244.0/22 -103.72.248.0/22 -103.72.252.0/22 -103.73.0.0/22 -103.73.4.0/22 -103.73.8.0/22 -103.73.12.0/22 -103.73.16.0/22 -103.73.20.0/22 -103.73.24.0/22 -103.73.28.0/22 -103.73.48.0/22 -103.73.88.0/22 -103.73.96.0/22 -103.73.116.0/22 -103.73.120.0/22 -103.73.128.0/22 -103.73.132.0/22 -103.73.136.0/22 -103.73.140.0/22 -103.73.144.0/22 -103.73.168.0/22 -103.73.176.0/22 -103.73.204.0/22 -103.73.208.0/22 -103.73.240.0/22 -103.73.244.0/22 -103.73.248.0/22 -103.74.24.0/22 -103.74.28.0/22 -103.74.32.0/22 -103.74.36.0/22 -103.74.40.0/22 -103.74.44.0/22 -103.74.48.0/22 -103.74.56.0/22 -103.74.60.0/22 -103.74.80.0/22 -103.74.124.0/22 -103.74.148.0/22 -103.74.152.0/22 -103.74.156.0/22 -103.74.204.0/22 -103.74.232.0/22 -103.75.16.0/22 -103.75.88.0/22 -103.75.92.0/22 -103.75.104.0/22 -103.75.108.0/22 -103.75.112.0/22 -103.75.120.0/22 -103.75.128.0/22 -103.75.144.0/22 -103.75.152.0/22 -103.75.236.0/24 -103.76.60.0/22 -103.76.64.0/22 -103.76.68.0/22 -103.76.72.0/22 -103.76.84.0/22 -103.76.92.0/22 -103.76.216.0/22 -103.76.220.0/22 -103.76.224.0/22 -103.77.28.0/22 -103.77.52.0/22 -103.77.56.0/22 -103.77.72.0/22 -103.77.88.0/22 -103.77.92.0/22 -103.77.132.0/22 -103.77.148.0/22 -103.77.220.0/22 -103.78.56.0/22 -103.78.60.0/22 -103.78.64.0/22 -103.78.68.0/22 -103.78.124.0/22 -103.78.172.0/22 -103.78.176.0/22 -103.78.196.0/22 -103.78.228.0/22 -103.79.24.0/22 -103.79.28.0/22 -103.79.36.0/22 -103.79.40.0/22 -103.79.44.0/22 -103.79.52.0/22 -103.79.56.0/22 -103.79.60.0/22 -103.79.64.0/22 -103.79.68.0/22 -103.79.80.0/22 -103.79.84.0/22 -103.79.120.0/22 -103.79.136.0/22 -103.79.188.0/22 -103.79.192.0/22 -103.79.196.0/22 -103.79.200.0/22 -103.79.204.0/22 -103.79.208.0/22 -103.79.212.0/22 -103.79.240.0/22 -103.80.24.0/22 -103.80.28.0/22 -103.80.44.0/22 -103.80.72.0/22 -103.80.176.0/22 -103.80.180.0/22 -103.80.184.0/22 -103.80.192.0/22 -103.80.200.0/22 -103.80.232.0/22 -103.81.4.0/22 -103.81.8.0/22 -103.81.16.0/22 -103.81.20.0/22 -103.81.44.0/22 -103.81.48.0/22 -103.81.96.0/22 -103.81.120.0/22 -103.81.148.0/22 -103.81.164.0/22 -103.81.168.0/22 -103.81.183.0/24 -103.81.184.0/22 -103.81.200.0/22 -103.81.232.0/22 -103.82.52.0/22 -103.82.60.0/22 -103.82.68.0/22 -103.82.84.0/22 -103.82.104.0/22 -103.82.224.0/22 -103.82.236.0/22 -103.83.44.0/22 -103.83.52.0/22 -103.83.60.0/22 -103.83.64.0/22 -103.83.72.0/22 -103.83.112.0/22 -103.83.120.0/22 -103.83.180.0/22 -103.84.0.0/22 -103.84.12.0/22 -103.84.16.0/22 -103.84.20.0/22 -103.84.24.0/22 -103.84.28.0/22 -103.84.48.0/22 -103.84.64.0/22 -103.84.72.0/22 -103.84.92.0/22 -103.84.108.0/22 -103.84.136.0/22 -103.85.20.0/22 -103.85.24.0/22 -103.85.44.0/22 -103.85.48.0/22 -103.85.84.0/22 -103.85.136.0/22 -103.85.144.0/22 -103.85.164.0/22 -103.85.168.0/22 -103.85.172.0/22 -103.85.176.0/22 -103.85.224.0/22 -103.86.28.0/22 -103.86.32.0/22 -103.86.44.0/22 -103.86.60.0/22 -103.86.68.0/22 -103.86.80.0/22 -103.86.84.0/22 -103.86.88.0/22 -103.86.204.0/22 -103.86.208.0/22 -103.86.212.0/22 -103.86.216.0/22 -103.86.220.0/22 -103.86.224.0/22 -103.86.228.0/22 -103.86.232.0/22 -103.86.236.0/22 -103.86.240.0/22 -103.86.244.0/22 -103.86.248.0/22 -103.86.252.0/22 -103.87.0.0/22 -103.87.4.0/22 -103.87.20.0/22 -103.87.32.0/22 -103.87.72.0/22 -103.87.96.0/22 -103.87.132.0/22 -103.87.180.0/22 -103.87.224.0/22 -103.88.4.0/22 -103.88.8.0/22 -103.88.12.0/22 -103.88.16.0/22 -103.88.20.0/22 -103.88.32.0/22 -103.88.36.0/22 -103.88.60.0/22 -103.88.64.0/22 -103.88.72.0/22 -103.88.96.0/22 -103.88.100.0/22 -103.88.164.0/22 -103.88.176.0/22 -103.88.184.0/22 -103.88.188.0/22 -103.88.212.0/22 -103.89.28.0/22 -103.89.96.0/22 -103.89.100.0/22 -103.89.104.0/22 -103.89.108.0/22 -103.89.112.0/22 -103.89.116.0/22 -103.89.148.0/22 -103.89.172.0/22 -103.89.184.0/22 -103.89.188.0/22 -103.89.192.0/22 -103.89.196.0/22 -103.89.200.0/22 -103.89.204.0/22 -103.89.208.0/22 -103.89.212.0/22 -103.89.216.0/22 -103.89.220.0/22 -103.89.224.0/22 -103.89.228.0/22 -103.90.52.0/22 -103.90.92.0/22 -103.90.100.0/22 -103.90.104.0/22 -103.90.108.0/22 -103.90.112.0/22 -103.90.116.0/22 -103.90.120.0/22 -103.90.124.0/22 -103.90.128.0/22 -103.90.132.0/22 -103.90.152.0/22 -103.90.168.0/22 -103.90.173.0/24 -103.90.176.0/22 -103.90.188.0/22 -103.90.192.0/22 -103.91.36.0/22 -103.91.40.0/22 -103.91.108.0/22 -103.91.152.0/22 -103.91.176.0/22 -103.91.200.0/22 -103.91.208.0/22 -103.91.212.0/22 -103.91.219.0/24 -103.91.236.0/22 -103.91.252.0/22 -103.92.0.0/22 -103.92.4.0/22 -103.92.8.0/22 -103.92.12.0/22 -103.92.48.0/22 -103.92.52.0/22 -103.92.56.0/22 -103.92.60.0/22 -103.92.64.0/22 -103.92.68.0/22 -103.92.72.0/22 -103.92.76.0/22 -103.92.80.0/22 -103.92.86.0/24 -103.92.88.0/22 -103.92.108.0/22 -103.92.124.0/22 -103.92.128.0/24 -103.92.132.0/22 -103.92.156.0/22 -103.92.164.0/22 -103.92.168.0/22 -103.92.172.0/22 -103.92.176.0/22 -103.92.180.0/22 -103.92.184.0/22 -103.92.188.0/22 -103.92.192.0/22 -103.92.236.0/22 -103.92.240.0/22 -103.92.244.0/22 -103.92.248.0/22 -103.92.252.0/22 -103.93.0.0/22 -103.93.4.0/22 -103.93.28.0/22 -103.93.76.0/22 -103.93.84.0/22 -103.93.121.0/24 -103.93.152.0/22 -103.93.180.0/22 -103.93.204.0/22 -103.94.12.0/22 -103.94.20.0/22 -103.94.28.0/22 -103.94.32.0/22 -103.94.36.0/22 -103.94.40.0/22 -103.94.44.0/22 -103.94.72.0/22 -103.94.88.0/22 -103.94.116.0/22 -103.94.160.0/22 -103.94.180.0/22 -103.94.200.0/22 -103.95.28.0/22 -103.95.52.0/22 -103.95.64.0/22 -103.95.68.0/22 -103.95.88.0/22 -103.95.92.0/22 -103.95.116.0/22 -103.95.128.0/22 -103.95.136.0/22 -103.95.140.0/22 -103.95.144.0/22 -103.95.152.0/22 -103.95.207.0/24 -103.95.216.0/22 -103.95.220.0/22 -103.95.224.0/22 -103.95.236.0/22 -103.95.240.0/22 -103.95.244.0/22 -103.95.248.0/22 -103.95.252.0/22 -103.96.0.0/22 -103.96.8.0/22 -103.96.80.0/22 -103.96.124.0/22 -103.96.136.0/22 -103.96.140.0/24 -103.96.148.0/22 -103.96.152.0/22 -103.96.156.0/22 -103.96.160.0/22 -103.96.164.0/22 -103.96.168.0/22 -103.96.172.0/22 -103.96.176.0/22 -103.96.180.0/22 -103.96.184.0/22 -103.96.188.0/22 -103.96.192.0/22 -103.96.196.0/22 -103.96.200.0/22 -103.96.204.0/22 -103.96.208.0/22 -103.96.212.0/22 -103.96.216.0/22 -103.97.8.0/22 -103.97.12.0/22 -103.97.16.0/22 -103.97.20.0/22 -103.97.24.0/22 -103.97.28.0/22 -103.97.32.0/22 -103.97.36.0/22 -103.97.40.0/22 -103.97.56.0/22 -103.97.60.0/22 -103.97.64.0/22 -103.97.68.0/22 -103.97.72.0/22 -103.97.80.0/22 -103.97.112.0/22 -103.97.116.0/22 -103.97.128.0/22 -103.97.144.0/22 -103.97.148.0/22 -103.97.188.0/22 -103.97.192.0/22 -103.97.224.0/22 -103.97.228.0/23 -103.98.28.0/23 -103.98.40.0/22 -103.98.44.0/22 -103.98.48.0/22 -103.98.56.0/22 -103.98.80.0/22 -103.98.88.0/22 -103.98.92.0/22 -103.98.96.0/22 -103.98.100.0/22 -103.98.124.0/22 -103.98.136.0/22 -103.98.140.0/22 -103.98.144.0/22 -103.98.164.0/22 -103.98.168.0/22 -103.98.180.0/22 -103.98.196.0/22 -103.98.216.0/22 -103.98.220.0/22 -103.98.224.0/22 -103.98.228.0/22 -103.98.232.0/22 -103.98.240.0/22 -103.98.244.0/22 -103.98.248.0/22 -103.98.252.0/22 -103.99.40.0/23 -103.99.52.0/22 -103.99.56.0/22 -103.99.60.0/22 -103.99.76.0/22 -103.99.104.0/22 -103.99.116.0/22 -103.99.120.0/22 -103.99.152.0/22 -103.99.220.0/22 -103.99.232.0/22 -103.99.236.0/22 -103.100.0.0/22 -103.100.32.0/22 -103.100.40.0/22 -103.100.48.0/22 -103.100.52.0/22 -103.100.56.0/22 -103.100.60.0/22 -103.100.64.0/22 -103.100.68.0/22 -103.100.88.0/22 -103.100.116.0/22 -103.100.140.0/22 -103.100.144.0/22 -103.100.236.0/22 -103.100.240.0/22 -103.100.248.0/22 -103.100.252.0/22 -103.101.4.0/22 -103.101.8.0/22 -103.101.12.0/22 -103.101.28.0/22 -103.101.60.0/22 -103.101.120.0/22 -103.101.124.0/22 -103.101.144.0/22 -103.101.148.0/22 -103.101.153.0/24 -103.101.180.0/22 -103.101.184.0/22 -103.102.76.0/22 -103.102.80.0/22 -103.102.168.0/22 -103.102.172.0/22 -103.102.180.0/22 -103.102.184.0/22 -103.102.188.0/22 -103.102.192.0/22 -103.102.196.0/22 -103.102.200.0/22 -103.102.208.0/22 -103.102.212.0/22 -103.103.12.0/22 -103.103.16.0/22 -103.103.36.0/22 -103.103.68.0/22 -103.103.72.0/22 -103.103.176.0/22 -103.103.188.0/22 -103.103.200.0/22 -103.103.204.0/22 -103.103.220.0/22 -103.103.224.0/22 -103.103.228.0/22 -103.103.232.0/22 -103.103.248.0/22 -103.103.252.0/22 -103.104.0.0/22 -103.104.4.0/22 -103.104.36.0/22 -103.104.40.0/22 -103.104.64.0/22 -103.104.104.0/22 -103.104.152.0/22 -103.104.168.0/22 -103.104.172.0/22 -103.104.188.0/22 -103.104.198.0/23 -103.104.252.0/22 -103.105.0.0/22 -103.105.4.0/22 -103.105.12.0/22 -103.105.16.0/22 -103.105.23.0/24 -103.105.56.0/22 -103.105.60.0/22 -103.105.116.0/22 -103.105.132.0/22 -103.105.180.0/22 -103.105.184.0/22 -103.105.200.0/22 -103.105.204.0/22 -103.105.220.0/22 -103.106.36.0/22 -103.106.40.0/22 -103.106.44.0/22 -103.106.60.0/22 -103.106.68.0/22 -103.106.96.0/22 -103.106.120.0/22 -103.106.128.0/22 -103.106.132.0/22 -103.106.160.0/22 -103.106.188.0/22 -103.106.196.0/22 -103.106.202.0/23 -103.106.212.0/22 -103.106.244.0/22 -103.106.252.0/22 -103.107.0.0/22 -103.107.8.0/24 -103.107.28.0/22 -103.107.32.0/22 -103.107.44.0/22 -103.107.72.0/22 -103.107.108.0/22 -103.107.164.0/22 -103.107.168.0/22 -103.107.188.0/22 -103.107.192.0/22 -103.107.208.0/22 -103.107.212.0/22 -103.107.216.0/22 -103.107.220.0/22 -103.108.52.0/22 -103.108.64.0/22 -103.108.160.0/22 -103.108.164.0/22 -103.108.184.0/23 -103.108.188.0/23 -103.108.192.0/22 -103.108.196.0/22 -103.108.208.0/22 -103.108.212.0/22 -103.108.224.0/22 -103.108.244.0/22 -103.108.251.0/24 -103.109.20.0/22 -103.109.48.0/22 -103.109.88.0/22 -103.109.106.0/23 -103.109.248.0/22 -103.110.32.0/22 -103.110.80.0/23 -103.110.92.0/22 -103.110.100.0/22 -103.110.116.0/22 -103.110.127.0/24 -103.110.128.0/23 -103.110.131.0/24 -103.110.132.0/22 -103.110.136.0/22 -103.110.152.0/22 -103.110.156.0/22 -103.110.188.0/22 -103.110.204.0/22 -103.111.38.0/23 -103.111.64.0/22 -103.111.172.0/22 -103.111.252.0/22 -103.112.28.0/22 -103.112.68.0/22 -103.112.72.0/22 -103.112.88.0/22 -103.112.92.0/22 -103.112.96.0/22 -103.112.108.0/22 -103.112.112.0/22 -103.112.116.0/22 -103.112.140.0/22 -103.112.172.0/22 -103.112.184.0/22 -103.112.208.0/22 -103.113.4.0/22 -103.113.92.0/22 -103.113.144.0/22 -103.113.220.0/22 -103.113.232.0/22 -103.113.236.0/22 -103.114.4.0/22 -103.114.28.0/22 -103.114.68.0/22 -103.114.72.0/22 -103.114.100.0/22 -103.114.132.0/22 -103.114.148.0/22 -103.114.156.0/22 -103.114.176.0/22 -103.114.212.0/22 -103.114.236.0/22 -103.114.240.0/22 -103.115.16.0/22 -103.115.40.0/22 -103.115.44.0/22 -103.115.48.0/22 -103.115.52.0/22 -103.115.56.0/22 -103.115.60.0/22 -103.115.64.0/22 -103.115.68.0/22 -103.115.92.0/22 -103.115.120.0/22 -103.115.148.0/22 -103.115.204.0/23 -103.115.248.0/22 -103.116.20.0/22 -103.116.40.0/22 -103.116.64.0/22 -103.116.72.0/22 -103.116.76.0/22 -103.116.92.0/22 -103.116.120.0/22 -103.116.128.0/22 -103.116.132.0/23 -103.116.148.0/22 -103.116.184.0/22 -103.116.206.0/23 -103.116.220.0/22 -103.116.224.0/22 -103.116.228.0/22 -103.117.16.0/22 -103.117.72.0/22 -103.117.88.0/22 -103.117.132.0/22 -103.117.136.0/22 -103.117.188.0/22 -103.117.220.0/22 -103.118.19.0/24 -103.118.36.0/22 -103.118.52.0/22 -103.118.56.0/22 -103.118.60.0/22 -103.118.64.0/22 -103.118.68.0/22 -103.118.72.0/22 -103.118.88.0/22 -103.118.173.0/24 -103.118.192.0/22 -103.118.196.0/22 -103.118.200.0/22 -103.118.204.0/22 -103.118.208.0/22 -103.118.212.0/22 -103.118.216.0/22 -103.118.220.0/22 -103.118.240.0/22 -103.118.244.0/22 -103.118.248.0/22 -103.118.252.0/22 -103.119.0.0/22 -103.119.12.0/22 -103.119.16.0/22 -103.119.28.0/22 -103.119.44.0/22 -103.119.104.0/22 -103.119.115.0/24 -103.119.156.0/22 -103.119.180.0/22 -103.119.200.0/22 -103.119.224.0/22 -103.120.52.0/22 -103.120.72.0/22 -103.120.76.0/24 -103.120.88.0/22 -103.120.96.0/22 -103.120.100.0/22 -103.120.140.0/22 -103.120.196.0/22 -103.120.224.0/22 -103.121.52.0/22 -103.121.92.0/22 -103.121.160.0/22 -103.121.164.0/22 -103.121.250.0/24 -103.121.252.0/22 -103.122.48.0/22 -103.122.176.0/22 -103.122.192.0/22 -103.122.240.0/22 -103.123.4.0/22 -103.123.56.0/22 -103.123.88.0/22 -103.123.92.0/22 -103.123.116.0/22 -103.123.160.0/22 -103.123.176.0/22 -103.123.200.0/22 -103.123.204.0/22 -103.123.208.0/22 -103.123.212.0/22 -103.124.24.0/22 -103.124.48.0/22 -103.124.64.0/22 -103.124.212.0/22 -103.124.216.0/22 -103.125.20.0/22 -103.125.44.0/22 -103.125.132.0/22 -103.125.164.0/22 -103.125.196.0/22 -103.125.236.0/22 -103.125.248.0/22 -103.126.0.0/22 -103.126.16.0/22 -103.126.44.0/22 -103.126.100.0/22 -103.126.124.0/22 -103.126.128.0/22 -103.126.132.0/22 -103.126.208.0/22 -103.126.241.0/24 -103.129.52.0/22 -103.130.132.0/22 -103.130.152.0/24 -103.130.160.0/22 -103.130.228.0/22 -103.131.20.0/22 -103.131.36.0/22 -103.131.152.0/22 -103.131.168.0/22 -103.131.176.0/22 -103.131.224.0/22 -103.131.228.0/22 -103.131.240.0/22 -103.132.60.0/22 -103.132.64.0/22 -103.132.68.0/22 -103.132.72.0/22 -103.132.76.0/22 -103.132.80.0/22 -103.132.104.0/22 -103.132.108.0/22 -103.132.112.0/22 -103.132.116.0/22 -103.132.120.0/22 -103.132.160.0/22 -103.132.164.0/22 -103.132.188.0/22 -103.132.208.0/22 -103.132.212.0/22 -103.132.234.0/23 -103.133.12.0/22 -103.133.40.0/22 -103.133.128.0/22 -103.133.136.0/22 -103.133.176.0/22 -103.133.232.0/22 -103.134.12.0/24 -103.134.196.0/22 -103.135.80.0/22 -103.135.124.0/22 -103.135.148.0/22 -103.135.156.0/22 -103.135.160.0/22 -103.135.164.0/22 -103.135.176.0/22 -103.135.184.0/22 -103.135.192.0/22 -103.135.196.0/22 -103.135.236.0/22 -103.136.128.0/22 -103.136.232.0/22 -103.137.58.0/23 -103.137.60.0/24 -103.137.76.0/22 -103.137.136.0/23 -103.137.149.0/24 -103.137.180.0/22 -103.137.236.0/22 -103.138.2.0/23 -103.138.12.0/23 -103.138.80.0/22 -103.138.134.0/23 -103.138.156.0/23 -103.138.208.0/23 -103.138.220.0/23 -103.138.246.0/23 -103.138.248.0/23 -103.139.0.0/23 -103.139.2.0/23 -103.139.22.0/23 -103.139.113.0/24 -103.139.134.0/23 -103.139.136.0/23 -103.139.172.0/23 -103.139.200.0/23 -103.139.204.0/23 -103.139.212.0/23 -103.140.8.0/23 -103.140.14.0/23 -103.140.46.0/23 -103.140.70.0/23 -103.140.126.0/23 -103.140.140.0/23 -103.140.144.0/23 -103.140.152.0/23 -103.140.192.0/23 -103.140.194.0/23 -103.140.228.0/23 -103.141.10.0/23 -103.141.36.0/23 -103.141.58.0/23 -103.141.128.0/23 -103.141.186.0/23 -103.141.190.0/23 -103.141.242.0/23 -103.142.0.0/23 -103.142.28.0/23 -103.142.58.0/23 -103.142.82.0/23 -103.142.96.0/23 -103.142.102.0/23 -103.142.122.0/23 -103.142.126.0/24 -103.142.128.0/23 -103.142.140.0/23 -103.142.154.0/23 -103.142.156.0/23 -103.142.172.0/23 -103.142.180.0/23 -103.142.186.0/23 -103.142.190.0/23 -103.142.220.0/23 -103.142.230.0/24 -103.142.234.0/23 -103.142.238.0/23 -103.142.248.0/23 -103.143.16.0/23 -103.143.18.0/23 -103.143.31.0/24 -103.143.74.0/23 -103.143.120.0/23 -103.143.124.0/23 -103.143.132.0/23 -103.143.134.0/23 -103.143.174.0/23 -103.143.228.0/23 -103.144.40.0/23 -103.144.52.0/23 -103.144.66.0/23 -103.144.70.0/23 -103.144.72.0/23 -103.144.88.0/24 -103.144.108.0/23 -103.144.136.0/23 -103.144.148.0/23 -103.144.158.0/23 -103.144.240.0/23 -103.145.38.0/23 -103.145.40.0/23 -103.145.42.0/23 -103.145.60.0/23 -103.145.72.0/23 -103.145.80.0/23 -103.145.86.0/23 -103.145.92.0/23 -103.145.94.0/23 -103.145.98.0/23 -103.145.106.0/23 -103.145.122.0/23 -103.145.188.0/23 -103.145.190.0/23 -103.146.6.0/23 -103.146.72.0/23 -103.146.88.0/23 -103.146.90.0/23 -103.146.124.0/23 -103.146.126.0/23 -103.146.138.0/23 -103.146.147.0/24 -103.146.230.0/23 -103.146.236.0/23 -103.146.252.0/23 -103.147.12.0/23 -103.147.124.0/23 -103.147.198.0/23 -103.147.206.0/23 -103.147.211.0/24 -103.148.174.0/23 -103.149.6.0/23 -103.149.17.0/24 -103.149.44.0/23 -103.149.110.0/23 -103.149.132.0/23 -103.149.144.0/23 -103.149.156.0/23 -103.149.181.0/24 -103.149.190.0/23 -103.149.210.0/23 -103.149.214.0/23 -103.149.220.0/23 -103.192.0.0/22 -103.192.4.0/22 -103.192.8.0/22 -103.192.12.0/22 -103.192.16.0/22 -103.192.20.0/22 -103.192.24.0/22 -103.192.28.0/22 -103.192.48.0/22 -103.192.52.0/22 -103.192.56.0/22 -103.192.84.0/22 -103.192.88.0/22 -103.192.92.0/22 -103.192.96.0/22 -103.192.100.0/22 -103.192.104.0/22 -103.192.108.0/22 -103.192.112.0/22 -103.192.128.0/22 -103.192.132.0/22 -103.192.136.0/22 -103.192.140.0/22 -103.192.144.0/22 -103.192.164.0/22 -103.192.188.0/22 -103.192.208.0/22 -103.192.212.0/22 -103.192.216.0/22 -103.192.252.0/22 -103.193.40.0/22 -103.193.44.0/22 -103.193.120.0/22 -103.193.124.0/22 -103.193.140.0/22 -103.193.144.0/22 -103.193.148.0/22 -103.193.160.0/22 -103.193.188.0/22 -103.193.192.0/22 -103.193.212.0/22 -103.193.216.0/22 -103.193.220.0/22 -103.193.224.0/22 -103.193.228.0/22 -103.193.232.0/22 -103.193.236.0/22 -103.193.240.0/22 -103.194.16.0/22 -103.195.104.0/22 -103.195.112.0/22 -103.195.136.0/22 -103.195.148.0/22 -103.195.152.0/22 -103.195.160.0/22 -103.195.192.0/22 -103.196.60.0/22 -103.196.64.0/22 -103.196.72.0/22 -103.196.88.0/22 -103.196.92.0/22 -103.196.96.0/22 -103.196.168.0/22 -103.196.204.0/22 -103.197.180.0/22 -103.197.228.0/22 -103.198.20.0/22 -103.198.60.0/22 -103.198.64.0/22 -103.198.72.0/22 -103.198.124.0/22 -103.198.156.0/22 -103.198.180.0/22 -103.198.196.0/22 -103.198.200.0/22 -103.198.216.0/22 -103.198.220.0/22 -103.198.224.0/22 -103.198.228.0/22 -103.198.232.0/22 -103.198.236.0/22 -103.198.240.0/22 -103.198.244.0/22 -103.199.164.0/22 -103.199.196.0/22 -103.199.228.0/22 -103.199.248.0/22 -103.199.252.0/22 -103.200.28.0/22 -103.200.52.0/22 -103.200.64.0/22 -103.200.68.0/22 -103.200.136.0/22 -103.200.140.0/22 -103.200.144.0/22 -103.200.148.0/22 -103.200.152.0/22 -103.200.156.0/22 -103.200.160.0/22 -103.200.164.0/22 -103.200.168.0/22 -103.200.172.0/22 -103.200.176.0/22 -103.200.180.0/22 -103.200.184.0/22 -103.200.188.0/22 -103.200.192.0/22 -103.200.220.0/22 -103.200.224.0/22 -103.200.228.0/22 -103.200.232.0/22 -103.200.236.0/22 -103.200.240.0/22 -103.200.244.0/22 -103.200.248.0/22 -103.200.252.0/22 -103.201.0.0/22 -103.201.4.0/22 -103.201.8.0/22 -103.201.12.0/22 -103.201.16.0/22 -103.201.20.0/22 -103.201.28.0/22 -103.201.32.0/22 -103.201.36.0/22 -103.201.40.0/22 -103.201.44.0/22 -103.201.48.0/22 -103.201.52.0/22 -103.201.56.0/22 -103.201.60.0/22 -103.201.64.0/22 -103.201.76.0/22 -103.201.80.0/22 -103.201.84.0/22 -103.201.88.0/22 -103.201.92.0/22 -103.201.96.0/22 -103.201.100.0/22 -103.201.104.0/22 -103.201.108.0/22 -103.201.112.0/22 -103.201.116.0/22 -103.201.120.0/22 -103.201.152.0/22 -103.201.156.0/22 -103.201.160.0/22 -103.201.164.0/22 -103.201.168.0/22 -103.201.172.0/22 -103.201.176.0/22 -103.201.180.0/22 -103.201.184.0/22 -103.201.188.0/22 -103.201.192.0/22 -103.201.196.0/22 -103.201.200.0/22 -103.201.204.0/22 -103.201.208.0/22 -103.201.212.0/22 -103.201.216.0/22 -103.201.220.0/22 -103.201.224.0/22 -103.201.228.0/22 -103.201.232.0/22 -103.201.236.0/22 -103.201.240.0/22 -103.201.244.0/22 -103.201.248.0/22 -103.201.252.0/22 -103.202.0.0/22 -103.202.4.0/22 -103.202.8.0/22 -103.202.12.0/22 -103.202.16.0/22 -103.202.20.0/22 -103.202.24.0/22 -103.202.28.0/22 -103.202.32.0/22 -103.202.36.0/22 -103.202.40.0/22 -103.202.44.0/22 -103.202.56.0/22 -103.202.60.0/22 -103.202.64.0/22 -103.202.68.0/22 -103.202.72.0/22 -103.202.76.0/22 -103.202.80.0/22 -103.202.84.0/22 -103.202.88.0/22 -103.202.92.0/22 -103.202.96.0/22 -103.202.100.0/22 -103.202.104.0/22 -103.202.108.0/22 -103.202.112.0/22 -103.202.116.0/22 -103.202.120.0/22 -103.202.124.0/22 -103.202.128.0/22 -103.202.132.0/22 -103.202.136.0/22 -103.202.140.0/22 -103.202.144.0/22 -103.202.152.0/22 -103.202.156.0/22 -103.202.160.0/22 -103.202.164.0/22 -103.202.168.0/22 -103.202.172.0/22 -103.202.176.0/22 -103.202.180.0/22 -103.202.184.0/22 -103.202.188.0/22 -103.202.192.0/22 -103.202.196.0/22 -103.202.200.0/21 -103.202.212.0/22 -103.202.228.0/22 -103.202.236.0/22 -103.202.240.0/22 -103.202.244.0/22 -103.202.248.0/22 -103.202.252.0/22 -103.203.0.0/22 -103.203.4.0/22 -103.203.8.0/22 -103.203.12.0/22 -103.203.16.0/22 -103.203.20.0/22 -103.203.24.0/22 -103.203.28.0/22 -103.203.32.0/22 -103.203.52.0/22 -103.203.56.0/22 -103.203.96.0/22 -103.203.100.0/22 -103.203.104.0/22 -103.203.108.0/22 -103.203.112.0/22 -103.203.116.0/22 -103.203.120.0/22 -103.203.124.0/22 -103.203.128.0/22 -103.203.140.0/22 -103.203.164.0/22 -103.203.168.0/22 -103.203.192.0/22 -103.203.200.0/22 -103.203.212.0/22 -103.203.216.0/22 -103.204.24.0/22 -103.204.72.0/22 -103.204.88.0/22 -103.204.112.0/22 -103.204.136.0/22 -103.204.140.0/22 -103.204.144.0/22 -103.204.148.0/22 -103.204.152.0/22 -103.204.196.0/22 -103.204.232.0/22 -103.204.236.0/22 -103.205.4.0/22 -103.205.8.0/22 -103.205.40.0/22 -103.205.44.0/22 -103.205.52.0/22 -103.205.108.0/22 -103.205.116.0/22 -103.205.120.0/22 -103.205.136.0/22 -103.205.162.0/24 -103.205.188.0/22 -103.205.192.0/22 -103.205.196.0/22 -103.205.200.0/22 -103.205.236.0/22 -103.205.248.0/22 -103.205.252.0/22 -103.206.0.0/22 -103.206.44.0/22 -103.206.108.0/22 -103.206.148.0/22 -103.207.48.0/22 -103.207.104.0/22 -103.207.164.0/22 -103.207.184.0/22 -103.207.188.0/22 -103.207.192.0/22 -103.207.196.0/22 -103.207.200.0/22 -103.207.204.0/22 -103.207.208.0/22 -103.207.212.0/22 -103.207.220.0/22 -103.207.228.0/22 -103.207.232.0/22 -103.208.12.0/22 -103.208.16.0/22 -103.208.28.0/22 -103.208.40.0/22 -103.208.44.0/22 -103.208.48.0/22 -103.208.148.0/22 -103.209.112.0/22 -103.209.136.0/22 -103.209.200.0/22 -103.209.208.0/22 -103.209.216.0/22 -103.210.0.0/22 -103.210.20.0/22 -103.210.96.0/22 -103.210.156.0/22 -103.210.160.0/22 -103.210.164.0/22 -103.210.168.0/22 -103.210.172.0/22 -103.210.176.0/22 -103.210.180.0/22 -103.210.184.0/22 -103.210.188.0/22 -103.210.216.0/22 -103.211.44.0/22 -103.211.96.0/22 -103.211.100.0/22 -103.211.156.0/22 -103.211.164.0/22 -103.211.192.0/22 -103.211.220.0/22 -103.211.224.0/22 -103.211.248.0/22 -103.212.0.0/22 -103.212.4.0/22 -103.212.8.0/22 -103.212.12.0/22 -103.212.32.0/22 -103.212.44.0/22 -103.212.48.0/22 -103.212.84.0/22 -103.212.100.0/22 -103.212.104.0/22 -103.212.108.0/22 -103.212.148.0/22 -103.212.164.0/22 -103.212.196.0/22 -103.212.200.0/22 -103.212.228.0/22 -103.212.252.0/22 -103.213.40.0/22 -103.213.44.0/22 -103.213.48.0/22 -103.213.52.0/22 -103.213.56.0/22 -103.213.60.0/22 -103.213.64.0/22 -103.213.68.0/22 -103.213.72.0/22 -103.213.76.0/22 -103.213.80.0/22 -103.213.84.0/22 -103.213.88.0/22 -103.213.92.0/22 -103.213.96.0/22 -103.213.132.0/22 -103.213.136.0/22 -103.213.140.0/22 -103.213.144.0/22 -103.213.148.0/22 -103.213.152.0/22 -103.213.156.0/22 -103.213.160.0/22 -103.213.164.0/22 -103.213.168.0/22 -103.213.172.0/22 -103.213.176.0/22 -103.213.180.0/22 -103.213.184.0/22 -103.213.188.0/22 -103.213.248.0/22 -103.214.32.0/22 -103.214.48.0/22 -103.214.84.0/22 -103.214.168.0/22 -103.214.212.0/22 -103.214.240.0/22 -103.214.244.0/22 -103.215.28.0/22 -103.215.32.0/22 -103.215.36.0/22 -103.215.44.0/22 -103.215.48.0/22 -103.215.100.0/22 -103.215.104.0/22 -103.215.108.0/22 -103.215.116.0/22 -103.215.120.0/22 -103.215.140.0/22 -103.215.184.0/22 -103.215.228.0/22 -103.216.4.0/22 -103.216.8.0/22 -103.216.12.0/22 -103.216.16.0/22 -103.216.20.0/22 -103.216.24.0/22 -103.216.28.0/22 -103.216.32.0/22 -103.216.36.0/22 -103.216.40.0/22 -103.216.44.0/22 -103.216.64.0/22 -103.216.108.0/22 -103.216.136.0/22 -103.216.152.0/22 -103.216.224.0/22 -103.216.228.0/22 -103.216.240.0/22 -103.216.244.0/22 -103.216.248.0/22 -103.216.252.0/22 -103.217.0.0/22 -103.217.4.0/22 -103.217.8.0/22 -103.217.12.0/22 -103.217.16.0/22 -103.217.20.0/22 -103.217.24.0/22 -103.217.28.0/22 -103.217.32.0/22 -103.217.36.0/22 -103.217.40.0/22 -103.217.44.0/22 -103.217.48.0/22 -103.217.52.0/22 -103.217.56.0/22 -103.217.60.0/22 -103.217.168.0/22 -103.217.180.0/22 -103.217.184.0/22 -103.217.188.0/22 -103.217.192.0/22 -103.217.196.0/22 -103.217.200.0/22 -103.217.204.0/22 -103.218.0.0/22 -103.218.8.0/22 -103.218.12.0/22 -103.218.16.0/22 -103.218.20.0/22 -103.218.28.0/22 -103.218.32.0/22 -103.218.36.0/22 -103.218.40.0/22 -103.218.44.0/22 -103.218.48.0/22 -103.218.52.0/22 -103.218.56.0/22 -103.218.60.0/22 -103.218.64.0/22 -103.218.68.0/22 -103.218.72.0/22 -103.218.76.0/22 -103.218.80.0/22 -103.218.84.0/22 -103.218.88.0/22 -103.218.92.0/22 -103.218.184.0/22 -103.218.192.0/22 -103.218.196.0/22 -103.218.200.0/22 -103.218.204.0/22 -103.218.208.0/22 -103.218.212.0/22 -103.218.216.0/22 -103.219.24.0/22 -103.219.28.0/22 -103.219.32.0/22 -103.219.36.0/22 -103.219.64.0/22 -103.219.84.0/22 -103.219.88.0/22 -103.219.92.0/22 -103.219.96.0/22 -103.219.100.0/22 -103.219.176.0/22 -103.219.184.0/22 -103.220.48.0/22 -103.220.52.0/22 -103.220.56.0/22 -103.220.60.0/22 -103.220.64.0/22 -103.220.92.0/22 -103.220.96.0/22 -103.220.100.0/22 -103.220.104.0/22 -103.220.108.0/22 -103.220.116.0/22 -103.220.120.0/22 -103.220.124.0/22 -103.220.128.0/22 -103.220.132.0/22 -103.220.136.0/22 -103.220.140.0/22 -103.220.144.0/22 -103.220.148.0/22 -103.220.152.0/22 -103.220.160.0/22 -103.220.164.0/22 -103.220.168.0/22 -103.220.172.0/22 -103.220.176.0/22 -103.220.180.0/22 -103.220.184.0/22 -103.220.188.0/22 -103.220.192.0/22 -103.220.196.0/22 -103.220.200.0/22 -103.220.240.0/22 -103.220.244.0/22 -103.220.248.0/22 -103.220.252.0/22 -103.221.0.0/22 -103.221.4.0/22 -103.221.8.0/22 -103.221.12.0/22 -103.221.16.0/22 -103.221.20.0/22 -103.221.24.0/22 -103.221.28.0/22 -103.221.32.0/22 -103.221.36.0/22 -103.221.40.0/22 -103.221.44.0/22 -103.221.48.0/22 -103.221.88.0/22 -103.221.92.0/22 -103.221.96.0/22 -103.221.100.0/22 -103.221.104.0/22 -103.221.108.0/22 -103.221.112.0/22 -103.221.116.0/22 -103.221.120.0/22 -103.221.124.0/22 -103.221.128.0/22 -103.221.132.0/22 -103.221.136.0/22 -103.221.140.0/22 -103.221.144.0/22 -103.221.148.0/22 -103.221.152.0/22 -103.221.156.0/22 -103.221.160.0/22 -103.221.164.0/22 -103.221.168.0/22 -103.221.172.0/22 -103.221.176.0/22 -103.221.180.0/22 -103.221.184.0/22 -103.221.188.0/22 -103.221.192.0/22 -103.221.196.0/22 -103.221.200.0/22 -103.221.204.0/22 -103.222.0.0/22 -103.222.4.0/22 -103.222.8.0/22 -103.222.12.0/22 -103.222.16.0/22 -103.222.24.0/22 -103.222.28.0/22 -103.222.32.0/22 -103.222.36.0/22 -103.222.40.0/22 -103.222.44.0/22 -103.222.48.0/22 -103.222.52.0/22 -103.222.56.0/22 -103.222.60.0/22 -103.222.64.0/22 -103.222.68.0/22 -103.222.72.0/22 -103.222.76.0/22 -103.222.80.0/22 -103.222.84.0/22 -103.222.88.0/22 -103.222.92.0/22 -103.222.96.0/22 -103.222.100.0/22 -103.222.104.0/22 -103.222.108.0/22 -103.222.112.0/22 -103.222.116.0/22 -103.222.120.0/22 -103.222.124.0/22 -103.222.128.0/22 -103.222.132.0/22 -103.222.136.0/22 -103.222.140.0/22 -103.222.144.0/22 -103.222.148.0/22 -103.222.152.0/22 -103.222.156.0/22 -103.222.160.0/22 -103.222.164.0/22 -103.222.168.0/22 -103.222.172.0/22 -103.222.176.0/22 -103.222.180.0/22 -103.222.184.0/22 -103.222.188.0/22 -103.222.192.0/22 -103.222.196.0/22 -103.222.200.0/22 -103.222.204.0/22 -103.222.208.0/22 -103.222.212.0/22 -103.222.216.0/22 -103.222.220.0/22 -103.222.224.0/22 -103.222.228.0/22 -103.222.232.0/22 -103.222.240.0/22 -103.222.244.0/22 -103.223.16.0/22 -103.223.20.0/22 -103.223.24.0/22 -103.223.28.0/22 -103.223.32.0/22 -103.223.36.0/22 -103.223.40.0/22 -103.223.44.0/22 -103.223.48.0/22 -103.223.52.0/22 -103.223.56.0/22 -103.223.60.0/22 -103.223.64.0/22 -103.223.68.0/22 -103.223.72.0/22 -103.223.76.0/22 -103.223.80.0/22 -103.223.84.0/22 -103.223.88.0/22 -103.223.92.0/22 -103.223.96.0/22 -103.223.100.0/22 -103.223.104.0/22 -103.223.108.0/22 -103.223.112.0/22 -103.223.116.0/22 -103.223.120.0/22 -103.223.124.0/22 -103.223.128.0/22 -103.223.132.0/22 -103.223.140.0/22 -103.223.144.0/22 -103.223.148.0/22 -103.223.152.0/22 -103.223.156.0/22 -103.223.160.0/22 -103.223.164.0/22 -103.223.168.0/22 -103.223.172.0/22 -103.223.176.0/22 -103.223.180.0/22 -103.223.188.0/22 -103.223.192.0/22 -103.223.196.0/22 -103.223.200.0/22 -103.223.204.0/22 -103.223.208.0/22 -103.223.212.0/22 -103.223.216.0/22 -103.223.220.0/22 -103.223.224.0/22 -103.223.228.0/22 -103.223.232.0/22 -103.223.236.0/22 -103.223.240.0/22 -103.223.244.0/22 -103.223.248.0/22 -103.223.252.0/22 -103.224.0.0/22 -103.224.40.0/22 -103.224.44.0/22 -103.224.60.0/22 -103.224.80.0/22 -103.224.220.0/22 -103.224.224.0/22 -103.224.228.0/22 -103.224.232.0/22 -103.225.84.0/22 -103.226.16.0/22 -103.226.40.0/22 -103.226.56.0/22 -103.226.60.0/22 -103.226.80.0/22 -103.226.132.0/22 -103.226.156.0/22 -103.226.180.0/22 -103.226.196.0/22 -103.227.48.0/22 -103.227.72.0/22 -103.227.76.0/22 -103.227.80.0/22 -103.227.100.0/22 -103.227.120.0/22 -103.227.132.0/22 -103.227.136.0/22 -103.227.196.0/22 -103.227.204.0/22 -103.227.212.0/22 -103.227.228.0/22 -103.228.12.0/22 -103.228.28.0/22 -103.228.88.0/22 -103.228.128.0/22 -103.228.136.0/22 -103.228.160.0/22 -103.228.176.0/22 -103.228.204.0/22 -103.228.208.0/22 -103.228.228.0/22 -103.228.232.0/22 -103.229.20.0/22 -103.229.60.0/22 -103.229.136.0/22 -103.229.148.0/22 -103.229.172.0/22 -103.229.212.0/22 -103.229.216.0/22 -103.229.220.0/22 -103.229.228.0/22 -103.229.236.0/22 -103.229.240.0/22 -103.230.0.0/22 -103.230.28.0/22 -103.230.44.0/22 -103.230.96.0/22 -103.230.196.0/22 -103.230.200.0/22 -103.230.204.0/22 -103.230.212.0/22 -103.230.236.0/22 -103.231.16.0/22 -103.231.20.0/22 -103.231.64.0/22 -103.231.68.0/22 -103.231.144.0/22 -103.231.180.0/22 -103.231.184.0/22 -103.231.244.0/22 -103.232.4.0/22 -103.232.144.0/22 -103.232.188.0/22 -103.232.212.0/22 -103.233.4.0/22 -103.233.44.0/22 -103.233.52.0/22 -103.233.104.0/22 -103.233.128.0/22 -103.233.136.0/22 -103.233.228.0/22 -103.234.0.0/22 -103.234.20.0/22 -103.234.56.0/22 -103.234.128.0/22 -103.234.172.0/22 -103.234.180.0/22 -103.234.244.0/22 -103.235.16.0/22 -103.235.48.0/22 -103.235.56.0/22 -103.235.60.0/22 -103.235.80.0/22 -103.235.84.0/22 -103.235.128.0/22 -103.235.132.0/22 -103.235.136.0/22 -103.235.140.0/22 -103.235.144.0/22 -103.235.148.0/22 -103.235.184.0/22 -103.235.192.0/22 -103.235.200.0/22 -103.235.220.0/22 -103.235.224.0/22 -103.235.228.0/22 -103.235.232.0/22 -103.235.236.0/22 -103.235.240.0/22 -103.235.244.0/22 -103.235.248.0/22 -103.235.252.0/22 -103.236.0.0/22 -103.236.4.0/22 -103.236.8.0/22 -103.236.12.0/22 -103.236.16.0/22 -103.236.20.0/22 -103.236.24.0/22 -103.236.28.0/22 -103.236.32.0/22 -103.236.36.0/22 -103.236.40.0/22 -103.236.44.0/22 -103.236.48.0/22 -103.236.52.0/22 -103.236.56.0/22 -103.236.60.0/22 -103.236.64.0/22 -103.236.68.0/22 -103.236.72.0/22 -103.236.76.0/22 -103.236.80.0/22 -103.236.84.0/22 -103.236.88.0/22 -103.236.92.0/22 -103.236.96.0/22 -103.236.120.0/22 -103.236.184.0/22 -103.236.220.0/22 -103.236.232.0/22 -103.236.240.0/22 -103.236.244.0/22 -103.236.248.0/22 -103.236.252.0/22 -103.237.0.0/22 -103.237.4.0/22 -103.237.8.0/22 -103.237.12.0/22 -103.237.24.0/22 -103.237.28.0/22 -103.237.68.0/22 -103.237.88.0/22 -103.237.152.0/22 -103.237.176.0/22 -103.237.180.0/22 -103.237.184.0/22 -103.237.188.0/22 -103.237.192.0/22 -103.237.196.0/22 -103.237.200.0/22 -103.237.204.0/22 -103.237.208.0/22 -103.237.212.0/22 -103.237.216.0/22 -103.237.220.0/22 -103.237.224.0/22 -103.237.228.0/22 -103.237.232.0/22 -103.237.236.0/22 -103.237.240.0/22 -103.237.244.0/22 -103.237.248.0/22 -103.237.252.0/22 -103.238.0.0/22 -103.238.4.0/22 -103.238.16.0/22 -103.238.20.0/22 -103.238.24.0/22 -103.238.28.0/22 -103.238.32.0/22 -103.238.36.0/22 -103.238.40.0/22 -103.238.44.0/22 -103.238.48.0/22 -103.238.52.0/22 -103.238.56.0/22 -103.238.88.0/22 -103.238.92.0/22 -103.238.96.0/22 -103.238.132.0/22 -103.238.140.0/22 -103.238.144.0/22 -103.238.160.0/22 -103.238.164.0/22 -103.238.168.0/22 -103.238.172.0/22 -103.238.176.0/22 -103.238.180.0/22 -103.238.184.0/22 -103.238.188.0/22 -103.238.196.0/22 -103.238.204.0/22 -103.238.252.0/22 -103.239.0.0/22 -103.239.44.0/22 -103.239.68.0/22 -103.239.96.0/22 -103.239.152.0/22 -103.239.156.0/22 -103.239.176.0/22 -103.239.180.0/22 -103.239.184.0/22 -103.239.192.0/22 -103.239.196.0/22 -103.239.204.0/22 -103.239.208.0/22 -103.239.224.0/22 -103.239.244.0/22 -103.240.16.0/22 -103.240.36.0/22 -103.240.72.0/22 -103.240.84.0/22 -103.240.124.0/22 -103.240.156.0/22 -103.240.172.0/22 -103.240.188.0/22 -103.240.244.0/22 -103.241.12.0/22 -103.241.72.0/22 -103.241.92.0/22 -103.241.96.0/22 -103.241.160.0/22 -103.241.184.0/22 -103.241.188.0/22 -103.241.220.0/22 -103.242.64.0/22 -103.242.128.0/22 -103.242.132.0/22 -103.242.160.0/22 -103.242.168.0/22 -103.242.172.0/22 -103.242.176.0/22 -103.242.200.0/22 -103.242.212.0/22 -103.242.220.0/22 -103.242.240.0/22 -103.243.136.0/22 -103.243.252.0/22 -103.244.16.0/22 -103.244.58.0/23 -103.244.60.0/22 -103.244.64.0/22 -103.244.68.0/22 -103.244.72.0/22 -103.244.76.0/22 -103.244.80.0/22 -103.244.84.0/22 -103.244.116.0/22 -103.244.164.0/22 -103.244.232.0/22 -103.244.252.0/22 -103.245.23.0/24 -103.245.52.0/22 -103.245.60.0/22 -103.245.80.0/22 -103.245.124.0/22 -103.245.128.0/22 -103.246.8.0/22 -103.246.12.0/22 -103.246.120.0/22 -103.246.124.0/22 -103.246.132.0/22 -103.246.152.0/22 -103.246.156.0/22 -103.247.168.0/22 -103.247.172.0/22 -103.247.176.0/22 -103.247.200.0/22 -103.247.212.0/22 -103.248.0.0/23 -103.248.64.0/22 -103.248.100.0/22 -103.248.124.0/22 -103.248.152.0/22 -103.248.168.0/22 -103.248.192.0/22 -103.248.212.0/22 -103.248.220.0/22 -103.248.224.0/22 -103.249.8.0/22 -103.249.12.0/22 -103.249.52.0/22 -103.249.104.0/22 -103.249.128.0/22 -103.249.136.0/22 -103.249.144.0/22 -103.249.164.0/22 -103.249.168.0/22 -103.249.172.0/22 -103.249.176.0/22 -103.249.188.0/22 -103.249.192.0/22 -103.249.244.0/22 -103.249.252.0/22 -103.250.32.0/22 -103.250.104.0/22 -103.250.124.0/22 -103.250.180.0/22 -103.250.192.0/22 -103.250.216.0/22 -103.250.224.0/22 -103.250.236.0/22 -103.250.248.0/22 -103.250.252.0/22 -103.251.32.0/22 -103.251.36.0/22 -103.251.84.0/22 -103.251.96.0/22 -103.251.124.0/22 -103.251.128.0/22 -103.251.160.0/22 -103.251.192.0/22 -103.251.204.0/22 -103.251.236.0/22 -103.251.240.0/22 -103.252.28.0/22 -103.252.36.0/22 -103.252.64.0/22 -103.252.96.0/22 -103.252.104.0/22 -103.252.172.0/22 -103.252.204.0/22 -103.252.208.0/22 -103.252.232.0/22 -103.252.248.0/22 -103.253.4.0/22 -103.253.60.0/22 -103.253.204.0/22 -103.253.220.0/22 -103.253.224.0/22 -103.253.232.0/22 -103.254.8.0/22 -103.254.20.0/22 -103.254.64.0/22 -103.254.68.0/22 -103.254.72.0/22 -103.254.76.0/22 -103.254.112.0/22 -103.254.176.0/22 -103.254.188.0/22 -103.254.196.0/24 -103.254.220.0/22 -103.255.56.0/22 -103.255.68.0/22 -103.255.88.0/22 -103.255.92.0/22 -103.255.136.0/22 -103.255.140.0/22 -103.255.184.0/22 -103.255.200.0/22 -103.255.212.0/22 -103.255.228.0/22 -106.0.0.0/24 -106.0.2.0/23 -106.0.4.0/22 -106.0.8.0/21 -106.0.16.0/20 -106.0.44.0/22 -106.0.64.0/18 -106.2.0.0/15 -106.4.0.0/14 -106.8.0.0/15 -106.11.0.0/16 -106.12.0.0/15 -106.14.0.0/15 -106.16.0.0/12 -106.32.0.0/12 -106.48.0.0/15 -106.50.0.0/16 -106.52.0.0/14 -106.56.0.0/13 -106.74.0.0/16 -106.75.0.0/16 -106.80.0.0/12 -106.108.0.0/14 -106.112.0.0/13 -106.120.0.0/13 -106.224.0.0/12 -109.244.0.0/16 -110.6.0.0/15 -110.16.0.0/14 -110.34.40.0/22 -110.34.44.0/22 -110.40.0.0/14 -110.44.12.0/22 -110.44.144.0/20 -110.48.0.0/16 -110.51.0.0/16 -110.52.0.0/15 -110.56.0.0/13 -110.64.0.0/15 -110.72.0.0/15 -110.75.0.0/17 -110.75.128.0/19 -110.75.160.0/19 -110.75.192.0/18 -110.76.0.0/19 -110.76.32.0/19 -110.76.132.0/22 -110.76.156.0/22 -110.76.184.0/22 -110.76.192.0/18 -110.77.0.0/17 -110.80.0.0/13 -110.88.0.0/14 -110.92.68.0/22 -110.93.32.0/19 -110.94.0.0/15 -110.96.0.0/11 -110.152.0.0/14 -110.156.0.0/15 -110.165.32.0/19 -110.166.0.0/15 -110.172.192.0/18 -110.173.0.0/19 -110.173.32.0/20 -110.173.64.0/19 -110.173.96.0/19 -110.173.192.0/19 -110.176.0.0/13 -110.184.0.0/13 -110.192.0.0/11 -110.228.0.0/14 -110.232.32.0/19 -110.236.0.0/15 -110.240.0.0/12 -111.0.0.0/10 -111.66.0.0/16 -111.67.192.0/20 -111.68.64.0/19 -111.72.0.0/13 -111.85.0.0/16 -111.91.192.0/19 -111.92.248.0/22 -111.92.252.0/22 -111.112.0.0/15 -111.114.0.0/15 -111.116.0.0/15 -111.118.200.0/21 -111.119.64.0/18 -111.119.128.0/19 -111.120.0.0/14 -111.124.0.0/16 -111.126.0.0/15 -111.128.0.0/11 -111.160.0.0/13 -111.170.0.0/16 -111.172.0.0/14 -111.176.0.0/13 -111.186.0.0/15 -111.192.0.0/12 -111.208.0.0/14 -111.212.0.0/14 -111.221.28.0/24 -111.221.128.0/17 -111.222.0.0/16 -111.223.4.0/22 -111.223.8.0/22 -111.223.12.0/22 -111.223.16.0/22 -111.223.240.0/22 -111.223.248.0/22 -111.224.0.0/14 -111.228.0.0/14 -111.235.96.0/19 -111.235.156.0/22 -111.235.160.0/19 -112.0.0.0/10 -112.64.0.0/15 -112.66.0.0/15 -112.73.0.0/16 -112.74.0.0/15 -112.80.0.0/13 -112.88.0.0/13 -112.96.0.0/15 -112.98.0.0/15 -112.100.0.0/14 -112.109.128.0/17 -112.111.0.0/16 -112.112.0.0/14 -112.116.0.0/15 -112.122.0.0/15 -112.124.0.0/14 -112.128.0.0/14 -112.132.0.0/16 -112.137.48.0/21 -112.192.0.0/14 -112.224.0.0/11 -113.0.0.0/13 -113.8.0.0/15 -113.11.192.0/19 -113.12.0.0/14 -113.16.0.0/15 -113.18.0.0/16 -113.21.232.0/22 -113.21.236.0/22 -113.24.0.0/14 -113.31.0.0/16 -113.44.0.0/14 -113.48.0.0/14 -113.52.160.0/19 -113.52.228.0/22 -113.54.0.0/15 -113.56.0.0/15 -113.58.0.0/16 -113.59.0.0/17 -113.59.224.0/22 -113.62.0.0/15 -113.64.0.0/11 -113.96.0.0/12 -113.112.0.0/13 -113.120.0.0/13 -113.128.0.0/15 -113.130.96.0/20 -113.130.112.0/21 -113.132.0.0/14 -113.136.0.0/13 -113.194.0.0/15 -113.197.100.0/22 -113.200.0.0/15 -113.202.0.0/16 -113.204.0.0/14 -113.208.96.0/19 -113.208.128.0/17 -113.209.0.0/16 -113.212.0.0/18 -113.212.64.0/22 -113.212.88.0/22 -113.212.100.0/22 -113.212.184.0/21 -113.213.0.0/17 -113.214.0.0/15 -113.218.0.0/15 -113.220.0.0/14 -113.224.0.0/12 -113.240.0.0/13 -113.248.0.0/14 -114.28.0.0/16 -114.31.64.0/22 -114.31.68.0/22 -114.54.0.0/15 -114.60.0.0/14 -114.64.0.0/14 -114.68.0.0/16 -114.79.64.0/18 -114.80.0.0/12 -114.96.0.0/13 -114.104.0.0/14 -114.110.0.0/20 -114.110.64.0/18 -114.111.0.0/19 -114.111.160.0/19 -114.112.0.0/14 -114.116.0.0/16 -114.117.0.0/16 -114.118.0.0/16 -114.119.0.0/17 -114.119.192.0/21 -114.119.200.0/22 -114.119.204.0/22 -114.119.208.0/20 -114.119.224.0/19 -114.132.0.0/16 -114.135.0.0/16 -114.138.0.0/15 -114.141.64.0/21 -114.141.80.0/22 -114.141.84.0/22 -114.141.128.0/18 -114.196.0.0/15 -114.198.248.0/21 -114.208.0.0/14 -114.212.0.0/15 -114.214.0.0/16 -114.215.0.0/16 -114.216.0.0/13 -114.224.0.0/12 -114.240.0.0/12 -115.24.0.0/14 -115.28.0.0/15 -115.31.64.0/22 -115.31.68.0/22 -115.31.72.0/22 -115.31.76.0/22 -115.32.0.0/14 -115.42.56.0/22 -115.44.0.0/15 -115.46.0.0/16 -115.47.0.0/16 -115.48.0.0/12 -115.69.64.0/20 -115.84.0.0/18 -115.84.192.0/19 -115.85.192.0/18 -115.100.0.0/14 -115.104.0.0/14 -115.120.0.0/14 -115.124.16.0/20 -115.148.0.0/14 -115.152.0.0/15 -115.154.0.0/15 -115.156.0.0/15 -115.158.0.0/16 -115.159.0.0/16 -115.166.64.0/19 -115.168.0.0/14 -115.172.0.0/14 -115.180.0.0/15 -115.182.0.0/16 -115.183.0.0/16 -115.187.0.0/22 -115.187.4.0/22 -115.187.8.0/22 -115.187.12.0/22 -115.190.0.0/15 -115.192.0.0/11 -115.224.0.0/12 -116.0.8.0/21 -116.0.24.0/21 -116.1.0.0/16 -116.2.0.0/15 -116.4.0.0/14 -116.8.0.0/14 -116.13.0.0/16 -116.16.0.0/12 -116.50.0.0/20 -116.52.0.0/14 -116.56.0.0/15 -116.58.128.0/20 -116.58.208.0/20 -116.60.0.0/14 -116.66.0.0/17 -116.66.176.0/22 -116.68.136.0/22 -116.68.140.0/22 -116.68.176.0/22 -116.68.180.0/22 -116.69.0.0/16 -116.70.0.0/17 -116.76.0.0/15 -116.78.0.0/15 -116.85.0.0/16 -116.89.144.0/20 -116.89.240.0/22 -116.90.80.0/20 -116.90.184.0/21 -116.95.0.0/16 -116.112.0.0/14 -116.116.0.0/15 -116.128.0.0/10 -116.192.0.0/16 -116.193.16.0/20 -116.193.32.0/19 -116.193.152.0/22 -116.193.164.0/22 -116.193.176.0/21 -116.194.0.0/15 -116.196.0.0/16 -116.197.160.0/22 -116.197.164.0/22 -116.198.0.0/16 -116.199.0.0/17 -116.199.128.0/19 -116.204.0.0/17 -116.204.132.0/22 -116.204.168.0/22 -116.204.216.0/22 -116.204.232.0/22 -116.204.236.0/22 -116.204.244.0/22 -116.205.0.0/16 -116.206.92.0/22 -116.206.176.0/22 -116.207.0.0/16 -116.208.0.0/14 -116.212.160.0/20 -116.213.44.0/22 -116.213.64.0/18 -116.213.128.0/17 -116.214.32.0/19 -116.214.64.0/20 -116.214.128.0/17 -116.215.0.0/16 -116.216.0.0/14 -116.224.0.0/12 -116.242.0.0/15 -116.244.0.0/15 -116.246.0.0/15 -116.248.0.0/15 -116.251.64.0/18 -116.252.0.0/15 -116.254.104.0/22 -116.254.108.0/22 -116.254.128.0/17 -116.255.128.0/17 -117.8.0.0/13 -117.21.0.0/16 -117.22.0.0/15 -117.24.0.0/13 -117.32.0.0/13 -117.40.0.0/14 -117.44.0.0/15 -117.48.0.0/17 -117.48.128.0/17 -117.49.0.0/16 -117.50.0.0/15 -117.53.48.0/20 -117.53.176.0/20 -117.57.0.0/16 -117.58.0.0/17 -117.59.0.0/16 -117.60.0.0/14 -117.64.0.0/13 -117.72.0.0/15 -117.74.64.0/20 -117.74.80.0/20 -117.74.128.0/17 -117.75.0.0/16 -117.76.0.0/14 -117.80.0.0/12 -117.100.0.0/15 -117.103.16.0/20 -117.103.40.0/21 -117.103.72.0/21 -117.103.128.0/20 -117.104.168.0/21 -117.106.0.0/15 -117.112.0.0/13 -117.120.64.0/18 -117.120.128.0/17 -117.121.0.0/17 -117.121.128.0/18 -117.121.192.0/21 -117.122.128.0/17 -117.124.0.0/14 -117.128.0.0/10 -118.24.0.0/15 -118.26.0.0/19 -118.26.32.0/22 -118.26.40.0/21 -118.26.48.0/21 -118.26.56.0/21 -118.26.64.0/19 -118.26.96.0/21 -118.26.112.0/21 -118.26.120.0/21 -118.26.128.0/17 -118.28.0.0/15 -118.30.0.0/16 -118.31.0.0/16 -118.64.0.0/15 -118.66.0.0/16 -118.67.112.0/20 -118.72.0.0/13 -118.80.0.0/15 -118.84.0.0/15 -118.88.32.0/19 -118.88.64.0/18 -118.88.128.0/17 -118.89.0.0/16 -118.91.240.0/20 -118.102.16.0/20 -118.102.32.0/21 -118.103.164.0/22 -118.103.168.0/22 -118.103.172.0/22 -118.103.176.0/22 -118.107.180.0/22 -118.112.0.0/13 -118.120.0.0/14 -118.124.0.0/15 -118.126.0.0/16 -118.127.128.0/19 -118.132.0.0/14 -118.144.0.0/14 -118.178.0.0/16 -118.180.0.0/14 -118.184.0.0/17 -118.184.128.0/17 -118.186.0.0/15 -118.188.0.0/16 -118.190.0.0/16 -118.191.0.0/21 -118.191.8.0/22 -118.191.12.0/24 -118.191.16.0/21 -118.191.64.0/20 -118.191.80.0/22 -118.191.128.0/19 -118.191.176.0/20 -118.191.192.0/20 -118.191.208.0/24 -118.191.216.0/22 -118.191.223.0/24 -118.191.224.0/24 -118.191.240.0/20 -118.192.0.0/16 -118.193.0.0/21 -118.193.8.0/21 -118.193.48.0/21 -118.193.96.0/19 -118.193.128.0/17 -118.194.0.0/17 -118.194.128.0/18 -118.194.192.0/19 -118.194.224.0/22 -118.194.240.0/21 -118.195.0.0/17 -118.195.128.0/17 -118.196.0.0/14 -118.202.0.0/15 -118.204.0.0/14 -118.212.0.0/16 -118.213.0.0/16 -118.215.192.0/18 -118.224.0.0/14 -118.228.0.0/15 -118.230.0.0/16 -118.239.0.0/16 -118.242.0.0/16 -118.244.0.0/14 -118.248.0.0/13 -119.0.0.0/15 -119.2.0.0/19 -119.2.128.0/17 -119.3.0.0/16 -119.4.0.0/14 -119.10.0.0/17 -119.15.136.0/21 -119.16.0.0/16 -119.18.192.0/20 -119.18.208.0/21 -119.18.224.0/20 -119.18.240.0/20 -119.19.0.0/16 -119.20.0.0/14 -119.27.64.0/18 -119.27.128.0/19 -119.27.160.0/19 -119.27.192.0/18 -119.28.0.0/15 -119.30.48.0/20 -119.31.192.0/19 -119.32.0.0/14 -119.36.0.0/16 -119.37.0.0/17 -119.37.128.0/18 -119.37.192.0/18 -119.38.0.0/17 -119.38.128.0/18 -119.38.192.0/20 -119.38.208.0/20 -119.38.224.0/19 -119.39.0.0/16 -119.40.0.0/18 -119.40.64.0/20 -119.40.128.0/17 -119.41.0.0/16 -119.42.0.0/19 -119.42.52.0/22 -119.42.128.0/21 -119.42.136.0/21 -119.42.224.0/19 -119.44.0.0/15 -119.48.0.0/13 -119.57.0.0/16 -119.58.0.0/16 -119.59.128.0/17 -119.60.0.0/16 -119.61.0.0/16 -119.62.0.0/16 -119.63.32.0/19 -119.75.208.0/20 -119.78.0.0/15 -119.80.0.0/16 -119.82.208.0/20 -119.84.0.0/14 -119.88.0.0/14 -119.96.0.0/13 -119.108.0.0/15 -119.112.0.0/13 -119.120.0.0/13 -119.128.0.0/12 -119.144.0.0/14 -119.148.160.0/20 -119.148.176.0/20 -119.151.192.0/18 -119.160.200.0/21 -119.161.120.0/22 -119.161.124.0/22 -119.161.128.0/17 -119.162.0.0/15 -119.164.0.0/14 -119.176.0.0/12 -119.232.0.0/15 -119.235.128.0/18 -119.248.0.0/14 -119.252.96.0/21 -119.252.240.0/20 -119.253.0.0/16 -119.254.0.0/15 -120.0.0.0/12 -120.24.0.0/14 -120.30.0.0/16 -120.31.0.0/16 -120.32.0.0/13 -120.40.0.0/14 -120.44.0.0/14 -120.48.0.0/15 -120.52.0.0/16 -120.53.0.0/16 -120.54.0.0/15 -120.64.0.0/14 -120.68.0.0/14 -120.72.32.0/19 -120.72.128.0/17 -120.76.0.0/14 -120.80.0.0/13 -120.88.8.0/21 -120.90.0.0/15 -120.92.0.0/16 -120.94.0.0/16 -120.95.0.0/16 -120.128.0.0/14 -120.132.0.0/17 -120.132.128.0/17 -120.133.0.0/16 -120.134.0.0/15 -120.136.16.0/22 -120.136.20.0/22 -120.136.128.0/18 -120.137.0.0/17 -120.143.128.0/19 -120.192.0.0/10 -121.0.8.0/21 -121.0.16.0/20 -121.4.0.0/15 -121.8.0.0/13 -121.16.0.0/13 -121.24.0.0/14 -121.28.0.0/15 -121.30.0.0/16 -121.31.0.0/16 -121.32.0.0/14 -121.36.0.0/16 -121.37.0.0/16 -121.38.0.0/15 -121.40.0.0/14 -121.46.0.0/18 -121.46.76.0/22 -121.46.128.0/17 -121.47.0.0/16 -121.48.0.0/15 -121.50.8.0/21 -121.51.0.0/16 -121.52.160.0/19 -121.52.208.0/20 -121.52.224.0/19 -121.54.176.0/21 -121.54.188.0/22 -121.55.0.0/18 -121.56.0.0/15 -121.58.0.0/17 -121.58.136.0/21 -121.58.144.0/20 -121.58.160.0/21 -121.59.0.0/16 -121.60.0.0/14 -121.68.0.0/14 -121.76.0.0/15 -121.79.128.0/18 -121.89.0.0/16 -121.100.128.0/17 -121.101.0.0/18 -121.101.208.0/20 -121.192.0.0/16 -121.193.0.0/16 -121.194.0.0/15 -121.196.0.0/14 -121.200.192.0/21 -121.201.0.0/16 -121.204.0.0/14 -121.224.0.0/12 -121.248.0.0/14 -121.255.0.0/16 -122.0.64.0/18 -122.0.128.0/17 -122.4.0.0/14 -122.8.0.0/16 -122.9.0.0/16 -122.10.128.0/22 -122.10.132.0/23 -122.10.136.0/23 -122.10.164.0/22 -122.10.168.0/21 -122.10.176.0/20 -122.10.192.0/22 -122.10.200.0/21 -122.10.208.0/21 -122.10.216.0/22 -122.10.228.0/22 -122.10.232.0/21 -122.10.240.0/22 -122.11.0.0/17 -122.12.0.0/16 -122.13.0.0/16 -122.14.0.0/17 -122.14.128.0/18 -122.14.192.0/18 -122.48.0.0/16 -122.49.0.0/18 -122.51.0.0/16 -122.64.0.0/11 -122.96.0.0/15 -122.102.0.0/20 -122.102.64.0/20 -122.102.80.0/20 -122.112.0.0/18 -122.112.64.0/18 -122.112.128.0/17 -122.113.0.0/16 -122.114.0.0/16 -122.115.0.0/17 -122.115.128.0/19 -122.115.160.0/19 -122.115.192.0/19 -122.115.224.0/19 -122.119.0.0/16 -122.128.100.0/22 -122.128.120.0/21 -122.136.0.0/13 -122.144.128.0/17 -122.152.192.0/18 -122.156.0.0/14 -122.188.0.0/14 -122.192.0.0/14 -122.198.0.0/16 -122.200.40.0/22 -122.200.44.0/22 -122.200.64.0/18 -122.201.48.0/20 -122.204.0.0/14 -122.224.0.0/12 -122.240.0.0/13 -122.248.24.0/21 -122.248.48.0/20 -122.255.64.0/21 -123.0.128.0/18 -123.4.0.0/14 -123.8.0.0/13 -123.49.128.0/17 -123.50.160.0/19 -123.52.0.0/14 -123.56.0.0/15 -123.58.0.0/20 -123.58.16.0/20 -123.58.32.0/19 -123.58.64.0/19 -123.58.96.0/19 -123.58.128.0/18 -123.58.224.0/20 -123.58.240.0/20 -123.59.0.0/16 -123.60.0.0/16 -123.61.0.0/16 -123.62.0.0/16 -123.64.0.0/11 -123.96.0.0/15 -123.98.0.0/17 -123.99.128.0/17 -123.100.0.0/19 -123.101.0.0/16 -123.103.0.0/17 -123.108.128.0/20 -123.108.208.0/20 -123.112.0.0/12 -123.128.0.0/13 -123.136.80.0/20 -123.137.0.0/16 -123.138.0.0/15 -123.144.0.0/14 -123.148.0.0/16 -123.149.0.0/16 -123.150.0.0/15 -123.152.0.0/13 -123.160.0.0/14 -123.164.0.0/14 -123.168.0.0/14 -123.172.0.0/15 -123.174.0.0/15 -123.176.60.0/22 -123.176.80.0/20 -123.177.0.0/16 -123.178.0.0/15 -123.180.0.0/14 -123.184.0.0/14 -123.188.0.0/14 -123.196.0.0/15 -123.199.128.0/17 -123.206.0.0/15 -123.232.0.0/14 -123.242.0.0/17 -123.242.192.0/22 -123.242.196.0/22 -123.244.0.0/14 -123.249.0.0/16 -123.253.108.0/22 -123.253.240.0/22 -123.254.96.0/22 -123.254.100.0/22 -124.6.64.0/18 -124.14.0.0/15 -124.16.0.0/15 -124.20.0.0/16 -124.21.0.0/20 -124.21.16.0/20 -124.21.32.0/19 -124.21.64.0/18 -124.21.128.0/17 -124.22.0.0/15 -124.28.192.0/18 -124.29.0.0/17 -124.31.0.0/16 -124.40.112.0/20 -124.40.128.0/18 -124.40.192.0/19 -124.40.240.0/22 -124.42.0.0/17 -124.42.128.0/17 -124.47.0.0/18 -124.64.0.0/15 -124.66.0.0/17 -124.67.0.0/16 -124.68.0.0/15 -124.70.0.0/15 -124.72.0.0/16 -124.73.0.0/16 -124.74.0.0/15 -124.76.0.0/14 -124.88.0.0/16 -124.89.0.0/17 -124.89.128.0/17 -124.90.0.0/15 -124.92.0.0/14 -124.108.8.0/21 -124.108.40.0/21 -124.109.96.0/21 -124.112.0.0/15 -124.114.0.0/15 -124.116.0.0/16 -124.117.0.0/16 -124.118.0.0/15 -124.126.0.0/15 -124.128.0.0/13 -124.147.128.0/17 -124.150.137.0/24 -124.151.0.0/16 -124.152.0.0/16 -124.160.0.0/16 -124.161.0.0/16 -124.162.0.0/16 -124.163.0.0/16 -124.164.0.0/14 -124.172.0.0/15 -124.174.0.0/15 -124.192.0.0/15 -124.196.0.0/16 -124.200.0.0/13 -124.220.0.0/14 -124.224.0.0/16 -124.225.0.0/16 -124.226.0.0/15 -124.228.0.0/14 -124.232.0.0/15 -124.234.0.0/15 -124.236.0.0/14 -124.240.0.0/17 -124.240.128.0/18 -124.242.0.0/16 -124.243.192.0/18 -124.248.0.0/17 -124.249.0.0/16 -124.250.0.0/15 -124.254.0.0/18 -125.31.192.0/18 -125.32.0.0/16 -125.33.0.0/16 -125.34.0.0/16 -125.35.0.0/17 -125.35.128.0/17 -125.36.0.0/14 -125.40.0.0/13 -125.58.128.0/17 -125.61.128.0/17 -125.62.0.0/18 -125.64.0.0/13 -125.72.0.0/16 -125.73.0.0/16 -125.74.0.0/15 -125.76.0.0/17 -125.76.128.0/17 -125.77.0.0/16 -125.78.0.0/15 -125.80.0.0/13 -125.88.0.0/13 -125.96.0.0/15 -125.98.0.0/16 -125.104.0.0/13 -125.112.0.0/12 -125.169.0.0/16 -125.171.0.0/16 -125.208.0.0/18 -125.210.0.0/16 -125.211.0.0/16 -125.213.0.0/17 -125.214.96.0/19 -125.215.0.0/18 -125.216.0.0/15 -125.218.0.0/16 -125.219.0.0/16 -125.220.0.0/15 -125.222.0.0/15 -125.254.128.0/18 -125.254.192.0/18 -128.108.0.0/16 -129.28.0.0/16 -129.204.0.0/16 -129.211.0.0/16 -132.232.0.0/16 -134.175.0.0/16 -137.59.59.0/24 -137.59.88.0/22 -139.5.56.0/22 -139.5.60.0/22 -139.5.80.0/22 -139.5.92.0/22 -139.5.108.0/22 -139.5.128.0/22 -139.5.160.0/22 -139.5.192.0/22 -139.5.204.0/22 -139.5.208.0/22 -139.5.212.0/22 -139.5.244.0/22 -139.9.0.0/16 -139.129.0.0/16 -139.148.0.0/16 -139.155.0.0/16 -139.159.0.0/16 -139.170.0.0/16 -139.176.0.0/16 -139.183.0.0/16 -139.186.0.0/16 -139.189.0.0/16 -139.196.0.0/14 -139.200.0.0/13 -139.208.0.0/13 -139.217.0.0/16 -139.219.0.0/16 -139.220.0.0/15 -139.224.0.0/16 -139.226.0.0/15 -140.75.0.0/16 -140.143.0.0/16 -140.179.0.0/16 -140.205.0.0/16 -140.206.0.0/15 -140.210.0.0/16 -140.224.0.0/16 -140.237.0.0/16 -140.240.0.0/16 -140.243.0.0/16 -140.246.0.0/16 -140.249.0.0/16 -140.250.0.0/16 -140.255.0.0/16 -144.0.0.0/16 -144.7.0.0/16 -144.12.0.0/16 -144.48.8.0/22 -144.48.64.0/22 -144.48.88.0/22 -144.48.156.0/22 -144.48.180.0/22 -144.48.184.0/22 -144.48.204.0/22 -144.48.208.0/22 -144.48.212.0/22 -144.48.220.0/22 -144.48.252.0/22 -144.52.0.0/16 -144.123.0.0/16 -144.255.0.0/16 -146.56.192.0/18 -146.196.56.0/22 -146.196.68.0/22 -146.196.72.0/22 -146.196.92.0/22 -146.196.112.0/22 -146.196.116.0/22 -146.196.124.0/22 -148.70.0.0/16 -150.0.0.0/16 -150.115.0.0/16 -150.121.0.0/16 -150.122.0.0/16 -150.129.136.0/22 -150.129.192.0/22 -150.129.216.0/22 -150.129.252.0/22 -150.138.0.0/15 -150.158.0.0/16 -150.223.0.0/16 -150.242.0.0/22 -150.242.4.0/22 -150.242.8.0/22 -150.242.28.0/22 -150.242.44.0/22 -150.242.48.0/22 -150.242.52.0/22 -150.242.56.0/22 -150.242.76.0/22 -150.242.80.0/22 -150.242.92.0/22 -150.242.96.0/22 -150.242.112.0/22 -150.242.116.0/22 -150.242.120.0/22 -150.242.152.0/22 -150.242.156.0/22 -150.242.160.0/22 -150.242.164.0/22 -150.242.168.0/22 -150.242.184.0/22 -150.242.188.0/22 -150.242.192.0/22 -150.242.212.0/22 -150.242.224.0/22 -150.242.228.0/22 -150.242.232.0/22 -150.242.236.0/22 -150.242.240.0/22 -150.242.244.0/22 -150.242.248.0/22 -150.255.0.0/16 -152.104.128.0/17 -152.136.0.0/16 -153.0.0.0/16 -153.3.0.0/16 -153.34.0.0/15 -153.36.0.0/15 -153.99.0.0/16 -153.101.0.0/16 -153.118.0.0/15 -154.8.128.0/17 -157.0.0.0/16 -157.18.0.0/16 -157.61.0.0/16 -157.119.0.0/22 -157.119.8.0/22 -157.119.12.0/22 -157.119.16.0/22 -157.119.28.0/22 -157.119.68.0/22 -157.119.112.0/22 -157.119.132.0/22 -157.119.136.0/22 -157.119.140.0/22 -157.119.144.0/22 -157.119.148.0/22 -157.119.152.0/22 -157.119.156.0/22 -157.119.160.0/22 -157.119.164.0/22 -157.119.172.0/22 -157.119.192.0/22 -157.119.196.0/22 -157.119.240.0/22 -157.119.252.0/22 -157.122.0.0/16 -157.148.0.0/16 -157.156.0.0/16 -157.255.0.0/16 -159.75.0.0/16 -159.226.0.0/16 -160.19.208.0/22 -160.19.212.0/22 -160.19.216.0/22 -160.20.48.0/22 -160.202.60.0/22 -160.202.148.0/22 -160.202.152.0/22 -160.202.168.0/22 -160.202.212.0/22 -160.202.216.0/22 -160.202.220.0/22 -160.202.224.0/22 -160.202.228.0/22 -160.202.232.0/22 -160.202.236.0/22 -160.202.240.0/22 -160.202.244.0/22 -160.202.248.0/22 -160.202.252.0/22 -160.238.64.0/22 -161.189.0.0/16 -161.207.0.0/16 -162.14.0.0/16 -162.105.0.0/16 -163.0.0.0/16 -163.47.4.0/22 -163.53.0.0/22 -163.53.4.0/22 -163.53.8.0/22 -163.53.12.0/22 -163.53.36.0/22 -163.53.40.0/22 -163.53.44.0/22 -163.53.48.0/22 -163.53.52.0/22 -163.53.56.0/22 -163.53.60.0/22 -163.53.64.0/22 -163.53.88.0/22 -163.53.92.0/22 -163.53.96.0/22 -163.53.100.0/22 -163.53.104.0/22 -163.53.108.0/22 -163.53.112.0/22 -163.53.116.0/22 -163.53.120.0/22 -163.53.124.0/22 -163.53.128.0/22 -163.53.132.0/22 -163.53.136.0/22 -163.53.160.0/22 -163.53.164.0/22 -163.53.168.0/22 -163.53.172.0/22 -163.53.188.0/22 -163.53.220.0/22 -163.53.240.0/22 -163.125.0.0/16 -163.142.0.0/16 -163.177.0.0/16 -163.179.0.0/16 -163.204.0.0/16 -164.52.0.0/17 -166.111.0.0/16 -167.139.0.0/16 -167.189.0.0/16 -167.220.244.0/22 -168.160.0.0/16 -170.179.0.0/16 -171.8.0.0/13 -171.34.0.0/15 -171.36.0.0/14 -171.40.0.0/13 -171.80.0.0/14 -171.84.0.0/14 -171.88.0.0/13 -171.104.0.0/13 -171.112.0.0/14 -171.116.0.0/14 -171.120.0.0/13 -171.208.0.0/12 -172.81.192.0/18 -175.0.0.0/12 -175.16.0.0/13 -175.24.0.0/16 -175.25.0.0/16 -175.26.0.0/16 -175.27.0.0/16 -175.30.0.0/15 -175.42.0.0/15 -175.44.0.0/16 -175.46.0.0/15 -175.48.0.0/12 -175.64.0.0/11 -175.102.0.0/16 -175.106.128.0/17 -175.111.144.0/22 -175.111.148.0/22 -175.111.152.0/22 -175.111.156.0/22 -175.111.160.0/22 -175.111.164.0/22 -175.111.168.0/22 -175.111.172.0/22 -175.111.184.0/22 -175.146.0.0/15 -175.148.0.0/14 -175.152.0.0/14 -175.158.96.0/22 -175.160.0.0/12 -175.176.156.0/22 -175.176.176.0/22 -175.176.188.0/22 -175.176.192.0/22 -175.178.0.0/16 -175.184.128.0/18 -175.185.0.0/16 -175.186.0.0/15 -175.188.0.0/14 -180.76.0.0/16 -180.77.0.0/16 -180.78.0.0/15 -180.84.0.0/15 -180.86.0.0/16 -180.88.0.0/14 -180.94.56.0/21 -180.94.96.0/20 -180.94.120.0/22 -180.94.124.0/22 -180.95.128.0/17 -180.96.0.0/11 -180.129.128.0/17 -180.130.0.0/16 -180.136.0.0/13 -180.148.16.0/21 -180.148.152.0/21 -180.148.216.0/21 -180.148.224.0/19 -180.149.128.0/19 -180.149.236.0/22 -180.150.160.0/19 -180.152.0.0/13 -180.160.0.0/12 -180.178.112.0/22 -180.178.116.0/22 -180.178.192.0/18 -180.184.0.0/15 -180.186.0.0/16 -180.187.0.0/16 -180.188.0.0/17 -180.189.148.0/22 -180.200.252.0/22 -180.201.0.0/16 -180.202.0.0/15 -180.208.0.0/15 -180.210.212.0/22 -180.210.224.0/19 -180.212.0.0/15 -180.222.224.0/19 -180.223.0.0/16 -180.233.0.0/18 -180.233.64.0/19 -180.233.144.0/22 -180.235.64.0/19 -180.235.112.0/22 -182.16.144.0/22 -182.16.148.0/22 -182.16.192.0/19 -182.18.0.0/17 -182.23.184.0/21 -182.23.200.0/21 -182.32.0.0/12 -182.48.96.0/19 -182.49.0.0/16 -182.50.0.0/20 -182.50.112.0/20 -182.51.0.0/16 -182.54.0.0/17 -182.54.244.0/22 -182.61.0.0/16 -182.80.0.0/14 -182.84.0.0/14 -182.88.0.0/14 -182.92.0.0/16 -182.96.0.0/12 -182.112.0.0/12 -182.128.0.0/12 -182.144.0.0/13 -182.157.0.0/16 -182.160.64.0/19 -182.174.0.0/15 -182.200.0.0/13 -182.236.128.0/17 -182.237.24.0/22 -182.237.28.0/22 -182.238.0.0/16 -182.239.0.0/19 -182.240.0.0/13 -182.254.0.0/16 -182.255.32.0/22 -182.255.36.0/22 -182.255.60.0/22 -183.0.0.0/10 -183.64.0.0/13 -183.78.160.0/22 -183.78.164.0/22 -183.78.180.0/22 -183.81.172.0/22 -183.81.180.0/22 -183.84.0.0/15 -183.91.128.0/22 -183.91.136.0/21 -183.91.144.0/20 -183.92.0.0/14 -183.128.0.0/11 -183.160.0.0/13 -183.168.0.0/15 -183.170.0.0/16 -183.172.0.0/14 -183.182.0.0/19 -183.184.0.0/13 -183.192.0.0/10 -185.203.36.0/22 -188.131.128.0/17 -192.51.188.0/24 -192.55.46.0/24 -192.55.68.0/22 -192.102.204.0/23 -192.124.154.0/24 -192.140.128.0/22 -192.140.132.0/22 -192.140.136.0/22 -192.140.156.0/22 -192.140.160.0/22 -192.140.164.0/22 -192.140.168.0/22 -192.140.172.0/22 -192.140.176.0/22 -192.140.180.0/22 -192.140.184.0/22 -192.140.188.0/22 -192.140.192.0/22 -192.140.196.0/22 -192.140.200.0/22 -192.140.204.0/22 -192.140.208.0/22 -192.140.212.0/22 -192.144.128.0/17 -192.197.113.0/24 -193.112.0.0/16 -198.175.100.0/22 -199.212.57.0/24 -202.0.100.0/23 -202.0.122.0/23 -202.0.176.0/22 -202.3.128.0/23 -202.3.134.0/24 -202.4.128.0/19 -202.4.252.0/22 -202.5.208.0/22 -202.5.212.0/22 -202.5.216.0/22 -202.6.6.0/23 -202.6.66.0/23 -202.6.72.0/23 -202.6.87.0/24 -202.6.88.0/23 -202.6.92.0/23 -202.6.103.0/24 -202.6.108.0/24 -202.6.110.0/23 -202.6.114.0/24 -202.6.176.0/20 -202.8.0.0/24 -202.8.2.0/23 -202.8.4.0/23 -202.8.12.0/24 -202.8.24.0/24 -202.8.77.0/24 -202.8.120.0/22 -202.8.128.0/19 -202.8.192.0/20 -202.9.32.0/24 -202.9.34.0/23 -202.9.48.0/23 -202.9.51.0/24 -202.9.52.0/23 -202.9.54.0/24 -202.9.57.0/24 -202.9.58.0/23 -202.10.64.0/20 -202.10.112.0/22 -202.10.116.0/22 -202.10.120.0/22 -202.10.124.0/22 -202.12.1.0/24 -202.12.2.0/24 -202.12.17.0/24 -202.12.18.0/24 -202.12.19.0/24 -202.12.72.0/24 -202.12.84.0/23 -202.12.96.0/24 -202.12.98.0/23 -202.12.106.0/24 -202.12.111.0/24 -202.12.116.0/24 -202.14.64.0/23 -202.14.69.0/24 -202.14.73.0/24 -202.14.74.0/23 -202.14.76.0/24 -202.14.78.0/23 -202.14.88.0/24 -202.14.97.0/24 -202.14.104.0/23 -202.14.108.0/23 -202.14.111.0/24 -202.14.114.0/23 -202.14.118.0/23 -202.14.124.0/23 -202.14.127.0/24 -202.14.129.0/24 -202.14.135.0/24 -202.14.136.0/24 -202.14.149.0/24 -202.14.151.0/24 -202.14.157.0/24 -202.14.158.0/23 -202.14.169.0/24 -202.14.170.0/23 -202.14.172.0/22 -202.14.176.0/24 -202.14.184.0/23 -202.14.208.0/23 -202.14.213.0/24 -202.14.219.0/24 -202.14.220.0/24 -202.14.222.0/23 -202.14.225.0/24 -202.14.226.0/23 -202.14.231.0/24 -202.14.235.0/24 -202.14.236.0/23 -202.14.238.0/24 -202.14.239.0/24 -202.14.246.0/24 -202.14.251.0/24 -202.20.66.0/24 -202.20.79.0/24 -202.20.87.0/24 -202.20.88.0/23 -202.20.90.0/24 -202.20.94.0/23 -202.20.114.0/24 -202.20.117.0/24 -202.20.120.0/24 -202.20.125.0/24 -202.20.126.0/24 -202.20.127.0/24 -202.21.48.0/22 -202.21.52.0/22 -202.21.56.0/22 -202.21.60.0/22 -202.21.131.0/24 -202.21.132.0/24 -202.21.141.0/24 -202.21.142.0/24 -202.21.147.0/24 -202.21.148.0/24 -202.21.150.0/23 -202.21.152.0/23 -202.21.154.0/24 -202.21.156.0/24 -202.22.248.0/22 -202.22.252.0/22 -202.27.12.0/24 -202.27.14.0/24 -202.27.136.0/23 -202.36.226.0/24 -202.38.0.0/23 -202.38.2.0/23 -202.38.8.0/21 -202.38.48.0/20 -202.38.64.0/19 -202.38.96.0/19 -202.38.128.0/23 -202.38.130.0/23 -202.38.132.0/23 -202.38.134.0/24 -202.38.135.0/24 -202.38.136.0/23 -202.38.138.0/24 -202.38.140.0/23 -202.38.142.0/23 -202.38.146.0/23 -202.38.149.0/24 -202.38.150.0/23 -202.38.152.0/23 -202.38.154.0/23 -202.38.156.0/24 -202.38.158.0/23 -202.38.160.0/23 -202.38.164.0/22 -202.38.168.0/23 -202.38.170.0/24 -202.38.171.0/24 -202.38.176.0/23 -202.38.184.0/21 -202.38.192.0/18 -202.40.4.0/23 -202.40.7.0/24 -202.40.15.0/24 -202.40.135.0/24 -202.40.136.0/24 -202.40.140.0/24 -202.40.143.0/24 -202.40.144.0/23 -202.40.150.0/24 -202.40.155.0/24 -202.40.156.0/24 -202.40.158.0/23 -202.40.162.0/24 -202.41.8.0/23 -202.41.11.0/24 -202.41.12.0/23 -202.41.128.0/24 -202.41.130.0/23 -202.41.152.0/21 -202.41.192.0/24 -202.41.196.0/22 -202.41.200.0/22 -202.41.240.0/20 -202.43.76.0/22 -202.43.144.0/20 -202.44.16.0/20 -202.44.48.0/22 -202.44.67.0/24 -202.44.74.0/24 -202.44.97.0/24 -202.44.129.0/24 -202.44.132.0/23 -202.44.146.0/23 -202.45.0.0/23 -202.45.2.0/24 -202.45.15.0/24 -202.45.16.0/20 -202.46.16.0/23 -202.46.18.0/24 -202.46.20.0/23 -202.46.32.0/19 -202.46.128.0/24 -202.46.224.0/20 -202.47.82.0/23 -202.47.96.0/22 -202.47.100.0/22 -202.47.104.0/22 -202.47.108.0/22 -202.47.126.0/24 -202.47.128.0/24 -202.47.130.0/23 -202.52.33.0/24 -202.52.34.0/24 -202.52.47.0/24 -202.52.143.0/24 -202.52.144.0/24 -202.53.140.0/24 -202.53.143.0/24 -202.57.192.0/22 -202.57.196.0/22 -202.57.200.0/22 -202.57.204.0/22 -202.57.212.0/22 -202.57.216.0/22 -202.57.240.0/20 -202.58.0.0/24 -202.58.101.0/24 -202.58.104.0/22 -202.58.112.0/22 -202.59.0.0/24 -202.59.1.0/24 -202.59.212.0/22 -202.59.236.0/24 -202.59.240.0/24 -202.60.48.0/21 -202.60.96.0/21 -202.60.112.0/20 -202.60.132.0/22 -202.60.136.0/21 -202.60.144.0/20 -202.61.68.0/22 -202.61.76.0/22 -202.61.88.0/22 -202.61.123.0/24 -202.61.127.0/24 -202.62.112.0/22 -202.62.248.0/22 -202.62.252.0/24 -202.62.255.0/24 -202.63.80.0/24 -202.63.81.0/24 -202.63.82.0/23 -202.63.84.0/22 -202.63.88.0/21 -202.63.160.0/19 -202.63.248.0/22 -202.63.253.0/24 -202.65.0.0/21 -202.65.8.0/23 -202.65.96.0/22 -202.65.100.0/22 -202.65.104.0/22 -202.65.108.0/22 -202.66.168.0/22 -202.67.0.0/22 -202.69.4.0/22 -202.69.16.0/20 -202.70.0.0/19 -202.70.96.0/20 -202.70.192.0/20 -202.71.32.0/22 -202.71.36.0/22 -202.71.40.0/22 -202.71.44.0/22 -202.72.40.0/21 -202.72.80.0/20 -202.72.112.0/22 -202.72.116.0/22 -202.72.120.0/22 -202.72.124.0/22 -202.73.128.0/22 -202.73.240.0/22 -202.73.244.0/22 -202.73.248.0/22 -202.73.252.0/22 -202.74.8.0/21 -202.74.36.0/24 -202.74.42.0/24 -202.74.52.0/24 -202.74.80.0/20 -202.74.232.0/22 -202.74.254.0/23 -202.75.208.0/20 -202.75.252.0/22 -202.76.252.0/22 -202.77.80.0/21 -202.77.92.0/22 -202.78.8.0/21 -202.79.224.0/21 -202.79.248.0/22 -202.80.192.0/21 -202.80.200.0/21 -202.81.0.0/22 -202.81.176.0/22 -202.81.180.0/22 -202.81.184.0/22 -202.81.188.0/22 -202.83.252.0/22 -202.84.0.0/22 -202.84.4.0/22 -202.84.8.0/21 -202.84.16.0/23 -202.84.22.0/24 -202.84.24.0/21 -202.85.208.0/20 -202.86.249.0/24 -202.86.252.0/22 -202.87.80.0/20 -202.88.32.0/22 -202.89.8.0/21 -202.89.96.0/22 -202.89.108.0/22 -202.89.119.0/24 -202.89.232.0/21 -202.90.0.0/22 -202.90.16.0/22 -202.90.20.0/22 -202.90.24.0/22 -202.90.28.0/22 -202.90.37.0/24 -202.90.96.0/22 -202.90.100.0/22 -202.90.104.0/22 -202.90.108.0/22 -202.90.112.0/20 -202.90.193.0/24 -202.90.196.0/24 -202.90.205.0/24 -202.90.224.0/20 -202.91.0.0/22 -202.91.36.0/22 -202.91.96.0/20 -202.91.128.0/22 -202.91.176.0/20 -202.91.224.0/19 -202.92.0.0/22 -202.92.8.0/21 -202.92.48.0/20 -202.92.252.0/22 -202.93.0.0/22 -202.93.252.0/22 -202.94.68.0/24 -202.94.74.0/24 -202.94.81.0/24 -202.94.92.0/22 -202.95.240.0/21 -202.95.252.0/22 -202.96.0.0/18 -202.96.64.0/21 -202.96.72.0/21 -202.96.80.0/20 -202.96.96.0/21 -202.96.104.0/21 -202.96.112.0/20 -202.96.128.0/21 -202.96.136.0/21 -202.96.144.0/20 -202.96.160.0/21 -202.96.168.0/21 -202.96.176.0/20 -202.96.192.0/21 -202.96.200.0/21 -202.96.208.0/20 -202.96.224.0/21 -202.96.232.0/21 -202.96.240.0/20 -202.97.0.0/21 -202.97.8.0/21 -202.97.16.0/20 -202.97.32.0/19 -202.97.64.0/19 -202.97.96.0/20 -202.97.112.0/20 -202.97.128.0/18 -202.97.192.0/19 -202.97.224.0/21 -202.97.232.0/21 -202.97.240.0/20 -202.98.0.0/21 -202.98.8.0/21 -202.98.16.0/20 -202.98.32.0/21 -202.98.40.0/21 -202.98.48.0/20 -202.98.64.0/19 -202.98.96.0/21 -202.98.104.0/21 -202.98.112.0/20 -202.98.128.0/19 -202.98.160.0/21 -202.98.168.0/21 -202.98.176.0/20 -202.98.192.0/21 -202.98.200.0/21 -202.98.208.0/20 -202.98.224.0/21 -202.98.232.0/21 -202.98.240.0/20 -202.99.0.0/18 -202.99.64.0/19 -202.99.96.0/21 -202.99.104.0/21 -202.99.112.0/20 -202.99.128.0/19 -202.99.160.0/21 -202.99.168.0/21 -202.99.176.0/20 -202.99.192.0/21 -202.99.200.0/21 -202.99.208.0/20 -202.99.224.0/21 -202.99.232.0/21 -202.99.240.0/20 -202.100.0.0/21 -202.100.8.0/21 -202.100.16.0/20 -202.100.32.0/19 -202.100.64.0/21 -202.100.72.0/21 -202.100.80.0/20 -202.100.96.0/21 -202.100.104.0/21 -202.100.112.0/20 -202.100.128.0/21 -202.100.136.0/21 -202.100.144.0/20 -202.100.160.0/21 -202.100.168.0/21 -202.100.176.0/20 -202.100.192.0/21 -202.100.200.0/21 -202.100.208.0/20 -202.100.224.0/19 -202.101.0.0/18 -202.101.64.0/19 -202.101.96.0/19 -202.101.128.0/18 -202.101.192.0/19 -202.101.224.0/21 -202.101.232.0/21 -202.101.240.0/20 -202.102.0.0/19 -202.102.32.0/19 -202.102.64.0/18 -202.102.128.0/21 -202.102.136.0/21 -202.102.144.0/20 -202.102.160.0/19 -202.102.192.0/21 -202.102.200.0/21 -202.102.208.0/20 -202.102.224.0/21 -202.102.232.0/21 -202.102.240.0/20 -202.103.0.0/21 -202.103.8.0/21 -202.103.16.0/20 -202.103.32.0/19 -202.103.64.0/19 -202.103.96.0/21 -202.103.104.0/21 -202.103.112.0/20 -202.103.128.0/18 -202.103.192.0/19 -202.103.224.0/21 -202.103.232.0/21 -202.103.240.0/20 -202.104.0.0/15 -202.106.0.0/16 -202.107.0.0/17 -202.107.128.0/17 -202.108.0.0/16 -202.109.0.0/16 -202.110.0.0/18 -202.110.64.0/18 -202.110.128.0/18 -202.110.192.0/18 -202.111.0.0/17 -202.111.128.0/19 -202.111.160.0/19 -202.111.192.0/18 -202.112.0.0/16 -202.113.0.0/20 -202.113.16.0/20 -202.113.32.0/19 -202.113.64.0/18 -202.113.128.0/18 -202.113.192.0/19 -202.113.224.0/20 -202.113.240.0/20 -202.114.0.0/19 -202.114.32.0/19 -202.114.64.0/18 -202.114.128.0/17 -202.115.0.0/19 -202.115.32.0/19 -202.115.64.0/18 -202.115.128.0/17 -202.116.0.0/19 -202.116.32.0/20 -202.116.48.0/20 -202.116.64.0/19 -202.116.96.0/19 -202.116.128.0/17 -202.117.0.0/18 -202.117.64.0/18 -202.117.128.0/17 -202.118.0.0/19 -202.118.32.0/19 -202.118.64.0/18 -202.118.128.0/17 -202.119.0.0/19 -202.119.32.0/19 -202.119.64.0/20 -202.119.80.0/20 -202.119.96.0/19 -202.119.128.0/17 -202.120.0.0/18 -202.120.64.0/18 -202.120.128.0/17 -202.121.0.0/16 -202.122.0.0/21 -202.122.32.0/21 -202.122.64.0/19 -202.122.112.0/21 -202.122.120.0/21 -202.122.128.0/24 -202.122.132.0/24 -202.123.96.0/20 -202.123.116.0/22 -202.123.120.0/22 -202.124.16.0/21 -202.124.24.0/22 -202.125.107.0/24 -202.125.109.0/24 -202.125.112.0/20 -202.125.176.0/20 -202.127.0.0/23 -202.127.2.0/24 -202.127.3.0/24 -202.127.4.0/24 -202.127.5.0/24 -202.127.6.0/23 -202.127.12.0/22 -202.127.16.0/20 -202.127.40.0/21 -202.127.48.0/20 -202.127.112.0/20 -202.127.128.0/20 -202.127.144.0/20 -202.127.160.0/21 -202.127.192.0/23 -202.127.194.0/23 -202.127.196.0/22 -202.127.200.0/21 -202.127.208.0/24 -202.127.209.0/24 -202.127.212.0/22 -202.127.216.0/21 -202.127.224.0/19 -202.129.208.0/24 -202.130.0.0/19 -202.130.39.0/24 -202.130.224.0/19 -202.131.16.0/21 -202.131.48.0/20 -202.131.208.0/20 -202.133.32.0/20 -202.134.58.0/24 -202.134.128.0/20 -202.134.208.0/22 -202.134.212.0/22 -202.134.216.0/22 -202.134.220.0/22 -202.136.48.0/20 -202.136.208.0/20 -202.136.224.0/20 -202.136.248.0/22 -202.137.231.0/24 -202.140.140.0/22 -202.140.144.0/22 -202.140.148.0/22 -202.140.152.0/22 -202.140.156.0/22 -202.141.160.0/19 -202.142.16.0/20 -202.143.4.0/22 -202.143.16.0/20 -202.143.32.0/20 -202.143.56.0/21 -202.143.100.0/22 -202.143.104.0/22 -202.144.196.0/22 -202.146.160.0/20 -202.146.186.0/24 -202.146.188.0/22 -202.146.196.0/22 -202.146.200.0/21 -202.147.144.0/20 -202.148.32.0/20 -202.148.64.0/19 -202.148.96.0/19 -202.149.32.0/19 -202.149.160.0/19 -202.149.224.0/19 -202.150.16.0/20 -202.150.32.0/20 -202.150.56.0/22 -202.150.192.0/20 -202.150.224.0/19 -202.151.0.0/22 -202.151.33.0/24 -202.151.128.0/19 -202.152.176.0/20 -202.153.0.0/22 -202.153.7.0/24 -202.153.48.0/20 -202.157.192.0/19 -202.158.160.0/19 -202.158.242.0/24 -202.160.140.0/22 -202.160.156.0/22 -202.160.176.0/20 -202.162.67.0/24 -202.162.75.0/24 -202.164.0.0/20 -202.164.96.0/19 -202.165.176.0/20 -202.165.208.0/20 -202.165.239.0/24 -202.165.240.0/23 -202.165.243.0/24 -202.165.245.0/24 -202.165.251.0/24 -202.165.252.0/22 -202.166.224.0/19 -202.168.80.0/22 -202.168.128.0/22 -202.168.132.0/22 -202.168.136.0/22 -202.168.140.0/22 -202.168.160.0/20 -202.168.176.0/20 -202.170.128.0/19 -202.170.216.0/21 -202.170.224.0/19 -202.171.216.0/21 -202.171.232.0/24 -202.171.235.0/24 -202.172.0.0/22 -202.172.7.0/24 -202.173.0.0/22 -202.173.6.0/24 -202.173.8.0/21 -202.173.112.0/22 -202.173.224.0/19 -202.174.64.0/20 -202.174.124.0/22 -202.176.224.0/19 -202.179.160.0/22 -202.179.164.0/22 -202.179.168.0/22 -202.179.172.0/22 -202.179.240.0/20 -202.180.128.0/19 -202.180.208.0/21 -202.181.8.0/22 -202.181.28.0/22 -202.181.112.0/20 -202.182.32.0/20 -202.182.192.0/19 -202.189.0.0/18 -202.189.80.0/20 -202.189.184.0/21 -202.191.0.0/24 -202.191.68.0/22 -202.191.72.0/21 -202.191.80.0/20 -202.192.0.0/13 -202.200.0.0/14 -202.204.0.0/14 -203.0.4.0/22 -203.0.10.0/23 -203.0.18.0/24 -203.0.24.0/24 -203.0.42.0/23 -203.0.45.0/24 -203.0.46.0/23 -203.0.81.0/24 -203.0.82.0/23 -203.0.90.0/23 -203.0.96.0/23 -203.0.104.0/21 -203.0.114.0/23 -203.0.122.0/24 -203.0.128.0/24 -203.0.130.0/23 -203.0.132.0/22 -203.0.137.0/24 -203.0.142.0/24 -203.0.144.0/24 -203.0.146.0/24 -203.0.148.0/24 -203.0.150.0/23 -203.0.152.0/24 -203.0.177.0/24 -203.0.224.0/24 -203.1.4.0/22 -203.1.18.0/24 -203.1.26.0/23 -203.1.65.0/24 -203.1.66.0/23 -203.1.70.0/23 -203.1.76.0/23 -203.1.90.0/24 -203.1.97.0/24 -203.1.98.0/23 -203.1.100.0/22 -203.1.108.0/24 -203.1.253.0/24 -203.1.254.0/24 -203.2.64.0/21 -203.2.73.0/24 -203.2.112.0/21 -203.2.126.0/23 -203.2.140.0/24 -203.2.150.0/24 -203.2.152.0/22 -203.2.156.0/23 -203.2.160.0/21 -203.2.180.0/23 -203.2.196.0/23 -203.2.209.0/24 -203.2.214.0/23 -203.2.226.0/23 -203.2.229.0/24 -203.2.236.0/23 -203.3.68.0/24 -203.3.72.0/23 -203.3.75.0/24 -203.3.80.0/21 -203.3.96.0/22 -203.3.105.0/24 -203.3.112.0/21 -203.3.120.0/24 -203.3.123.0/24 -203.3.135.0/24 -203.3.139.0/24 -203.3.143.0/24 -203.4.132.0/23 -203.4.134.0/24 -203.4.151.0/24 -203.4.152.0/22 -203.4.174.0/23 -203.4.180.0/24 -203.4.186.0/24 -203.4.205.0/24 -203.4.208.0/22 -203.4.227.0/24 -203.4.230.0/23 -203.5.4.0/23 -203.5.7.0/24 -203.5.8.0/23 -203.5.11.0/24 -203.5.21.0/24 -203.5.22.0/24 -203.5.44.0/24 -203.5.46.0/23 -203.5.52.0/22 -203.5.56.0/23 -203.5.60.0/23 -203.5.114.0/23 -203.5.118.0/24 -203.5.120.0/24 -203.5.172.0/24 -203.5.180.0/23 -203.5.182.0/24 -203.5.185.0/24 -203.5.186.0/24 -203.5.188.0/23 -203.5.190.0/24 -203.5.195.0/24 -203.5.214.0/23 -203.5.218.0/23 -203.6.131.0/24 -203.6.136.0/24 -203.6.138.0/23 -203.6.142.0/24 -203.6.150.0/23 -203.6.157.0/24 -203.6.159.0/24 -203.6.224.0/20 -203.6.248.0/23 -203.7.129.0/24 -203.7.138.0/23 -203.7.147.0/24 -203.7.150.0/23 -203.7.158.0/24 -203.7.192.0/23 -203.7.200.0/24 -203.8.0.0/24 -203.8.8.0/24 -203.8.23.0/24 -203.8.70.0/24 -203.8.82.0/24 -203.8.86.0/23 -203.8.91.0/24 -203.8.110.0/23 -203.8.115.0/24 -203.8.166.0/23 -203.8.169.0/24 -203.8.173.0/24 -203.8.184.0/24 -203.8.186.0/23 -203.8.190.0/23 -203.8.192.0/24 -203.8.197.0/24 -203.8.198.0/23 -203.8.203.0/24 -203.8.209.0/24 -203.8.210.0/23 -203.8.212.0/22 -203.8.217.0/24 -203.8.220.0/24 -203.9.32.0/24 -203.9.36.0/23 -203.9.57.0/24 -203.9.63.0/24 -203.9.65.0/24 -203.9.70.0/23 -203.9.72.0/24 -203.9.75.0/24 -203.9.76.0/23 -203.9.96.0/22 -203.9.100.0/23 -203.9.108.0/24 -203.9.158.0/24 -203.10.34.0/24 -203.10.56.0/24 -203.10.74.0/23 -203.10.84.0/22 -203.10.88.0/24 -203.10.95.0/24 -203.10.125.0/24 -203.11.70.0/24 -203.11.76.0/22 -203.11.82.0/24 -203.11.84.0/22 -203.11.100.0/22 -203.11.109.0/24 -203.11.117.0/24 -203.11.122.0/24 -203.11.126.0/24 -203.11.136.0/22 -203.11.141.0/24 -203.11.142.0/23 -203.11.180.0/22 -203.11.208.0/22 -203.12.16.0/24 -203.12.19.0/24 -203.12.24.0/24 -203.12.57.0/24 -203.12.65.0/24 -203.12.66.0/24 -203.12.70.0/23 -203.12.87.0/24 -203.12.100.0/23 -203.12.103.0/24 -203.12.114.0/24 -203.12.118.0/24 -203.12.130.0/24 -203.12.137.0/24 -203.12.196.0/22 -203.12.211.0/24 -203.12.219.0/24 -203.12.226.0/24 -203.12.240.0/22 -203.13.18.0/24 -203.13.24.0/24 -203.13.44.0/23 -203.13.88.0/23 -203.13.92.0/22 -203.13.173.0/24 -203.13.224.0/23 -203.13.227.0/24 -203.13.233.0/24 -203.14.24.0/22 -203.14.33.0/24 -203.14.56.0/24 -203.14.61.0/24 -203.14.62.0/24 -203.14.104.0/24 -203.14.114.0/23 -203.14.118.0/24 -203.14.162.0/24 -203.14.192.0/24 -203.14.194.0/23 -203.14.214.0/24 -203.14.231.0/24 -203.14.246.0/24 -203.15.0.0/20 -203.15.20.0/23 -203.15.22.0/24 -203.15.87.0/24 -203.15.88.0/23 -203.15.105.0/24 -203.15.112.0/21 -203.15.130.0/23 -203.15.149.0/24 -203.15.151.0/24 -203.15.156.0/22 -203.15.174.0/24 -203.15.227.0/24 -203.15.232.0/21 -203.15.240.0/23 -203.15.246.0/24 -203.16.10.0/24 -203.16.12.0/23 -203.16.16.0/21 -203.16.27.0/24 -203.16.38.0/24 -203.16.49.0/24 -203.16.50.0/23 -203.16.58.0/24 -203.16.63.0/24 -203.16.133.0/24 -203.16.161.0/24 -203.16.162.0/24 -203.16.186.0/23 -203.16.228.0/24 -203.16.238.0/24 -203.16.240.0/24 -203.16.245.0/24 -203.17.2.0/24 -203.17.18.0/24 -203.17.28.0/24 -203.17.39.0/24 -203.17.56.0/24 -203.17.74.0/23 -203.17.88.0/23 -203.17.136.0/24 -203.17.164.0/24 -203.17.187.0/24 -203.17.190.0/23 -203.17.231.0/24 -203.17.233.0/24 -203.17.248.0/24 -203.17.249.0/24 -203.17.255.0/24 -203.18.2.0/23 -203.18.4.0/24 -203.18.7.0/24 -203.18.31.0/24 -203.18.37.0/24 -203.18.48.0/23 -203.18.52.0/24 -203.18.72.0/22 -203.18.80.0/23 -203.18.87.0/24 -203.18.100.0/23 -203.18.105.0/24 -203.18.107.0/24 -203.18.110.0/24 -203.18.129.0/24 -203.18.131.0/24 -203.18.132.0/23 -203.18.144.0/24 -203.18.153.0/24 -203.18.199.0/24 -203.18.208.0/24 -203.18.211.0/24 -203.18.215.0/24 -203.19.1.0/24 -203.19.18.0/24 -203.19.24.0/24 -203.19.30.0/24 -203.19.32.0/21 -203.19.41.0/24 -203.19.44.0/23 -203.19.46.0/24 -203.19.58.0/24 -203.19.60.0/23 -203.19.64.0/24 -203.19.68.0/24 -203.19.72.0/24 -203.19.101.0/24 -203.19.111.0/24 -203.19.131.0/24 -203.19.133.0/24 -203.19.144.0/24 -203.19.147.0/24 -203.19.149.0/24 -203.19.156.0/24 -203.19.176.0/24 -203.19.178.0/23 -203.19.208.0/24 -203.19.228.0/22 -203.19.233.0/24 -203.19.242.0/24 -203.19.248.0/23 -203.19.255.0/24 -203.20.17.0/24 -203.20.40.0/23 -203.20.44.0/24 -203.20.48.0/24 -203.20.61.0/24 -203.20.65.0/24 -203.20.84.0/23 -203.20.89.0/24 -203.20.106.0/23 -203.20.115.0/24 -203.20.117.0/24 -203.20.118.0/23 -203.20.122.0/24 -203.20.126.0/23 -203.20.135.0/24 -203.20.136.0/21 -203.20.150.0/24 -203.20.230.0/24 -203.20.232.0/24 -203.20.236.0/24 -203.21.0.0/23 -203.21.2.0/24 -203.21.8.0/24 -203.21.10.0/24 -203.21.18.0/24 -203.21.33.0/24 -203.21.34.0/24 -203.21.41.0/24 -203.21.44.0/24 -203.21.68.0/24 -203.21.82.0/24 -203.21.96.0/22 -203.21.124.0/24 -203.21.136.0/23 -203.21.145.0/24 -203.21.206.0/24 -203.22.24.0/24 -203.22.28.0/23 -203.22.31.0/24 -203.22.68.0/24 -203.22.76.0/24 -203.22.78.0/24 -203.22.84.0/24 -203.22.87.0/24 -203.22.92.0/22 -203.22.99.0/24 -203.22.106.0/24 -203.22.122.0/23 -203.22.131.0/24 -203.22.163.0/24 -203.22.166.0/24 -203.22.170.0/24 -203.22.176.0/21 -203.22.194.0/24 -203.22.242.0/23 -203.22.245.0/24 -203.22.246.0/24 -203.22.252.0/23 -203.23.0.0/24 -203.23.47.0/24 -203.23.61.0/24 -203.23.62.0/23 -203.23.73.0/24 -203.23.85.0/24 -203.23.92.0/22 -203.23.98.0/24 -203.23.107.0/24 -203.23.112.0/24 -203.23.130.0/24 -203.23.140.0/23 -203.23.172.0/24 -203.23.182.0/24 -203.23.186.0/23 -203.23.192.0/24 -203.23.197.0/24 -203.23.198.0/24 -203.23.204.0/22 -203.23.224.0/24 -203.23.226.0/23 -203.23.228.0/22 -203.23.249.0/24 -203.23.251.0/24 -203.24.13.0/24 -203.24.18.0/24 -203.24.27.0/24 -203.24.43.0/24 -203.24.56.0/24 -203.24.58.0/24 -203.24.67.0/24 -203.24.74.0/24 -203.24.79.0/24 -203.24.80.0/23 -203.24.84.0/23 -203.24.86.0/24 -203.24.90.0/24 -203.24.111.0/24 -203.24.112.0/24 -203.24.116.0/24 -203.24.122.0/23 -203.24.145.0/24 -203.24.152.0/23 -203.24.157.0/24 -203.24.161.0/24 -203.24.167.0/24 -203.24.186.0/23 -203.24.199.0/24 -203.24.202.0/24 -203.24.212.0/23 -203.24.217.0/24 -203.24.219.0/24 -203.24.244.0/24 -203.25.19.0/24 -203.25.20.0/23 -203.25.46.0/24 -203.25.48.0/21 -203.25.64.0/23 -203.25.91.0/24 -203.25.99.0/24 -203.25.100.0/24 -203.25.106.0/24 -203.25.131.0/24 -203.25.135.0/24 -203.25.138.0/24 -203.25.147.0/24 -203.25.153.0/24 -203.25.154.0/23 -203.25.164.0/24 -203.25.166.0/24 -203.25.174.0/23 -203.25.180.0/24 -203.25.182.0/24 -203.25.191.0/24 -203.25.199.0/24 -203.25.200.0/24 -203.25.202.0/23 -203.25.208.0/20 -203.25.229.0/24 -203.25.235.0/24 -203.25.236.0/24 -203.25.242.0/24 -203.26.12.0/24 -203.26.34.0/24 -203.26.49.0/24 -203.26.50.0/24 -203.26.55.0/24 -203.26.56.0/23 -203.26.60.0/24 -203.26.65.0/24 -203.26.68.0/24 -203.26.76.0/24 -203.26.80.0/24 -203.26.84.0/24 -203.26.97.0/24 -203.26.102.0/23 -203.26.115.0/24 -203.26.116.0/24 -203.26.129.0/24 -203.26.143.0/24 -203.26.144.0/24 -203.26.148.0/23 -203.26.154.0/24 -203.26.158.0/23 -203.26.170.0/24 -203.26.173.0/24 -203.26.176.0/24 -203.26.185.0/24 -203.26.202.0/23 -203.26.210.0/24 -203.26.214.0/24 -203.26.222.0/24 -203.26.224.0/24 -203.26.228.0/24 -203.26.232.0/24 -203.27.0.0/24 -203.27.10.0/24 -203.27.15.0/24 -203.27.16.0/24 -203.27.20.0/24 -203.27.22.0/23 -203.27.40.0/24 -203.27.45.0/24 -203.27.53.0/24 -203.27.65.0/24 -203.27.66.0/24 -203.27.81.0/24 -203.27.88.0/24 -203.27.102.0/24 -203.27.109.0/24 -203.27.117.0/24 -203.27.121.0/24 -203.27.122.0/23 -203.27.125.0/24 -203.27.200.0/24 -203.27.202.0/24 -203.27.233.0/24 -203.27.241.0/24 -203.27.250.0/24 -203.28.10.0/24 -203.28.12.0/24 -203.28.33.0/24 -203.28.34.0/23 -203.28.43.0/24 -203.28.44.0/24 -203.28.54.0/24 -203.28.56.0/24 -203.28.73.0/24 -203.28.74.0/24 -203.28.76.0/24 -203.28.86.0/24 -203.28.88.0/24 -203.28.112.0/24 -203.28.131.0/24 -203.28.136.0/24 -203.28.140.0/24 -203.28.145.0/24 -203.28.165.0/24 -203.28.169.0/24 -203.28.170.0/24 -203.28.178.0/23 -203.28.185.0/24 -203.28.187.0/24 -203.28.196.0/24 -203.28.226.0/23 -203.28.239.0/24 -203.29.2.0/24 -203.29.8.0/23 -203.29.13.0/24 -203.29.14.0/24 -203.29.28.0/24 -203.29.46.0/24 -203.29.57.0/24 -203.29.61.0/24 -203.29.63.0/24 -203.29.69.0/24 -203.29.73.0/24 -203.29.81.0/24 -203.29.90.0/24 -203.29.95.0/24 -203.29.100.0/24 -203.29.103.0/24 -203.29.112.0/24 -203.29.120.0/22 -203.29.182.0/23 -203.29.187.0/24 -203.29.189.0/24 -203.29.190.0/24 -203.29.205.0/24 -203.29.210.0/24 -203.29.217.0/24 -203.29.227.0/24 -203.29.231.0/24 -203.29.233.0/24 -203.29.234.0/24 -203.29.248.0/24 -203.29.254.0/23 -203.30.16.0/23 -203.30.25.0/24 -203.30.27.0/24 -203.30.29.0/24 -203.30.66.0/24 -203.30.81.0/24 -203.30.87.0/24 -203.30.111.0/24 -203.30.121.0/24 -203.30.123.0/24 -203.30.152.0/24 -203.30.156.0/24 -203.30.162.0/24 -203.30.173.0/24 -203.30.175.0/24 -203.30.187.0/24 -203.30.194.0/24 -203.30.217.0/24 -203.30.220.0/24 -203.30.222.0/24 -203.30.232.0/23 -203.30.235.0/24 -203.30.240.0/23 -203.30.246.0/24 -203.30.250.0/23 -203.31.45.0/24 -203.31.46.0/24 -203.31.49.0/24 -203.31.51.0/24 -203.31.54.0/23 -203.31.69.0/24 -203.31.72.0/24 -203.31.80.0/24 -203.31.85.0/24 -203.31.97.0/24 -203.31.105.0/24 -203.31.106.0/24 -203.31.108.0/23 -203.31.124.0/24 -203.31.162.0/24 -203.31.174.0/24 -203.31.177.0/24 -203.31.181.0/24 -203.31.187.0/24 -203.31.189.0/24 -203.31.204.0/24 -203.31.220.0/24 -203.31.222.0/23 -203.31.225.0/24 -203.31.229.0/24 -203.31.248.0/23 -203.31.253.0/24 -203.32.20.0/24 -203.32.48.0/23 -203.32.56.0/24 -203.32.60.0/24 -203.32.62.0/24 -203.32.68.0/23 -203.32.76.0/24 -203.32.81.0/24 -203.32.84.0/23 -203.32.95.0/24 -203.32.102.0/24 -203.32.105.0/24 -203.32.130.0/24 -203.32.133.0/24 -203.32.140.0/24 -203.32.152.0/24 -203.32.186.0/23 -203.32.192.0/24 -203.32.196.0/24 -203.32.203.0/24 -203.32.204.0/23 -203.32.212.0/24 -203.33.4.0/24 -203.33.7.0/24 -203.33.8.0/21 -203.33.21.0/24 -203.33.26.0/24 -203.33.32.0/24 -203.33.63.0/24 -203.33.64.0/24 -203.33.67.0/24 -203.33.68.0/24 -203.33.73.0/24 -203.33.79.0/24 -203.33.100.0/24 -203.33.122.0/24 -203.33.129.0/24 -203.33.131.0/24 -203.33.145.0/24 -203.33.156.0/24 -203.33.158.0/23 -203.33.174.0/24 -203.33.185.0/24 -203.33.200.0/24 -203.33.202.0/23 -203.33.204.0/24 -203.33.206.0/23 -203.33.214.0/23 -203.33.224.0/23 -203.33.226.0/24 -203.33.233.0/24 -203.33.243.0/24 -203.33.250.0/24 -203.34.4.0/24 -203.34.21.0/24 -203.34.27.0/24 -203.34.39.0/24 -203.34.48.0/23 -203.34.54.0/24 -203.34.56.0/23 -203.34.67.0/24 -203.34.69.0/24 -203.34.76.0/24 -203.34.92.0/24 -203.34.106.0/24 -203.34.113.0/24 -203.34.147.0/24 -203.34.150.0/24 -203.34.152.0/23 -203.34.161.0/24 -203.34.162.0/24 -203.34.187.0/24 -203.34.192.0/21 -203.34.204.0/22 -203.34.232.0/24 -203.34.240.0/24 -203.34.242.0/24 -203.34.245.0/24 -203.34.251.0/24 -203.55.2.0/23 -203.55.4.0/24 -203.55.10.0/24 -203.55.13.0/24 -203.55.22.0/24 -203.55.30.0/24 -203.55.93.0/24 -203.55.101.0/24 -203.55.109.0/24 -203.55.110.0/24 -203.55.116.0/23 -203.55.119.0/24 -203.55.128.0/23 -203.55.146.0/23 -203.55.192.0/24 -203.55.196.0/24 -203.55.218.0/23 -203.55.221.0/24 -203.55.224.0/24 -203.56.1.0/24 -203.56.4.0/24 -203.56.12.0/24 -203.56.24.0/24 -203.56.38.0/24 -203.56.40.0/24 -203.56.46.0/24 -203.56.48.0/21 -203.56.68.0/23 -203.56.82.0/23 -203.56.84.0/23 -203.56.95.0/24 -203.56.110.0/24 -203.56.121.0/24 -203.56.161.0/24 -203.56.169.0/24 -203.56.172.0/23 -203.56.175.0/24 -203.56.183.0/24 -203.56.185.0/24 -203.56.187.0/24 -203.56.192.0/24 -203.56.198.0/24 -203.56.201.0/24 -203.56.208.0/23 -203.56.210.0/24 -203.56.214.0/24 -203.56.216.0/24 -203.56.227.0/24 -203.56.228.0/24 -203.56.231.0/24 -203.56.232.0/24 -203.56.240.0/24 -203.56.252.0/24 -203.56.254.0/24 -203.57.5.0/24 -203.57.6.0/24 -203.57.12.0/23 -203.57.28.0/24 -203.57.39.0/24 -203.57.46.0/24 -203.57.58.0/24 -203.57.61.0/24 -203.57.66.0/24 -203.57.69.0/24 -203.57.70.0/23 -203.57.73.0/24 -203.57.90.0/24 -203.57.101.0/24 -203.57.109.0/24 -203.57.123.0/24 -203.57.157.0/24 -203.57.200.0/24 -203.57.202.0/24 -203.57.206.0/24 -203.57.222.0/24 -203.57.224.0/20 -203.57.246.0/23 -203.57.249.0/24 -203.57.253.0/24 -203.57.254.0/23 -203.62.2.0/24 -203.62.131.0/24 -203.62.139.0/24 -203.62.161.0/24 -203.62.197.0/24 -203.62.228.0/22 -203.62.234.0/24 -203.62.246.0/24 -203.76.160.0/22 -203.76.168.0/22 -203.76.208.0/22 -203.76.212.0/22 -203.76.216.0/22 -203.76.240.0/22 -203.76.244.0/22 -203.77.180.0/22 -203.78.48.0/20 -203.78.156.0/22 -203.79.0.0/20 -203.79.32.0/20 -203.80.4.0/23 -203.80.32.0/20 -203.80.57.0/24 -203.80.129.0/24 -203.80.132.0/22 -203.80.136.0/21 -203.80.144.0/20 -203.81.0.0/21 -203.81.16.0/20 -203.81.244.0/22 -203.82.0.0/23 -203.82.16.0/21 -203.82.112.0/22 -203.82.116.0/22 -203.82.120.0/22 -203.82.124.0/22 -203.82.224.0/22 -203.82.228.0/22 -203.82.232.0/22 -203.82.236.0/22 -203.83.0.0/22 -203.83.8.0/22 -203.83.12.0/22 -203.83.56.0/21 -203.83.224.0/20 -203.86.0.0/19 -203.86.32.0/19 -203.86.64.0/20 -203.86.80.0/20 -203.86.96.0/19 -203.86.250.0/24 -203.86.254.0/23 -203.88.32.0/19 -203.88.100.0/22 -203.88.192.0/19 -203.89.0.0/22 -203.89.8.0/21 -203.89.100.0/22 -203.89.133.0/24 -203.89.136.0/22 -203.89.144.0/24 -203.90.0.0/22 -203.90.8.0/22 -203.90.12.0/22 -203.90.128.0/19 -203.90.160.0/19 -203.90.192.0/19 -203.91.32.0/19 -203.91.96.0/20 -203.91.120.0/21 -203.92.0.0/22 -203.92.6.0/24 -203.92.160.0/19 -203.93.0.0/22 -203.93.4.0/22 -203.93.8.0/24 -203.93.9.0/24 -203.93.10.0/23 -203.93.12.0/22 -203.93.16.0/20 -203.93.32.0/19 -203.93.64.0/18 -203.93.128.0/21 -203.93.136.0/22 -203.93.140.0/24 -203.93.141.0/24 -203.93.142.0/23 -203.93.144.0/20 -203.93.160.0/19 -203.93.192.0/18 -203.94.0.0/22 -203.94.4.0/22 -203.94.8.0/21 -203.94.16.0/20 -203.95.0.0/21 -203.95.96.0/20 -203.95.112.0/20 -203.95.128.0/18 -203.95.200.0/22 -203.95.204.0/22 -203.95.208.0/22 -203.95.224.0/19 -203.99.8.0/21 -203.99.16.0/20 -203.99.80.0/20 -203.100.32.0/20 -203.100.48.0/21 -203.100.58.0/24 -203.100.60.0/24 -203.100.63.0/24 -203.100.80.0/20 -203.100.96.0/19 -203.100.192.0/20 -203.104.32.0/20 -203.105.96.0/19 -203.105.128.0/19 -203.107.0.0/17 -203.110.160.0/19 -203.110.208.0/20 -203.110.232.0/23 -203.110.234.0/24 -203.114.80.0/22 -203.114.84.0/22 -203.114.88.0/22 -203.114.92.0/22 -203.114.244.0/22 -203.118.192.0/19 -203.118.241.0/24 -203.118.248.0/22 -203.119.24.0/21 -203.119.32.0/22 -203.119.80.0/22 -203.119.85.0/24 -203.119.113.0/24 -203.119.114.0/23 -203.119.116.0/22 -203.119.120.0/21 -203.119.128.0/17 -203.123.58.0/24 -203.128.32.0/19 -203.128.96.0/19 -203.128.224.0/21 -203.129.8.0/21 -203.130.32.0/19 -203.132.32.0/19 -203.134.240.0/21 -203.135.96.0/20 -203.135.112.0/20 -203.135.160.0/20 -203.142.219.0/24 -203.142.224.0/19 -203.144.96.0/19 -203.145.0.0/19 -203.148.0.0/18 -203.148.64.0/20 -203.148.80.0/22 -203.148.86.0/23 -203.149.92.0/22 -203.152.64.0/19 -203.152.128.0/19 -203.153.0.0/22 -203.156.192.0/18 -203.158.16.0/21 -203.160.52.0/22 -203.160.104.0/21 -203.160.129.0/24 -203.160.192.0/19 -203.161.0.0/22 -203.161.180.0/24 -203.161.183.0/24 -203.161.192.0/19 -203.166.160.0/19 -203.167.28.0/22 -203.168.0.0/19 -203.170.58.0/23 -203.171.0.0/22 -203.171.208.0/24 -203.171.224.0/20 -203.174.4.0/24 -203.174.6.0/24 -203.174.7.0/24 -203.174.96.0/19 -203.175.128.0/19 -203.175.192.0/18 -203.176.0.0/18 -203.176.64.0/19 -203.176.168.0/21 -203.184.80.0/20 -203.185.189.0/24 -203.187.160.0/19 -203.189.0.0/23 -203.189.6.0/23 -203.189.112.0/22 -203.189.192.0/19 -203.189.232.0/22 -203.189.240.0/22 -203.190.96.0/20 -203.190.249.0/24 -203.191.0.0/23 -203.191.2.0/24 -203.191.5.0/24 -203.191.7.0/24 -203.191.16.0/20 -203.191.64.0/18 -203.191.133.0/24 -203.191.144.0/21 -203.191.152.0/21 -203.192.0.0/19 -203.193.224.0/19 -203.194.120.0/21 -203.195.64.0/19 -203.195.112.0/21 -203.195.128.0/17 -203.196.0.0/21 -203.196.8.0/21 -203.196.28.0/22 -203.201.181.0/24 -203.201.182.0/24 -203.202.236.0/22 -203.205.64.0/19 -203.205.128.0/17 -203.207.64.0/20 -203.207.80.0/21 -203.207.88.0/22 -203.207.92.0/22 -203.207.96.0/20 -203.207.112.0/20 -203.207.128.0/18 -203.207.192.0/21 -203.207.200.0/21 -203.207.208.0/20 -203.207.224.0/19 -203.208.0.0/20 -203.208.16.0/22 -203.208.32.0/19 -203.209.224.0/19 -203.212.0.0/20 -203.212.80.0/20 -203.215.232.0/21 -203.217.164.0/22 -203.223.0.0/20 -203.223.16.0/21 -204.52.191.0/24 -210.2.0.0/20 -210.2.16.0/20 -210.5.0.0/19 -210.5.56.0/21 -210.5.128.0/20 -210.5.144.0/20 -210.7.56.0/22 -210.7.60.0/22 -210.12.0.0/18 -210.12.64.0/18 -210.12.128.0/18 -210.12.192.0/18 -210.13.0.0/18 -210.13.64.0/18 -210.13.128.0/17 -210.14.64.0/19 -210.14.112.0/20 -210.14.128.0/19 -210.14.160.0/19 -210.14.192.0/19 -210.14.224.0/19 -210.15.0.0/19 -210.15.32.0/19 -210.15.64.0/19 -210.15.96.0/19 -210.15.128.0/18 -210.16.104.0/22 -210.16.128.0/18 -210.21.0.0/17 -210.21.128.0/17 -210.22.0.0/16 -210.23.32.0/19 -210.25.0.0/16 -210.26.0.0/15 -210.28.0.0/14 -210.32.0.0/14 -210.36.0.0/14 -210.40.0.0/13 -210.51.0.0/16 -210.52.0.0/18 -210.52.64.0/18 -210.52.128.0/17 -210.53.0.0/17 -210.53.128.0/17 -210.56.192.0/19 -210.72.0.0/17 -210.72.128.0/19 -210.72.160.0/19 -210.72.192.0/18 -210.73.0.0/19 -210.73.32.0/19 -210.73.64.0/18 -210.73.128.0/17 -210.74.0.0/19 -210.74.32.0/19 -210.74.64.0/19 -210.74.96.0/19 -210.74.128.0/19 -210.74.160.0/19 -210.74.192.0/18 -210.75.0.0/16 -210.76.0.0/19 -210.76.32.0/19 -210.76.64.0/18 -210.76.128.0/17 -210.77.0.0/16 -210.78.0.0/19 -210.78.32.0/19 -210.78.64.0/18 -210.78.128.0/19 -210.78.160.0/19 -210.78.192.0/18 -210.79.64.0/18 -210.79.224.0/19 -210.82.0.0/15 -210.87.128.0/20 -210.87.144.0/20 -210.87.160.0/19 -210.185.192.0/18 -210.192.96.0/19 -211.64.0.0/14 -211.68.0.0/15 -211.70.0.0/15 -211.80.0.0/16 -211.81.0.0/16 -211.82.0.0/16 -211.83.0.0/16 -211.84.0.0/15 -211.86.0.0/15 -211.88.0.0/16 -211.89.0.0/16 -211.90.0.0/15 -211.92.0.0/15 -211.94.0.0/15 -211.96.0.0/15 -211.98.0.0/16 -211.99.0.0/18 -211.99.64.0/19 -211.99.96.0/19 -211.99.128.0/17 -211.100.0.0/16 -211.101.0.0/18 -211.101.64.0/18 -211.101.128.0/17 -211.102.0.0/16 -211.103.0.0/17 -211.103.128.0/17 -211.136.0.0/14 -211.140.0.0/15 -211.142.0.0/17 -211.142.128.0/17 -211.143.0.0/16 -211.144.0.0/15 -211.146.0.0/16 -211.147.0.0/16 -211.148.0.0/14 -211.152.0.0/15 -211.154.0.0/16 -211.155.0.0/18 -211.155.64.0/19 -211.155.96.0/19 -211.155.128.0/17 -211.156.0.0/14 -211.160.0.0/14 -211.164.0.0/14 -212.64.0.0/17 -212.129.128.0/17 -218.0.0.0/16 -218.1.0.0/16 -218.2.0.0/15 -218.4.0.0/15 -218.6.0.0/16 -218.7.0.0/16 -218.8.0.0/15 -218.10.0.0/16 -218.11.0.0/16 -218.12.0.0/16 -218.13.0.0/16 -218.14.0.0/15 -218.16.0.0/14 -218.20.0.0/16 -218.21.0.0/17 -218.21.128.0/17 -218.22.0.0/15 -218.24.0.0/15 -218.26.0.0/16 -218.27.0.0/16 -218.28.0.0/15 -218.30.0.0/15 -218.56.0.0/14 -218.60.0.0/15 -218.62.0.0/17 -218.62.128.0/17 -218.63.0.0/16 -218.64.0.0/15 -218.66.0.0/16 -218.67.0.0/17 -218.67.128.0/17 -218.68.0.0/15 -218.70.0.0/15 -218.72.0.0/14 -218.76.0.0/15 -218.78.0.0/15 -218.80.0.0/14 -218.84.0.0/14 -218.88.0.0/13 -218.96.0.0/15 -218.98.0.0/17 -218.98.128.0/18 -218.98.192.0/19 -218.98.224.0/19 -218.99.0.0/16 -218.100.88.0/21 -218.100.96.0/19 -218.100.128.0/17 -218.104.0.0/17 -218.104.128.0/19 -218.104.160.0/19 -218.104.192.0/21 -218.104.200.0/21 -218.104.208.0/20 -218.104.224.0/19 -218.105.0.0/16 -218.106.0.0/15 -218.108.0.0/16 -218.109.0.0/16 -218.185.192.0/19 -218.185.240.0/21 -218.192.0.0/16 -218.193.0.0/16 -218.194.0.0/16 -218.195.0.0/16 -218.196.0.0/14 -218.200.0.0/14 -218.204.0.0/15 -218.206.0.0/15 -218.240.0.0/14 -218.244.0.0/15 -218.246.0.0/15 -218.249.0.0/16 -219.72.0.0/16 -219.82.0.0/16 -219.83.128.0/17 -219.90.68.0/22 -219.90.72.0/22 -219.90.76.0/22 -219.128.0.0/12 -219.144.0.0/14 -219.148.0.0/16 -219.149.0.0/17 -219.149.128.0/18 -219.149.192.0/18 -219.150.0.0/19 -219.150.32.0/19 -219.150.64.0/19 -219.150.96.0/20 -219.150.112.0/20 -219.150.128.0/17 -219.151.0.0/19 -219.151.32.0/19 -219.151.64.0/18 -219.151.128.0/17 -219.152.0.0/15 -219.154.0.0/15 -219.156.0.0/15 -219.158.0.0/17 -219.158.128.0/17 -219.159.0.0/18 -219.159.64.0/18 -219.159.128.0/17 -219.216.0.0/15 -219.218.0.0/15 -219.220.0.0/16 -219.221.0.0/16 -219.222.0.0/15 -219.224.0.0/15 -219.226.0.0/16 -219.227.0.0/16 -219.228.0.0/15 -219.230.0.0/15 -219.232.0.0/14 -219.236.0.0/15 -219.238.0.0/15 -219.242.0.0/15 -219.244.0.0/14 -220.101.192.0/18 -220.112.0.0/14 -220.152.128.0/17 -220.154.0.0/15 -220.158.240.0/22 -220.160.0.0/11 -220.192.0.0/15 -220.194.0.0/15 -220.196.0.0/14 -220.200.0.0/13 -220.231.0.0/18 -220.231.128.0/17 -220.232.64.0/18 -220.234.0.0/16 -220.242.0.0/15 -220.247.136.0/21 -220.248.0.0/14 -220.252.0.0/16 -221.0.0.0/15 -221.2.0.0/16 -221.3.0.0/17 -221.3.128.0/17 -221.4.0.0/16 -221.5.0.0/17 -221.5.128.0/17 -221.6.0.0/16 -221.7.0.0/19 -221.7.32.0/19 -221.7.64.0/19 -221.7.96.0/19 -221.7.128.0/17 -221.8.0.0/15 -221.10.0.0/16 -221.11.0.0/17 -221.11.128.0/18 -221.11.192.0/19 -221.11.224.0/19 -221.12.0.0/17 -221.12.128.0/18 -221.13.0.0/18 -221.13.64.0/19 -221.13.96.0/19 -221.13.128.0/17 -221.14.0.0/15 -221.122.0.0/15 -221.128.128.0/17 -221.129.0.0/16 -221.130.0.0/15 -221.133.224.0/19 -221.136.0.0/16 -221.137.0.0/16 -221.172.0.0/14 -221.176.0.0/13 -221.192.0.0/15 -221.194.0.0/16 -221.195.0.0/16 -221.196.0.0/15 -221.198.0.0/16 -221.199.0.0/19 -221.199.32.0/20 -221.199.48.0/20 -221.199.64.0/18 -221.199.128.0/18 -221.199.192.0/20 -221.199.224.0/19 -221.200.0.0/14 -221.204.0.0/15 -221.206.0.0/16 -221.207.0.0/18 -221.207.64.0/18 -221.207.128.0/17 -221.208.0.0/14 -221.212.0.0/16 -221.213.0.0/16 -221.214.0.0/15 -221.216.0.0/13 -221.224.0.0/13 -221.232.0.0/14 -221.236.0.0/15 -221.238.0.0/16 -221.239.0.0/17 -221.239.128.0/17 -222.16.0.0/15 -222.18.0.0/15 -222.20.0.0/15 -222.22.0.0/16 -222.23.0.0/16 -222.24.0.0/15 -222.26.0.0/15 -222.28.0.0/14 -222.32.0.0/11 -222.64.0.0/13 -222.72.0.0/15 -222.74.0.0/16 -222.75.0.0/16 -222.76.0.0/14 -222.80.0.0/15 -222.82.0.0/16 -222.83.0.0/17 -222.83.128.0/17 -222.84.0.0/16 -222.85.0.0/17 -222.85.128.0/17 -222.86.0.0/15 -222.88.0.0/15 -222.90.0.0/15 -222.92.0.0/14 -222.125.0.0/16 -222.126.128.0/17 -222.128.0.0/14 -222.132.0.0/14 -222.136.0.0/13 -222.160.0.0/15 -222.162.0.0/16 -222.163.0.0/19 -222.163.32.0/19 -222.163.64.0/18 -222.163.128.0/17 -222.168.0.0/15 -222.170.0.0/15 -222.172.0.0/17 -222.172.128.0/17 -222.173.0.0/16 -222.174.0.0/15 -222.176.0.0/13 -222.184.0.0/13 -222.192.0.0/14 -222.196.0.0/15 -222.198.0.0/16 -222.199.0.0/16 -222.200.0.0/14 -222.204.0.0/15 -222.206.0.0/15 -222.208.0.0/13 -222.216.0.0/15 -222.218.0.0/16 -222.219.0.0/16 -222.220.0.0/15 -222.222.0.0/15 -222.240.0.0/13 -222.248.0.0/16 -222.249.0.0/17 -222.249.128.0/19 -222.249.160.0/20 -222.249.176.0/20 -222.249.192.0/18 -223.0.0.0/15 -223.2.0.0/15 -223.4.0.0/14 -223.8.0.0/13 -223.20.0.0/15 -223.27.184.0/22 -223.29.208.0/22 -223.29.252.0/22 -223.64.0.0/11 -223.96.0.0/12 -223.112.0.0/14 -223.116.0.0/15 -223.120.128.0/17 -223.121.128.0/17 -223.122.0.0/15 -223.124.0.0/14 -223.128.0.0/15 -223.144.0.0/12 -223.160.0.0/14 -223.166.0.0/15 -223.192.0.0/15 -223.198.0.0/15 -223.201.0.0/16 -223.202.0.0/15 -223.208.0.0/14 -223.212.0.0/15 -223.214.0.0/15 -223.220.0.0/15 -223.223.176.0/20 -223.223.192.0/20 -223.240.0.0/13 -223.248.0.0/14 -223.252.128.0/17 -223.254.0.0/16 -223.255.0.0/17 -223.255.236.0/22 -223.255.252.0/23 diff --git a/package/lean/luci-app-ssr-plus/root/etc/config/netflix.list b/package/lean/luci-app-ssr-plus/root/etc/config/netflix.list deleted file mode 100644 index f98f711b..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/config/netflix.list +++ /dev/null @@ -1,25 +0,0 @@ -amazonaws.com -aws.amazon.com -awsstatic.com -fast.com -netflix.com -netflix.net -nflxext.com -nflximg.net -nflxso.net -nflxvideo.net -netflixdnstest0.com -netflixdnstest1.com -netflixdnstest2.com -netflixdnstest3.com -netflixdnstest4.com -netflixdnstest5.com -netflixdnstest6.com -netflixdnstest7.com -netflixdnstest8.com -netflixdnstest9.com -hulu.com -huluim.com -hbonow.com -hbogo.com -hbo.com diff --git a/package/lean/luci-app-ssr-plus/root/etc/config/netflixip.list b/package/lean/luci-app-ssr-plus/root/etc/config/netflixip.list deleted file mode 100644 index 72a40352..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/config/netflixip.list +++ /dev/null @@ -1,15 +0,0 @@ -8.41.4.0/24 -23.246.0.0/18 -37.77.184.0/21 -45.57.0.0/17 -64.120.128.0/17 -66.197.128.0/17 -69.53.224.0/19 -108.175.32.0/20 -185.2.220.0/22 -185.9.188.0/22 -192.173.64.0/18 -198.38.96.0/19 -198.45.48.0/20 -207.45.72.0/22 -208.75.76.0/22 \ No newline at end of file diff --git a/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr b/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr deleted file mode 100644 index faaa2348..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/config/shadowsocksr +++ /dev/null @@ -1,43 +0,0 @@ - -config global - option tunnel_forward '8.8.4.4:53' - option tunnel_address '0.0.0.0' - option run_mode 'router' - option dports '2' - option pdnsd_enable '1' - option monitor_enable '1' - option global_server 'nil' - option enable_switch '1' - option switch_timeout '5' - option switch_time '667' - option switch_try_count '3' - option gfwlist_url 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt' - option chnroute_url 'https://ispip.clang.cn/all_cn.txt' - option nfip_url 'https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt' - option adblock_url 'https://gitee.com/privacy-protection-tools/anti-ad/raw/master/anti-ad-for-dnsmasq.conf' - option netflix_server 'same' - option threads '0' - -config socks5_proxy - option socks '0' - option local_port '1080' - option local_address '0.0.0.0' - -config access_control - option wan_bp_list '/etc/china_ssr.txt' - option lan_ac_mode 'b' - option router_proxy '1' - list wan_fw_ips '149.154.160.0/20' - list wan_fw_ips '67.198.55.0/24' - list wan_fw_ips '91.108.4.0/22' - list wan_fw_ips '91.108.56.0/22' - list wan_fw_ips '109.239.140.0/24' - -config server_global - option enable_server '0' - -config server_subscribe - option proxy '0' - option auto_update_time '2' - option auto_update '1' - option filter_words '过期时间/剩余流量/QQ群/官网/防失联地址/回国' diff --git a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.oversea/oversea_list.conf b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.oversea/oversea_list.conf deleted file mode 100644 index ae50fb90..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.oversea/oversea_list.conf +++ /dev/null @@ -1,192 +0,0 @@ -server=/v.youku.com/127.0.0.1#5335 -server=/api.youku.com/127.0.0.1#5335 -server=/v2.tudou.com/127.0.0.1#5335 -server=/www.tudou.com/127.0.0.1#5335 -server=/s.plcloud.music.qq.com/127.0.0.1#5335 -server=/i.y.qq.com/127.0.0.1#5335 -server=/hot.vrs.sohu.com/127.0.0.1#5335 -server=/live.tv.sohu.com/127.0.0.1#5335 -server=/pad.tv.sohu.com/127.0.0.1#5335 -server=/my.tv.sohu.com/127.0.0.1#5335 -server=/hot.vrs.letv.com/127.0.0.1#5335 -server=/data.video.qiyi.com/127.0.0.1#5335 -server=/cache.video.qiyi.com/127.0.0.1#5335 -server=/cache.vip.qiyi.com/127.0.0.1#5335 -server=/vv.video.qq.com/127.0.0.1#5335 -server=/tt.video.qq.com/127.0.0.1#5335 -server=/ice.video.qq.com/127.0.0.1#5335 -server=/tjsa.video.qq.com/127.0.0.1#5335 -server=/a10.video.qq.com/127.0.0.1#5335 -server=/xyy.video.qq.com/127.0.0.1#5335 -server=/vcq.video.qq.com/127.0.0.1#5335 -server=/vsh.video.qq.com/127.0.0.1#5335 -server=/vbj.video.qq.com/127.0.0.1#5335 -server=/bobo.video.qq.com/127.0.0.1#5335 -server=/flvs.video.qq.com/127.0.0.1#5335 -server=/bkvv.video.qq.com/127.0.0.1#5335 -server=/info.zb.qq.com/127.0.0.1#5335 -server=/geo.js.kankan.xunlei.com/127.0.0.1#5335 -server=/web-play.pptv.com/127.0.0.1#5335 -server=/web-play.pplive.cn/127.0.0.1#5335 -server=/dyn.ugc.pps.tv/127.0.0.1#5335 -server=/v.pps.tv/127.0.0.1#5335 -server=/inner.kandian.com/127.0.0.1#5335 -server=/ipservice.163.com/127.0.0.1#5335 -server=/so.open.163.com/127.0.0.1#5335 -server=/zb.s.qq.com/127.0.0.1#5335 -server=/ip.kankan.xunlei.com/127.0.0.1#5335 -server=/vxml.56.com/127.0.0.1#5335 -server=/music.sina.com.cn/127.0.0.1#5335 -server=/play.baidu.com/127.0.0.1#5335 -server=/v.iask.com/127.0.0.1#5335 -server=/tv.weibo.com/127.0.0.1#5335 -server=/wtv.v.iask.com/127.0.0.1#5335 -server=/video.sina.com.cn/127.0.0.1#5335 -server=/www.yinyuetai.com/127.0.0.1#5335 -server=/api.letv.com/127.0.0.1#5335 -server=/live.gslb.letv.com/127.0.0.1#5335 -server=/static.itv.letv.com/127.0.0.1#5335 -server=/ip.apps.cntv.cn/127.0.0.1#5335 -server=/vdn.apps.cntv.cn/127.0.0.1#5335 -server=/vdn.live.cntv.cn/127.0.0.1#5335 -server=/vip.sports.cntv.cn/127.0.0.1#5335 -server=/a.play.api.3g.youku.com/127.0.0.1#5335 -server=/i.play.api.3g.youku.com/127.0.0.1#5335 -server=/api.3g.youku.com/127.0.0.1#5335 -server=/tv.api.3g.youku.com/127.0.0.1#5335 -server=/play.api.3g.youku.com/127.0.0.1#5335 -server=/play.api.3g.tudou.com/127.0.0.1#5335 -server=/tv.api.3g.tudou.com/127.0.0.1#5335 -server=/api.3g.tudou.com/127.0.0.1#5335 -server=/api.tv.sohu.com/127.0.0.1#5335 -server=/access.tv.sohu.com/127.0.0.1#5335 -server=/iface.iqiyi.com/127.0.0.1#5335 -server=/iface2.iqiyi.com/127.0.0.1#5335 -server=/cache.m.iqiyi.com/127.0.0.1#5335 -server=/dynamic.app.m.letv.com/127.0.0.1#5335 -server=/dynamic.meizi.app.m.letv.com/127.0.0.1#5335 -server=/dynamic.search.app.m.letv.com/127.0.0.1#5335 -server=/dynamic.live.app.m.letv.com/127.0.0.1#5335 -server=/listso.m.areainfo.ppstream.com/127.0.0.1#5335 -server=/epg.api.pptv.com/127.0.0.1#5335 -server=/play.api.pptv.com/127.0.0.1#5335 -server=/m.letv.com/127.0.0.1#5335 -server=/interface.bilibili.com/127.0.0.1#5335 -server=/3g.music.qq.com/127.0.0.1#5335 -server=/mqqplayer.3g.qq.com/127.0.0.1#5335 -server=/proxy.music.qq.com/127.0.0.1#5335 -server=/proxymc.qq.com/127.0.0.1#5335 -server=/ip2.kugou.com/127.0.0.1#5335 -server=/ip.kugou.com/127.0.0.1#5335 -server=/client.api.ttpod.com/127.0.0.1#5335 -server=/mobi.kuwo.cn/127.0.0.1#5335 -server=/mobilefeedback.kugou.com/127.0.0.1#5335 -server=/tingapi.ting.baidu.com/127.0.0.1#5335 -server=/music.baidu.com/127.0.0.1#5335 -server=/serviceinfo.sdk.duomi.com/127.0.0.1#5335 -server=/music.163.com/127.0.0.1#5335 -server=/www.xiami.com/127.0.0.1#5335 -server=/spark.api.xiami.com/127.0.0.1#5335 -server=/iplocation.geo.qiyi.com/127.0.0.1#5335 -server=/sns.video.qq.com/127.0.0.1#5335 -server=/v5.pc.duomi.com/127.0.0.1#5335 -server=/tms.is.ysten.com/127.0.0.1#5335 -server=/internal.check.duokanbox.com/127.0.0.1#5335 -server=/openapi.youku.com/127.0.0.1#5335 -server=/y.qq.com/127.0.0.1#5335 -ipset=/v.youku.com/oversea -ipset=/api.youku.com/oversea -ipset=/v2.tudou.com/oversea -ipset=/www.tudou.com/oversea -ipset=/s.plcloud.music.qq.com/oversea -ipset=/i.y.qq.com/oversea -ipset=/hot.vrs.sohu.com/oversea -ipset=/live.tv.sohu.com/oversea -ipset=/pad.tv.sohu.com/oversea -ipset=/my.tv.sohu.com/oversea -ipset=/hot.vrs.letv.com/oversea -ipset=/data.video.qiyi.com/oversea -ipset=/cache.video.qiyi.com/oversea -ipset=/cache.vip.qiyi.com/oversea -ipset=/vv.video.qq.com/oversea -ipset=/tt.video.qq.com/oversea -ipset=/ice.video.qq.com/oversea -ipset=/tjsa.video.qq.com/oversea -ipset=/a10.video.qq.com/oversea -ipset=/xyy.video.qq.com/oversea -ipset=/vcq.video.qq.com/oversea -ipset=/vsh.video.qq.com/oversea -ipset=/vbj.video.qq.com/oversea -ipset=/bobo.video.qq.com/oversea -ipset=/flvs.video.qq.com/oversea -ipset=/bkvv.video.qq.com/oversea -ipset=/info.zb.qq.com/oversea -ipset=/geo.js.kankan.xunlei.com/oversea -ipset=/web-play.pptv.com/oversea -ipset=/web-play.pplive.cn/oversea -ipset=/dyn.ugc.pps.tv/oversea -ipset=/v.pps.tv/oversea -ipset=/inner.kandian.com/oversea -ipset=/ipservice.163.com/oversea -ipset=/so.open.163.com/oversea -ipset=/zb.s.qq.com/oversea -ipset=/ip.kankan.xunlei.com/oversea -ipset=/vxml.56.com/oversea -ipset=/music.sina.com.cn/oversea -ipset=/play.baidu.com/oversea -ipset=/v.iask.com/oversea -ipset=/tv.weibo.com/oversea -ipset=/wtv.v.iask.com/oversea -ipset=/video.sina.com.cn/oversea -ipset=/www.yinyuetai.com/oversea -ipset=/api.letv.com/oversea -ipset=/live.gslb.letv.com/oversea -ipset=/static.itv.letv.com/oversea -ipset=/ip.apps.cntv.cn/oversea -ipset=/vdn.apps.cntv.cn/oversea -ipset=/vdn.live.cntv.cn/oversea -ipset=/vip.sports.cntv.cn/oversea -ipset=/a.play.api.3g.youku.com/oversea -ipset=/i.play.api.3g.youku.com/oversea -ipset=/api.3g.youku.com/oversea -ipset=/tv.api.3g.youku.com/oversea -ipset=/play.api.3g.youku.com/oversea -ipset=/play.api.3g.tudou.com/oversea -ipset=/tv.api.3g.tudou.com/oversea -ipset=/api.3g.tudou.com/oversea -ipset=/api.tv.sohu.com/oversea -ipset=/access.tv.sohu.com/oversea -ipset=/iface.iqiyi.com/oversea -ipset=/iface2.iqiyi.com/oversea -ipset=/cache.m.iqiyi.com/oversea -ipset=/dynamic.app.m.letv.com/oversea -ipset=/dynamic.meizi.app.m.letv.com/oversea -ipset=/dynamic.search.app.m.letv.com/oversea -ipset=/dynamic.live.app.m.letv.com/oversea -ipset=/listso.m.areainfo.ppstream.com/oversea -ipset=/epg.api.pptv.com/oversea -ipset=/play.api.pptv.com/oversea -ipset=/m.letv.com/oversea -ipset=/interface.bilibili.com/oversea -ipset=/3g.music.qq.com/oversea -ipset=/mqqplayer.3g.qq.com/oversea -ipset=/proxy.music.qq.com/oversea -ipset=/proxymc.qq.com/oversea -ipset=/ip2.kugou.com/oversea -ipset=/ip.kugou.com/oversea -ipset=/client.api.ttpod.com/oversea -ipset=/mobi.kuwo.cn/oversea -ipset=/mobilefeedback.kugou.com/oversea -ipset=/tingapi.ting.baidu.com/oversea -ipset=/music.baidu.com/oversea -ipset=/serviceinfo.sdk.duomi.com/oversea -ipset=/music.163.com/oversea -ipset=/www.xiami.com/oversea -ipset=/spark.api.xiami.com/oversea -ipset=/iplocation.geo.qiyi.com/oversea -ipset=/sns.video.qq.com/oversea -ipset=/v5.pc.duomi.com/oversea -ipset=/tms.is.ysten.com/oversea -ipset=/internal.check.duokanbox.com/oversea -ipset=/openapi.youku.com/oversea -ipset=/y.qq.com/oversea diff --git a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_base.conf b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_base.conf deleted file mode 100644 index 9c64cc14..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_base.conf +++ /dev/null @@ -1,108 +0,0 @@ -ipset=/.91smartyun.pt/gfwlist -ipset=/.adobe.com/gfwlist -ipset=/.amazonaws.com/gfwlist -ipset=/.ampproject.org/gfwlist -ipset=/.apple.news/gfwlist -ipset=/.aws.amazon.com/gfwlist -ipset=/.azureedge.net/gfwlist -ipset=/.backpackers.com.tw/gfwlist -ipset=/.bitfinex.com/gfwlist -ipset=/.buzzfeed.com/gfwlist -ipset=/.clockwise.ee/gfwlist -ipset=/.cloudfront.net/gfwlist -ipset=/.coindesk.com/gfwlist -ipset=/.coinsquare.io/gfwlist -ipset=/.cryptocompare.com/gfwlist -ipset=/.dropboxstatic.com/gfwlist -ipset=/.eurecom.fr/gfwlist -ipset=/.gdax.com/gfwlist -ipset=/.github.com/gfwlist -ipset=/.kknews.cc/gfwlist -ipset=/.nutaq.com/gfwlist -ipset=/.openairinterface.org/gfwlist -ipset=/.skype.com/gfwlist -ipset=/.sublimetext.com/gfwlist -ipset=/.textnow.com/gfwlist -ipset=/.textnow.me/gfwlist -ipset=/.trouter.io/gfwlist -ipset=/.t66y.com/gfwlist -ipset=/.uploaded.net/gfwlist -ipset=/.whatsapp.com/gfwlist -ipset=/.whatsapp.net/gfwlist -ipset=/.wsj.net/gfwlist -ipset=/.google.com/gfwlist -ipset=/.google.com.hk/gfwlist -ipset=/.gstatic.com/gfwlist -ipset=/.googleusercontent.com/gfwlist -ipset=/.googlepages.com/gfwlist -ipset=/.googlevideo.com/gfwlist -ipset=/.googlecode.com/gfwlist -ipset=/.googleapis.com/gfwlist -ipset=/.googlesource.com/gfwlist -ipset=/.googledrive.com/gfwlist -ipset=/.ggpht.com/gfwlist -ipset=/.youtube.com/gfwlist -ipset=/.youtu.be/gfwlist -ipset=/.ytimg.com/gfwlist -ipset=/.twitter.com/gfwlist -ipset=/.facebook.com/gfwlist -ipset=/.fastly.net/gfwlist -ipset=/.akamai.net/gfwlist -ipset=/.akamaiedge.net/gfwlist -ipset=/.akamaihd.net/gfwlist -ipset=/.edgesuite.net/gfwlist -ipset=/.edgekey.net/gfwlist -server=/.91smartyun.pt/127.0.0.1#5335 -server=/.adobe.com/127.0.0.1#5335 -server=/.amazonaws.com/127.0.0.1#5335 -server=/.ampproject.org/127.0.0.1#5335 -server=/.apple.news/127.0.0.1#5335 -server=/.aws.amazon.com/127.0.0.1#5335 -server=/.azureedge.net/127.0.0.1#5335 -server=/.backpackers.com.tw/127.0.0.1#5335 -server=/.bitfinex.com/127.0.0.1#5335 -server=/.buzzfeed.com/127.0.0.1#5335 -server=/.clockwise.ee/127.0.0.1#5335 -server=/.cloudfront.net/127.0.0.1#5335 -server=/.coindesk.com/127.0.0.1#5335 -server=/.coinsquare.io/127.0.0.1#5335 -server=/.cryptocompare.com/127.0.0.1#5335 -server=/.dropboxstatic.com/127.0.0.1#5335 -server=/.eurecom.fr/127.0.0.1#5335 -server=/.gdax.com/127.0.0.1#5335 -server=/.github.com/127.0.0.1#5335 -server=/.kknews.cc/127.0.0.1#5335 -server=/.nutaq.com/127.0.0.1#5335 -server=/.openairinterface.org/127.0.0.1#5335 -server=/.skype.com/127.0.0.1#5335 -server=/.sublimetext.com/127.0.0.1#5335 -server=/.textnow.com/127.0.0.1#5335 -server=/.textnow.me/127.0.0.1#5335 -server=/.trouter.io/127.0.0.1#5335 -server=/.t66y.com/127.0.0.1#5335 -server=/.uploaded.net/127.0.0.1#5335 -server=/.whatsapp.com/127.0.0.1#5335 -server=/.whatsapp.net/127.0.0.1#5335 -server=/.wsj.net/127.0.0.1#5335 -server=/.google.com/127.0.0.1#5335 -server=/.google.com.hk/127.0.0.1#5335 -server=/.gstatic.com/127.0.0.1#5335 -server=/.googleusercontent.com/127.0.0.1#5335 -server=/.googlepages.com/127.0.0.1#5335 -server=/.googlevideo.com/127.0.0.1#5335 -server=/.googlecode.com/127.0.0.1#5335 -server=/.googleapis.com/127.0.0.1#5335 -server=/.googlesource.com/127.0.0.1#5335 -server=/.googledrive.com/127.0.0.1#5335 -server=/.ggpht.com/127.0.0.1#5335 -server=/.youtube.com/127.0.0.1#5335 -server=/.youtu.be/127.0.0.1#5335 -server=/.ytimg.com/127.0.0.1#5335 -server=/.twitter.com/127.0.0.1#5335 -server=/.facebook.com/127.0.0.1#5335 -server=/.fastly.net/127.0.0.1#5335 -server=/.akamai.net/127.0.0.1#5335 -server=/.akamaiedge.net/127.0.0.1#5335 -server=/.akamaihd.net/127.0.0.1#5335 -server=/.edgesuite.net/127.0.0.1#5335 -server=/.edgekey.net/127.0.0.1#5335 diff --git a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf b/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf deleted file mode 100644 index cfeb42fc..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/dnsmasq.ssr/gfw_list.conf +++ /dev/null @@ -1,10430 +0,0 @@ -server=/.030buy.com/127.0.0.1#5335 -ipset=/.030buy.com/gfwlist -server=/.0rz.tw/127.0.0.1#5335 -ipset=/.0rz.tw/gfwlist -server=/.10.tt/127.0.0.1#5335 -ipset=/.10.tt/gfwlist -server=/.1000giri.net/127.0.0.1#5335 -ipset=/.1000giri.net/gfwlist -server=/.100ke.org/127.0.0.1#5335 -ipset=/.100ke.org/gfwlist -server=/.10conditionsoflove.com/127.0.0.1#5335 -ipset=/.10conditionsoflove.com/gfwlist -server=/.10musume.com/127.0.0.1#5335 -ipset=/.10musume.com/gfwlist -server=/.123rf.com/127.0.0.1#5335 -ipset=/.123rf.com/gfwlist -server=/.12bet.com/127.0.0.1#5335 -ipset=/.12bet.com/gfwlist -server=/.12vpn.com/127.0.0.1#5335 -ipset=/.12vpn.com/gfwlist -server=/.12vpn.net/127.0.0.1#5335 -ipset=/.12vpn.net/gfwlist -server=/.138.com/127.0.0.1#5335 -ipset=/.138.com/gfwlist -server=/.141hongkong.com/127.0.0.1#5335 -ipset=/.141hongkong.com/gfwlist -server=/.141jj.com/127.0.0.1#5335 -ipset=/.141jj.com/gfwlist -server=/.141tube.com/127.0.0.1#5335 -ipset=/.141tube.com/gfwlist -server=/.1688.com.au/127.0.0.1#5335 -ipset=/.1688.com.au/gfwlist -server=/.173ng.com/127.0.0.1#5335 -ipset=/.173ng.com/gfwlist -server=/.177pic.info/127.0.0.1#5335 -ipset=/.177pic.info/gfwlist -server=/.17t17p.com/127.0.0.1#5335 -ipset=/.17t17p.com/gfwlist -server=/.18board.com/127.0.0.1#5335 -ipset=/.18board.com/gfwlist -server=/.18board.info/127.0.0.1#5335 -ipset=/.18board.info/gfwlist -server=/.18onlygirls.com/127.0.0.1#5335 -ipset=/.18onlygirls.com/gfwlist -server=/.18p2p.com/127.0.0.1#5335 -ipset=/.18p2p.com/gfwlist -server=/.18virginsex.com/127.0.0.1#5335 -ipset=/.18virginsex.com/gfwlist -server=/.1949er.org/127.0.0.1#5335 -ipset=/.1949er.org/gfwlist -server=/.1984bbs.com/127.0.0.1#5335 -ipset=/.1984bbs.com/gfwlist -server=/.1984bbs.org/127.0.0.1#5335 -ipset=/.1984bbs.org/gfwlist -server=/.1989report.hkja.org.hk/127.0.0.1#5335 -ipset=/.1989report.hkja.org.hk/gfwlist -server=/.1991way.com/127.0.0.1#5335 -ipset=/.1991way.com/gfwlist -server=/.1998cdp.org/127.0.0.1#5335 -ipset=/.1998cdp.org/gfwlist -server=/.1bao.org/127.0.0.1#5335 -ipset=/.1bao.org/gfwlist -server=/.1dumb.com/127.0.0.1#5335 -ipset=/.1dumb.com/gfwlist -server=/.1e100.net/127.0.0.1#5335 -ipset=/.1e100.net/gfwlist -server=/.1eew.com/127.0.0.1#5335 -ipset=/.1eew.com/gfwlist -server=/.1mobile.com/127.0.0.1#5335 -ipset=/.1mobile.com/gfwlist -server=/.1pondo.tv/127.0.0.1#5335 -ipset=/.1pondo.tv/gfwlist -server=/.2-hand.info/127.0.0.1#5335 -ipset=/.2-hand.info/gfwlist -server=/.2008xianzhang.info/127.0.0.1#5335 -ipset=/.2008xianzhang.info/gfwlist -server=/.2017.hk/127.0.0.1#5335 -ipset=/.2017.hk/gfwlist -server=/.21join.com/127.0.0.1#5335 -ipset=/.21join.com/gfwlist -server=/.21pron.com/127.0.0.1#5335 -ipset=/.21pron.com/gfwlist -server=/.21sextury.com/127.0.0.1#5335 -ipset=/.21sextury.com/gfwlist -server=/.228.net.tw/127.0.0.1#5335 -ipset=/.228.net.tw/gfwlist -server=/.233abc.com/127.0.0.1#5335 -ipset=/.233abc.com/gfwlist -server=/.24hrs.ca/127.0.0.1#5335 -ipset=/.24hrs.ca/gfwlist -server=/.24smile.org/127.0.0.1#5335 -ipset=/.24smile.org/gfwlist -server=/.25u.com/127.0.0.1#5335 -ipset=/.25u.com/gfwlist -server=/.2lipstube.com/127.0.0.1#5335 -ipset=/.2lipstube.com/gfwlist -server=/.2shared.com/127.0.0.1#5335 -ipset=/.2shared.com/gfwlist -server=/.2waky.com/127.0.0.1#5335 -ipset=/.2waky.com/gfwlist -server=/.3-a.net/127.0.0.1#5335 -ipset=/.3-a.net/gfwlist -server=/.30boxes.com/127.0.0.1#5335 -ipset=/.30boxes.com/gfwlist -server=/.315lz.com/127.0.0.1#5335 -ipset=/.315lz.com/gfwlist -server=/.32red.com/127.0.0.1#5335 -ipset=/.32red.com/gfwlist -server=/.36rain.com/127.0.0.1#5335 -ipset=/.36rain.com/gfwlist -server=/.3a5a.com/127.0.0.1#5335 -ipset=/.3a5a.com/gfwlist -server=/.3arabtv.com/127.0.0.1#5335 -ipset=/.3arabtv.com/gfwlist -server=/.3boys2girls.com/127.0.0.1#5335 -ipset=/.3boys2girls.com/gfwlist -server=/.3d-game.com/127.0.0.1#5335 -ipset=/.3d-game.com/gfwlist -server=/.3proxy.ru/127.0.0.1#5335 -ipset=/.3proxy.ru/gfwlist -server=/.3ren.ca/127.0.0.1#5335 -ipset=/.3ren.ca/gfwlist -server=/.3tui.net/127.0.0.1#5335 -ipset=/.3tui.net/gfwlist -server=/.43110.cf/127.0.0.1#5335 -ipset=/.43110.cf/gfwlist -server=/.466453.com/127.0.0.1#5335 -ipset=/.466453.com/gfwlist -server=/.4bluestones.biz/127.0.0.1#5335 -ipset=/.4bluestones.biz/gfwlist -server=/.4chan.com/127.0.0.1#5335 -ipset=/.4chan.com/gfwlist -server=/.4dq.com/127.0.0.1#5335 -ipset=/.4dq.com/gfwlist -server=/.4everproxy.com/127.0.0.1#5335 -ipset=/.4everproxy.com/gfwlist -server=/.4irc.com/127.0.0.1#5335 -ipset=/.4irc.com/gfwlist -server=/.4mydomain.com/127.0.0.1#5335 -ipset=/.4mydomain.com/gfwlist -server=/.4pu.com/127.0.0.1#5335 -ipset=/.4pu.com/gfwlist -server=/.4rbtv.com/127.0.0.1#5335 -ipset=/.4rbtv.com/gfwlist -server=/.4shared.com/127.0.0.1#5335 -ipset=/.4shared.com/gfwlist -server=/.51.ca/127.0.0.1#5335 -ipset=/.51.ca/gfwlist -server=/.51jav.org/127.0.0.1#5335 -ipset=/.51jav.org/gfwlist -server=/.51luoben.com/127.0.0.1#5335 -ipset=/.51luoben.com/gfwlist -server=/.5278.cc/127.0.0.1#5335 -ipset=/.5278.cc/gfwlist -server=/.5299.tv/127.0.0.1#5335 -ipset=/.5299.tv/gfwlist -server=/.56cun04.jigsy.com/127.0.0.1#5335 -ipset=/.56cun04.jigsy.com/gfwlist -server=/.5aimiku.com/127.0.0.1#5335 -ipset=/.5aimiku.com/gfwlist -server=/.5i01.com/127.0.0.1#5335 -ipset=/.5i01.com/gfwlist -server=/.5isotoi5.org/127.0.0.1#5335 -ipset=/.5isotoi5.org/gfwlist -server=/.5maodang.com/127.0.0.1#5335 -ipset=/.5maodang.com/gfwlist -server=/.63i.com/127.0.0.1#5335 -ipset=/.63i.com/gfwlist -server=/.64museum.org/127.0.0.1#5335 -ipset=/.64museum.org/gfwlist -server=/.64tianwang.com/127.0.0.1#5335 -ipset=/.64tianwang.com/gfwlist -server=/.64wiki.com/127.0.0.1#5335 -ipset=/.64wiki.com/gfwlist -server=/.66.ca/127.0.0.1#5335 -ipset=/.66.ca/gfwlist -server=/.666kb.com/127.0.0.1#5335 -ipset=/.666kb.com/gfwlist -server=/.6park.com/127.0.0.1#5335 -ipset=/.6park.com/gfwlist -server=/.6parkbbs.com/127.0.0.1#5335 -ipset=/.6parkbbs.com/gfwlist -server=/.6parker.com/127.0.0.1#5335 -ipset=/.6parker.com/gfwlist -server=/.6parknews.com/127.0.0.1#5335 -ipset=/.6parknews.com/gfwlist -server=/.7capture.com/127.0.0.1#5335 -ipset=/.7capture.com/gfwlist -server=/.7cow.com/127.0.0.1#5335 -ipset=/.7cow.com/gfwlist -server=/.8-d.com/127.0.0.1#5335 -ipset=/.8-d.com/gfwlist -server=/.85cc.net/127.0.0.1#5335 -ipset=/.85cc.net/gfwlist -server=/.85cc.us/127.0.0.1#5335 -ipset=/.85cc.us/gfwlist -server=/.85st.com/127.0.0.1#5335 -ipset=/.85st.com/gfwlist -server=/.881903.com/127.0.0.1#5335 -ipset=/.881903.com/gfwlist -server=/.888.com/127.0.0.1#5335 -ipset=/.888.com/gfwlist -server=/.888poker.com/127.0.0.1#5335 -ipset=/.888poker.com/gfwlist -server=/.89-64.org/127.0.0.1#5335 -ipset=/.89-64.org/gfwlist -server=/.89.64.charter.constitutionalism.solutions/127.0.0.1#5335 -ipset=/.89.64.charter.constitutionalism.solutions/gfwlist -server=/.8news.com.tw/127.0.0.1#5335 -ipset=/.8news.com.tw/gfwlist -server=/.8z1.net/127.0.0.1#5335 -ipset=/.8z1.net/gfwlist -server=/.9001700.com/127.0.0.1#5335 -ipset=/.9001700.com/gfwlist -server=/.91porn.com/127.0.0.1#5335 -ipset=/.91porn.com/gfwlist -server=/.91vps.club/127.0.0.1#5335 -ipset=/.91vps.club/gfwlist -server=/.92ccav.com/127.0.0.1#5335 -ipset=/.92ccav.com/gfwlist -server=/.991.com/127.0.0.1#5335 -ipset=/.991.com/gfwlist -server=/.99btgc01.com/127.0.0.1#5335 -ipset=/.99btgc01.com/gfwlist -server=/.99cn.info/127.0.0.1#5335 -ipset=/.99cn.info/gfwlist -server=/.9bis.com/127.0.0.1#5335 -ipset=/.9bis.com/gfwlist -server=/.9bis.net/127.0.0.1#5335 -ipset=/.9bis.net/gfwlist -server=/.9gag.com/127.0.0.1#5335 -ipset=/.9gag.com/gfwlist -server=/.a-normal-day.com/127.0.0.1#5335 -ipset=/.a-normal-day.com/gfwlist -server=/.a248.e.akamai.net/127.0.0.1#5335 -ipset=/.a248.e.akamai.net/gfwlist -server=/.a5.com.ru/127.0.0.1#5335 -ipset=/.a5.com.ru/gfwlist -server=/.aamacau.com/127.0.0.1#5335 -ipset=/.aamacau.com/gfwlist -server=/.abc.com/127.0.0.1#5335 -ipset=/.abc.com/gfwlist -server=/.abc.net.au/127.0.0.1#5335 -ipset=/.abc.net.au/gfwlist -server=/.abc.pp.ru/127.0.0.1#5335 -ipset=/.abc.pp.ru/gfwlist -server=/.abc.xyz/127.0.0.1#5335 -ipset=/.abc.xyz/gfwlist -server=/.abchinese.com/127.0.0.1#5335 -ipset=/.abchinese.com/gfwlist -server=/.abclite.net/127.0.0.1#5335 -ipset=/.abclite.net/gfwlist -server=/.abebooks.com/127.0.0.1#5335 -ipset=/.abebooks.com/gfwlist -server=/.abematv.akamaized.net/127.0.0.1#5335 -ipset=/.abematv.akamaized.net/gfwlist -server=/.ablwang.com/127.0.0.1#5335 -ipset=/.ablwang.com/gfwlist -server=/.aboluowang.com/127.0.0.1#5335 -ipset=/.aboluowang.com/gfwlist -server=/.about.google/127.0.0.1#5335 -ipset=/.about.google/gfwlist -server=/.aboutgfw.com/127.0.0.1#5335 -ipset=/.aboutgfw.com/gfwlist -server=/.abs.edu/127.0.0.1#5335 -ipset=/.abs.edu/gfwlist -server=/.ac.jiruan.net/127.0.0.1#5335 -ipset=/.ac.jiruan.net/gfwlist -server=/.accim.org/127.0.0.1#5335 -ipset=/.accim.org/gfwlist -server=/.aceros-de-hispania.com/127.0.0.1#5335 -ipset=/.aceros-de-hispania.com/gfwlist -server=/.acevpn.com/127.0.0.1#5335 -ipset=/.acevpn.com/gfwlist -server=/.acg18.me/127.0.0.1#5335 -ipset=/.acg18.me/gfwlist -server=/.acgkj.com/127.0.0.1#5335 -ipset=/.acgkj.com/gfwlist -server=/.acmedia365.com/127.0.0.1#5335 -ipset=/.acmedia365.com/gfwlist -server=/.acmetoy.com/127.0.0.1#5335 -ipset=/.acmetoy.com/gfwlist -server=/.acnw.com.au/127.0.0.1#5335 -ipset=/.acnw.com.au/gfwlist -server=/.actfortibet.org/127.0.0.1#5335 -ipset=/.actfortibet.org/gfwlist -server=/.actimes.com.au/127.0.0.1#5335 -ipset=/.actimes.com.au/gfwlist -server=/.activpn.com/127.0.0.1#5335 -ipset=/.activpn.com/gfwlist -server=/.aculo.us/127.0.0.1#5335 -ipset=/.aculo.us/gfwlist -server=/.adcex.com/127.0.0.1#5335 -ipset=/.adcex.com/gfwlist -server=/.addictedtocoffee.de/127.0.0.1#5335 -ipset=/.addictedtocoffee.de/gfwlist -server=/.admin.recaptcha.net/127.0.0.1#5335 -ipset=/.admin.recaptcha.net/gfwlist -server=/.admob.com/127.0.0.1#5335 -ipset=/.admob.com/gfwlist -server=/.adpl.org.hk/127.0.0.1#5335 -ipset=/.adpl.org.hk/gfwlist -server=/.ads-twitter.com/127.0.0.1#5335 -ipset=/.ads-twitter.com/gfwlist -server=/.adsense.com/127.0.0.1#5335 -ipset=/.adsense.com/gfwlist -server=/.adult-sex-games.com/127.0.0.1#5335 -ipset=/.adult-sex-games.com/gfwlist -server=/.adultfriendfinder.com/127.0.0.1#5335 -ipset=/.adultfriendfinder.com/gfwlist -server=/.advanscene.com/127.0.0.1#5335 -ipset=/.advanscene.com/gfwlist -server=/.advertfan.com/127.0.0.1#5335 -ipset=/.advertfan.com/gfwlist -server=/.ae.org/127.0.0.1#5335 -ipset=/.ae.org/gfwlist -server=/.aenhancers.com/127.0.0.1#5335 -ipset=/.aenhancers.com/gfwlist -server=/.aex.com/127.0.0.1#5335 -ipset=/.aex.com/gfwlist -server=/.af.mil/127.0.0.1#5335 -ipset=/.af.mil/gfwlist -server=/.agnesb.fr/127.0.0.1#5335 -ipset=/.agnesb.fr/gfwlist -server=/.agoogleaday.com/127.0.0.1#5335 -ipset=/.agoogleaday.com/gfwlist -server=/.agro.hk/127.0.0.1#5335 -ipset=/.agro.hk/gfwlist -server=/.ai-kan.net/127.0.0.1#5335 -ipset=/.ai-kan.net/gfwlist -server=/.ai-wen.net/127.0.0.1#5335 -ipset=/.ai-wen.net/gfwlist -server=/.ai.google/127.0.0.1#5335 -ipset=/.ai.google/gfwlist -server=/.aiph.net/127.0.0.1#5335 -ipset=/.aiph.net/gfwlist -server=/.airasia.com/127.0.0.1#5335 -ipset=/.airasia.com/gfwlist -server=/.airconsole.com/127.0.0.1#5335 -ipset=/.airconsole.com/gfwlist -server=/.airvpn.org/127.0.0.1#5335 -ipset=/.airvpn.org/gfwlist -server=/.aisex.com/127.0.0.1#5335 -ipset=/.aisex.com/gfwlist -server=/.aiss.anws.gov.tw/127.0.0.1#5335 -ipset=/.aiss.anws.gov.tw/gfwlist -server=/.ait.org.tw/127.0.0.1#5335 -ipset=/.ait.org.tw/gfwlist -server=/.aiweiwei.com/127.0.0.1#5335 -ipset=/.aiweiwei.com/gfwlist -server=/.aiweiweiblog.com/127.0.0.1#5335 -ipset=/.aiweiweiblog.com/gfwlist -server=/.akiba-online.com/127.0.0.1#5335 -ipset=/.akiba-online.com/gfwlist -server=/.akiba-web.com/127.0.0.1#5335 -ipset=/.akiba-web.com/gfwlist -server=/.akow.org/127.0.0.1#5335 -ipset=/.akow.org/gfwlist -server=/.al-islam.com/127.0.0.1#5335 -ipset=/.al-islam.com/gfwlist -server=/.al-qimmah.net/127.0.0.1#5335 -ipset=/.al-qimmah.net/gfwlist -server=/.alabout.com/127.0.0.1#5335 -ipset=/.alabout.com/gfwlist -server=/.alanhou.com/127.0.0.1#5335 -ipset=/.alanhou.com/gfwlist -server=/.alarab.qa/127.0.0.1#5335 -ipset=/.alarab.qa/gfwlist -server=/.alasbarricadas.org/127.0.0.1#5335 -ipset=/.alasbarricadas.org/gfwlist -server=/.alexlur.org/127.0.0.1#5335 -ipset=/.alexlur.org/gfwlist -server=/.alforattv.net/127.0.0.1#5335 -ipset=/.alforattv.net/gfwlist -server=/.alhayat.com/127.0.0.1#5335 -ipset=/.alhayat.com/gfwlist -server=/.alicejapan.co.jp/127.0.0.1#5335 -ipset=/.alicejapan.co.jp/gfwlist -server=/.aliengu.com/127.0.0.1#5335 -ipset=/.aliengu.com/gfwlist -server=/.alkasir.com/127.0.0.1#5335 -ipset=/.alkasir.com/gfwlist -server=/.allcoin.com/127.0.0.1#5335 -ipset=/.allcoin.com/gfwlist -server=/.allconnected.co/127.0.0.1#5335 -ipset=/.allconnected.co/gfwlist -server=/.alldrawnsex.com/127.0.0.1#5335 -ipset=/.alldrawnsex.com/gfwlist -server=/.allervpn.com/127.0.0.1#5335 -ipset=/.allervpn.com/gfwlist -server=/.allfinegirls.com/127.0.0.1#5335 -ipset=/.allfinegirls.com/gfwlist -server=/.allgirlmassage.com/127.0.0.1#5335 -ipset=/.allgirlmassage.com/gfwlist -server=/.allgirlsallowed.org/127.0.0.1#5335 -ipset=/.allgirlsallowed.org/gfwlist -server=/.allgravure.com/127.0.0.1#5335 -ipset=/.allgravure.com/gfwlist -server=/.alliance.org.hk/127.0.0.1#5335 -ipset=/.alliance.org.hk/gfwlist -server=/.allinfa.com/127.0.0.1#5335 -ipset=/.allinfa.com/gfwlist -server=/.alljackpotscasino.com/127.0.0.1#5335 -ipset=/.alljackpotscasino.com/gfwlist -server=/.allmovie.com/127.0.0.1#5335 -ipset=/.allmovie.com/gfwlist -server=/.allowed.org/127.0.0.1#5335 -ipset=/.allowed.org/gfwlist -server=/.almasdarnews.com/127.0.0.1#5335 -ipset=/.almasdarnews.com/gfwlist -server=/.almostmy.com/127.0.0.1#5335 -ipset=/.almostmy.com/gfwlist -server=/.alphaporno.com/127.0.0.1#5335 -ipset=/.alphaporno.com/gfwlist -server=/.alternate-tools.com/127.0.0.1#5335 -ipset=/.alternate-tools.com/gfwlist -server=/.altrec.com/127.0.0.1#5335 -ipset=/.altrec.com/gfwlist -server=/.alvinalexander.com/127.0.0.1#5335 -ipset=/.alvinalexander.com/gfwlist -server=/.alwaysdata.com/127.0.0.1#5335 -ipset=/.alwaysdata.com/gfwlist -server=/.alwaysdata.net/127.0.0.1#5335 -ipset=/.alwaysdata.net/gfwlist -server=/.alwaysvpn.com/127.0.0.1#5335 -ipset=/.alwaysvpn.com/gfwlist -server=/.am730.com.hk/127.0.0.1#5335 -ipset=/.am730.com.hk/gfwlist -server=/.amazon.co.jp/127.0.0.1#5335 -ipset=/.amazon.co.jp/gfwlist -server=/.ameblo.jp/127.0.0.1#5335 -ipset=/.ameblo.jp/gfwlist -server=/.americangreencard.com/127.0.0.1#5335 -ipset=/.americangreencard.com/gfwlist -server=/.americanunfinished.com/127.0.0.1#5335 -ipset=/.americanunfinished.com/gfwlist -server=/.amiblockedornot.com/127.0.0.1#5335 -ipset=/.amiblockedornot.com/gfwlist -server=/.amigobbs.net/127.0.0.1#5335 -ipset=/.amigobbs.net/gfwlist -server=/.amitabhafoundation.us/127.0.0.1#5335 -ipset=/.amitabhafoundation.us/gfwlist -server=/.amnesty.org/127.0.0.1#5335 -ipset=/.amnesty.org/gfwlist -server=/.amnesty.tw/127.0.0.1#5335 -ipset=/.amnesty.tw/gfwlist -server=/.amnestyusa.org/127.0.0.1#5335 -ipset=/.amnestyusa.org/gfwlist -server=/.amnyemachen.org/127.0.0.1#5335 -ipset=/.amnyemachen.org/gfwlist -server=/.amoiist.com/127.0.0.1#5335 -ipset=/.amoiist.com/gfwlist -server=/.amtb-taipei.org/127.0.0.1#5335 -ipset=/.amtb-taipei.org/gfwlist -server=/.anchorfree.com/127.0.0.1#5335 -ipset=/.anchorfree.com/gfwlist -server=/.ancsconf.org/127.0.0.1#5335 -ipset=/.ancsconf.org/gfwlist -server=/.andfaraway.net/127.0.0.1#5335 -ipset=/.andfaraway.net/gfwlist -server=/.android-x86.org/127.0.0.1#5335 -ipset=/.android-x86.org/gfwlist -server=/.android.com/127.0.0.1#5335 -ipset=/.android.com/gfwlist -server=/.androidify.com/127.0.0.1#5335 -ipset=/.androidify.com/gfwlist -server=/.androidtv.com/127.0.0.1#5335 -ipset=/.androidtv.com/gfwlist -server=/.andygod.com/127.0.0.1#5335 -ipset=/.andygod.com/gfwlist -server=/.angela-merkel.de/127.0.0.1#5335 -ipset=/.angela-merkel.de/gfwlist -server=/.angola.org/127.0.0.1#5335 -ipset=/.angola.org/gfwlist -server=/.angularjs.org/127.0.0.1#5335 -ipset=/.angularjs.org/gfwlist -server=/.animecrazy.net/127.0.0.1#5335 -ipset=/.animecrazy.net/gfwlist -server=/.animeshippuuden.com/127.0.0.1#5335 -ipset=/.animeshippuuden.com/gfwlist -server=/.aniscartujo.com/127.0.0.1#5335 -ipset=/.aniscartujo.com/gfwlist -server=/.anobii.com/127.0.0.1#5335 -ipset=/.anobii.com/gfwlist -server=/.anontext.com/127.0.0.1#5335 -ipset=/.anontext.com/gfwlist -server=/.anonymise.us/127.0.0.1#5335 -ipset=/.anonymise.us/gfwlist -server=/.anonymitynetwork.com/127.0.0.1#5335 -ipset=/.anonymitynetwork.com/gfwlist -server=/.anonymizer.com/127.0.0.1#5335 -ipset=/.anonymizer.com/gfwlist -server=/.anonymouse.org/127.0.0.1#5335 -ipset=/.anonymouse.org/gfwlist -server=/.anpopo.com/127.0.0.1#5335 -ipset=/.anpopo.com/gfwlist -server=/.answering-islam.org/127.0.0.1#5335 -ipset=/.answering-islam.org/gfwlist -server=/.anthonycalzadilla.com/127.0.0.1#5335 -ipset=/.anthonycalzadilla.com/gfwlist -server=/.anti1984.com/127.0.0.1#5335 -ipset=/.anti1984.com/gfwlist -server=/.antichristendom.com/127.0.0.1#5335 -ipset=/.antichristendom.com/gfwlist -server=/.antiwave.net/127.0.0.1#5335 -ipset=/.antiwave.net/gfwlist -server=/.anyporn.com/127.0.0.1#5335 -ipset=/.anyporn.com/gfwlist -server=/.anysex.com/127.0.0.1#5335 -ipset=/.anysex.com/gfwlist -server=/.aobo.com.au/127.0.0.1#5335 -ipset=/.aobo.com.au/gfwlist -server=/.aofriend.com/127.0.0.1#5335 -ipset=/.aofriend.com/gfwlist -server=/.aojiao.org/127.0.0.1#5335 -ipset=/.aojiao.org/gfwlist -server=/.aolchannels.aol.com/127.0.0.1#5335 -ipset=/.aolchannels.aol.com/gfwlist -server=/.aomiwang.com/127.0.0.1#5335 -ipset=/.aomiwang.com/gfwlist -server=/.apartmentratings.com/127.0.0.1#5335 -ipset=/.apartmentratings.com/gfwlist -server=/.apartments.com/127.0.0.1#5335 -ipset=/.apartments.com/gfwlist -server=/.apetube.com/127.0.0.1#5335 -ipset=/.apetube.com/gfwlist -server=/.api-secure.recaptcha.net/127.0.0.1#5335 -ipset=/.api-secure.recaptcha.net/gfwlist -server=/.api-verify.recaptcha.net/127.0.0.1#5335 -ipset=/.api-verify.recaptcha.net/gfwlist -server=/.api.ai/127.0.0.1#5335 -ipset=/.api.ai/gfwlist -server=/.api.dropboxapi.com/127.0.0.1#5335 -ipset=/.api.dropboxapi.com/gfwlist -server=/.api.linksalpha.com/127.0.0.1#5335 -ipset=/.api.linksalpha.com/gfwlist -server=/.api.proxlet.com/127.0.0.1#5335 -ipset=/.api.proxlet.com/gfwlist -server=/.api.pureapk.com/127.0.0.1#5335 -ipset=/.api.pureapk.com/gfwlist -server=/.api.recaptcha.net/127.0.0.1#5335 -ipset=/.api.recaptcha.net/gfwlist -server=/.apiary.io/127.0.0.1#5335 -ipset=/.apiary.io/gfwlist -server=/.apidocs.linksalpha.com/127.0.0.1#5335 -ipset=/.apidocs.linksalpha.com/gfwlist -server=/.apigee.com/127.0.0.1#5335 -ipset=/.apigee.com/gfwlist -server=/.apk-dl.com/127.0.0.1#5335 -ipset=/.apk-dl.com/gfwlist -server=/.apk.tw/127.0.0.1#5335 -ipset=/.apk.tw/gfwlist -server=/.apkmirror.com/127.0.0.1#5335 -ipset=/.apkmirror.com/gfwlist -server=/.apkplz.com/127.0.0.1#5335 -ipset=/.apkplz.com/gfwlist -server=/.apkpure.com/127.0.0.1#5335 -ipset=/.apkpure.com/gfwlist -server=/.aplusvpn.com/127.0.0.1#5335 -ipset=/.aplusvpn.com/gfwlist -server=/.app.box.com/127.0.0.1#5335 -ipset=/.app.box.com/gfwlist -server=/.app.heywire.com/127.0.0.1#5335 -ipset=/.app.heywire.com/gfwlist -server=/.app.smartmailcloud.com/127.0.0.1#5335 -ipset=/.app.smartmailcloud.com/gfwlist -server=/.app.tutanota.com/127.0.0.1#5335 -ipset=/.app.tutanota.com/gfwlist -server=/.appledaily.com/127.0.0.1#5335 -ipset=/.appledaily.com/gfwlist -server=/.appshopper.com/127.0.0.1#5335 -ipset=/.appshopper.com/gfwlist -server=/.appsocks.net/127.0.0.1#5335 -ipset=/.appsocks.net/gfwlist -server=/.appspot.com/127.0.0.1#5335 -ipset=/.appspot.com/gfwlist -server=/.appsto.re/127.0.0.1#5335 -ipset=/.appsto.re/gfwlist -server=/.aptoide.com/127.0.0.1#5335 -ipset=/.aptoide.com/gfwlist -server=/.archive.fo/127.0.0.1#5335 -ipset=/.archive.fo/gfwlist -server=/.archive.is/127.0.0.1#5335 -ipset=/.archive.is/gfwlist -server=/.archive.li/127.0.0.1#5335 -ipset=/.archive.li/gfwlist -server=/.archive.org/127.0.0.1#5335 -ipset=/.archive.org/gfwlist -server=/.archive.ph/127.0.0.1#5335 -ipset=/.archive.ph/gfwlist -server=/.archive.today/127.0.0.1#5335 -ipset=/.archive.today/gfwlist -server=/.archiveofourown.org/127.0.0.1#5335 -ipset=/.archiveofourown.org/gfwlist -server=/.archives.gov/127.0.0.1#5335 -ipset=/.archives.gov/gfwlist -server=/.arctosia.com/127.0.0.1#5335 -ipset=/.arctosia.com/gfwlist -server=/.areca-backup.org/127.0.0.1#5335 -ipset=/.areca-backup.org/gfwlist -server=/.arena.taipei/127.0.0.1#5335 -ipset=/.arena.taipei/gfwlist -server=/.arethusa.su/127.0.0.1#5335 -ipset=/.arethusa.su/gfwlist -server=/.arlingtoncemetery.mil/127.0.0.1#5335 -ipset=/.arlingtoncemetery.mil/gfwlist -server=/.army.mil/127.0.0.1#5335 -ipset=/.army.mil/gfwlist -server=/.art4tibet1998.org/127.0.0.1#5335 -ipset=/.art4tibet1998.org/gfwlist -server=/.arte.tv/127.0.0.1#5335 -ipset=/.arte.tv/gfwlist -server=/.artofpeacefoundation.org/127.0.0.1#5335 -ipset=/.artofpeacefoundation.org/gfwlist -server=/.artstation.com/127.0.0.1#5335 -ipset=/.artstation.com/gfwlist -server=/.artsy.net/127.0.0.1#5335 -ipset=/.artsy.net/gfwlist -server=/.asacp.org/127.0.0.1#5335 -ipset=/.asacp.org/gfwlist -server=/.asg.to/127.0.0.1#5335 -ipset=/.asg.to/gfwlist -server=/.asia-gaming.com/127.0.0.1#5335 -ipset=/.asia-gaming.com/gfwlist -server=/.asiaharvest.org/127.0.0.1#5335 -ipset=/.asiaharvest.org/gfwlist -server=/.asianews.it/127.0.0.1#5335 -ipset=/.asianews.it/gfwlist -server=/.asiansexdiary.com/127.0.0.1#5335 -ipset=/.asiansexdiary.com/gfwlist -server=/.asianspiss.com/127.0.0.1#5335 -ipset=/.asianspiss.com/gfwlist -server=/.asianwomensfilm.de/127.0.0.1#5335 -ipset=/.asianwomensfilm.de/gfwlist -server=/.asiatgp.com/127.0.0.1#5335 -ipset=/.asiatgp.com/gfwlist -server=/.asiatoday.us/127.0.0.1#5335 -ipset=/.asiatoday.us/gfwlist -server=/.askstudent.com/127.0.0.1#5335 -ipset=/.askstudent.com/gfwlist -server=/.askynz.net/127.0.0.1#5335 -ipset=/.askynz.net/gfwlist -server=/.assembla.com/127.0.0.1#5335 -ipset=/.assembla.com/gfwlist -server=/.assets.bwbx.io/127.0.0.1#5335 -ipset=/.assets.bwbx.io/gfwlist -server=/.assimp.org/127.0.0.1#5335 -ipset=/.assimp.org/gfwlist -server=/.astrill.com/127.0.0.1#5335 -ipset=/.astrill.com/gfwlist -server=/.atc.org.au/127.0.0.1#5335 -ipset=/.atc.org.au/gfwlist -server=/.atchinese.com/127.0.0.1#5335 -ipset=/.atchinese.com/gfwlist -server=/.atdmt.com/127.0.0.1#5335 -ipset=/.atdmt.com/gfwlist -server=/.atgfw.org/127.0.0.1#5335 -ipset=/.atgfw.org/gfwlist -server=/.athenaeizou.com/127.0.0.1#5335 -ipset=/.athenaeizou.com/gfwlist -server=/.atlaspost.com/127.0.0.1#5335 -ipset=/.atlaspost.com/gfwlist -server=/.atnext.com/127.0.0.1#5335 -ipset=/.atnext.com/gfwlist -server=/.authorizeddns.net/127.0.0.1#5335 -ipset=/.authorizeddns.net/gfwlist -server=/.authorizeddns.org/127.0.0.1#5335 -ipset=/.authorizeddns.org/gfwlist -server=/.authorizeddns.us/127.0.0.1#5335 -ipset=/.authorizeddns.us/gfwlist -server=/.autodraw.com/127.0.0.1#5335 -ipset=/.autodraw.com/gfwlist -server=/.av-e-body.com/127.0.0.1#5335 -ipset=/.av-e-body.com/gfwlist -server=/.av.com/127.0.0.1#5335 -ipset=/.av.com/gfwlist -server=/.av.movie/127.0.0.1#5335 -ipset=/.av.movie/gfwlist -server=/.av.nightlife141.com/127.0.0.1#5335 -ipset=/.av.nightlife141.com/gfwlist -server=/.avaaz.org/127.0.0.1#5335 -ipset=/.avaaz.org/gfwlist -server=/.avbody.tv/127.0.0.1#5335 -ipset=/.avbody.tv/gfwlist -server=/.avcity.tv/127.0.0.1#5335 -ipset=/.avcity.tv/gfwlist -server=/.avcool.com/127.0.0.1#5335 -ipset=/.avcool.com/gfwlist -server=/.avdb.in/127.0.0.1#5335 -ipset=/.avdb.in/gfwlist -server=/.avdb.tv/127.0.0.1#5335 -ipset=/.avdb.tv/gfwlist -server=/.avfantasy.com/127.0.0.1#5335 -ipset=/.avfantasy.com/gfwlist -server=/.avg.com/127.0.0.1#5335 -ipset=/.avg.com/gfwlist -server=/.avgle.com/127.0.0.1#5335 -ipset=/.avgle.com/gfwlist -server=/.avidemux.org/127.0.0.1#5335 -ipset=/.avidemux.org/gfwlist -server=/.avmo.pw/127.0.0.1#5335 -ipset=/.avmo.pw/gfwlist -server=/.avmoo.com/127.0.0.1#5335 -ipset=/.avmoo.com/gfwlist -server=/.avmoo.net/127.0.0.1#5335 -ipset=/.avmoo.net/gfwlist -server=/.avmoo.pw/127.0.0.1#5335 -ipset=/.avmoo.pw/gfwlist -server=/.avoision.com/127.0.0.1#5335 -ipset=/.avoision.com/gfwlist -server=/.avyahoo.com/127.0.0.1#5335 -ipset=/.avyahoo.com/gfwlist -server=/.axureformac.com/127.0.0.1#5335 -ipset=/.axureformac.com/gfwlist -server=/.azerbaycan.tv/127.0.0.1#5335 -ipset=/.azerbaycan.tv/gfwlist -server=/.azerimix.com/127.0.0.1#5335 -ipset=/.azerimix.com/gfwlist -server=/.azubu.tv/127.0.0.1#5335 -ipset=/.azubu.tv/gfwlist -server=/.b0ne.com/127.0.0.1#5335 -ipset=/.b0ne.com/gfwlist -server=/.babynet.com.hk/127.0.0.1#5335 -ipset=/.babynet.com.hk/gfwlist -server=/.backchina.com/127.0.0.1#5335 -ipset=/.backchina.com/gfwlist -server=/.backtotiananmen.com/127.0.0.1#5335 -ipset=/.backtotiananmen.com/gfwlist -server=/.badiucao.com/127.0.0.1#5335 -ipset=/.badiucao.com/gfwlist -server=/.badjojo.com/127.0.0.1#5335 -ipset=/.badjojo.com/gfwlist -server=/.badoo.com/127.0.0.1#5335 -ipset=/.badoo.com/gfwlist -server=/.baidu.jp/127.0.0.1#5335 -ipset=/.baidu.jp/gfwlist -server=/.baijie.org/127.0.0.1#5335 -ipset=/.baijie.org/gfwlist -server=/.bailandaily.com/127.0.0.1#5335 -ipset=/.bailandaily.com/gfwlist -server=/.baixing.me/127.0.0.1#5335 -ipset=/.baixing.me/gfwlist -server=/.bakgeekhome.tk/127.0.0.1#5335 -ipset=/.bakgeekhome.tk/gfwlist -server=/.banana-vpn.com/127.0.0.1#5335 -ipset=/.banana-vpn.com/gfwlist -server=/.band.us/127.0.0.1#5335 -ipset=/.band.us/gfwlist -server=/.bandwagonhost.com/127.0.0.1#5335 -ipset=/.bandwagonhost.com/gfwlist -server=/.bangbrosnetwork.com/127.0.0.1#5335 -ipset=/.bangbrosnetwork.com/gfwlist -server=/.bangchen.net/127.0.0.1#5335 -ipset=/.bangchen.net/gfwlist -server=/.bangdream.space/127.0.0.1#5335 -ipset=/.bangdream.space/gfwlist -server=/.bangyoulater.com/127.0.0.1#5335 -ipset=/.bangyoulater.com/gfwlist -server=/.bankmobilevibe.com/127.0.0.1#5335 -ipset=/.bankmobilevibe.com/gfwlist -server=/.bannedbook.org/127.0.0.1#5335 -ipset=/.bannedbook.org/gfwlist -server=/.bannednews.org/127.0.0.1#5335 -ipset=/.bannednews.org/gfwlist -server=/.banorte.com/127.0.0.1#5335 -ipset=/.banorte.com/gfwlist -server=/.baramangaonline.com/127.0.0.1#5335 -ipset=/.baramangaonline.com/gfwlist -server=/.barenakedislam.com/127.0.0.1#5335 -ipset=/.barenakedislam.com/gfwlist -server=/.barnabu.co.uk/127.0.0.1#5335 -ipset=/.barnabu.co.uk/gfwlist -server=/.barton.de/127.0.0.1#5335 -ipset=/.barton.de/gfwlist -server=/.bartvpn.com/127.0.0.1#5335 -ipset=/.bartvpn.com/gfwlist -server=/.bash-hackers.org/127.0.0.1#5335 -ipset=/.bash-hackers.org/gfwlist -server=/.bastillepost.com/127.0.0.1#5335 -ipset=/.bastillepost.com/gfwlist -server=/.bayvoice.net/127.0.0.1#5335 -ipset=/.bayvoice.net/gfwlist -server=/.bb-chat.tv/127.0.0.1#5335 -ipset=/.bb-chat.tv/gfwlist -server=/.bbc.co.uk/127.0.0.1#5335 -ipset=/.bbc.co.uk/gfwlist -server=/.bbc.com/127.0.0.1#5335 -ipset=/.bbc.com/gfwlist -server=/.bbc.in/127.0.0.1#5335 -ipset=/.bbc.in/gfwlist -server=/.bbcchinese.com/127.0.0.1#5335 -ipset=/.bbcchinese.com/gfwlist -server=/.bbchat.tv/127.0.0.1#5335 -ipset=/.bbchat.tv/gfwlist -server=/.bbci.co.uk/127.0.0.1#5335 -ipset=/.bbci.co.uk/gfwlist -server=/.bbg.gov/127.0.0.1#5335 -ipset=/.bbg.gov/gfwlist -server=/.bbnradio.org/127.0.0.1#5335 -ipset=/.bbnradio.org/gfwlist -server=/.bbs-tw.com/127.0.0.1#5335 -ipset=/.bbs-tw.com/gfwlist -server=/.bbs.brockbbs.com/127.0.0.1#5335 -ipset=/.bbs.brockbbs.com/gfwlist -server=/.bbs.ecstart.com/127.0.0.1#5335 -ipset=/.bbs.ecstart.com/gfwlist -server=/.bbs.hasi.wang/127.0.0.1#5335 -ipset=/.bbs.hasi.wang/gfwlist -server=/.bbs.huasing.org/127.0.0.1#5335 -ipset=/.bbs.huasing.org/gfwlist -server=/.bbs.junglobal.net/127.0.0.1#5335 -ipset=/.bbs.junglobal.net/gfwlist -server=/.bbs.kimy.com.tw/127.0.0.1#5335 -ipset=/.bbs.kimy.com.tw/gfwlist -server=/.bbs.mikocon.com/127.0.0.1#5335 -ipset=/.bbs.mikocon.com/gfwlist -server=/.bbs.morbell.com/127.0.0.1#5335 -ipset=/.bbs.morbell.com/gfwlist -server=/.bbs.mychat.to/127.0.0.1#5335 -ipset=/.bbs.mychat.to/gfwlist -server=/.bbs.netbig.com/127.0.0.1#5335 -ipset=/.bbs.netbig.com/gfwlist -server=/.bbs.ozchinese.com/127.0.0.1#5335 -ipset=/.bbs.ozchinese.com/gfwlist -server=/.bbs.qmzdd.com/127.0.0.1#5335 -ipset=/.bbs.qmzdd.com/gfwlist -server=/.bbs.skykiwi.com/127.0.0.1#5335 -ipset=/.bbs.skykiwi.com/gfwlist -server=/.bbs.sou-tong.org/127.0.0.1#5335 -ipset=/.bbs.sou-tong.org/gfwlist -server=/.bbs.tuitui.info/127.0.0.1#5335 -ipset=/.bbs.tuitui.info/gfwlist -server=/.bbsfeed.com/127.0.0.1#5335 -ipset=/.bbsfeed.com/gfwlist -server=/.bbsland.com/127.0.0.1#5335 -ipset=/.bbsland.com/gfwlist -server=/.bbsmo.com/127.0.0.1#5335 -ipset=/.bbsmo.com/gfwlist -server=/.bbsone.com/127.0.0.1#5335 -ipset=/.bbsone.com/gfwlist -server=/.bbtoystore.com/127.0.0.1#5335 -ipset=/.bbtoystore.com/gfwlist -server=/.bcast.co.nz/127.0.0.1#5335 -ipset=/.bcast.co.nz/gfwlist -server=/.bcchinese.net/127.0.0.1#5335 -ipset=/.bcchinese.net/gfwlist -server=/.bcex.ca/127.0.0.1#5335 -ipset=/.bcex.ca/gfwlist -server=/.bcmorning.com/127.0.0.1#5335 -ipset=/.bcmorning.com/gfwlist -server=/.bcrncdn.com/127.0.0.1#5335 -ipset=/.bcrncdn.com/gfwlist -server=/.bdsmvideos.net/127.0.0.1#5335 -ipset=/.bdsmvideos.net/gfwlist -server=/.beaconevents.com/127.0.0.1#5335 -ipset=/.beaconevents.com/gfwlist -server=/.bebo.com/127.0.0.1#5335 -ipset=/.bebo.com/gfwlist -server=/.beeg.com/127.0.0.1#5335 -ipset=/.beeg.com/gfwlist -server=/.beevpn.com/127.0.0.1#5335 -ipset=/.beevpn.com/gfwlist -server=/.behance.net/127.0.0.1#5335 -ipset=/.behance.net/gfwlist -server=/.behindkink.com/127.0.0.1#5335 -ipset=/.behindkink.com/gfwlist -server=/.beijing1989.com/127.0.0.1#5335 -ipset=/.beijing1989.com/gfwlist -server=/.beijingspring.com/127.0.0.1#5335 -ipset=/.beijingspring.com/gfwlist -server=/.beijingzx.org/127.0.0.1#5335 -ipset=/.beijingzx.org/gfwlist -server=/.belamionline.com/127.0.0.1#5335 -ipset=/.belamionline.com/gfwlist -server=/.bell.wiki/127.0.0.1#5335 -ipset=/.bell.wiki/gfwlist -server=/.bemywife.cc/127.0.0.1#5335 -ipset=/.bemywife.cc/gfwlist -server=/.beric.me/127.0.0.1#5335 -ipset=/.beric.me/gfwlist -server=/.berlintwitterwall.com/127.0.0.1#5335 -ipset=/.berlintwitterwall.com/gfwlist -server=/.berm.co.nz/127.0.0.1#5335 -ipset=/.berm.co.nz/gfwlist -server=/.bestforchina.org/127.0.0.1#5335 -ipset=/.bestforchina.org/gfwlist -server=/.bestgore.com/127.0.0.1#5335 -ipset=/.bestgore.com/gfwlist -server=/.bestpornstardb.com/127.0.0.1#5335 -ipset=/.bestpornstardb.com/gfwlist -server=/.bestvpn.com/127.0.0.1#5335 -ipset=/.bestvpn.com/gfwlist -server=/.bestvpnanalysis.com/127.0.0.1#5335 -ipset=/.bestvpnanalysis.com/gfwlist -server=/.bestvpnserver.com/127.0.0.1#5335 -ipset=/.bestvpnserver.com/gfwlist -server=/.bestvpnservice.com/127.0.0.1#5335 -ipset=/.bestvpnservice.com/gfwlist -server=/.bestvpnusa.com/127.0.0.1#5335 -ipset=/.bestvpnusa.com/gfwlist -server=/.bet365.com/127.0.0.1#5335 -ipset=/.bet365.com/gfwlist -server=/.betfair.com/127.0.0.1#5335 -ipset=/.betfair.com/gfwlist -server=/.betternet.co/127.0.0.1#5335 -ipset=/.betternet.co/gfwlist -server=/.bettervpn.com/127.0.0.1#5335 -ipset=/.bettervpn.com/gfwlist -server=/.bettween.com/127.0.0.1#5335 -ipset=/.bettween.com/gfwlist -server=/.betvictor.com/127.0.0.1#5335 -ipset=/.betvictor.com/gfwlist -server=/.bewww.net/127.0.0.1#5335 -ipset=/.bewww.net/gfwlist -server=/.beyondfirewall.com/127.0.0.1#5335 -ipset=/.beyondfirewall.com/gfwlist -server=/.bfnn.org/127.0.0.1#5335 -ipset=/.bfnn.org/gfwlist -server=/.bfsh.hk/127.0.0.1#5335 -ipset=/.bfsh.hk/gfwlist -server=/.bgvpn.com/127.0.0.1#5335 -ipset=/.bgvpn.com/gfwlist -server=/.bianlei.com/127.0.0.1#5335 -ipset=/.bianlei.com/gfwlist -server=/.biantailajiao.com/127.0.0.1#5335 -ipset=/.biantailajiao.com/gfwlist -server=/.biantailajiao.in/127.0.0.1#5335 -ipset=/.biantailajiao.in/gfwlist -server=/.biblesforamerica.org/127.0.0.1#5335 -ipset=/.biblesforamerica.org/gfwlist -server=/.bibox.com/127.0.0.1#5335 -ipset=/.bibox.com/gfwlist -server=/.bic2011.org/127.0.0.1#5335 -ipset=/.bic2011.org/gfwlist -server=/.big.one/127.0.0.1#5335 -ipset=/.big.one/gfwlist -server=/.bigfools.com/127.0.0.1#5335 -ipset=/.bigfools.com/gfwlist -server=/.bigjapanesesex.com/127.0.0.1#5335 -ipset=/.bigjapanesesex.com/gfwlist -server=/.bigmoney.biz/127.0.0.1#5335 -ipset=/.bigmoney.biz/gfwlist -server=/.bignews.org/127.0.0.1#5335 -ipset=/.bignews.org/gfwlist -server=/.bigsound.org/127.0.0.1#5335 -ipset=/.bigsound.org/gfwlist -server=/.biliworld.com/127.0.0.1#5335 -ipset=/.biliworld.com/gfwlist -server=/.binance.com/127.0.0.1#5335 -ipset=/.binance.com/gfwlist -server=/.binux.me/127.0.0.1#5335 -ipset=/.binux.me/gfwlist -server=/.bipic.net/127.0.0.1#5335 -ipset=/.bipic.net/gfwlist -server=/.bird.so/127.0.0.1#5335 -ipset=/.bird.so/gfwlist -server=/.bit-z.com/127.0.0.1#5335 -ipset=/.bit-z.com/gfwlist -server=/.bit.do/127.0.0.1#5335 -ipset=/.bit.do/gfwlist -server=/.bit.ly/127.0.0.1#5335 -ipset=/.bit.ly/gfwlist -server=/.bitcointalk.org/127.0.0.1#5335 -ipset=/.bitcointalk.org/gfwlist -server=/.bitcoinworld.com/127.0.0.1#5335 -ipset=/.bitcoinworld.com/gfwlist -server=/.bitfinex.com/127.0.0.1#5335 -ipset=/.bitfinex.com/gfwlist -server=/.bithumb.com/127.0.0.1#5335 -ipset=/.bithumb.com/gfwlist -server=/.bitinka.com.ar/127.0.0.1#5335 -ipset=/.bitinka.com.ar/gfwlist -server=/.bitmex.com/127.0.0.1#5335 -ipset=/.bitmex.com/gfwlist -server=/.bitshare.com/127.0.0.1#5335 -ipset=/.bitshare.com/gfwlist -server=/.bitsnoop.com/127.0.0.1#5335 -ipset=/.bitsnoop.com/gfwlist -server=/.bitvise.com/127.0.0.1#5335 -ipset=/.bitvise.com/gfwlist -server=/.bizhat.com/127.0.0.1#5335 -ipset=/.bizhat.com/gfwlist -server=/.bjnewlife.org/127.0.0.1#5335 -ipset=/.bjnewlife.org/gfwlist -server=/.bjs.org/127.0.0.1#5335 -ipset=/.bjs.org/gfwlist -server=/.bjzc.org/127.0.0.1#5335 -ipset=/.bjzc.org/gfwlist -server=/.bl-doujinsouko.com/127.0.0.1#5335 -ipset=/.bl-doujinsouko.com/gfwlist -server=/.blacklogic.com/127.0.0.1#5335 -ipset=/.blacklogic.com/gfwlist -server=/.blackvpn.com/127.0.0.1#5335 -ipset=/.blackvpn.com/gfwlist -server=/.blewpass.com/127.0.0.1#5335 -ipset=/.blewpass.com/gfwlist -server=/.blinkx.com/127.0.0.1#5335 -ipset=/.blinkx.com/gfwlist -server=/.blinw.com/127.0.0.1#5335 -ipset=/.blinw.com/gfwlist -server=/.blip.tv/127.0.0.1#5335 -ipset=/.blip.tv/gfwlist -server=/.blockcn.com/127.0.0.1#5335 -ipset=/.blockcn.com/gfwlist -server=/.blockless.com/127.0.0.1#5335 -ipset=/.blockless.com/gfwlist -server=/.blog.calibre-ebook.com/127.0.0.1#5335 -ipset=/.blog.calibre-ebook.com/gfwlist -server=/.blog.cnyes.com/127.0.0.1#5335 -ipset=/.blog.cnyes.com/gfwlist -server=/.blog.de/127.0.0.1#5335 -ipset=/.blog.de/gfwlist -server=/.blog.exblog.co.jp/127.0.0.1#5335 -ipset=/.blog.exblog.co.jp/gfwlist -server=/.blog.excite.co.jp/127.0.0.1#5335 -ipset=/.blog.excite.co.jp/gfwlist -server=/.blog.expofutures.com/127.0.0.1#5335 -ipset=/.blog.expofutures.com/gfwlist -server=/.blog.fizzik.com/127.0.0.1#5335 -ipset=/.blog.fizzik.com/gfwlist -server=/.blog.foolsmountain.com/127.0.0.1#5335 -ipset=/.blog.foolsmountain.com/gfwlist -server=/.blog.fuckgfw233.org/127.0.0.1#5335 -ipset=/.blog.fuckgfw233.org/gfwlist -server=/.blog.google/127.0.0.1#5335 -ipset=/.blog.google/gfwlist -server=/.blog.inoreader.com/127.0.0.1#5335 -ipset=/.blog.inoreader.com/gfwlist -server=/.blog.jackjia.com/127.0.0.1#5335 -ipset=/.blog.jackjia.com/gfwlist -server=/.blog.jp/127.0.0.1#5335 -ipset=/.blog.jp/gfwlist -server=/.blog.kangye.org/127.0.0.1#5335 -ipset=/.blog.kangye.org/gfwlist -server=/.blog.lester850.info/127.0.0.1#5335 -ipset=/.blog.lester850.info/gfwlist -server=/.blog.martinoei.com/127.0.0.1#5335 -ipset=/.blog.martinoei.com/gfwlist -server=/.blog.pathtosharepoint.com/127.0.0.1#5335 -ipset=/.blog.pathtosharepoint.com/gfwlist -server=/.blog.pentalogic.net/127.0.0.1#5335 -ipset=/.blog.pentalogic.net/gfwlist -server=/.blog.sina.com.tw/127.0.0.1#5335 -ipset=/.blog.sina.com.tw/gfwlist -server=/.blog.sogoo.org/127.0.0.1#5335 -ipset=/.blog.sogoo.org/gfwlist -server=/.blog.soylent.com/127.0.0.1#5335 -ipset=/.blog.soylent.com/gfwlist -server=/.blog.taragana.com/127.0.0.1#5335 -ipset=/.blog.taragana.com/gfwlist -server=/.blog.tiney.com/127.0.0.1#5335 -ipset=/.blog.tiney.com/gfwlist -server=/.blog.workflow.is/127.0.0.1#5335 -ipset=/.blog.workflow.is/gfwlist -server=/.blog.xuite.net/127.0.0.1#5335 -ipset=/.blog.xuite.net/gfwlist -server=/.blog.youthwant.com.tw/127.0.0.1#5335 -ipset=/.blog.youthwant.com.tw/gfwlist -server=/.blogblog.com/127.0.0.1#5335 -ipset=/.blogblog.com/gfwlist -server=/.blogcatalog.com/127.0.0.1#5335 -ipset=/.blogcatalog.com/gfwlist -server=/.blogcity.me/127.0.0.1#5335 -ipset=/.blogcity.me/gfwlist -server=/.blogdns.org/127.0.0.1#5335 -ipset=/.blogdns.org/gfwlist -server=/.blogger.com/127.0.0.1#5335 -ipset=/.blogger.com/gfwlist -server=/.blogimg.jp/127.0.0.1#5335 -ipset=/.blogimg.jp/gfwlist -server=/.bloglines.com/127.0.0.1#5335 -ipset=/.bloglines.com/gfwlist -server=/.bloglovin.com/127.0.0.1#5335 -ipset=/.bloglovin.com/gfwlist -server=/.blogs.tampabay.com/127.0.0.1#5335 -ipset=/.blogs.tampabay.com/gfwlist -server=/.blogs.yahoo.co.jp/127.0.0.1#5335 -ipset=/.blogs.yahoo.co.jp/gfwlist -server=/.blogspot.com/127.0.0.1#5335 -ipset=/.blogspot.com/gfwlist -server=/.blogspot.hk/127.0.0.1#5335 -ipset=/.blogspot.hk/gfwlist -server=/.blogspot.jp/127.0.0.1#5335 -ipset=/.blogspot.jp/gfwlist -server=/.blogspot.tw/127.0.0.1#5335 -ipset=/.blogspot.tw/gfwlist -server=/.blogtd.net/127.0.0.1#5335 -ipset=/.blogtd.net/gfwlist -server=/.blogtd.org/127.0.0.1#5335 -ipset=/.blogtd.org/gfwlist -server=/.bloodshed.net/127.0.0.1#5335 -ipset=/.bloodshed.net/gfwlist -server=/.bloomberg.cn/127.0.0.1#5335 -ipset=/.bloomberg.cn/gfwlist -server=/.bloomberg.com/127.0.0.1#5335 -ipset=/.bloomberg.com/gfwlist -server=/.bloomberg.de/127.0.0.1#5335 -ipset=/.bloomberg.de/gfwlist -server=/.bloombergview.com/127.0.0.1#5335 -ipset=/.bloombergview.com/gfwlist -server=/.bloomfortune.com/127.0.0.1#5335 -ipset=/.bloomfortune.com/gfwlist -server=/.blueangellive.com/127.0.0.1#5335 -ipset=/.blueangellive.com/gfwlist -server=/.bmfinn.com/127.0.0.1#5335 -ipset=/.bmfinn.com/gfwlist -server=/.bnews.co/127.0.0.1#5335 -ipset=/.bnews.co/gfwlist -server=/.bnn.co/127.0.0.1#5335 -ipset=/.bnn.co/gfwlist -server=/.bnrmetal.com/127.0.0.1#5335 -ipset=/.bnrmetal.com/gfwlist -server=/.boardreader.com/127.0.0.1#5335 -ipset=/.boardreader.com/gfwlist -server=/.bod.asia/127.0.0.1#5335 -ipset=/.bod.asia/gfwlist -server=/.bodog88.com/127.0.0.1#5335 -ipset=/.bodog88.com/gfwlist -server=/.bolehvpn.net/127.0.0.1#5335 -ipset=/.bolehvpn.net/gfwlist -server=/.bolin.netfirms.com/127.0.0.1#5335 -ipset=/.bolin.netfirms.com/gfwlist -server=/.bonbonme.com/127.0.0.1#5335 -ipset=/.bonbonme.com/gfwlist -server=/.bonbonsex.com/127.0.0.1#5335 -ipset=/.bonbonsex.com/gfwlist -server=/.bonfoundation.org/127.0.0.1#5335 -ipset=/.bonfoundation.org/gfwlist -server=/.bongacams.com/127.0.0.1#5335 -ipset=/.bongacams.com/gfwlist -server=/.boobstagram.com/127.0.0.1#5335 -ipset=/.boobstagram.com/gfwlist -server=/.book.com.tw/127.0.0.1#5335 -ipset=/.book.com.tw/gfwlist -server=/.book.zi5.me/127.0.0.1#5335 -ipset=/.book.zi5.me/gfwlist -server=/.bookepub.com/127.0.0.1#5335 -ipset=/.bookepub.com/gfwlist -server=/.books.com.tw/127.0.0.1#5335 -ipset=/.books.com.tw/gfwlist -server=/.booktopia.com.au/127.0.0.1#5335 -ipset=/.booktopia.com.au/gfwlist -server=/.boomssr.com/127.0.0.1#5335 -ipset=/.boomssr.com/gfwlist -server=/.bot.nu/127.0.0.1#5335 -ipset=/.bot.nu/gfwlist -server=/.botanwang.com/127.0.0.1#5335 -ipset=/.botanwang.com/gfwlist -server=/.bowenpress.com/127.0.0.1#5335 -ipset=/.bowenpress.com/gfwlist -server=/.boxpn.com/127.0.0.1#5335 -ipset=/.boxpn.com/gfwlist -server=/.boxun.com/127.0.0.1#5335 -ipset=/.boxun.com/gfwlist -server=/.boxun.tv/127.0.0.1#5335 -ipset=/.boxun.tv/gfwlist -server=/.boxunblog.com/127.0.0.1#5335 -ipset=/.boxunblog.com/gfwlist -server=/.boxunclub.com/127.0.0.1#5335 -ipset=/.boxunclub.com/gfwlist -server=/.boyangu.com/127.0.0.1#5335 -ipset=/.boyangu.com/gfwlist -server=/.boyfriendtv.com/127.0.0.1#5335 -ipset=/.boyfriendtv.com/gfwlist -server=/.boysfood.com/127.0.0.1#5335 -ipset=/.boysfood.com/gfwlist -server=/.boysmaster.com/127.0.0.1#5335 -ipset=/.boysmaster.com/gfwlist -server=/.br.st/127.0.0.1#5335 -ipset=/.br.st/gfwlist -server=/.brandonhutchinson.com/127.0.0.1#5335 -ipset=/.brandonhutchinson.com/gfwlist -server=/.braumeister.org/127.0.0.1#5335 -ipset=/.braumeister.org/gfwlist -server=/.bravotube.net/127.0.0.1#5335 -ipset=/.bravotube.net/gfwlist -server=/.brazzers.com/127.0.0.1#5335 -ipset=/.brazzers.com/gfwlist -server=/.break.com/127.0.0.1#5335 -ipset=/.break.com/gfwlist -server=/.breakgfw.com/127.0.0.1#5335 -ipset=/.breakgfw.com/gfwlist -server=/.breaking911.com/127.0.0.1#5335 -ipset=/.breaking911.com/gfwlist -server=/.breakingtweets.com/127.0.0.1#5335 -ipset=/.breakingtweets.com/gfwlist -server=/.breakwall.net/127.0.0.1#5335 -ipset=/.breakwall.net/gfwlist -server=/.brizzly.com/127.0.0.1#5335 -ipset=/.brizzly.com/gfwlist -server=/.brkmd.com/127.0.0.1#5335 -ipset=/.brkmd.com/gfwlist -server=/.broadbook.com/127.0.0.1#5335 -ipset=/.broadbook.com/gfwlist -server=/.broadpressinc.com/127.0.0.1#5335 -ipset=/.broadpressinc.com/gfwlist -server=/.brucewang.net/127.0.0.1#5335 -ipset=/.brucewang.net/gfwlist -server=/.brutaltgp.com/127.0.0.1#5335 -ipset=/.brutaltgp.com/gfwlist -server=/.bt2mag.com/127.0.0.1#5335 -ipset=/.bt2mag.com/gfwlist -server=/.bt95.com/127.0.0.1#5335 -ipset=/.bt95.com/gfwlist -server=/.btaia.com/127.0.0.1#5335 -ipset=/.btaia.com/gfwlist -server=/.btbtav.com/127.0.0.1#5335 -ipset=/.btbtav.com/gfwlist -server=/.btc98.com/127.0.0.1#5335 -ipset=/.btc98.com/gfwlist -server=/.btcbank.bank/127.0.0.1#5335 -ipset=/.btcbank.bank/gfwlist -server=/.btctrade.im/127.0.0.1#5335 -ipset=/.btctrade.im/gfwlist -server=/.btdigg.org/127.0.0.1#5335 -ipset=/.btdigg.org/gfwlist -server=/.btku.me/127.0.0.1#5335 -ipset=/.btku.me/gfwlist -server=/.btku.org/127.0.0.1#5335 -ipset=/.btku.org/gfwlist -server=/.btspread.com/127.0.0.1#5335 -ipset=/.btspread.com/gfwlist -server=/.btsynckeys.com/127.0.0.1#5335 -ipset=/.btsynckeys.com/gfwlist -server=/.budaedu.org/127.0.0.1#5335 -ipset=/.budaedu.org/gfwlist -server=/.buddhistchannel.tv/127.0.0.1#5335 -ipset=/.buddhistchannel.tv/gfwlist -server=/.buffered.com/127.0.0.1#5335 -ipset=/.buffered.com/gfwlist -server=/.bullog.org/127.0.0.1#5335 -ipset=/.bullog.org/gfwlist -server=/.bullogger.com/127.0.0.1#5335 -ipset=/.bullogger.com/gfwlist -server=/.bunbunhk.com/127.0.0.1#5335 -ipset=/.bunbunhk.com/gfwlist -server=/.busayari.com/127.0.0.1#5335 -ipset=/.busayari.com/gfwlist -server=/.businessinsider.com/127.0.0.1#5335 -ipset=/.businessinsider.com/gfwlist -server=/.businesstoday.com.tw/127.0.0.1#5335 -ipset=/.businesstoday.com.tw/gfwlist -server=/.businessweek.com/127.0.0.1#5335 -ipset=/.businessweek.com/gfwlist -server=/.busytrade.com/127.0.0.1#5335 -ipset=/.busytrade.com/gfwlist -server=/.buugaa.com/127.0.0.1#5335 -ipset=/.buugaa.com/gfwlist -server=/.buzzhand.com/127.0.0.1#5335 -ipset=/.buzzhand.com/gfwlist -server=/.buzzhand.net/127.0.0.1#5335 -ipset=/.buzzhand.net/gfwlist -server=/.buzzorange.com/127.0.0.1#5335 -ipset=/.buzzorange.com/gfwlist -server=/.bvpn.com/127.0.0.1#5335 -ipset=/.bvpn.com/gfwlist -server=/.bwgyhw.com/127.0.0.1#5335 -ipset=/.bwgyhw.com/gfwlist -server=/.bwh1.net/127.0.0.1#5335 -ipset=/.bwh1.net/gfwlist -server=/.bwsj.hk/127.0.0.1#5335 -ipset=/.bwsj.hk/gfwlist -server=/.bx.in.th/127.0.0.1#5335 -ipset=/.bx.in.th/gfwlist -server=/.bx.tl/127.0.0.1#5335 -ipset=/.bx.tl/gfwlist -server=/.bynet.co.il/127.0.0.1#5335 -ipset=/.bynet.co.il/gfwlist -server=/.c-est-simple.com/127.0.0.1#5335 -ipset=/.c-est-simple.com/gfwlist -server=/.c-spanvideo.org/127.0.0.1#5335 -ipset=/.c-spanvideo.org/gfwlist -server=/.c100tibet.org/127.0.0.1#5335 -ipset=/.c100tibet.org/gfwlist -server=/.c1522.mooo.com/127.0.0.1#5335 -ipset=/.c1522.mooo.com/gfwlist -server=/.c2cx.com/127.0.0.1#5335 -ipset=/.c2cx.com/gfwlist -server=/.cablegatesearch.net/127.0.0.1#5335 -ipset=/.cablegatesearch.net/gfwlist -server=/.cachinese.com/127.0.0.1#5335 -ipset=/.cachinese.com/gfwlist -server=/.cacnw.com/127.0.0.1#5335 -ipset=/.cacnw.com/gfwlist -server=/.cactusvpn.com/127.0.0.1#5335 -ipset=/.cactusvpn.com/gfwlist -server=/.cafepress.com/127.0.0.1#5335 -ipset=/.cafepress.com/gfwlist -server=/.cahr.org.tw/127.0.0.1#5335 -ipset=/.cahr.org.tw/gfwlist -server=/.calebelston.com/127.0.0.1#5335 -ipset=/.calebelston.com/gfwlist -server=/.calgarychinese.ca/127.0.0.1#5335 -ipset=/.calgarychinese.ca/gfwlist -server=/.calgarychinese.com/127.0.0.1#5335 -ipset=/.calgarychinese.com/gfwlist -server=/.calgarychinese.net/127.0.0.1#5335 -ipset=/.calgarychinese.net/gfwlist -server=/.cam4.com/127.0.0.1#5335 -ipset=/.cam4.com/gfwlist -server=/.cam4.jp/127.0.0.1#5335 -ipset=/.cam4.jp/gfwlist -server=/.cam4.sg/127.0.0.1#5335 -ipset=/.cam4.sg/gfwlist -server=/.camfrog.com/127.0.0.1#5335 -ipset=/.camfrog.com/gfwlist -server=/.cams.com/127.0.0.1#5335 -ipset=/.cams.com/gfwlist -server=/.cams.org.sg/127.0.0.1#5335 -ipset=/.cams.org.sg/gfwlist -server=/.canadameet.com/127.0.0.1#5335 -ipset=/.canadameet.com/gfwlist -server=/.canalporno.com/127.0.0.1#5335 -ipset=/.canalporno.com/gfwlist -server=/.canyu.org/127.0.0.1#5335 -ipset=/.canyu.org/gfwlist -server=/.cao.im/127.0.0.1#5335 -ipset=/.cao.im/gfwlist -server=/.caobian.info/127.0.0.1#5335 -ipset=/.caobian.info/gfwlist -server=/.caochangqing.com/127.0.0.1#5335 -ipset=/.caochangqing.com/gfwlist -server=/.cap.org.hk/127.0.0.1#5335 -ipset=/.cap.org.hk/gfwlist -server=/.carabinasypistolas.com/127.0.0.1#5335 -ipset=/.carabinasypistolas.com/gfwlist -server=/.cardinalkungfoundation.org/127.0.0.1#5335 -ipset=/.cardinalkungfoundation.org/gfwlist -server=/.carfax.com/127.0.0.1#5335 -ipset=/.carfax.com/gfwlist -server=/.cari.com.my/127.0.0.1#5335 -ipset=/.cari.com.my/gfwlist -server=/.caribbeancom.com/127.0.0.1#5335 -ipset=/.caribbeancom.com/gfwlist -server=/.carmotorshow.com/127.0.0.1#5335 -ipset=/.carmotorshow.com/gfwlist -server=/.cartoonmovement.com/127.0.0.1#5335 -ipset=/.cartoonmovement.com/gfwlist -server=/.casadeltibetbcn.org/127.0.0.1#5335 -ipset=/.casadeltibetbcn.org/gfwlist -server=/.casatibet.org.mx/127.0.0.1#5335 -ipset=/.casatibet.org.mx/gfwlist -server=/.casino.williamhill.com/127.0.0.1#5335 -ipset=/.casino.williamhill.com/gfwlist -server=/.casinobellini.com/127.0.0.1#5335 -ipset=/.casinobellini.com/gfwlist -server=/.casinoking.com/127.0.0.1#5335 -ipset=/.casinoking.com/gfwlist -server=/.casinoriva.com/127.0.0.1#5335 -ipset=/.casinoriva.com/gfwlist -server=/.castbox.fm/127.0.0.1#5335 -ipset=/.castbox.fm/gfwlist -server=/.catch22.net/127.0.0.1#5335 -ipset=/.catch22.net/gfwlist -server=/.catchgod.com/127.0.0.1#5335 -ipset=/.catchgod.com/gfwlist -server=/.catfightpayperview.xxx/127.0.0.1#5335 -ipset=/.catfightpayperview.xxx/gfwlist -server=/.catholic.org.hk/127.0.0.1#5335 -ipset=/.catholic.org.hk/gfwlist -server=/.catholic.org.tw/127.0.0.1#5335 -ipset=/.catholic.org.tw/gfwlist -server=/.cathvoice.org.tw/127.0.0.1#5335 -ipset=/.cathvoice.org.tw/gfwlist -server=/.cattt.com/127.0.0.1#5335 -ipset=/.cattt.com/gfwlist -server=/.cbc.ca/127.0.0.1#5335 -ipset=/.cbc.ca/gfwlist -server=/.cbs.ntu.edu.tw/127.0.0.1#5335 -ipset=/.cbs.ntu.edu.tw/gfwlist -server=/.cbtc.org.hk/127.0.0.1#5335 -ipset=/.cbtc.org.hk/gfwlist -server=/.cccat.cc/127.0.0.1#5335 -ipset=/.cccat.cc/gfwlist -server=/.cccat.co/127.0.0.1#5335 -ipset=/.cccat.co/gfwlist -server=/.ccdtr.org/127.0.0.1#5335 -ipset=/.ccdtr.org/gfwlist -server=/.cchere.com/127.0.0.1#5335 -ipset=/.cchere.com/gfwlist -server=/.ccim.org/127.0.0.1#5335 -ipset=/.ccim.org/gfwlist -server=/.cclife.ca/127.0.0.1#5335 -ipset=/.cclife.ca/gfwlist -server=/.cclife.org/127.0.0.1#5335 -ipset=/.cclife.org/gfwlist -server=/.cclifefl.org/127.0.0.1#5335 -ipset=/.cclifefl.org/gfwlist -server=/.ccthere.com/127.0.0.1#5335 -ipset=/.ccthere.com/gfwlist -server=/.ccthere.net/127.0.0.1#5335 -ipset=/.ccthere.net/gfwlist -server=/.cctmweb.net/127.0.0.1#5335 -ipset=/.cctmweb.net/gfwlist -server=/.ccue.ca/127.0.0.1#5335 -ipset=/.ccue.ca/gfwlist -server=/.ccue.com/127.0.0.1#5335 -ipset=/.ccue.com/gfwlist -server=/.ccvoice.ca/127.0.0.1#5335 -ipset=/.ccvoice.ca/gfwlist -server=/.ccw.org.tw/127.0.0.1#5335 -ipset=/.ccw.org.tw/gfwlist -server=/.cdbook.org/127.0.0.1#5335 -ipset=/.cdbook.org/gfwlist -server=/.cdcparty.com/127.0.0.1#5335 -ipset=/.cdcparty.com/gfwlist -server=/.cdef.org/127.0.0.1#5335 -ipset=/.cdef.org/gfwlist -server=/.cdig.info/127.0.0.1#5335 -ipset=/.cdig.info/gfwlist -server=/.cdjp.org/127.0.0.1#5335 -ipset=/.cdjp.org/gfwlist -server=/.cdn-images.mailchimp.com/127.0.0.1#5335 -ipset=/.cdn-images.mailchimp.com/gfwlist -server=/.cdn.assets.lfpcontent.com/127.0.0.1#5335 -ipset=/.cdn.assets.lfpcontent.com/gfwlist -server=/.cdn.helixstudios.net/127.0.0.1#5335 -ipset=/.cdn.helixstudios.net/gfwlist -server=/.cdn.printfriendly.com/127.0.0.1#5335 -ipset=/.cdn.printfriendly.com/gfwlist -server=/.cdn.seatguru.com/127.0.0.1#5335 -ipset=/.cdn.seatguru.com/gfwlist -server=/.cdn.softlayer.net/127.0.0.1#5335 -ipset=/.cdn.softlayer.net/gfwlist -server=/.cdn1.lp.saboom.com/127.0.0.1#5335 -ipset=/.cdn1.lp.saboom.com/gfwlist -server=/.cdnews.com.tw/127.0.0.1#5335 -ipset=/.cdnews.com.tw/gfwlist -server=/.cdninstagram.com/127.0.0.1#5335 -ipset=/.cdninstagram.com/gfwlist -server=/.cdp1989.org/127.0.0.1#5335 -ipset=/.cdp1989.org/gfwlist -server=/.cdp1998.org/127.0.0.1#5335 -ipset=/.cdp1998.org/gfwlist -server=/.cdp2006.org/127.0.0.1#5335 -ipset=/.cdp2006.org/gfwlist -server=/.cdpa.url.tw/127.0.0.1#5335 -ipset=/.cdpa.url.tw/gfwlist -server=/.cdpeu.org/127.0.0.1#5335 -ipset=/.cdpeu.org/gfwlist -server=/.cdpusa.org/127.0.0.1#5335 -ipset=/.cdpusa.org/gfwlist -server=/.cdpweb.org/127.0.0.1#5335 -ipset=/.cdpweb.org/gfwlist -server=/.cdpwu.org/127.0.0.1#5335 -ipset=/.cdpwu.org/gfwlist -server=/.cdw.com/127.0.0.1#5335 -ipset=/.cdw.com/gfwlist -server=/.cecc.gov/127.0.0.1#5335 -ipset=/.cecc.gov/gfwlist -server=/.cellulo.info/127.0.0.1#5335 -ipset=/.cellulo.info/gfwlist -server=/.cenews.eu/127.0.0.1#5335 -ipset=/.cenews.eu/gfwlist -server=/.centauro.com.br/127.0.0.1#5335 -ipset=/.centauro.com.br/gfwlist -server=/.centerforhumanreprod.com/127.0.0.1#5335 -ipset=/.centerforhumanreprod.com/gfwlist -server=/.centralnation.com/127.0.0.1#5335 -ipset=/.centralnation.com/gfwlist -server=/.centurys.net/127.0.0.1#5335 -ipset=/.centurys.net/gfwlist -server=/.certificate-transparency.org/127.0.0.1#5335 -ipset=/.certificate-transparency.org/gfwlist -server=/.certificate.revocationcheck.com/127.0.0.1#5335 -ipset=/.certificate.revocationcheck.com/gfwlist -server=/.cfhks.org.hk/127.0.0.1#5335 -ipset=/.cfhks.org.hk/gfwlist -server=/.cfos.de/127.0.0.1#5335 -ipset=/.cfos.de/gfwlist -server=/.cftfc.com/127.0.0.1#5335 -ipset=/.cftfc.com/gfwlist -server=/.cgdepot.org/127.0.0.1#5335 -ipset=/.cgdepot.org/gfwlist -server=/.cgst.edu/127.0.0.1#5335 -ipset=/.cgst.edu/gfwlist -server=/.ch.shvoong.com/127.0.0.1#5335 -ipset=/.ch.shvoong.com/gfwlist -server=/.change.org/127.0.0.1#5335 -ipset=/.change.org/gfwlist -server=/.changeip.name/127.0.0.1#5335 -ipset=/.changeip.name/gfwlist -server=/.changeip.net/127.0.0.1#5335 -ipset=/.changeip.net/gfwlist -server=/.changeip.org/127.0.0.1#5335 -ipset=/.changeip.org/gfwlist -server=/.changp.com/127.0.0.1#5335 -ipset=/.changp.com/gfwlist -server=/.changsa.net/127.0.0.1#5335 -ipset=/.changsa.net/gfwlist -server=/.chaoex.com/127.0.0.1#5335 -ipset=/.chaoex.com/gfwlist -server=/.chapm25.com/127.0.0.1#5335 -ipset=/.chapm25.com/gfwlist -server=/.chatnook.com/127.0.0.1#5335 -ipset=/.chatnook.com/gfwlist -server=/.chaturbate.com/127.0.0.1#5335 -ipset=/.chaturbate.com/gfwlist -server=/.chengmingmag.com/127.0.0.1#5335 -ipset=/.chengmingmag.com/gfwlist -server=/.chenguangcheng.com/127.0.0.1#5335 -ipset=/.chenguangcheng.com/gfwlist -server=/.chenpokong.com/127.0.0.1#5335 -ipset=/.chenpokong.com/gfwlist -server=/.chenpokong.net/127.0.0.1#5335 -ipset=/.chenpokong.net/gfwlist -server=/.chenshan20042005.wordpress.com/127.0.0.1#5335 -ipset=/.chenshan20042005.wordpress.com/gfwlist -server=/.cherrysave.com/127.0.0.1#5335 -ipset=/.cherrysave.com/gfwlist -server=/.chhongbi.org/127.0.0.1#5335 -ipset=/.chhongbi.org/gfwlist -server=/.chicagoncmtv.com/127.0.0.1#5335 -ipset=/.chicagoncmtv.com/gfwlist -server=/.china-mmm.jp.net/127.0.0.1#5335 -ipset=/.china-mmm.jp.net/gfwlist -server=/.china-mmm.net/127.0.0.1#5335 -ipset=/.china-mmm.net/gfwlist -server=/.china-mmm.sa.com/127.0.0.1#5335 -ipset=/.china-mmm.sa.com/gfwlist -server=/.china-review.com.ua/127.0.0.1#5335 -ipset=/.china-review.com.ua/gfwlist -server=/.china-week.com/127.0.0.1#5335 -ipset=/.china-week.com/gfwlist -server=/.china.hket.com/127.0.0.1#5335 -ipset=/.china.hket.com/gfwlist -server=/.china101.com/127.0.0.1#5335 -ipset=/.china101.com/gfwlist -server=/.china18.org/127.0.0.1#5335 -ipset=/.china18.org/gfwlist -server=/.china21.com/127.0.0.1#5335 -ipset=/.china21.com/gfwlist -server=/.china21.org/127.0.0.1#5335 -ipset=/.china21.org/gfwlist -server=/.china5000.us/127.0.0.1#5335 -ipset=/.china5000.us/gfwlist -server=/.chinaaffairs.org/127.0.0.1#5335 -ipset=/.chinaaffairs.org/gfwlist -server=/.chinaaid.me/127.0.0.1#5335 -ipset=/.chinaaid.me/gfwlist -server=/.chinaaid.net/127.0.0.1#5335 -ipset=/.chinaaid.net/gfwlist -server=/.chinaaid.org/127.0.0.1#5335 -ipset=/.chinaaid.org/gfwlist -server=/.chinaaid.us/127.0.0.1#5335 -ipset=/.chinaaid.us/gfwlist -server=/.chinachange.org/127.0.0.1#5335 -ipset=/.chinachange.org/gfwlist -server=/.chinachannel.hk/127.0.0.1#5335 -ipset=/.chinachannel.hk/gfwlist -server=/.chinacitynews.be/127.0.0.1#5335 -ipset=/.chinacitynews.be/gfwlist -server=/.chinacomments.org/127.0.0.1#5335 -ipset=/.chinacomments.org/gfwlist -server=/.chinadialogue.net/127.0.0.1#5335 -ipset=/.chinadialogue.net/gfwlist -server=/.chinadigitaltimes.net/127.0.0.1#5335 -ipset=/.chinadigitaltimes.net/gfwlist -server=/.chinaelections.org/127.0.0.1#5335 -ipset=/.chinaelections.org/gfwlist -server=/.chinaeweekly.com/127.0.0.1#5335 -ipset=/.chinaeweekly.com/gfwlist -server=/.chinafreepress.org/127.0.0.1#5335 -ipset=/.chinafreepress.org/gfwlist -server=/.chinagate.com/127.0.0.1#5335 -ipset=/.chinagate.com/gfwlist -server=/.chinageeks.org/127.0.0.1#5335 -ipset=/.chinageeks.org/gfwlist -server=/.chinagfw.org/127.0.0.1#5335 -ipset=/.chinagfw.org/gfwlist -server=/.chinagonet.com/127.0.0.1#5335 -ipset=/.chinagonet.com/gfwlist -server=/.chinagreenparty.org/127.0.0.1#5335 -ipset=/.chinagreenparty.org/gfwlist -server=/.chinahorizon.org/127.0.0.1#5335 -ipset=/.chinahorizon.org/gfwlist -server=/.chinahush.com/127.0.0.1#5335 -ipset=/.chinahush.com/gfwlist -server=/.chinainperspective.com/127.0.0.1#5335 -ipset=/.chinainperspective.com/gfwlist -server=/.chinainterimgov.org/127.0.0.1#5335 -ipset=/.chinainterimgov.org/gfwlist -server=/.chinalaborwatch.org/127.0.0.1#5335 -ipset=/.chinalaborwatch.org/gfwlist -server=/.chinalawandpolicy.com/127.0.0.1#5335 -ipset=/.chinalawandpolicy.com/gfwlist -server=/.chinalawtranslate.com/127.0.0.1#5335 -ipset=/.chinalawtranslate.com/gfwlist -server=/.chinamule.com/127.0.0.1#5335 -ipset=/.chinamule.com/gfwlist -server=/.chinamz.org/127.0.0.1#5335 -ipset=/.chinamz.org/gfwlist -server=/.chinanewscenter.com/127.0.0.1#5335 -ipset=/.chinanewscenter.com/gfwlist -server=/.chinapress.com.my/127.0.0.1#5335 -ipset=/.chinapress.com.my/gfwlist -server=/.chinarightsia.org/127.0.0.1#5335 -ipset=/.chinarightsia.org/gfwlist -server=/.chinasocialdemocraticparty.com/127.0.0.1#5335 -ipset=/.chinasocialdemocraticparty.com/gfwlist -server=/.chinasoul.org/127.0.0.1#5335 -ipset=/.chinasoul.org/gfwlist -server=/.chinasucks.net/127.0.0.1#5335 -ipset=/.chinasucks.net/gfwlist -server=/.chinatimes.com/127.0.0.1#5335 -ipset=/.chinatimes.com/gfwlist -server=/.chinatopsex.com/127.0.0.1#5335 -ipset=/.chinatopsex.com/gfwlist -server=/.chinatown.com.au/127.0.0.1#5335 -ipset=/.chinatown.com.au/gfwlist -server=/.chinatweeps.com/127.0.0.1#5335 -ipset=/.chinatweeps.com/gfwlist -server=/.chinaview.wordpress.com/127.0.0.1#5335 -ipset=/.chinaview.wordpress.com/gfwlist -server=/.chinaway.org/127.0.0.1#5335 -ipset=/.chinaway.org/gfwlist -server=/.chinaworker.info/127.0.0.1#5335 -ipset=/.chinaworker.info/gfwlist -server=/.chinayouth.org.hk/127.0.0.1#5335 -ipset=/.chinayouth.org.hk/gfwlist -server=/.chinayuanmin.org/127.0.0.1#5335 -ipset=/.chinayuanmin.org/gfwlist -server=/.chinese-hermit.net/127.0.0.1#5335 -ipset=/.chinese-hermit.net/gfwlist -server=/.chinese-leaders.org/127.0.0.1#5335 -ipset=/.chinese-leaders.org/gfwlist -server=/.chinese-memorial.org/127.0.0.1#5335 -ipset=/.chinese-memorial.org/gfwlist -server=/.chinese.donga.com/127.0.0.1#5335 -ipset=/.chinese.donga.com/gfwlist -server=/.chinese.engadget.com/127.0.0.1#5335 -ipset=/.chinese.engadget.com/gfwlist -server=/.chinese.irib.ir/127.0.0.1#5335 -ipset=/.chinese.irib.ir/gfwlist -server=/.chinese.soifind.com/127.0.0.1#5335 -ipset=/.chinese.soifind.com/gfwlist -server=/.chinesedaily.com/127.0.0.1#5335 -ipset=/.chinesedaily.com/gfwlist -server=/.chinesedailynews.com/127.0.0.1#5335 -ipset=/.chinesedailynews.com/gfwlist -server=/.chinesedemocracy.com/127.0.0.1#5335 -ipset=/.chinesedemocracy.com/gfwlist -server=/.chinesegay.org/127.0.0.1#5335 -ipset=/.chinesegay.org/gfwlist -server=/.chinesen.de/127.0.0.1#5335 -ipset=/.chinesen.de/gfwlist -server=/.chinesepen.org/127.0.0.1#5335 -ipset=/.chinesepen.org/gfwlist -server=/.chineseupress.com/127.0.0.1#5335 -ipset=/.chineseupress.com/gfwlist -server=/.chingcheong.com/127.0.0.1#5335 -ipset=/.chingcheong.com/gfwlist -server=/.chinman.net/127.0.0.1#5335 -ipset=/.chinman.net/gfwlist -server=/.chithu.org/127.0.0.1#5335 -ipset=/.chithu.org/gfwlist -server=/.chn.chosun.com/127.0.0.1#5335 -ipset=/.chn.chosun.com/gfwlist -server=/.chobit.cc/127.0.0.1#5335 -ipset=/.chobit.cc/gfwlist -server=/.chrdnet.com/127.0.0.1#5335 -ipset=/.chrdnet.com/gfwlist -server=/.christianfreedom.org/127.0.0.1#5335 -ipset=/.christianfreedom.org/gfwlist -server=/.christianstudy.com/127.0.0.1#5335 -ipset=/.christianstudy.com/gfwlist -server=/.christiantimes.org.hk/127.0.0.1#5335 -ipset=/.christiantimes.org.hk/gfwlist -server=/.chrlawyers.hk/127.0.0.1#5335 -ipset=/.chrlawyers.hk/gfwlist -server=/.chrome.com/127.0.0.1#5335 -ipset=/.chrome.com/gfwlist -server=/.chromecast.com/127.0.0.1#5335 -ipset=/.chromecast.com/gfwlist -server=/.chromeexperiments.com/127.0.0.1#5335 -ipset=/.chromeexperiments.com/gfwlist -server=/.chromercise.com/127.0.0.1#5335 -ipset=/.chromercise.com/gfwlist -server=/.chromestatus.com/127.0.0.1#5335 -ipset=/.chromestatus.com/gfwlist -server=/.chromium.org/127.0.0.1#5335 -ipset=/.chromium.org/gfwlist -server=/.chuang-yen.org/127.0.0.1#5335 -ipset=/.chuang-yen.org/gfwlist -server=/.chubold.com/127.0.0.1#5335 -ipset=/.chubold.com/gfwlist -server=/.chubun.com/127.0.0.1#5335 -ipset=/.chubun.com/gfwlist -server=/.chuizi.net/127.0.0.1#5335 -ipset=/.chuizi.net/gfwlist -server=/.chushigangdrug.ch/127.0.0.1#5335 -ipset=/.chushigangdrug.ch/gfwlist -server=/.cienen.com/127.0.0.1#5335 -ipset=/.cienen.com/gfwlist -server=/.cineastentreff.de/127.0.0.1#5335 -ipset=/.cineastentreff.de/gfwlist -server=/.cipfg.org/127.0.0.1#5335 -ipset=/.cipfg.org/gfwlist -server=/.circlethebayfortibet.org/127.0.0.1#5335 -ipset=/.circlethebayfortibet.org/gfwlist -server=/.cirosantilli.com/127.0.0.1#5335 -ipset=/.cirosantilli.com/gfwlist -server=/.citizencn.com/127.0.0.1#5335 -ipset=/.citizencn.com/gfwlist -server=/.citizenlab.org/127.0.0.1#5335 -ipset=/.citizenlab.org/gfwlist -server=/.citizenscommission.hk/127.0.0.1#5335 -ipset=/.citizenscommission.hk/gfwlist -server=/.citizensradio.org/127.0.0.1#5335 -ipset=/.citizensradio.org/gfwlist -server=/.city365.ca/127.0.0.1#5335 -ipset=/.city365.ca/gfwlist -server=/.city9x.com/127.0.0.1#5335 -ipset=/.city9x.com/gfwlist -server=/.citypopulation.de/127.0.0.1#5335 -ipset=/.citypopulation.de/gfwlist -server=/.civicparty.hk/127.0.0.1#5335 -ipset=/.civicparty.hk/gfwlist -server=/.civildisobediencemovement.org/127.0.0.1#5335 -ipset=/.civildisobediencemovement.org/gfwlist -server=/.civilhrfront.org/127.0.0.1#5335 -ipset=/.civilhrfront.org/gfwlist -server=/.civiliangunner.com/127.0.0.1#5335 -ipset=/.civiliangunner.com/gfwlist -server=/.civilmedia.tw/127.0.0.1#5335 -ipset=/.civilmedia.tw/gfwlist -server=/.ck101.com/127.0.0.1#5335 -ipset=/.ck101.com/gfwlist -server=/.cl.d0z.net/127.0.0.1#5335 -ipset=/.cl.d0z.net/gfwlist -server=/.classicalguitarblog.net/127.0.0.1#5335 -ipset=/.classicalguitarblog.net/gfwlist -server=/.clb.org.hk/127.0.0.1#5335 -ipset=/.clb.org.hk/gfwlist -server=/.cldr.unicode.org/127.0.0.1#5335 -ipset=/.cldr.unicode.org/gfwlist -server=/.cleansite.biz/127.0.0.1#5335 -ipset=/.cleansite.biz/gfwlist -server=/.cleansite.info/127.0.0.1#5335 -ipset=/.cleansite.info/gfwlist -server=/.cleansite.us/127.0.0.1#5335 -ipset=/.cleansite.us/gfwlist -server=/.clearharmony.net/127.0.0.1#5335 -ipset=/.clearharmony.net/gfwlist -server=/.clearsurance.com/127.0.0.1#5335 -ipset=/.clearsurance.com/gfwlist -server=/.clearwisdom.net/127.0.0.1#5335 -ipset=/.clearwisdom.net/gfwlist -server=/.clementine-player.org/127.0.0.1#5335 -ipset=/.clementine-player.org/gfwlist -server=/.cling.omy.sg/127.0.0.1#5335 -ipset=/.cling.omy.sg/gfwlist -server=/.clinica-tibet.ru/127.0.0.1#5335 -ipset=/.clinica-tibet.ru/gfwlist -server=/.clipfish.de/127.0.0.1#5335 -ipset=/.clipfish.de/gfwlist -server=/.cloakpoint.com/127.0.0.1#5335 -ipset=/.cloakpoint.com/gfwlist -server=/.cloud.feedly.com/127.0.0.1#5335 -ipset=/.cloud.feedly.com/gfwlist -server=/.cloud.mail.ru/127.0.0.1#5335 -ipset=/.cloud.mail.ru/gfwlist -server=/.club1069.com/127.0.0.1#5335 -ipset=/.club1069.com/gfwlist -server=/.clyp.it/127.0.0.1#5335 -ipset=/.clyp.it/gfwlist -server=/.cmcn.org/127.0.0.1#5335 -ipset=/.cmcn.org/gfwlist -server=/.cmi.org.tw/127.0.0.1#5335 -ipset=/.cmi.org.tw/gfwlist -server=/.cmp.hku.hk/127.0.0.1#5335 -ipset=/.cmp.hku.hk/gfwlist -server=/.cms.gov/127.0.0.1#5335 -ipset=/.cms.gov/gfwlist -server=/.cmule.com/127.0.0.1#5335 -ipset=/.cmule.com/gfwlist -server=/.cmule.org/127.0.0.1#5335 -ipset=/.cmule.org/gfwlist -server=/.cmx.im/127.0.0.1#5335 -ipset=/.cmx.im/gfwlist -server=/.cn-proxy.com/127.0.0.1#5335 -ipset=/.cn-proxy.com/gfwlist -server=/.cn.calameo.com/127.0.0.1#5335 -ipset=/.cn.calameo.com/gfwlist -server=/.cn.dayabook.com/127.0.0.1#5335 -ipset=/.cn.dayabook.com/gfwlist -server=/.cn.fmnnow.com/127.0.0.1#5335 -ipset=/.cn.fmnnow.com/gfwlist -server=/.cn.freeones.com/127.0.0.1#5335 -ipset=/.cn.freeones.com/gfwlist -server=/.cn.ibtimes.com/127.0.0.1#5335 -ipset=/.cn.ibtimes.com/gfwlist -server=/.cn.nytstyle.com/127.0.0.1#5335 -ipset=/.cn.nytstyle.com/gfwlist -server=/.cn.sandscotaicentral.com/127.0.0.1#5335 -ipset=/.cn.sandscotaicentral.com/gfwlist -server=/.cn.shafaqna.com/127.0.0.1#5335 -ipset=/.cn.shafaqna.com/gfwlist -server=/.cn.thegay.com/127.0.0.1#5335 -ipset=/.cn.thegay.com/gfwlist -server=/.cn.uncyclopedia.wikia.com/127.0.0.1#5335 -ipset=/.cn.uncyclopedia.wikia.com/gfwlist -server=/.cn.uptodown.com/127.0.0.1#5335 -ipset=/.cn.uptodown.com/gfwlist -server=/.cn.voa.mobi/127.0.0.1#5335 -ipset=/.cn.voa.mobi/gfwlist -server=/.cn2.streetvoice.com/127.0.0.1#5335 -ipset=/.cn2.streetvoice.com/gfwlist -server=/.cn6.eu/127.0.0.1#5335 -ipset=/.cn6.eu/gfwlist -server=/.cna.com.tw/127.0.0.1#5335 -ipset=/.cna.com.tw/gfwlist -server=/.cnabc.com/127.0.0.1#5335 -ipset=/.cnabc.com/gfwlist -server=/.cnbbnews.wordpress.com/127.0.0.1#5335 -ipset=/.cnbbnews.wordpress.com/gfwlist -server=/.cnd.org/127.0.0.1#5335 -ipset=/.cnd.org/gfwlist -server=/.cnex.org.cn/127.0.0.1#5335 -ipset=/.cnex.org.cn/gfwlist -server=/.cnineu.com/127.0.0.1#5335 -ipset=/.cnineu.com/gfwlist -server=/.cnpolitics.org/127.0.0.1#5335 -ipset=/.cnpolitics.org/gfwlist -server=/.cnproxy.com/127.0.0.1#5335 -ipset=/.cnproxy.com/gfwlist -server=/.co.ng.mil/127.0.0.1#5335 -ipset=/.co.ng.mil/gfwlist -server=/.coat.co.jp/127.0.0.1#5335 -ipset=/.coat.co.jp/gfwlist -server=/.cobinhood.com/127.0.0.1#5335 -ipset=/.cobinhood.com/gfwlist -server=/.cochina.co/127.0.0.1#5335 -ipset=/.cochina.co/gfwlist -server=/.cochina.org/127.0.0.1#5335 -ipset=/.cochina.org/gfwlist -server=/.codeshare.io/127.0.0.1#5335 -ipset=/.codeshare.io/gfwlist -server=/.codeskulptor.org/127.0.0.1#5335 -ipset=/.codeskulptor.org/gfwlist -server=/.coin2co.in/127.0.0.1#5335 -ipset=/.coin2co.in/gfwlist -server=/.coinbene.com/127.0.0.1#5335 -ipset=/.coinbene.com/gfwlist -server=/.coinegg.com/127.0.0.1#5335 -ipset=/.coinegg.com/gfwlist -server=/.coinex.com/127.0.0.1#5335 -ipset=/.coinex.com/gfwlist -server=/.coingi.com/127.0.0.1#5335 -ipset=/.coingi.com/gfwlist -server=/.coinrail.co.kr/127.0.0.1#5335 -ipset=/.coinrail.co.kr/gfwlist -server=/.cointiger.com/127.0.0.1#5335 -ipset=/.cointiger.com/gfwlist -server=/.cointobe.com/127.0.0.1#5335 -ipset=/.cointobe.com/gfwlist -server=/.coinut.com/127.0.0.1#5335 -ipset=/.coinut.com/gfwlist -server=/.collateralmurder.com/127.0.0.1#5335 -ipset=/.collateralmurder.com/gfwlist -server=/.collateralmurder.org/127.0.0.1#5335 -ipset=/.collateralmurder.org/gfwlist -server=/.com.google/127.0.0.1#5335 -ipset=/.com.google/gfwlist -server=/.comefromchina.com/127.0.0.1#5335 -ipset=/.comefromchina.com/gfwlist -server=/.comic-mega.me/127.0.0.1#5335 -ipset=/.comic-mega.me/gfwlist -server=/.commandarms.com/127.0.0.1#5335 -ipset=/.commandarms.com/gfwlist -server=/.commentshk.com/127.0.0.1#5335 -ipset=/.commentshk.com/gfwlist -server=/.communistcrimes.org/127.0.0.1#5335 -ipset=/.communistcrimes.org/gfwlist -server=/.community.windy.com/127.0.0.1#5335 -ipset=/.community.windy.com/gfwlist -server=/.communitychoicecu.com/127.0.0.1#5335 -ipset=/.communitychoicecu.com/gfwlist -server=/.compileheart.com/127.0.0.1#5335 -ipset=/.compileheart.com/gfwlist -server=/.compress.to/127.0.0.1#5335 -ipset=/.compress.to/gfwlist -server=/.connect.facebook.net/127.0.0.1#5335 -ipset=/.connect.facebook.net/gfwlist -server=/.conoha.jp/127.0.0.1#5335 -ipset=/.conoha.jp/gfwlist -server=/.contactmagazine.net/127.0.0.1#5335 -ipset=/.contactmagazine.net/gfwlist -server=/.contests.twilio.com/127.0.0.1#5335 -ipset=/.contests.twilio.com/gfwlist -server=/.convio.net/127.0.0.1#5335 -ipset=/.convio.net/gfwlist -server=/.coobay.com/127.0.0.1#5335 -ipset=/.coobay.com/gfwlist -server=/.cool18.com/127.0.0.1#5335 -ipset=/.cool18.com/gfwlist -server=/.coolaler.com/127.0.0.1#5335 -ipset=/.coolaler.com/gfwlist -server=/.coolder.com/127.0.0.1#5335 -ipset=/.coolder.com/gfwlist -server=/.coolloud.org.tw/127.0.0.1#5335 -ipset=/.coolloud.org.tw/gfwlist -server=/.coolncute.com/127.0.0.1#5335 -ipset=/.coolncute.com/gfwlist -server=/.coolstuffinc.com/127.0.0.1#5335 -ipset=/.coolstuffinc.com/gfwlist -server=/.corumcollege.com/127.0.0.1#5335 -ipset=/.corumcollege.com/gfwlist -server=/.cos-moe.com/127.0.0.1#5335 -ipset=/.cos-moe.com/gfwlist -server=/.cosmic.monar.ch/127.0.0.1#5335 -ipset=/.cosmic.monar.ch/gfwlist -server=/.cosplayjav.pl/127.0.0.1#5335 -ipset=/.cosplayjav.pl/gfwlist -server=/.costco.com/127.0.0.1#5335 -ipset=/.costco.com/gfwlist -server=/.cotweet.com/127.0.0.1#5335 -ipset=/.cotweet.com/gfwlist -server=/.counter.social/127.0.0.1#5335 -ipset=/.counter.social/gfwlist -server=/.coursehero.com/127.0.0.1#5335 -ipset=/.coursehero.com/gfwlist -server=/.cpj.org/127.0.0.1#5335 -ipset=/.cpj.org/gfwlist -server=/.cq99.us/127.0.0.1#5335 -ipset=/.cq99.us/gfwlist -server=/.crackle.com/127.0.0.1#5335 -ipset=/.crackle.com/gfwlist -server=/.crazys.cc/127.0.0.1#5335 -ipset=/.crazys.cc/gfwlist -server=/.crazyshit.com/127.0.0.1#5335 -ipset=/.crazyshit.com/gfwlist -server=/.crbug.com/127.0.0.1#5335 -ipset=/.crbug.com/gfwlist -server=/.crchina.org/127.0.0.1#5335 -ipset=/.crchina.org/gfwlist -server=/.crd-net.org/127.0.0.1#5335 -ipset=/.crd-net.org/gfwlist -server=/.creaders.net/127.0.0.1#5335 -ipset=/.creaders.net/gfwlist -server=/.creadersnet.com/127.0.0.1#5335 -ipset=/.creadersnet.com/gfwlist -server=/.creativelab5.com/127.0.0.1#5335 -ipset=/.creativelab5.com/gfwlist -server=/.crisisresponse.google/127.0.0.1#5335 -ipset=/.crisisresponse.google/gfwlist -server=/.cristyli.com/127.0.0.1#5335 -ipset=/.cristyli.com/gfwlist -server=/.crocotube.com/127.0.0.1#5335 -ipset=/.crocotube.com/gfwlist -server=/.crossfire.co.kr/127.0.0.1#5335 -ipset=/.crossfire.co.kr/gfwlist -server=/.crossthewall.net/127.0.0.1#5335 -ipset=/.crossthewall.net/gfwlist -server=/.crossvpn.net/127.0.0.1#5335 -ipset=/.crossvpn.net/gfwlist -server=/.crrev.com/127.0.0.1#5335 -ipset=/.crrev.com/gfwlist -server=/.crucial.com/127.0.0.1#5335 -ipset=/.crucial.com/gfwlist -server=/.crwdcntrl.net/127.0.0.1#5335 -ipset=/.crwdcntrl.net/gfwlist -server=/.csdparty.com/127.0.0.1#5335 -ipset=/.csdparty.com/gfwlist -server=/.css.pixnet.in/127.0.0.1#5335 -ipset=/.css.pixnet.in/gfwlist -server=/.csuchen.de/127.0.0.1#5335 -ipset=/.csuchen.de/gfwlist -server=/.csw.org.uk/127.0.0.1#5335 -ipset=/.csw.org.uk/gfwlist -server=/.ct.org.tw/127.0.0.1#5335 -ipset=/.ct.org.tw/gfwlist -server=/.ctao.org/127.0.0.1#5335 -ipset=/.ctao.org/gfwlist -server=/.ctfriend.net/127.0.0.1#5335 -ipset=/.ctfriend.net/gfwlist -server=/.ctitv.com.tw/127.0.0.1#5335 -ipset=/.ctitv.com.tw/gfwlist -server=/.cts.com.tw/127.0.0.1#5335 -ipset=/.cts.com.tw/gfwlist -server=/.cuihua.org/127.0.0.1#5335 -ipset=/.cuihua.org/gfwlist -server=/.cuiweiping.net/127.0.0.1#5335 -ipset=/.cuiweiping.net/gfwlist -server=/.culture.tw/127.0.0.1#5335 -ipset=/.culture.tw/gfwlist -server=/.cumlouder.com/127.0.0.1#5335 -ipset=/.cumlouder.com/gfwlist -server=/.curvefish.com/127.0.0.1#5335 -ipset=/.curvefish.com/gfwlist -server=/.cusu.hk/127.0.0.1#5335 -ipset=/.cusu.hk/gfwlist -server=/.cutscenes.net/127.0.0.1#5335 -ipset=/.cutscenes.net/gfwlist -server=/.cw.com.tw/127.0.0.1#5335 -ipset=/.cw.com.tw/gfwlist -server=/.cyberghost.natado.com/127.0.0.1#5335 -ipset=/.cyberghost.natado.com/gfwlist -server=/.cyberghostvpn.com/127.0.0.1#5335 -ipset=/.cyberghostvpn.com/gfwlist -server=/.cynscribe.com/127.0.0.1#5335 -ipset=/.cynscribe.com/gfwlist -server=/.cytode.us/127.0.0.1#5335 -ipset=/.cytode.us/gfwlist -server=/.d-fukyu.com/127.0.0.1#5335 -ipset=/.d-fukyu.com/gfwlist -server=/.d100.net/127.0.0.1#5335 -ipset=/.d100.net/gfwlist -server=/.d1b183sg0nvnuh.cloudfront.net/127.0.0.1#5335 -ipset=/.d1b183sg0nvnuh.cloudfront.net/gfwlist -server=/.d1c37gjwa26taa.cloudfront.net/127.0.0.1#5335 -ipset=/.d1c37gjwa26taa.cloudfront.net/gfwlist -server=/.d2bay.com/127.0.0.1#5335 -ipset=/.d2bay.com/gfwlist -server=/.d2pass.com/127.0.0.1#5335 -ipset=/.d2pass.com/gfwlist -server=/.d3c33hcgiwev3.cloudfront.net/127.0.0.1#5335 -ipset=/.d3c33hcgiwev3.cloudfront.net/gfwlist -server=/.d3rhr7kgmtrq1v.cloudfront.net/127.0.0.1#5335 -ipset=/.d3rhr7kgmtrq1v.cloudfront.net/gfwlist -server=/.dabr.co.uk/127.0.0.1#5335 -ipset=/.dabr.co.uk/gfwlist -server=/.dabr.eu/127.0.0.1#5335 -ipset=/.dabr.eu/gfwlist -server=/.dabr.me/127.0.0.1#5335 -ipset=/.dabr.me/gfwlist -server=/.dabr.mobi/127.0.0.1#5335 -ipset=/.dabr.mobi/gfwlist -server=/.dadazim.com/127.0.0.1#5335 -ipset=/.dadazim.com/gfwlist -server=/.dadi360.com/127.0.0.1#5335 -ipset=/.dadi360.com/gfwlist -server=/.dafabet.com/127.0.0.1#5335 -ipset=/.dafabet.com/gfwlist -server=/.dafagood.com/127.0.0.1#5335 -ipset=/.dafagood.com/gfwlist -server=/.dafahao.com/127.0.0.1#5335 -ipset=/.dafahao.com/gfwlist -server=/.dafoh.org/127.0.0.1#5335 -ipset=/.dafoh.org/gfwlist -server=/.daftporn.com/127.0.0.1#5335 -ipset=/.daftporn.com/gfwlist -server=/.dagelijksestandaard.nl/127.0.0.1#5335 -ipset=/.dagelijksestandaard.nl/gfwlist -server=/.daidostup.ru/127.0.0.1#5335 -ipset=/.daidostup.ru/gfwlist -server=/.dailidaili.com/127.0.0.1#5335 -ipset=/.dailidaili.com/gfwlist -server=/.dailymotion.com/127.0.0.1#5335 -ipset=/.dailymotion.com/gfwlist -server=/.dailyview.tw/127.0.0.1#5335 -ipset=/.dailyview.tw/gfwlist -server=/.daiphapinfo.net/127.0.0.1#5335 -ipset=/.daiphapinfo.net/gfwlist -server=/.dajiyuan.com/127.0.0.1#5335 -ipset=/.dajiyuan.com/gfwlist -server=/.dajiyuan.de/127.0.0.1#5335 -ipset=/.dajiyuan.de/gfwlist -server=/.dajiyuan.eu/127.0.0.1#5335 -ipset=/.dajiyuan.eu/gfwlist -server=/.dajusha.baywords.com/127.0.0.1#5335 -ipset=/.dajusha.baywords.com/gfwlist -server=/.dalailama-archives.org/127.0.0.1#5335 -ipset=/.dalailama-archives.org/gfwlist -server=/.dalailama.com/127.0.0.1#5335 -ipset=/.dalailama.com/gfwlist -server=/.dalailama.mn/127.0.0.1#5335 -ipset=/.dalailama.mn/gfwlist -server=/.dalailama.ru/127.0.0.1#5335 -ipset=/.dalailama.ru/gfwlist -server=/.dalailama.usc.edu/127.0.0.1#5335 -ipset=/.dalailama.usc.edu/gfwlist -server=/.dalailama80.org/127.0.0.1#5335 -ipset=/.dalailama80.org/gfwlist -server=/.dalailamacenter.org/127.0.0.1#5335 -ipset=/.dalailamacenter.org/gfwlist -server=/.dalailamafellows.org/127.0.0.1#5335 -ipset=/.dalailamafellows.org/gfwlist -server=/.dalailamafilm.com/127.0.0.1#5335 -ipset=/.dalailamafilm.com/gfwlist -server=/.dalailamafoundation.org/127.0.0.1#5335 -ipset=/.dalailamafoundation.org/gfwlist -server=/.dalailamahindi.com/127.0.0.1#5335 -ipset=/.dalailamahindi.com/gfwlist -server=/.dalailamainaustralia.org/127.0.0.1#5335 -ipset=/.dalailamainaustralia.org/gfwlist -server=/.dalailamajapanese.com/127.0.0.1#5335 -ipset=/.dalailamajapanese.com/gfwlist -server=/.dalailamaprotesters.info/127.0.0.1#5335 -ipset=/.dalailamaprotesters.info/gfwlist -server=/.dalailamaquotes.org/127.0.0.1#5335 -ipset=/.dalailamaquotes.org/gfwlist -server=/.dalailamatrust.org/127.0.0.1#5335 -ipset=/.dalailamatrust.org/gfwlist -server=/.dalailamavisit.org.nz/127.0.0.1#5335 -ipset=/.dalailamavisit.org.nz/gfwlist -server=/.dalailamaworld.com/127.0.0.1#5335 -ipset=/.dalailamaworld.com/gfwlist -server=/.dalianmeng.org/127.0.0.1#5335 -ipset=/.dalianmeng.org/gfwlist -server=/.daliulian.org/127.0.0.1#5335 -ipset=/.daliulian.org/gfwlist -server=/.danbooru.donmai.us/127.0.0.1#5335 -ipset=/.danbooru.donmai.us/gfwlist -server=/.danke4china.net/127.0.0.1#5335 -ipset=/.danke4china.net/gfwlist -server=/.danwei.org/127.0.0.1#5335 -ipset=/.danwei.org/gfwlist -server=/.daodu14.jigsy.com/127.0.0.1#5335 -ipset=/.daodu14.jigsy.com/gfwlist -server=/.daolan.net/127.0.0.1#5335 -ipset=/.daolan.net/gfwlist -server=/.daozhongxing.org/127.0.0.1#5335 -ipset=/.daozhongxing.org/gfwlist -server=/.darktech.org/127.0.0.1#5335 -ipset=/.darktech.org/gfwlist -server=/.darktoy.net/127.0.0.1#5335 -ipset=/.darktoy.net/gfwlist -server=/.darpa.mil/127.0.0.1#5335 -ipset=/.darpa.mil/gfwlist -server=/.dastrassi.org/127.0.0.1#5335 -ipset=/.dastrassi.org/gfwlist -server=/.data-vocabulary.org/127.0.0.1#5335 -ipset=/.data-vocabulary.org/gfwlist -server=/.data.flurry.com/127.0.0.1#5335 -ipset=/.data.flurry.com/gfwlist -server=/.data.gov.tw/127.0.0.1#5335 -ipset=/.data.gov.tw/gfwlist -server=/.daum.net/127.0.0.1#5335 -ipset=/.daum.net/gfwlist -server=/.david-kilgour.com/127.0.0.1#5335 -ipset=/.david-kilgour.com/gfwlist -server=/.dawangidc.com/127.0.0.1#5335 -ipset=/.dawangidc.com/gfwlist -server=/.daxa.cn/127.0.0.1#5335 -ipset=/.daxa.cn/gfwlist -server=/.db.tt/127.0.0.1#5335 -ipset=/.db.tt/gfwlist -server=/.dcard.tw/127.0.0.1#5335 -ipset=/.dcard.tw/gfwlist -server=/.dcmilitary.com/127.0.0.1#5335 -ipset=/.dcmilitary.com/gfwlist -server=/.ddc.com.tw/127.0.0.1#5335 -ipset=/.ddc.com.tw/gfwlist -server=/.ddhw.info/127.0.0.1#5335 -ipset=/.ddhw.info/gfwlist -server=/.ddns.info/127.0.0.1#5335 -ipset=/.ddns.info/gfwlist -server=/.ddns.me.uk/127.0.0.1#5335 -ipset=/.ddns.me.uk/gfwlist -server=/.ddns.mobi/127.0.0.1#5335 -ipset=/.ddns.mobi/gfwlist -server=/.ddns.ms/127.0.0.1#5335 -ipset=/.ddns.ms/gfwlist -server=/.ddns.name/127.0.0.1#5335 -ipset=/.ddns.name/gfwlist -server=/.ddns.us/127.0.0.1#5335 -ipset=/.ddns.us/gfwlist -server=/.de-sci.org/127.0.0.1#5335 -ipset=/.de-sci.org/gfwlist -server=/.deaftone.com/127.0.0.1#5335 -ipset=/.deaftone.com/gfwlist -server=/.debug.com/127.0.0.1#5335 -ipset=/.debug.com/gfwlist -server=/.deck.ly/127.0.0.1#5335 -ipset=/.deck.ly/gfwlist -server=/.decodet.co/127.0.0.1#5335 -ipset=/.decodet.co/gfwlist -server=/.deepmind.com/127.0.0.1#5335 -ipset=/.deepmind.com/gfwlist -server=/.deezer.com/127.0.0.1#5335 -ipset=/.deezer.com/gfwlist -server=/.definebabe.com/127.0.0.1#5335 -ipset=/.definebabe.com/gfwlist -server=/.deja.com/127.0.0.1#5335 -ipset=/.deja.com/gfwlist -server=/.delcamp.net/127.0.0.1#5335 -ipset=/.delcamp.net/gfwlist -server=/.demo.opera-mini.net/127.0.0.1#5335 -ipset=/.demo.opera-mini.net/gfwlist -server=/.democrats.org/127.0.0.1#5335 -ipset=/.democrats.org/gfwlist -server=/.demosisto.hk/127.0.0.1#5335 -ipset=/.demosisto.hk/gfwlist -server=/.depositphotos.com/127.0.0.1#5335 -ipset=/.depositphotos.com/gfwlist -server=/.derekhsu.homeip.net/127.0.0.1#5335 -ipset=/.derekhsu.homeip.net/gfwlist -server=/.desc.se/127.0.0.1#5335 -ipset=/.desc.se/gfwlist -server=/.design.google/127.0.0.1#5335 -ipset=/.design.google/gfwlist -server=/.desipro.de/127.0.0.1#5335 -ipset=/.desipro.de/gfwlist -server=/.dessci.com/127.0.0.1#5335 -ipset=/.dessci.com/gfwlist -server=/.destroy-china.jp/127.0.0.1#5335 -ipset=/.destroy-china.jp/gfwlist -server=/.deutsche-welle.de/127.0.0.1#5335 -ipset=/.deutsche-welle.de/gfwlist -server=/.developers.box.net/127.0.0.1#5335 -ipset=/.developers.box.net/gfwlist -server=/.devio.us/127.0.0.1#5335 -ipset=/.devio.us/gfwlist -server=/.devpn.com/127.0.0.1#5335 -ipset=/.devpn.com/gfwlist -server=/.dfas.mil/127.0.0.1#5335 -ipset=/.dfas.mil/gfwlist -server=/.dfn.org/127.0.0.1#5335 -ipset=/.dfn.org/gfwlist -server=/.dharamsalanet.com/127.0.0.1#5335 -ipset=/.dharamsalanet.com/gfwlist -server=/.dharmakara.net/127.0.0.1#5335 -ipset=/.dharmakara.net/gfwlist -server=/.dhcp.biz/127.0.0.1#5335 -ipset=/.dhcp.biz/gfwlist -server=/.diaoyuislands.org/127.0.0.1#5335 -ipset=/.diaoyuislands.org/gfwlist -server=/.dictionary.goo.ne.jp/127.0.0.1#5335 -ipset=/.dictionary.goo.ne.jp/gfwlist -server=/.difangwenge.org/127.0.0.1#5335 -ipset=/.difangwenge.org/gfwlist -server=/.digisfera.com/127.0.0.1#5335 -ipset=/.digisfera.com/gfwlist -server=/.digitalnomadsproject.org/127.0.0.1#5335 -ipset=/.digitalnomadsproject.org/gfwlist -server=/.diigo.com/127.0.0.1#5335 -ipset=/.diigo.com/gfwlist -server=/.dilber.se/127.0.0.1#5335 -ipset=/.dilber.se/gfwlist -server=/.dingchin.com.tw/127.0.0.1#5335 -ipset=/.dingchin.com.tw/gfwlist -server=/.dipity.com/127.0.0.1#5335 -ipset=/.dipity.com/gfwlist -server=/.directcreative.com/127.0.0.1#5335 -ipset=/.directcreative.com/gfwlist -server=/.discoins.com/127.0.0.1#5335 -ipset=/.discoins.com/gfwlist -server=/.disconnect.me/127.0.0.1#5335 -ipset=/.disconnect.me/gfwlist -server=/.discordapp.com/127.0.0.1#5335 -ipset=/.discordapp.com/gfwlist -server=/.discordapp.net/127.0.0.1#5335 -ipset=/.discordapp.net/gfwlist -server=/.discuss.com.hk/127.0.0.1#5335 -ipset=/.discuss.com.hk/gfwlist -server=/.discuss4u.com/127.0.0.1#5335 -ipset=/.discuss4u.com/gfwlist -server=/.dish.com/127.0.0.1#5335 -ipset=/.dish.com/gfwlist -server=/.disp.cc/127.0.0.1#5335 -ipset=/.disp.cc/gfwlist -server=/.disqus.com/127.0.0.1#5335 -ipset=/.disqus.com/gfwlist -server=/.dit-inc.us/127.0.0.1#5335 -ipset=/.dit-inc.us/gfwlist -server=/.dizhidizhi.com/127.0.0.1#5335 -ipset=/.dizhidizhi.com/gfwlist -server=/.dizhuzhishang.com/127.0.0.1#5335 -ipset=/.dizhuzhishang.com/gfwlist -server=/.djangosnippets.org/127.0.0.1#5335 -ipset=/.djangosnippets.org/gfwlist -server=/.djorz.com/127.0.0.1#5335 -ipset=/.djorz.com/gfwlist -server=/.dl-laby.jp/127.0.0.1#5335 -ipset=/.dl-laby.jp/gfwlist -server=/.dl.box.net/127.0.0.1#5335 -ipset=/.dl.box.net/gfwlist -server=/.dlsite.com/127.0.0.1#5335 -ipset=/.dlsite.com/gfwlist -server=/.dlyoutube.com/127.0.0.1#5335 -ipset=/.dlyoutube.com/gfwlist -server=/.dm530.net/127.0.0.1#5335 -ipset=/.dm530.net/gfwlist -server=/.dmcdn.net/127.0.0.1#5335 -ipset=/.dmcdn.net/gfwlist -server=/.dmhy.org/127.0.0.1#5335 -ipset=/.dmhy.org/gfwlist -server=/.dmm.co.jp/127.0.0.1#5335 -ipset=/.dmm.co.jp/gfwlist -server=/.dns-dns.com/127.0.0.1#5335 -ipset=/.dns-dns.com/gfwlist -server=/.dns-stuff.com/127.0.0.1#5335 -ipset=/.dns-stuff.com/gfwlist -server=/.dns.google/127.0.0.1#5335 -ipset=/.dns.google/gfwlist -server=/.dns04.com/127.0.0.1#5335 -ipset=/.dns04.com/gfwlist -server=/.dns05.com/127.0.0.1#5335 -ipset=/.dns05.com/gfwlist -server=/.dns1.us/127.0.0.1#5335 -ipset=/.dns1.us/gfwlist -server=/.dns2.us/127.0.0.1#5335 -ipset=/.dns2.us/gfwlist -server=/.dns2go.com/127.0.0.1#5335 -ipset=/.dns2go.com/gfwlist -server=/.dnscrypt.org/127.0.0.1#5335 -ipset=/.dnscrypt.org/gfwlist -server=/.dnset.com/127.0.0.1#5335 -ipset=/.dnset.com/gfwlist -server=/.dnsrd.com/127.0.0.1#5335 -ipset=/.dnsrd.com/gfwlist -server=/.dnssec.net/127.0.0.1#5335 -ipset=/.dnssec.net/gfwlist -server=/.dnvod.tv/127.0.0.1#5335 -ipset=/.dnvod.tv/gfwlist -server=/.doctorvoice.org/127.0.0.1#5335 -ipset=/.doctorvoice.org/gfwlist -server=/.documentingreality.com/127.0.0.1#5335 -ipset=/.documentingreality.com/gfwlist -server=/.dojin.com/127.0.0.1#5335 -ipset=/.dojin.com/gfwlist -server=/.dok-forum.net/127.0.0.1#5335 -ipset=/.dok-forum.net/gfwlist -server=/.dolc.de/127.0.0.1#5335 -ipset=/.dolc.de/gfwlist -server=/.dolf.org.hk/127.0.0.1#5335 -ipset=/.dolf.org.hk/gfwlist -server=/.dollf.com/127.0.0.1#5335 -ipset=/.dollf.com/gfwlist -server=/.domain.club.tw/127.0.0.1#5335 -ipset=/.domain.club.tw/gfwlist -server=/.domainhelp.search.com/127.0.0.1#5335 -ipset=/.domainhelp.search.com/gfwlist -server=/.domains.google/127.0.0.1#5335 -ipset=/.domains.google/gfwlist -server=/.domaintoday.com.au/127.0.0.1#5335 -ipset=/.domaintoday.com.au/gfwlist -server=/.dongtaiwang.com/127.0.0.1#5335 -ipset=/.dongtaiwang.com/gfwlist -server=/.dongtaiwang.net/127.0.0.1#5335 -ipset=/.dongtaiwang.net/gfwlist -server=/.dongyangjing.com/127.0.0.1#5335 -ipset=/.dongyangjing.com/gfwlist -server=/.dontfilter.us/127.0.0.1#5335 -ipset=/.dontfilter.us/gfwlist -server=/.dontmovetochina.com/127.0.0.1#5335 -ipset=/.dontmovetochina.com/gfwlist -server=/.dorjeshugden.com/127.0.0.1#5335 -ipset=/.dorjeshugden.com/gfwlist -server=/.dotplane.com/127.0.0.1#5335 -ipset=/.dotplane.com/gfwlist -server=/.dotsub.com/127.0.0.1#5335 -ipset=/.dotsub.com/gfwlist -server=/.dotvpn.com/127.0.0.1#5335 -ipset=/.dotvpn.com/gfwlist -server=/.doub.io/127.0.0.1#5335 -ipset=/.doub.io/gfwlist -server=/.doubibackup.com/127.0.0.1#5335 -ipset=/.doubibackup.com/gfwlist -server=/.doubmirror.cf/127.0.0.1#5335 -ipset=/.doubmirror.cf/gfwlist -server=/.dougscripts.com/127.0.0.1#5335 -ipset=/.dougscripts.com/gfwlist -server=/.douhokanko.net/127.0.0.1#5335 -ipset=/.douhokanko.net/gfwlist -server=/.doujincafe.com/127.0.0.1#5335 -ipset=/.doujincafe.com/gfwlist -server=/.dowei.org/127.0.0.1#5335 -ipset=/.dowei.org/gfwlist -server=/.download.cnet.com/127.0.0.1#5335 -ipset=/.download.cnet.com/gfwlist -server=/.download.ithome.com.tw/127.0.0.1#5335 -ipset=/.download.ithome.com.tw/gfwlist -server=/.dphk.org/127.0.0.1#5335 -ipset=/.dphk.org/gfwlist -server=/.dpp.org.tw/127.0.0.1#5335 -ipset=/.dpp.org.tw/gfwlist -server=/.dpr.info/127.0.0.1#5335 -ipset=/.dpr.info/gfwlist -server=/.dragonex.io/127.0.0.1#5335 -ipset=/.dragonex.io/gfwlist -server=/.dragonsprings.org/127.0.0.1#5335 -ipset=/.dragonsprings.org/gfwlist -server=/.dreamamateurs.com/127.0.0.1#5335 -ipset=/.dreamamateurs.com/gfwlist -server=/.drepung.org/127.0.0.1#5335 -ipset=/.drepung.org/gfwlist -server=/.drgan.net/127.0.0.1#5335 -ipset=/.drgan.net/gfwlist -server=/.drmingxia.org/127.0.0.1#5335 -ipset=/.drmingxia.org/gfwlist -server=/.dropbooks.tv/127.0.0.1#5335 -ipset=/.dropbooks.tv/gfwlist -server=/.dropbox.com/127.0.0.1#5335 -ipset=/.dropbox.com/gfwlist -server=/.dropboxusercontent.com/127.0.0.1#5335 -ipset=/.dropboxusercontent.com/gfwlist -server=/.drsunacademy.com/127.0.0.1#5335 -ipset=/.drsunacademy.com/gfwlist -server=/.drtuber.com/127.0.0.1#5335 -ipset=/.drtuber.com/gfwlist -server=/.dscn.info/127.0.0.1#5335 -ipset=/.dscn.info/gfwlist -server=/.dsmtp.com/127.0.0.1#5335 -ipset=/.dsmtp.com/gfwlist -server=/.dstk.dk/127.0.0.1#5335 -ipset=/.dstk.dk/gfwlist -server=/.dtdns.net/127.0.0.1#5335 -ipset=/.dtdns.net/gfwlist -server=/.dtiblog.com/127.0.0.1#5335 -ipset=/.dtiblog.com/gfwlist -server=/.dtic.mil/127.0.0.1#5335 -ipset=/.dtic.mil/gfwlist -server=/.dtwang.org/127.0.0.1#5335 -ipset=/.dtwang.org/gfwlist -server=/.duanzhihu.com/127.0.0.1#5335 -ipset=/.duanzhihu.com/gfwlist -server=/.duck.com/127.0.0.1#5335 -ipset=/.duck.com/gfwlist -server=/.duckdns.org/127.0.0.1#5335 -ipset=/.duckdns.org/gfwlist -server=/.duckduckgo-owned-server.yahoo.net/127.0.0.1#5335 -ipset=/.duckduckgo-owned-server.yahoo.net/gfwlist -server=/.duckduckgo.com/127.0.0.1#5335 -ipset=/.duckduckgo.com/gfwlist -server=/.duckmylife.com/127.0.0.1#5335 -ipset=/.duckmylife.com/gfwlist -server=/.duga.jp/127.0.0.1#5335 -ipset=/.duga.jp/gfwlist -server=/.duihua.org/127.0.0.1#5335 -ipset=/.duihua.org/gfwlist -server=/.duihuahrjournal.org/127.0.0.1#5335 -ipset=/.duihuahrjournal.org/gfwlist -server=/.dumb1.com/127.0.0.1#5335 -ipset=/.dumb1.com/gfwlist -server=/.dunyabulteni.net/127.0.0.1#5335 -ipset=/.dunyabulteni.net/gfwlist -server=/.duoweitimes.com/127.0.0.1#5335 -ipset=/.duoweitimes.com/gfwlist -server=/.duping.net/127.0.0.1#5335 -ipset=/.duping.net/gfwlist -server=/.duplicati.com/127.0.0.1#5335 -ipset=/.duplicati.com/gfwlist -server=/.dupola.com/127.0.0.1#5335 -ipset=/.dupola.com/gfwlist -server=/.dupola.net/127.0.0.1#5335 -ipset=/.dupola.net/gfwlist -server=/.dushi.ca/127.0.0.1#5335 -ipset=/.dushi.ca/gfwlist -server=/.dvdpac.com/127.0.0.1#5335 -ipset=/.dvdpac.com/gfwlist -server=/.dvorak.org/127.0.0.1#5335 -ipset=/.dvorak.org/gfwlist -server=/.dw-world.com/127.0.0.1#5335 -ipset=/.dw-world.com/gfwlist -server=/.dw-world.de/127.0.0.1#5335 -ipset=/.dw-world.de/gfwlist -server=/.dw.com/127.0.0.1#5335 -ipset=/.dw.com/gfwlist -server=/.dw.de/127.0.0.1#5335 -ipset=/.dw.de/gfwlist -server=/.dwnews.com/127.0.0.1#5335 -ipset=/.dwnews.com/gfwlist -server=/.dwnews.net/127.0.0.1#5335 -ipset=/.dwnews.net/gfwlist -server=/.dynamic-dns.net/127.0.0.1#5335 -ipset=/.dynamic-dns.net/gfwlist -server=/.dynamicdns.biz/127.0.0.1#5335 -ipset=/.dynamicdns.biz/gfwlist -server=/.dynamicdns.co.uk/127.0.0.1#5335 -ipset=/.dynamicdns.co.uk/gfwlist -server=/.dynamicdns.me.uk/127.0.0.1#5335 -ipset=/.dynamicdns.me.uk/gfwlist -server=/.dynamicdns.org.uk/127.0.0.1#5335 -ipset=/.dynamicdns.org.uk/gfwlist -server=/.dynawebinc.com/127.0.0.1#5335 -ipset=/.dynawebinc.com/gfwlist -server=/.dyndns-ip.com/127.0.0.1#5335 -ipset=/.dyndns-ip.com/gfwlist -server=/.dyndns-pics.com/127.0.0.1#5335 -ipset=/.dyndns-pics.com/gfwlist -server=/.dyndns.org/127.0.0.1#5335 -ipset=/.dyndns.org/gfwlist -server=/.dyndns.pro/127.0.0.1#5335 -ipset=/.dyndns.pro/gfwlist -server=/.dynssl.com/127.0.0.1#5335 -ipset=/.dynssl.com/gfwlist -server=/.dynu.com/127.0.0.1#5335 -ipset=/.dynu.com/gfwlist -server=/.dynu.net/127.0.0.1#5335 -ipset=/.dynu.net/gfwlist -server=/.dysfz.cc/127.0.0.1#5335 -ipset=/.dysfz.cc/gfwlist -server=/.dzze.com/127.0.0.1#5335 -ipset=/.dzze.com/gfwlist -server=/.e-classical.com.tw/127.0.0.1#5335 -ipset=/.e-classical.com.tw/gfwlist -server=/.e-gold.com/127.0.0.1#5335 -ipset=/.e-gold.com/gfwlist -server=/.e-hentai.org/127.0.0.1#5335 -ipset=/.e-hentai.org/gfwlist -server=/.e-hentaidb.com/127.0.0.1#5335 -ipset=/.e-hentaidb.com/gfwlist -server=/.e-info.org.tw/127.0.0.1#5335 -ipset=/.e-info.org.tw/gfwlist -server=/.e123.hk/127.0.0.1#5335 -ipset=/.e123.hk/gfwlist -server=/.earlytibet.com/127.0.0.1#5335 -ipset=/.earlytibet.com/gfwlist -server=/.earthcam.com/127.0.0.1#5335 -ipset=/.earthcam.com/gfwlist -server=/.earthvpn.com/127.0.0.1#5335 -ipset=/.earthvpn.com/gfwlist -server=/.eastern-ark.com/127.0.0.1#5335 -ipset=/.eastern-ark.com/gfwlist -server=/.easternlightning.org/127.0.0.1#5335 -ipset=/.easternlightning.org/gfwlist -server=/.eastturkestan.com/127.0.0.1#5335 -ipset=/.eastturkestan.com/gfwlist -server=/.eastturkistan-gov.org/127.0.0.1#5335 -ipset=/.eastturkistan-gov.org/gfwlist -server=/.eastturkistancc.org/127.0.0.1#5335 -ipset=/.eastturkistancc.org/gfwlist -server=/.eastturkistangovernmentinexile.us/127.0.0.1#5335 -ipset=/.eastturkistangovernmentinexile.us/gfwlist -server=/.easyca.ca/127.0.0.1#5335 -ipset=/.easyca.ca/gfwlist -server=/.easypic.com/127.0.0.1#5335 -ipset=/.easypic.com/gfwlist -server=/.ebony-beauty.com/127.0.0.1#5335 -ipset=/.ebony-beauty.com/gfwlist -server=/.ebook.hyread.com.tw/127.0.0.1#5335 -ipset=/.ebook.hyread.com.tw/gfwlist -server=/.ebookbrowse.com/127.0.0.1#5335 -ipset=/.ebookbrowse.com/gfwlist -server=/.ebookee.com/127.0.0.1#5335 -ipset=/.ebookee.com/gfwlist -server=/.ebtcbank.com/127.0.0.1#5335 -ipset=/.ebtcbank.com/gfwlist -server=/.ecfa.org.tw/127.0.0.1#5335 -ipset=/.ecfa.org.tw/gfwlist -server=/.echofon.com/127.0.0.1#5335 -ipset=/.echofon.com/gfwlist -server=/.ecimg.tw/127.0.0.1#5335 -ipset=/.ecimg.tw/gfwlist -server=/.ecministry.net/127.0.0.1#5335 -ipset=/.ecministry.net/gfwlist -server=/.economist.com/127.0.0.1#5335 -ipset=/.economist.com/gfwlist -server=/.edgecastcdn.net/127.0.0.1#5335 -ipset=/.edgecastcdn.net/gfwlist -server=/.edicypages.com/127.0.0.1#5335 -ipset=/.edicypages.com/gfwlist -server=/.edmontonchina.cn/127.0.0.1#5335 -ipset=/.edmontonchina.cn/gfwlist -server=/.edmontonservice.com/127.0.0.1#5335 -ipset=/.edmontonservice.com/gfwlist -server=/.edns.biz/127.0.0.1#5335 -ipset=/.edns.biz/gfwlist -server=/.edoors.com/127.0.0.1#5335 -ipset=/.edoors.com/gfwlist -server=/.edubridge.com/127.0.0.1#5335 -ipset=/.edubridge.com/gfwlist -server=/.edupro.org/127.0.0.1#5335 -ipset=/.edupro.org/gfwlist -server=/.eesti.ee/127.0.0.1#5335 -ipset=/.eesti.ee/gfwlist -server=/.eevpn.com/127.0.0.1#5335 -ipset=/.eevpn.com/gfwlist -server=/.efcc.org.hk/127.0.0.1#5335 -ipset=/.efcc.org.hk/gfwlist -server=/.effers.com/127.0.0.1#5335 -ipset=/.effers.com/gfwlist -server=/.efksoft.com/127.0.0.1#5335 -ipset=/.efksoft.com/gfwlist -server=/.efukt.com/127.0.0.1#5335 -ipset=/.efukt.com/gfwlist -server=/.eic-av.com/127.0.0.1#5335 -ipset=/.eic-av.com/gfwlist -server=/.eireinikotaerukai.com/127.0.0.1#5335 -ipset=/.eireinikotaerukai.com/gfwlist -server=/.eisbb.com/127.0.0.1#5335 -ipset=/.eisbb.com/gfwlist -server=/.eksisozluk.com/127.0.0.1#5335 -ipset=/.eksisozluk.com/gfwlist -server=/.electionsmeter.com/127.0.0.1#5335 -ipset=/.electionsmeter.com/gfwlist -server=/.elgoog.im/127.0.0.1#5335 -ipset=/.elgoog.im/gfwlist -server=/.ellawine.org/127.0.0.1#5335 -ipset=/.ellawine.org/gfwlist -server=/.elpais.com/127.0.0.1#5335 -ipset=/.elpais.com/gfwlist -server=/.eltondisney.com/127.0.0.1#5335 -ipset=/.eltondisney.com/gfwlist -server=/.embr.in/127.0.0.1#5335 -ipset=/.embr.in/gfwlist -server=/.emilylau.org.hk/127.0.0.1#5335 -ipset=/.emilylau.org.hk/gfwlist -server=/.empfil.com/127.0.0.1#5335 -ipset=/.empfil.com/gfwlist -server=/.emule-ed2k.com/127.0.0.1#5335 -ipset=/.emule-ed2k.com/gfwlist -server=/.emulefans.com/127.0.0.1#5335 -ipset=/.emulefans.com/gfwlist -server=/.emuparadise.me/127.0.0.1#5335 -ipset=/.emuparadise.me/gfwlist -server=/.en.favotter.net/127.0.0.1#5335 -ipset=/.en.favotter.net/gfwlist -server=/.enanyang.my/127.0.0.1#5335 -ipset=/.enanyang.my/gfwlist -server=/.encyclopedia.com/127.0.0.1#5335 -ipset=/.encyclopedia.com/gfwlist -server=/.enewstree.com/127.0.0.1#5335 -ipset=/.enewstree.com/gfwlist -server=/.enfal.de/127.0.0.1#5335 -ipset=/.enfal.de/gfwlist -server=/.engagedaily.org/127.0.0.1#5335 -ipset=/.engagedaily.org/gfwlist -server=/.englishforeveryone.org/127.0.0.1#5335 -ipset=/.englishforeveryone.org/gfwlist -server=/.englishfromengland.co.uk/127.0.0.1#5335 -ipset=/.englishfromengland.co.uk/gfwlist -server=/.englishpen.org/127.0.0.1#5335 -ipset=/.englishpen.org/gfwlist -server=/.enlighten.org.tw/127.0.0.1#5335 -ipset=/.enlighten.org.tw/gfwlist -server=/.entermap.com/127.0.0.1#5335 -ipset=/.entermap.com/gfwlist -server=/.entnt.com/127.0.0.1#5335 -ipset=/.entnt.com/gfwlist -server=/.environment.google/127.0.0.1#5335 -ipset=/.environment.google/gfwlist -server=/.epa.gov.tw/127.0.0.1#5335 -ipset=/.epa.gov.tw/gfwlist -server=/.epac.to/127.0.0.1#5335 -ipset=/.epac.to/gfwlist -server=/.episcopalchurch.org/127.0.0.1#5335 -ipset=/.episcopalchurch.org/gfwlist -server=/.epochhk.com/127.0.0.1#5335 -ipset=/.epochhk.com/gfwlist -server=/.epochtimes-bg.com/127.0.0.1#5335 -ipset=/.epochtimes-bg.com/gfwlist -server=/.epochtimes-romania.com/127.0.0.1#5335 -ipset=/.epochtimes-romania.com/gfwlist -server=/.epochtimes.co.il/127.0.0.1#5335 -ipset=/.epochtimes.co.il/gfwlist -server=/.epochtimes.co.kr/127.0.0.1#5335 -ipset=/.epochtimes.co.kr/gfwlist -server=/.epochtimes.com/127.0.0.1#5335 -ipset=/.epochtimes.com/gfwlist -server=/.epochtimes.cz/127.0.0.1#5335 -ipset=/.epochtimes.cz/gfwlist -server=/.epochtimes.de/127.0.0.1#5335 -ipset=/.epochtimes.de/gfwlist -server=/.epochtimes.fr/127.0.0.1#5335 -ipset=/.epochtimes.fr/gfwlist -server=/.epochtimes.ie/127.0.0.1#5335 -ipset=/.epochtimes.ie/gfwlist -server=/.epochtimes.it/127.0.0.1#5335 -ipset=/.epochtimes.it/gfwlist -server=/.epochtimes.jp/127.0.0.1#5335 -ipset=/.epochtimes.jp/gfwlist -server=/.epochtimes.ru/127.0.0.1#5335 -ipset=/.epochtimes.ru/gfwlist -server=/.epochtimes.se/127.0.0.1#5335 -ipset=/.epochtimes.se/gfwlist -server=/.epochtimestr.com/127.0.0.1#5335 -ipset=/.epochtimestr.com/gfwlist -server=/.epochweek.com/127.0.0.1#5335 -ipset=/.epochweek.com/gfwlist -server=/.epochweekly.com/127.0.0.1#5335 -ipset=/.epochweekly.com/gfwlist -server=/.eporner.com/127.0.0.1#5335 -ipset=/.eporner.com/gfwlist -server=/.equinenow.com/127.0.0.1#5335 -ipset=/.equinenow.com/gfwlist -server=/.erabaru.net/127.0.0.1#5335 -ipset=/.erabaru.net/gfwlist -server=/.eracom.com.tw/127.0.0.1#5335 -ipset=/.eracom.com.tw/gfwlist -server=/.eraysoft.com.tr/127.0.0.1#5335 -ipset=/.eraysoft.com.tr/gfwlist -server=/.erepublik.com/127.0.0.1#5335 -ipset=/.erepublik.com/gfwlist -server=/.erights.net/127.0.0.1#5335 -ipset=/.erights.net/gfwlist -server=/.eriversoft.com/127.0.0.1#5335 -ipset=/.eriversoft.com/gfwlist -server=/.erktv.com/127.0.0.1#5335 -ipset=/.erktv.com/gfwlist -server=/.ernestmandel.org/127.0.0.1#5335 -ipset=/.ernestmandel.org/gfwlist -server=/.erodaizensyu.com/127.0.0.1#5335 -ipset=/.erodaizensyu.com/gfwlist -server=/.erodoujinlog.com/127.0.0.1#5335 -ipset=/.erodoujinlog.com/gfwlist -server=/.erodoujinworld.com/127.0.0.1#5335 -ipset=/.erodoujinworld.com/gfwlist -server=/.eromanga-kingdom.com/127.0.0.1#5335 -ipset=/.eromanga-kingdom.com/gfwlist -server=/.eromangadouzin.com/127.0.0.1#5335 -ipset=/.eromangadouzin.com/gfwlist -server=/.eromon.net/127.0.0.1#5335 -ipset=/.eromon.net/gfwlist -server=/.eroprofile.com/127.0.0.1#5335 -ipset=/.eroprofile.com/gfwlist -server=/.eroticsaloon.net/127.0.0.1#5335 -ipset=/.eroticsaloon.net/gfwlist -server=/.eslite.com/127.0.0.1#5335 -ipset=/.eslite.com/gfwlist -server=/.esmtp.biz/127.0.0.1#5335 -ipset=/.esmtp.biz/gfwlist -server=/.esurance.com/127.0.0.1#5335 -ipset=/.esurance.com/gfwlist -server=/.etaa.org.au/127.0.0.1#5335 -ipset=/.etaa.org.au/gfwlist -server=/.etadult.com/127.0.0.1#5335 -ipset=/.etadult.com/gfwlist -server=/.etaiwannews.com/127.0.0.1#5335 -ipset=/.etaiwannews.com/gfwlist -server=/.etherdelta.com/127.0.0.1#5335 -ipset=/.etherdelta.com/gfwlist -server=/.etizer.org/127.0.0.1#5335 -ipset=/.etizer.org/gfwlist -server=/.etokki.com/127.0.0.1#5335 -ipset=/.etokki.com/gfwlist -server=/.etools.ncol.com/127.0.0.1#5335 -ipset=/.etools.ncol.com/gfwlist -server=/.etowns.net/127.0.0.1#5335 -ipset=/.etowns.net/gfwlist -server=/.etowns.org/127.0.0.1#5335 -ipset=/.etowns.org/gfwlist -server=/.etvonline.hk/127.0.0.1#5335 -ipset=/.etvonline.hk/gfwlist -server=/.eu.org/127.0.0.1#5335 -ipset=/.eu.org/gfwlist -server=/.eucasino.com/127.0.0.1#5335 -ipset=/.eucasino.com/gfwlist -server=/.eulam.com/127.0.0.1#5335 -ipset=/.eulam.com/gfwlist -server=/.eurekavpt.com/127.0.0.1#5335 -ipset=/.eurekavpt.com/gfwlist -server=/.euronews.com/127.0.0.1#5335 -ipset=/.euronews.com/gfwlist -server=/.evchk.wikia.com/127.0.0.1#5335 -ipset=/.evchk.wikia.com/gfwlist -server=/.evschool.net/127.0.0.1#5335 -ipset=/.evschool.net/gfwlist -server=/.exblog.jp/127.0.0.1#5335 -ipset=/.exblog.jp/gfwlist -server=/.exchristian.hk/127.0.0.1#5335 -ipset=/.exchristian.hk/gfwlist -server=/.exmo.com/127.0.0.1#5335 -ipset=/.exmo.com/gfwlist -server=/.exmormon.org/127.0.0.1#5335 -ipset=/.exmormon.org/gfwlist -server=/.expatshield.com/127.0.0.1#5335 -ipset=/.expatshield.com/gfwlist -server=/.expecthim.com/127.0.0.1#5335 -ipset=/.expecthim.com/gfwlist -server=/.expekt.com/127.0.0.1#5335 -ipset=/.expekt.com/gfwlist -server=/.experts-univers.com/127.0.0.1#5335 -ipset=/.experts-univers.com/gfwlist -server=/.exploader.net/127.0.0.1#5335 -ipset=/.exploader.net/gfwlist -server=/.expressvpn.com/127.0.0.1#5335 -ipset=/.expressvpn.com/gfwlist -server=/.exrates.me/127.0.0.1#5335 -ipset=/.exrates.me/gfwlist -server=/.extmatrix.com/127.0.0.1#5335 -ipset=/.extmatrix.com/gfwlist -server=/.extremetube.com/127.0.0.1#5335 -ipset=/.extremetube.com/gfwlist -server=/.exx.com/127.0.0.1#5335 -ipset=/.exx.com/gfwlist -server=/.eyevio.jp/127.0.0.1#5335 -ipset=/.eyevio.jp/gfwlist -server=/.eyny.com/127.0.0.1#5335 -ipset=/.eyny.com/gfwlist -server=/.ezpeer.com/127.0.0.1#5335 -ipset=/.ezpeer.com/gfwlist -server=/.ezua.com/127.0.0.1#5335 -ipset=/.ezua.com/gfwlist -server=/.fa.gov.tw/127.0.0.1#5335 -ipset=/.fa.gov.tw/gfwlist -server=/.facebook.br/127.0.0.1#5335 -ipset=/.facebook.br/gfwlist -server=/.facebook.com/127.0.0.1#5335 -ipset=/.facebook.com/gfwlist -server=/.facebook.design/127.0.0.1#5335 -ipset=/.facebook.design/gfwlist -server=/.facebook.hu/127.0.0.1#5335 -ipset=/.facebook.hu/gfwlist -server=/.facebook.in/127.0.0.1#5335 -ipset=/.facebook.in/gfwlist -server=/.facebook.nl/127.0.0.1#5335 -ipset=/.facebook.nl/gfwlist -server=/.facebook.se/127.0.0.1#5335 -ipset=/.facebook.se/gfwlist -server=/.facebookmail.com/127.0.0.1#5335 -ipset=/.facebookmail.com/gfwlist -server=/.facebookquotes4u.com/127.0.0.1#5335 -ipset=/.facebookquotes4u.com/gfwlist -server=/.faceless.me/127.0.0.1#5335 -ipset=/.faceless.me/gfwlist -server=/.facesofnyfw.com/127.0.0.1#5335 -ipset=/.facesofnyfw.com/gfwlist -server=/.facesoftibetanselfimmolators.info/127.0.0.1#5335 -ipset=/.facesoftibetanselfimmolators.info/gfwlist -server=/.fail.hk/127.0.0.1#5335 -ipset=/.fail.hk/gfwlist -server=/.faith100.org/127.0.0.1#5335 -ipset=/.faith100.org/gfwlist -server=/.faithfuleye.com/127.0.0.1#5335 -ipset=/.faithfuleye.com/gfwlist -server=/.faiththedog.info/127.0.0.1#5335 -ipset=/.faiththedog.info/gfwlist -server=/.fakku.net/127.0.0.1#5335 -ipset=/.fakku.net/gfwlist -server=/.falsefire.com/127.0.0.1#5335 -ipset=/.falsefire.com/gfwlist -server=/.falun-co.org/127.0.0.1#5335 -ipset=/.falun-co.org/gfwlist -server=/.falun-ny.net/127.0.0.1#5335 -ipset=/.falun-ny.net/gfwlist -server=/.falun.caltech.edu/127.0.0.1#5335 -ipset=/.falun.caltech.edu/gfwlist -server=/.falunart.org/127.0.0.1#5335 -ipset=/.falunart.org/gfwlist -server=/.falunasia.info/127.0.0.1#5335 -ipset=/.falunasia.info/gfwlist -server=/.falunau.org/127.0.0.1#5335 -ipset=/.falunau.org/gfwlist -server=/.falunaz.net/127.0.0.1#5335 -ipset=/.falunaz.net/gfwlist -server=/.falundafa-dc.org/127.0.0.1#5335 -ipset=/.falundafa-dc.org/gfwlist -server=/.falundafa-florida.org/127.0.0.1#5335 -ipset=/.falundafa-florida.org/gfwlist -server=/.falundafa-nc.org/127.0.0.1#5335 -ipset=/.falundafa-nc.org/gfwlist -server=/.falundafa-pa.net/127.0.0.1#5335 -ipset=/.falundafa-pa.net/gfwlist -server=/.falundafa-sacramento.org/127.0.0.1#5335 -ipset=/.falundafa-sacramento.org/gfwlist -server=/.falundafa.org/127.0.0.1#5335 -ipset=/.falundafa.org/gfwlist -server=/.falundafaindia.org/127.0.0.1#5335 -ipset=/.falundafaindia.org/gfwlist -server=/.falundafamuseum.org/127.0.0.1#5335 -ipset=/.falundafamuseum.org/gfwlist -server=/.falungong.club/127.0.0.1#5335 -ipset=/.falungong.club/gfwlist -server=/.falungong.de/127.0.0.1#5335 -ipset=/.falungong.de/gfwlist -server=/.falungong.org.uk/127.0.0.1#5335 -ipset=/.falungong.org.uk/gfwlist -server=/.falunhr.org/127.0.0.1#5335 -ipset=/.falunhr.org/gfwlist -server=/.faluninfo.de/127.0.0.1#5335 -ipset=/.faluninfo.de/gfwlist -server=/.faluninfo.net/127.0.0.1#5335 -ipset=/.faluninfo.net/gfwlist -server=/.falunpilipinas.net/127.0.0.1#5335 -ipset=/.falunpilipinas.net/gfwlist -server=/.falunworld.net/127.0.0.1#5335 -ipset=/.falunworld.net/gfwlist -server=/.familyfed.org/127.0.0.1#5335 -ipset=/.familyfed.org/gfwlist -server=/.famunion.com/127.0.0.1#5335 -ipset=/.famunion.com/gfwlist -server=/.fan-qiang.com/127.0.0.1#5335 -ipset=/.fan-qiang.com/gfwlist -server=/.fangbinxing.com/127.0.0.1#5335 -ipset=/.fangbinxing.com/gfwlist -server=/.fangeming.com/127.0.0.1#5335 -ipset=/.fangeming.com/gfwlist -server=/.fangeqiang.com/127.0.0.1#5335 -ipset=/.fangeqiang.com/gfwlist -server=/.fanglizhi.info/127.0.0.1#5335 -ipset=/.fanglizhi.info/gfwlist -server=/.fangmincn.org/127.0.0.1#5335 -ipset=/.fangmincn.org/gfwlist -server=/.fangong.forums-free.com/127.0.0.1#5335 -ipset=/.fangong.forums-free.com/gfwlist -server=/.fangong.org/127.0.0.1#5335 -ipset=/.fangong.org/gfwlist -server=/.fangongheike.com/127.0.0.1#5335 -ipset=/.fangongheike.com/gfwlist -server=/.fanhaodang.com/127.0.0.1#5335 -ipset=/.fanhaodang.com/gfwlist -server=/.fanqiang.network/127.0.0.1#5335 -ipset=/.fanqiang.network/gfwlist -server=/.fanqiang.tk/127.0.0.1#5335 -ipset=/.fanqiang.tk/gfwlist -server=/.fanqiangdang.com/127.0.0.1#5335 -ipset=/.fanqiangdang.com/gfwlist -server=/.fanqianghou.com/127.0.0.1#5335 -ipset=/.fanqianghou.com/gfwlist -server=/.fanqiangyakexi.net/127.0.0.1#5335 -ipset=/.fanqiangyakexi.net/gfwlist -server=/.fanqiangzhe.com/127.0.0.1#5335 -ipset=/.fanqiangzhe.com/gfwlist -server=/.fanswong.com/127.0.0.1#5335 -ipset=/.fanswong.com/gfwlist -server=/.fanyue.info/127.0.0.1#5335 -ipset=/.fanyue.info/gfwlist -server=/.fapdu.com/127.0.0.1#5335 -ipset=/.fapdu.com/gfwlist -server=/.faproxy.com/127.0.0.1#5335 -ipset=/.faproxy.com/gfwlist -server=/.faqserv.com/127.0.0.1#5335 -ipset=/.faqserv.com/gfwlist -server=/.fartit.com/127.0.0.1#5335 -ipset=/.fartit.com/gfwlist -server=/.farwestchina.com/127.0.0.1#5335 -ipset=/.farwestchina.com/gfwlist -server=/.fast.wistia.com/127.0.0.1#5335 -ipset=/.fast.wistia.com/gfwlist -server=/.fastpic.ru/127.0.0.1#5335 -ipset=/.fastpic.ru/gfwlist -server=/.fastssh.com/127.0.0.1#5335 -ipset=/.fastssh.com/gfwlist -server=/.faststone.org/127.0.0.1#5335 -ipset=/.faststone.org/gfwlist -server=/.fatbtc.com/127.0.0.1#5335 -ipset=/.fatbtc.com/gfwlist -server=/.favstar.fm/127.0.0.1#5335 -ipset=/.favstar.fm/gfwlist -server=/.fawanghuihui.org/127.0.0.1#5335 -ipset=/.fawanghuihui.org/gfwlist -server=/.fb.com/127.0.0.1#5335 -ipset=/.fb.com/gfwlist -server=/.fb.me/127.0.0.1#5335 -ipset=/.fb.me/gfwlist -server=/.fbaddins.com/127.0.0.1#5335 -ipset=/.fbaddins.com/gfwlist -server=/.fbcdn.net/127.0.0.1#5335 -ipset=/.fbcdn.net/gfwlist -server=/.fbsbx.com/127.0.0.1#5335 -ipset=/.fbsbx.com/gfwlist -server=/.fbworkmail.com/127.0.0.1#5335 -ipset=/.fbworkmail.com/gfwlist -server=/.fc2.com/127.0.0.1#5335 -ipset=/.fc2.com/gfwlist -server=/.fc2blog.net/127.0.0.1#5335 -ipset=/.fc2blog.net/gfwlist -server=/.fc2china.com/127.0.0.1#5335 -ipset=/.fc2china.com/gfwlist -server=/.fc2cn.com/127.0.0.1#5335 -ipset=/.fc2cn.com/gfwlist -server=/.fda.gov.tw/127.0.0.1#5335 -ipset=/.fda.gov.tw/gfwlist -server=/.fdc64.de/127.0.0.1#5335 -ipset=/.fdc64.de/gfwlist -server=/.fdc64.org/127.0.0.1#5335 -ipset=/.fdc64.org/gfwlist -server=/.fdc89.jp/127.0.0.1#5335 -ipset=/.fdc89.jp/gfwlist -server=/.feedburner.com/127.0.0.1#5335 -ipset=/.feedburner.com/gfwlist -server=/.feeds.fileforum.com/127.0.0.1#5335 -ipset=/.feeds.fileforum.com/gfwlist -server=/.feedx.net/127.0.0.1#5335 -ipset=/.feedx.net/gfwlist -server=/.feelssh.com/127.0.0.1#5335 -ipset=/.feelssh.com/gfwlist -server=/.feer.com/127.0.0.1#5335 -ipset=/.feer.com/gfwlist -server=/.feifeiss.com/127.0.0.1#5335 -ipset=/.feifeiss.com/gfwlist -server=/.feitian-california.org/127.0.0.1#5335 -ipset=/.feitian-california.org/gfwlist -server=/.feitianacademy.org/127.0.0.1#5335 -ipset=/.feitianacademy.org/gfwlist -server=/.feministteacher.com/127.0.0.1#5335 -ipset=/.feministteacher.com/gfwlist -server=/.fengzhenghu.com/127.0.0.1#5335 -ipset=/.fengzhenghu.com/gfwlist -server=/.fengzhenghu.net/127.0.0.1#5335 -ipset=/.fengzhenghu.net/gfwlist -server=/.fevernet.com/127.0.0.1#5335 -ipset=/.fevernet.com/gfwlist -server=/.ff.im/127.0.0.1#5335 -ipset=/.ff.im/gfwlist -server=/.fffff.at/127.0.0.1#5335 -ipset=/.fffff.at/gfwlist -server=/.fflick.com/127.0.0.1#5335 -ipset=/.fflick.com/gfwlist -server=/.ffvpn.com/127.0.0.1#5335 -ipset=/.ffvpn.com/gfwlist -server=/.fgmtv.net/127.0.0.1#5335 -ipset=/.fgmtv.net/gfwlist -server=/.fgmtv.org/127.0.0.1#5335 -ipset=/.fgmtv.org/gfwlist -server=/.fhreports.net/127.0.0.1#5335 -ipset=/.fhreports.net/gfwlist -server=/.fiddle.jshell.net/127.0.0.1#5335 -ipset=/.fiddle.jshell.net/gfwlist -server=/.figprayer.com/127.0.0.1#5335 -ipset=/.figprayer.com/gfwlist -server=/.fileflyer.com/127.0.0.1#5335 -ipset=/.fileflyer.com/gfwlist -server=/.files2me.com/127.0.0.1#5335 -ipset=/.files2me.com/gfwlist -server=/.filesor.com/127.0.0.1#5335 -ipset=/.filesor.com/gfwlist -server=/.fillthesquare.org/127.0.0.1#5335 -ipset=/.fillthesquare.org/gfwlist -server=/.filmingfortibet.org/127.0.0.1#5335 -ipset=/.filmingfortibet.org/gfwlist -server=/.filthdump.com/127.0.0.1#5335 -ipset=/.filthdump.com/gfwlist -server=/.financetwitter.com/127.0.0.1#5335 -ipset=/.financetwitter.com/gfwlist -server=/.finchvpn.com/127.0.0.1#5335 -ipset=/.finchvpn.com/gfwlist -server=/.findmespot.com/127.0.0.1#5335 -ipset=/.findmespot.com/gfwlist -server=/.findyoutube.com/127.0.0.1#5335 -ipset=/.findyoutube.com/gfwlist -server=/.findyoutube.net/127.0.0.1#5335 -ipset=/.findyoutube.net/gfwlist -server=/.fingerdaily.com/127.0.0.1#5335 -ipset=/.fingerdaily.com/gfwlist -server=/.finler.net/127.0.0.1#5335 -ipset=/.finler.net/gfwlist -server=/.firearmsworld.net/127.0.0.1#5335 -ipset=/.firearmsworld.net/gfwlist -server=/.firebaseio.com/127.0.0.1#5335 -ipset=/.firebaseio.com/gfwlist -server=/.fireofliberty.org/127.0.0.1#5335 -ipset=/.fireofliberty.org/gfwlist -server=/.firetweet.io/127.0.0.1#5335 -ipset=/.firetweet.io/gfwlist -server=/.firstfivefollowers.com/127.0.0.1#5335 -ipset=/.firstfivefollowers.com/gfwlist -server=/.flagsonline.it/127.0.0.1#5335 -ipset=/.flagsonline.it/gfwlist -server=/.flecheinthepeche.fr/127.0.0.1#5335 -ipset=/.flecheinthepeche.fr/gfwlist -server=/.fleshbot.com/127.0.0.1#5335 -ipset=/.fleshbot.com/gfwlist -server=/.fleursdeslettres.com/127.0.0.1#5335 -ipset=/.fleursdeslettres.com/gfwlist -server=/.flgg.us/127.0.0.1#5335 -ipset=/.flgg.us/gfwlist -server=/.flgjustice.org/127.0.0.1#5335 -ipset=/.flgjustice.org/gfwlist -server=/.flickr.com/127.0.0.1#5335 -ipset=/.flickr.com/gfwlist -server=/.flickrhivemind.net/127.0.0.1#5335 -ipset=/.flickrhivemind.net/gfwlist -server=/.flickriver.com/127.0.0.1#5335 -ipset=/.flickriver.com/gfwlist -server=/.fling.com/127.0.0.1#5335 -ipset=/.fling.com/gfwlist -server=/.flipboard.com/127.0.0.1#5335 -ipset=/.flipboard.com/gfwlist -server=/.flipkart.com/127.0.0.1#5335 -ipset=/.flipkart.com/gfwlist -server=/.flitto.com/127.0.0.1#5335 -ipset=/.flitto.com/gfwlist -server=/.flnet.org/127.0.0.1#5335 -ipset=/.flnet.org/gfwlist -server=/.flog.tw/127.0.0.1#5335 -ipset=/.flog.tw/gfwlist -server=/.flyvpn.com/127.0.0.1#5335 -ipset=/.flyvpn.com/gfwlist -server=/.flyzy2005.com/127.0.0.1#5335 -ipset=/.flyzy2005.com/gfwlist -server=/.fnac.be/127.0.0.1#5335 -ipset=/.fnac.be/gfwlist -server=/.fnac.com/127.0.0.1#5335 -ipset=/.fnac.com/gfwlist -server=/.fochk.org/127.0.0.1#5335 -ipset=/.fochk.org/gfwlist -server=/.focustaiwan.tw/127.0.0.1#5335 -ipset=/.focustaiwan.tw/gfwlist -server=/.focusvpn.com/127.0.0.1#5335 -ipset=/.focusvpn.com/gfwlist -server=/.fofg-europe.net/127.0.0.1#5335 -ipset=/.fofg-europe.net/gfwlist -server=/.fofg.org/127.0.0.1#5335 -ipset=/.fofg.org/gfwlist -server=/.fofldfradio.org/127.0.0.1#5335 -ipset=/.fofldfradio.org/gfwlist -server=/.fooooo.com/127.0.0.1#5335 -ipset=/.fooooo.com/gfwlist -server=/.footwiball.com/127.0.0.1#5335 -ipset=/.footwiball.com/gfwlist -server=/.foreignpolicy.com/127.0.0.1#5335 -ipset=/.foreignpolicy.com/gfwlist -server=/.forum.baby-kingdom.com/127.0.0.1#5335 -ipset=/.forum.baby-kingdom.com/gfwlist -server=/.forum.cyberctm.com/127.0.0.1#5335 -ipset=/.forum.cyberctm.com/gfwlist -server=/.forum.idsam.com/127.0.0.1#5335 -ipset=/.forum.idsam.com/gfwlist -server=/.forum.my903.com/127.0.0.1#5335 -ipset=/.forum.my903.com/gfwlist -server=/.forum.mymaji.com/127.0.0.1#5335 -ipset=/.forum.mymaji.com/gfwlist -server=/.forum.omy.sg/127.0.0.1#5335 -ipset=/.forum.omy.sg/gfwlist -server=/.forum.palmislife.com/127.0.0.1#5335 -ipset=/.forum.palmislife.com/gfwlist -server=/.forum.setty.com.tw/127.0.0.1#5335 -ipset=/.forum.setty.com.tw/gfwlist -server=/.forum.sina.com.hk/127.0.0.1#5335 -ipset=/.forum.sina.com.hk/gfwlist -server=/.forum.slime.com.tw/127.0.0.1#5335 -ipset=/.forum.slime.com.tw/gfwlist -server=/.forum.tvb.com/127.0.0.1#5335 -ipset=/.forum.tvb.com/gfwlist -server=/.forum4hk.com/127.0.0.1#5335 -ipset=/.forum4hk.com/gfwlist -server=/.fotile.me/127.0.0.1#5335 -ipset=/.fotile.me/gfwlist -server=/.fourface.nodesnoop.com/127.0.0.1#5335 -ipset=/.fourface.nodesnoop.com/gfwlist -server=/.fourthinternational.org/127.0.0.1#5335 -ipset=/.fourthinternational.org/gfwlist -server=/.foxdie.us/127.0.0.1#5335 -ipset=/.foxdie.us/gfwlist -server=/.foxgay.com/127.0.0.1#5335 -ipset=/.foxgay.com/gfwlist -server=/.foxsub.com/127.0.0.1#5335 -ipset=/.foxsub.com/gfwlist -server=/.foxtang.com/127.0.0.1#5335 -ipset=/.foxtang.com/gfwlist -server=/.fpmt-osel.org/127.0.0.1#5335 -ipset=/.fpmt-osel.org/gfwlist -server=/.fpmt.org/127.0.0.1#5335 -ipset=/.fpmt.org/gfwlist -server=/.fpmt.tw/127.0.0.1#5335 -ipset=/.fpmt.tw/gfwlist -server=/.fpmtmexico.org/127.0.0.1#5335 -ipset=/.fpmtmexico.org/gfwlist -server=/.fq.wikia.com/127.0.0.1#5335 -ipset=/.fq.wikia.com/gfwlist -server=/.fqok.org/127.0.0.1#5335 -ipset=/.fqok.org/gfwlist -server=/.fqrouter.com/127.0.0.1#5335 -ipset=/.fqrouter.com/gfwlist -server=/.franklc.com/127.0.0.1#5335 -ipset=/.franklc.com/gfwlist -server=/.freakshare.com/127.0.0.1#5335 -ipset=/.freakshare.com/gfwlist -server=/.free-gate.org/127.0.0.1#5335 -ipset=/.free-gate.org/gfwlist -server=/.free-hada-now.org/127.0.0.1#5335 -ipset=/.free-hada-now.org/gfwlist -server=/.free-proxy.cz/127.0.0.1#5335 -ipset=/.free-proxy.cz/gfwlist -server=/.free-ss.site/127.0.0.1#5335 -ipset=/.free-ss.site/gfwlist -server=/.free-ssh.com/127.0.0.1#5335 -ipset=/.free-ssh.com/gfwlist -server=/.free4u.com.ar/127.0.0.1#5335 -ipset=/.free4u.com.ar/gfwlist -server=/.freealim.com/127.0.0.1#5335 -ipset=/.freealim.com/gfwlist -server=/.freebrowser.org/127.0.0.1#5335 -ipset=/.freebrowser.org/gfwlist -server=/.freechal.com/127.0.0.1#5335 -ipset=/.freechal.com/gfwlist -server=/.freechina.net/127.0.0.1#5335 -ipset=/.freechina.net/gfwlist -server=/.freechinaforum.org/127.0.0.1#5335 -ipset=/.freechinaforum.org/gfwlist -server=/.freeddns.com/127.0.0.1#5335 -ipset=/.freeddns.com/gfwlist -server=/.freeddns.org/127.0.0.1#5335 -ipset=/.freeddns.org/gfwlist -server=/.freedl.org/127.0.0.1#5335 -ipset=/.freedl.org/gfwlist -server=/.freedomchina.info/127.0.0.1#5335 -ipset=/.freedomchina.info/gfwlist -server=/.freedomhouse.org/127.0.0.1#5335 -ipset=/.freedomhouse.org/gfwlist -server=/.freedominfonetweb.wordpress.com/127.0.0.1#5335 -ipset=/.freedominfonetweb.wordpress.com/gfwlist -server=/.freedomsherald.org/127.0.0.1#5335 -ipset=/.freedomsherald.org/gfwlist -server=/.freeforums.org/127.0.0.1#5335 -ipset=/.freeforums.org/gfwlist -server=/.freefq.com/127.0.0.1#5335 -ipset=/.freefq.com/gfwlist -server=/.freefuckvids.com/127.0.0.1#5335 -ipset=/.freefuckvids.com/gfwlist -server=/.freegao.com/127.0.0.1#5335 -ipset=/.freegao.com/gfwlist -server=/.freehongkong.org/127.0.0.1#5335 -ipset=/.freehongkong.org/gfwlist -server=/.freeilhamtohti.org/127.0.0.1#5335 -ipset=/.freeilhamtohti.org/gfwlist -server=/.freekwonpyong.org/127.0.0.1#5335 -ipset=/.freekwonpyong.org/gfwlist -server=/.freelotto.com/127.0.0.1#5335 -ipset=/.freelotto.com/gfwlist -server=/.freeman2.com/127.0.0.1#5335 -ipset=/.freeman2.com/gfwlist -server=/.freemoren.com/127.0.0.1#5335 -ipset=/.freemoren.com/gfwlist -server=/.freemorenews.com/127.0.0.1#5335 -ipset=/.freemorenews.com/gfwlist -server=/.freenet-china.org/127.0.0.1#5335 -ipset=/.freenet-china.org/gfwlist -server=/.freenetproject.org/127.0.0.1#5335 -ipset=/.freenetproject.org/gfwlist -server=/.freenewscn.com/127.0.0.1#5335 -ipset=/.freenewscn.com/gfwlist -server=/.freeopenvpn.com/127.0.0.1#5335 -ipset=/.freeopenvpn.com/gfwlist -server=/.freeoz.org/127.0.0.1#5335 -ipset=/.freeoz.org/gfwlist -server=/.freessh.us/127.0.0.1#5335 -ipset=/.freessh.us/gfwlist -server=/.freetcp.com/127.0.0.1#5335 -ipset=/.freetcp.com/gfwlist -server=/.freetibet.net/127.0.0.1#5335 -ipset=/.freetibet.net/gfwlist -server=/.freetibet.org/127.0.0.1#5335 -ipset=/.freetibet.org/gfwlist -server=/.freetibetanheroes.org/127.0.0.1#5335 -ipset=/.freetibetanheroes.org/gfwlist -server=/.freeviewmovies.com/127.0.0.1#5335 -ipset=/.freeviewmovies.com/gfwlist -server=/.freevpn.me/127.0.0.1#5335 -ipset=/.freevpn.me/gfwlist -server=/.freevpn.nl/127.0.0.1#5335 -ipset=/.freevpn.nl/gfwlist -server=/.freewallpaper4.me/127.0.0.1#5335 -ipset=/.freewallpaper4.me/gfwlist -server=/.freewebs.com/127.0.0.1#5335 -ipset=/.freewebs.com/gfwlist -server=/.freewechat.com/127.0.0.1#5335 -ipset=/.freewechat.com/gfwlist -server=/.freewww.biz/127.0.0.1#5335 -ipset=/.freewww.biz/gfwlist -server=/.freewww.info/127.0.0.1#5335 -ipset=/.freewww.info/gfwlist -server=/.freexinwen.com/127.0.0.1#5335 -ipset=/.freexinwen.com/gfwlist -server=/.freeyellow.com/127.0.0.1#5335 -ipset=/.freeyellow.com/gfwlist -server=/.freeyoutubeproxy.net/127.0.0.1#5335 -ipset=/.freeyoutubeproxy.net/gfwlist -server=/.friendfeed.com/127.0.0.1#5335 -ipset=/.friendfeed.com/gfwlist -server=/.friends-of-tibet.org/127.0.0.1#5335 -ipset=/.friends-of-tibet.org/gfwlist -server=/.friendsoftibet.org/127.0.0.1#5335 -ipset=/.friendsoftibet.org/gfwlist -server=/.fring.com/127.0.0.1#5335 -ipset=/.fring.com/gfwlist -server=/.fringenetwork.com/127.0.0.1#5335 -ipset=/.fringenetwork.com/gfwlist -server=/.from-pr.com/127.0.0.1#5335 -ipset=/.from-pr.com/gfwlist -server=/.from-sd.com/127.0.0.1#5335 -ipset=/.from-sd.com/gfwlist -server=/.fromchinatousa.net/127.0.0.1#5335 -ipset=/.fromchinatousa.net/gfwlist -server=/.frommel.net/127.0.0.1#5335 -ipset=/.frommel.net/gfwlist -server=/.frontlinedefenders.org/127.0.0.1#5335 -ipset=/.frontlinedefenders.org/gfwlist -server=/.frootvpn.com/127.0.0.1#5335 -ipset=/.frootvpn.com/gfwlist -server=/.fscked.org/127.0.0.1#5335 -ipset=/.fscked.org/gfwlist -server=/.fsurf.com/127.0.0.1#5335 -ipset=/.fsurf.com/gfwlist -server=/.ftchinese.com/127.0.0.1#5335 -ipset=/.ftchinese.com/gfwlist -server=/.ftp1.biz/127.0.0.1#5335 -ipset=/.ftp1.biz/gfwlist -server=/.ftpserver.biz/127.0.0.1#5335 -ipset=/.ftpserver.biz/gfwlist -server=/.ftv.com.tw/127.0.0.1#5335 -ipset=/.ftv.com.tw/gfwlist -server=/.fucd.com/127.0.0.1#5335 -ipset=/.fucd.com/gfwlist -server=/.fuckcnnic.net/127.0.0.1#5335 -ipset=/.fuckcnnic.net/gfwlist -server=/.fuckgfw.org/127.0.0.1#5335 -ipset=/.fuckgfw.org/gfwlist -server=/.fulione.com/127.0.0.1#5335 -ipset=/.fulione.com/gfwlist -server=/.fullerconsideration.com/127.0.0.1#5335 -ipset=/.fullerconsideration.com/gfwlist -server=/.fulue.com/127.0.0.1#5335 -ipset=/.fulue.com/gfwlist -server=/.funf.tw/127.0.0.1#5335 -ipset=/.funf.tw/gfwlist -server=/.funkyimg.com/127.0.0.1#5335 -ipset=/.funkyimg.com/gfwlist -server=/.funp.com/127.0.0.1#5335 -ipset=/.funp.com/gfwlist -server=/.fuq.com/127.0.0.1#5335 -ipset=/.fuq.com/gfwlist -server=/.furbo.org/127.0.0.1#5335 -ipset=/.furbo.org/gfwlist -server=/.furhhdl.org/127.0.0.1#5335 -ipset=/.furhhdl.org/gfwlist -server=/.furinkan.com/127.0.0.1#5335 -ipset=/.furinkan.com/gfwlist -server=/.furl.net/127.0.0.1#5335 -ipset=/.furl.net/gfwlist -server=/.futurechinaforum.org/127.0.0.1#5335 -ipset=/.futurechinaforum.org/gfwlist -server=/.futuremessage.org/127.0.0.1#5335 -ipset=/.futuremessage.org/gfwlist -server=/.fux.com/127.0.0.1#5335 -ipset=/.fux.com/gfwlist -server=/.fuyin.net/127.0.0.1#5335 -ipset=/.fuyin.net/gfwlist -server=/.fuyindiantai.org/127.0.0.1#5335 -ipset=/.fuyindiantai.org/gfwlist -server=/.fuyu.org.tw/127.0.0.1#5335 -ipset=/.fuyu.org.tw/gfwlist -server=/.fw.cm/127.0.0.1#5335 -ipset=/.fw.cm/gfwlist -server=/.fxcm-chinese.com/127.0.0.1#5335 -ipset=/.fxcm-chinese.com/gfwlist -server=/.fxnetworks.com/127.0.0.1#5335 -ipset=/.fxnetworks.com/gfwlist -server=/.fzh999.com/127.0.0.1#5335 -ipset=/.fzh999.com/gfwlist -server=/.fzh999.net/127.0.0.1#5335 -ipset=/.fzh999.net/gfwlist -server=/.fzlm.com/127.0.0.1#5335 -ipset=/.fzlm.com/gfwlist -server=/.g-area.org/127.0.0.1#5335 -ipset=/.g-area.org/gfwlist -server=/.g-queen.com/127.0.0.1#5335 -ipset=/.g-queen.com/gfwlist -server=/.g.co/127.0.0.1#5335 -ipset=/.g.co/gfwlist -server=/.g0v.social/127.0.0.1#5335 -ipset=/.g0v.social/gfwlist -server=/.g6hentai.com/127.0.0.1#5335 -ipset=/.g6hentai.com/gfwlist -server=/.gabocorp.com/127.0.0.1#5335 -ipset=/.gabocorp.com/gfwlist -server=/.gaeproxy.com/127.0.0.1#5335 -ipset=/.gaeproxy.com/gfwlist -server=/.gaforum.org/127.0.0.1#5335 -ipset=/.gaforum.org/gfwlist -server=/.galaxymacau.com/127.0.0.1#5335 -ipset=/.galaxymacau.com/gfwlist -server=/.galenwu.com/127.0.0.1#5335 -ipset=/.galenwu.com/gfwlist -server=/.galstars.net/127.0.0.1#5335 -ipset=/.galstars.net/gfwlist -server=/.game735.com/127.0.0.1#5335 -ipset=/.game735.com/gfwlist -server=/.gamebase.com.tw/127.0.0.1#5335 -ipset=/.gamebase.com.tw/gfwlist -server=/.gamejolt.com/127.0.0.1#5335 -ipset=/.gamejolt.com/gfwlist -server=/.gamer-cds.cdn.hinet.net/127.0.0.1#5335 -ipset=/.gamer-cds.cdn.hinet.net/gfwlist -server=/.gamer.com.tw/127.0.0.1#5335 -ipset=/.gamer.com.tw/gfwlist -server=/.gamer2-cds.cdn.hinet.net/127.0.0.1#5335 -ipset=/.gamer2-cds.cdn.hinet.net/gfwlist -server=/.gamez.com.tw/127.0.0.1#5335 -ipset=/.gamez.com.tw/gfwlist -server=/.gamousa.com/127.0.0.1#5335 -ipset=/.gamousa.com/gfwlist -server=/.ganges.com/127.0.0.1#5335 -ipset=/.ganges.com/gfwlist -server=/.gaoming.net/127.0.0.1#5335 -ipset=/.gaoming.net/gfwlist -server=/.gaopi.net/127.0.0.1#5335 -ipset=/.gaopi.net/gfwlist -server=/.gaozhisheng.net/127.0.0.1#5335 -ipset=/.gaozhisheng.net/gfwlist -server=/.gaozhisheng.org/127.0.0.1#5335 -ipset=/.gaozhisheng.org/gfwlist -server=/.gardennetworks.com/127.0.0.1#5335 -ipset=/.gardennetworks.com/gfwlist -server=/.gardennetworks.org/127.0.0.1#5335 -ipset=/.gardennetworks.org/gfwlist -server=/.gartlive.com/127.0.0.1#5335 -ipset=/.gartlive.com/gfwlist -server=/.gate-project.com/127.0.0.1#5335 -ipset=/.gate-project.com/gfwlist -server=/.gate.io/127.0.0.1#5335 -ipset=/.gate.io/gfwlist -server=/.gatecoin.com/127.0.0.1#5335 -ipset=/.gatecoin.com/gfwlist -server=/.gather.com/127.0.0.1#5335 -ipset=/.gather.com/gfwlist -server=/.gatherproxy.com/127.0.0.1#5335 -ipset=/.gatherproxy.com/gfwlist -server=/.gati.org.tw/127.0.0.1#5335 -ipset=/.gati.org.tw/gfwlist -server=/.gaybubble.com/127.0.0.1#5335 -ipset=/.gaybubble.com/gfwlist -server=/.gaycn.net/127.0.0.1#5335 -ipset=/.gaycn.net/gfwlist -server=/.gayhub.com/127.0.0.1#5335 -ipset=/.gayhub.com/gfwlist -server=/.gaymap.cc/127.0.0.1#5335 -ipset=/.gaymap.cc/gfwlist -server=/.gaymenring.com/127.0.0.1#5335 -ipset=/.gaymenring.com/gfwlist -server=/.gaytube.com/127.0.0.1#5335 -ipset=/.gaytube.com/gfwlist -server=/.gaywatch.com/127.0.0.1#5335 -ipset=/.gaywatch.com/gfwlist -server=/.gazotube.com/127.0.0.1#5335 -ipset=/.gazotube.com/gfwlist -server=/.gcc.org.hk/127.0.0.1#5335 -ipset=/.gcc.org.hk/gfwlist -server=/.gclooney.com/127.0.0.1#5335 -ipset=/.gclooney.com/gfwlist -server=/.gcmasia.com/127.0.0.1#5335 -ipset=/.gcmasia.com/gfwlist -server=/.gcpnews.com/127.0.0.1#5335 -ipset=/.gcpnews.com/gfwlist -server=/.gcr.io/127.0.0.1#5335 -ipset=/.gcr.io/gfwlist -server=/.gdzf.org/127.0.0.1#5335 -ipset=/.gdzf.org/gfwlist -server=/.geek-art.net/127.0.0.1#5335 -ipset=/.geek-art.net/gfwlist -server=/.geekheart.info/127.0.0.1#5335 -ipset=/.geekheart.info/gfwlist -server=/.gekikame.com/127.0.0.1#5335 -ipset=/.gekikame.com/gfwlist -server=/.gelbooru.com/127.0.0.1#5335 -ipset=/.gelbooru.com/gfwlist -server=/.geocities.co.jp/127.0.0.1#5335 -ipset=/.geocities.co.jp/gfwlist -server=/.geocities.jp/127.0.0.1#5335 -ipset=/.geocities.jp/gfwlist -server=/.gerefoundation.org/127.0.0.1#5335 -ipset=/.gerefoundation.org/gfwlist -server=/.get.app/127.0.0.1#5335 -ipset=/.get.app/gfwlist -server=/.get.dev/127.0.0.1#5335 -ipset=/.get.dev/gfwlist -server=/.get.how/127.0.0.1#5335 -ipset=/.get.how/gfwlist -server=/.get.page/127.0.0.1#5335 -ipset=/.get.page/gfwlist -server=/.getastrill.com/127.0.0.1#5335 -ipset=/.getastrill.com/gfwlist -server=/.getchu.com/127.0.0.1#5335 -ipset=/.getchu.com/gfwlist -server=/.getcloak.com/127.0.0.1#5335 -ipset=/.getcloak.com/gfwlist -server=/.getfoxyproxy.org/127.0.0.1#5335 -ipset=/.getfoxyproxy.org/gfwlist -server=/.getfreedur.com/127.0.0.1#5335 -ipset=/.getfreedur.com/gfwlist -server=/.getgom.com/127.0.0.1#5335 -ipset=/.getgom.com/gfwlist -server=/.geti2p.net/127.0.0.1#5335 -ipset=/.geti2p.net/gfwlist -server=/.getiton.com/127.0.0.1#5335 -ipset=/.getiton.com/gfwlist -server=/.getlantern.org/127.0.0.1#5335 -ipset=/.getlantern.org/gfwlist -server=/.getmdl.io/127.0.0.1#5335 -ipset=/.getmdl.io/gfwlist -server=/.getoutline.org/127.0.0.1#5335 -ipset=/.getoutline.org/gfwlist -server=/.getsocialscope.com/127.0.0.1#5335 -ipset=/.getsocialscope.com/gfwlist -server=/.getsync.com/127.0.0.1#5335 -ipset=/.getsync.com/gfwlist -server=/.gettrials.com/127.0.0.1#5335 -ipset=/.gettrials.com/gfwlist -server=/.gettyimages.com/127.0.0.1#5335 -ipset=/.gettyimages.com/gfwlist -server=/.getuploader.com/127.0.0.1#5335 -ipset=/.getuploader.com/gfwlist -server=/.gfbv.de/127.0.0.1#5335 -ipset=/.gfbv.de/gfwlist -server=/.gfgold.com.hk/127.0.0.1#5335 -ipset=/.gfgold.com.hk/gfwlist -server=/.gfsale.com/127.0.0.1#5335 -ipset=/.gfsale.com/gfwlist -server=/.gfw.org.ua/127.0.0.1#5335 -ipset=/.gfw.org.ua/gfwlist -server=/.gfw.press/127.0.0.1#5335 -ipset=/.gfw.press/gfwlist -server=/.ggpht.com/127.0.0.1#5335 -ipset=/.ggpht.com/gfwlist -server=/.ggssl.com/127.0.0.1#5335 -ipset=/.ggssl.com/gfwlist -server=/.ghostpath.com/127.0.0.1#5335 -ipset=/.ghostpath.com/gfwlist -server=/.ghut.org/127.0.0.1#5335 -ipset=/.ghut.org/gfwlist -server=/.giantessnight.com/127.0.0.1#5335 -ipset=/.giantessnight.com/gfwlist -server=/.gifree.com/127.0.0.1#5335 -ipset=/.gifree.com/gfwlist -server=/.giga-web.jp/127.0.0.1#5335 -ipset=/.giga-web.jp/gfwlist -server=/.gigporno.ru/127.0.0.1#5335 -ipset=/.gigporno.ru/gfwlist -server=/.girlbanker.com/127.0.0.1#5335 -ipset=/.girlbanker.com/gfwlist -server=/.gist.github.com/127.0.0.1#5335 -ipset=/.gist.github.com/gfwlist -server=/.git.io/127.0.0.1#5335 -ipset=/.git.io/gfwlist -server=/.gizlen.net/127.0.0.1#5335 -ipset=/.gizlen.net/gfwlist -server=/.gjczz.com/127.0.0.1#5335 -ipset=/.gjczz.com/gfwlist -server=/.glass8.eu/127.0.0.1#5335 -ipset=/.glass8.eu/gfwlist -server=/.global.bing.com/127.0.0.1#5335 -ipset=/.global.bing.com/gfwlist -server=/.globaljihad.net/127.0.0.1#5335 -ipset=/.globaljihad.net/gfwlist -server=/.globalmediaoutreach.com/127.0.0.1#5335 -ipset=/.globalmediaoutreach.com/gfwlist -server=/.globalmuseumoncommunism.org/127.0.0.1#5335 -ipset=/.globalmuseumoncommunism.org/gfwlist -server=/.globalrescue.net/127.0.0.1#5335 -ipset=/.globalrescue.net/gfwlist -server=/.globaltm.org/127.0.0.1#5335 -ipset=/.globaltm.org/gfwlist -server=/.globalvoices.org/127.0.0.1#5335 -ipset=/.globalvoices.org/gfwlist -server=/.globalvoicesonline.org/127.0.0.1#5335 -ipset=/.globalvoicesonline.org/gfwlist -server=/.globalvpn.net/127.0.0.1#5335 -ipset=/.globalvpn.net/gfwlist -server=/.glock.com/127.0.0.1#5335 -ipset=/.glock.com/gfwlist -server=/.gloryhole.com/127.0.0.1#5335 -ipset=/.gloryhole.com/gfwlist -server=/.glorystar.me/127.0.0.1#5335 -ipset=/.glorystar.me/gfwlist -server=/.glype.com/127.0.0.1#5335 -ipset=/.glype.com/gfwlist -server=/.gmail.com/127.0.0.1#5335 -ipset=/.gmail.com/gfwlist -server=/.gmbd.cn/127.0.0.1#5335 -ipset=/.gmbd.cn/gfwlist -server=/.gmhz.org/127.0.0.1#5335 -ipset=/.gmhz.org/gfwlist -server=/.gmll.org/127.0.0.1#5335 -ipset=/.gmll.org/gfwlist -server=/.gmodules.com/127.0.0.1#5335 -ipset=/.gmodules.com/gfwlist -server=/.gmozomg.izihost.org/127.0.0.1#5335 -ipset=/.gmozomg.izihost.org/gfwlist -server=/.gnci.org.hk/127.0.0.1#5335 -ipset=/.gnci.org.hk/gfwlist -server=/.go-pki.com/127.0.0.1#5335 -ipset=/.go-pki.com/gfwlist -server=/.go.nesnode.com/127.0.0.1#5335 -ipset=/.go.nesnode.com/gfwlist -server=/.go141.com/127.0.0.1#5335 -ipset=/.go141.com/gfwlist -server=/.goagent.biz/127.0.0.1#5335 -ipset=/.goagent.biz/gfwlist -server=/.goagent.codeplex.com/127.0.0.1#5335 -ipset=/.goagent.codeplex.com/gfwlist -server=/.goagentplus.com/127.0.0.1#5335 -ipset=/.goagentplus.com/gfwlist -server=/.gobet.cc/127.0.0.1#5335 -ipset=/.gobet.cc/gfwlist -server=/.godfootsteps.org/127.0.0.1#5335 -ipset=/.godfootsteps.org/gfwlist -server=/.godns.work/127.0.0.1#5335 -ipset=/.godns.work/gfwlist -server=/.godoc.org/127.0.0.1#5335 -ipset=/.godoc.org/gfwlist -server=/.godsdirectcontact.co.uk/127.0.0.1#5335 -ipset=/.godsdirectcontact.co.uk/gfwlist -server=/.godsdirectcontact.org/127.0.0.1#5335 -ipset=/.godsdirectcontact.org/gfwlist -server=/.godsimmediatecontact.com/127.0.0.1#5335 -ipset=/.godsimmediatecontact.com/gfwlist -server=/.gogotunnel.com/127.0.0.1#5335 -ipset=/.gogotunnel.com/gfwlist -server=/.gohappy.com.tw/127.0.0.1#5335 -ipset=/.gohappy.com.tw/gfwlist -server=/.gojet.krtco.com.tw/127.0.0.1#5335 -ipset=/.gojet.krtco.com.tw/gfwlist -server=/.gokbayrak.com/127.0.0.1#5335 -ipset=/.gokbayrak.com/gfwlist -server=/.golang.org/127.0.0.1#5335 -ipset=/.golang.org/gfwlist -server=/.goldbet.com/127.0.0.1#5335 -ipset=/.goldbet.com/gfwlist -server=/.goldbetsports.com/127.0.0.1#5335 -ipset=/.goldbetsports.com/gfwlist -server=/.goldeneyevault.com/127.0.0.1#5335 -ipset=/.goldeneyevault.com/gfwlist -server=/.goldenfrog.com/127.0.0.1#5335 -ipset=/.goldenfrog.com/gfwlist -server=/.goldjizz.com/127.0.0.1#5335 -ipset=/.goldjizz.com/gfwlist -server=/.goldstep.net/127.0.0.1#5335 -ipset=/.goldstep.net/gfwlist -server=/.goldwave.com/127.0.0.1#5335 -ipset=/.goldwave.com/gfwlist -server=/.goliathguitartutorials.com/127.0.0.1#5335 -ipset=/.goliathguitartutorials.com/gfwlist -server=/.gongm.in/127.0.0.1#5335 -ipset=/.gongm.in/gfwlist -server=/.gongmeng.info/127.0.0.1#5335 -ipset=/.gongmeng.info/gfwlist -server=/.gongminliliang.com/127.0.0.1#5335 -ipset=/.gongminliliang.com/gfwlist -server=/.gongwt.com/127.0.0.1#5335 -ipset=/.gongwt.com/gfwlist -server=/.goo.gl/127.0.0.1#5335 -ipset=/.goo.gl/gfwlist -server=/.gooday.xyz/127.0.0.1#5335 -ipset=/.gooday.xyz/gfwlist -server=/.gooddns.info/127.0.0.1#5335 -ipset=/.gooddns.info/gfwlist -server=/.goodreaders.com/127.0.0.1#5335 -ipset=/.goodreaders.com/gfwlist -server=/.goodreads.com/127.0.0.1#5335 -ipset=/.goodreads.com/gfwlist -server=/.goodtv.com.tw/127.0.0.1#5335 -ipset=/.goodtv.com.tw/gfwlist -server=/.goodtv.tv/127.0.0.1#5335 -ipset=/.goodtv.tv/gfwlist -server=/.goofind.com/127.0.0.1#5335 -ipset=/.goofind.com/gfwlist -server=/.google.ae/127.0.0.1#5335 -ipset=/.google.ae/gfwlist -server=/.google.am/127.0.0.1#5335 -ipset=/.google.am/gfwlist -server=/.google.as/127.0.0.1#5335 -ipset=/.google.as/gfwlist -server=/.google.at/127.0.0.1#5335 -ipset=/.google.at/gfwlist -server=/.google.az/127.0.0.1#5335 -ipset=/.google.az/gfwlist -server=/.google.ba/127.0.0.1#5335 -ipset=/.google.ba/gfwlist -server=/.google.be/127.0.0.1#5335 -ipset=/.google.be/gfwlist -server=/.google.bg/127.0.0.1#5335 -ipset=/.google.bg/gfwlist -server=/.google.ca/127.0.0.1#5335 -ipset=/.google.ca/gfwlist -server=/.google.calstate.edu/127.0.0.1#5335 -ipset=/.google.calstate.edu/gfwlist -server=/.google.cd/127.0.0.1#5335 -ipset=/.google.cd/gfwlist -server=/.google.ci/127.0.0.1#5335 -ipset=/.google.ci/gfwlist -server=/.google.co.id/127.0.0.1#5335 -ipset=/.google.co.id/gfwlist -server=/.google.co.jp/127.0.0.1#5335 -ipset=/.google.co.jp/gfwlist -server=/.google.co.kr/127.0.0.1#5335 -ipset=/.google.co.kr/gfwlist -server=/.google.co.ma/127.0.0.1#5335 -ipset=/.google.co.ma/gfwlist -server=/.google.co.uk/127.0.0.1#5335 -ipset=/.google.co.uk/gfwlist -server=/.google.com/127.0.0.1#5335 -ipset=/.google.com/gfwlist -server=/.google.de/127.0.0.1#5335 -ipset=/.google.de/gfwlist -server=/.google.dev/127.0.0.1#5335 -ipset=/.google.dev/gfwlist -server=/.google.dj/127.0.0.1#5335 -ipset=/.google.dj/gfwlist -server=/.google.dk/127.0.0.1#5335 -ipset=/.google.dk/gfwlist -server=/.google.es/127.0.0.1#5335 -ipset=/.google.es/gfwlist -server=/.google.fi/127.0.0.1#5335 -ipset=/.google.fi/gfwlist -server=/.google.fm/127.0.0.1#5335 -ipset=/.google.fm/gfwlist -server=/.google.fr/127.0.0.1#5335 -ipset=/.google.fr/gfwlist -server=/.google.gg/127.0.0.1#5335 -ipset=/.google.gg/gfwlist -server=/.google.gl/127.0.0.1#5335 -ipset=/.google.gl/gfwlist -server=/.google.gr/127.0.0.1#5335 -ipset=/.google.gr/gfwlist -server=/.google.ie/127.0.0.1#5335 -ipset=/.google.ie/gfwlist -server=/.google.is/127.0.0.1#5335 -ipset=/.google.is/gfwlist -server=/.google.it/127.0.0.1#5335 -ipset=/.google.it/gfwlist -server=/.google.jo/127.0.0.1#5335 -ipset=/.google.jo/gfwlist -server=/.google.kz/127.0.0.1#5335 -ipset=/.google.kz/gfwlist -server=/.google.lv/127.0.0.1#5335 -ipset=/.google.lv/gfwlist -server=/.google.mn/127.0.0.1#5335 -ipset=/.google.mn/gfwlist -server=/.google.ms/127.0.0.1#5335 -ipset=/.google.ms/gfwlist -server=/.google.nl/127.0.0.1#5335 -ipset=/.google.nl/gfwlist -server=/.google.no/127.0.0.1#5335 -ipset=/.google.no/gfwlist -server=/.google.nu/127.0.0.1#5335 -ipset=/.google.nu/gfwlist -server=/.google.ro/127.0.0.1#5335 -ipset=/.google.ro/gfwlist -server=/.google.ru/127.0.0.1#5335 -ipset=/.google.ru/gfwlist -server=/.google.rw/127.0.0.1#5335 -ipset=/.google.rw/gfwlist -server=/.google.sc/127.0.0.1#5335 -ipset=/.google.sc/gfwlist -server=/.google.sh/127.0.0.1#5335 -ipset=/.google.sh/gfwlist -server=/.google.sk/127.0.0.1#5335 -ipset=/.google.sk/gfwlist -server=/.google.sm/127.0.0.1#5335 -ipset=/.google.sm/gfwlist -server=/.google.sn/127.0.0.1#5335 -ipset=/.google.sn/gfwlist -server=/.google.tk/127.0.0.1#5335 -ipset=/.google.tk/gfwlist -server=/.google.tm/127.0.0.1#5335 -ipset=/.google.tm/gfwlist -server=/.google.to/127.0.0.1#5335 -ipset=/.google.to/gfwlist -server=/.google.tt/127.0.0.1#5335 -ipset=/.google.tt/gfwlist -server=/.google.vu/127.0.0.1#5335 -ipset=/.google.vu/gfwlist -server=/.google.ws/127.0.0.1#5335 -ipset=/.google.ws/gfwlist -server=/.googleapis.cn/127.0.0.1#5335 -ipset=/.googleapis.cn/gfwlist -server=/.googleapis.com/127.0.0.1#5335 -ipset=/.googleapis.com/gfwlist -server=/.googleapps.com/127.0.0.1#5335 -ipset=/.googleapps.com/gfwlist -server=/.googlearth.com/127.0.0.1#5335 -ipset=/.googlearth.com/gfwlist -server=/.googleartproject.com/127.0.0.1#5335 -ipset=/.googleartproject.com/gfwlist -server=/.googleblog.com/127.0.0.1#5335 -ipset=/.googleblog.com/gfwlist -server=/.googlebot.com/127.0.0.1#5335 -ipset=/.googlebot.com/gfwlist -server=/.googlechinawebmaster.com/127.0.0.1#5335 -ipset=/.googlechinawebmaster.com/gfwlist -server=/.googlecode.com/127.0.0.1#5335 -ipset=/.googlecode.com/gfwlist -server=/.googlecommerce.com/127.0.0.1#5335 -ipset=/.googlecommerce.com/gfwlist -server=/.googledomains.com/127.0.0.1#5335 -ipset=/.googledomains.com/gfwlist -server=/.googledrive.com/127.0.0.1#5335 -ipset=/.googledrive.com/gfwlist -server=/.googleearth.com/127.0.0.1#5335 -ipset=/.googleearth.com/gfwlist -server=/.googlefiber.net/127.0.0.1#5335 -ipset=/.googlefiber.net/gfwlist -server=/.googlegroups.com/127.0.0.1#5335 -ipset=/.googlegroups.com/gfwlist -server=/.googlehosted.com/127.0.0.1#5335 -ipset=/.googlehosted.com/gfwlist -server=/.googleideas.com/127.0.0.1#5335 -ipset=/.googleideas.com/gfwlist -server=/.googleinsidesearch.com/127.0.0.1#5335 -ipset=/.googleinsidesearch.com/gfwlist -server=/.googlelabs.com/127.0.0.1#5335 -ipset=/.googlelabs.com/gfwlist -server=/.googlemail.com/127.0.0.1#5335 -ipset=/.googlemail.com/gfwlist -server=/.googlemashups.com/127.0.0.1#5335 -ipset=/.googlemashups.com/gfwlist -server=/.googlepagecreator.com/127.0.0.1#5335 -ipset=/.googlepagecreator.com/gfwlist -server=/.googleplay.com/127.0.0.1#5335 -ipset=/.googleplay.com/gfwlist -server=/.googleplus.com/127.0.0.1#5335 -ipset=/.googleplus.com/gfwlist -server=/.googlescholar.com/127.0.0.1#5335 -ipset=/.googlescholar.com/gfwlist -server=/.googlesile.com/127.0.0.1#5335 -ipset=/.googlesile.com/gfwlist -server=/.googlesource.com/127.0.0.1#5335 -ipset=/.googlesource.com/gfwlist -server=/.googleusercontent.com/127.0.0.1#5335 -ipset=/.googleusercontent.com/gfwlist -server=/.googlevideo.com/127.0.0.1#5335 -ipset=/.googlevideo.com/gfwlist -server=/.googleweblight.com/127.0.0.1#5335 -ipset=/.googleweblight.com/gfwlist -server=/.googlezip.net/127.0.0.1#5335 -ipset=/.googlezip.net/gfwlist -server=/.gopetition.com/127.0.0.1#5335 -ipset=/.gopetition.com/gfwlist -server=/.goproxing.net/127.0.0.1#5335 -ipset=/.goproxing.net/gfwlist -server=/.goregrish.com/127.0.0.1#5335 -ipset=/.goregrish.com/gfwlist -server=/.gospelherald.com/127.0.0.1#5335 -ipset=/.gospelherald.com/gfwlist -server=/.got-game.org/127.0.0.1#5335 -ipset=/.got-game.org/gfwlist -server=/.gotdns.ch/127.0.0.1#5335 -ipset=/.gotdns.ch/gfwlist -server=/.gotgeeks.com/127.0.0.1#5335 -ipset=/.gotgeeks.com/gfwlist -server=/.gotrusted.com/127.0.0.1#5335 -ipset=/.gotrusted.com/gfwlist -server=/.gotw.ca/127.0.0.1#5335 -ipset=/.gotw.ca/gfwlist -server=/.gov.taipei/127.0.0.1#5335 -ipset=/.gov.taipei/gfwlist -server=/.gov.tw/127.0.0.1#5335 -ipset=/.gov.tw/gfwlist -server=/.gr8domain.biz/127.0.0.1#5335 -ipset=/.gr8domain.biz/gfwlist -server=/.gr8name.biz/127.0.0.1#5335 -ipset=/.gr8name.biz/gfwlist -server=/.grammaly.com/127.0.0.1#5335 -ipset=/.grammaly.com/gfwlist -server=/.grandtrial.org/127.0.0.1#5335 -ipset=/.grandtrial.org/gfwlist -server=/.grangorz.org/127.0.0.1#5335 -ipset=/.grangorz.org/gfwlist -server=/.graphis.ne.jp/127.0.0.1#5335 -ipset=/.graphis.ne.jp/gfwlist -server=/.graphql.org/127.0.0.1#5335 -ipset=/.graphql.org/gfwlist -server=/.greasespot.net/127.0.0.1#5335 -ipset=/.greasespot.net/gfwlist -server=/.great-firewall.com/127.0.0.1#5335 -ipset=/.great-firewall.com/gfwlist -server=/.great-roc.org/127.0.0.1#5335 -ipset=/.great-roc.org/gfwlist -server=/.greatfire.org/127.0.0.1#5335 -ipset=/.greatfire.org/gfwlist -server=/.greatfire.us7.list-manage.com/127.0.0.1#5335 -ipset=/.greatfire.us7.list-manage.com/gfwlist -server=/.greatfirewall.biz/127.0.0.1#5335 -ipset=/.greatfirewall.biz/gfwlist -server=/.greatfirewallofchina.net/127.0.0.1#5335 -ipset=/.greatfirewallofchina.net/gfwlist -server=/.greatfirewallofchina.org/127.0.0.1#5335 -ipset=/.greatfirewallofchina.org/gfwlist -server=/.greatroc.org/127.0.0.1#5335 -ipset=/.greatroc.org/gfwlist -server=/.greatroc.tw/127.0.0.1#5335 -ipset=/.greatroc.tw/gfwlist -server=/.greatzhonghua.org/127.0.0.1#5335 -ipset=/.greatzhonghua.org/gfwlist -server=/.greenfieldbookstore.com.hk/127.0.0.1#5335 -ipset=/.greenfieldbookstore.com.hk/gfwlist -server=/.greenparty.org.tw/127.0.0.1#5335 -ipset=/.greenparty.org.tw/gfwlist -server=/.greenpeace.com.tw/127.0.0.1#5335 -ipset=/.greenpeace.com.tw/gfwlist -server=/.greenpeace.org/127.0.0.1#5335 -ipset=/.greenpeace.org/gfwlist -server=/.greenvpn.net/127.0.0.1#5335 -ipset=/.greenvpn.net/gfwlist -server=/.greenvpn.org/127.0.0.1#5335 -ipset=/.greenvpn.org/gfwlist -server=/.grotty-monday.com/127.0.0.1#5335 -ipset=/.grotty-monday.com/gfwlist -server=/.grow.google/127.0.0.1#5335 -ipset=/.grow.google/gfwlist -server=/.gs-discuss.com/127.0.0.1#5335 -ipset=/.gs-discuss.com/gfwlist -server=/.gsp.target.com/127.0.0.1#5335 -ipset=/.gsp.target.com/gfwlist -server=/.gstatic.com/127.0.0.1#5335 -ipset=/.gstatic.com/gfwlist -server=/.gtricks.com/127.0.0.1#5335 -ipset=/.gtricks.com/gfwlist -server=/.gts-vpn.com/127.0.0.1#5335 -ipset=/.gts-vpn.com/gfwlist -server=/.gu-chu-sum.org/127.0.0.1#5335 -ipset=/.gu-chu-sum.org/gfwlist -server=/.guaguass.com/127.0.0.1#5335 -ipset=/.guaguass.com/gfwlist -server=/.guaguass.org/127.0.0.1#5335 -ipset=/.guaguass.org/gfwlist -server=/.guancha.org/127.0.0.1#5335 -ipset=/.guancha.org/gfwlist -server=/.guaneryu.com/127.0.0.1#5335 -ipset=/.guaneryu.com/gfwlist -server=/.guangming.com.my/127.0.0.1#5335 -ipset=/.guangming.com.my/gfwlist -server=/.guangnianvpn.com/127.0.0.1#5335 -ipset=/.guangnianvpn.com/gfwlist -server=/.guardster.com/127.0.0.1#5335 -ipset=/.guardster.com/gfwlist -server=/.guishan.org/127.0.0.1#5335 -ipset=/.guishan.org/gfwlist -server=/.gumroad.com/127.0.0.1#5335 -ipset=/.gumroad.com/gfwlist -server=/.gun-world.net/127.0.0.1#5335 -ipset=/.gun-world.net/gfwlist -server=/.gunsamerica.com/127.0.0.1#5335 -ipset=/.gunsamerica.com/gfwlist -server=/.gunsandammo.com/127.0.0.1#5335 -ipset=/.gunsandammo.com/gfwlist -server=/.guo.media/127.0.0.1#5335 -ipset=/.guo.media/gfwlist -server=/.guruonline.hk/127.0.0.1#5335 -ipset=/.guruonline.hk/gfwlist -server=/.gutteruncensored.com/127.0.0.1#5335 -ipset=/.gutteruncensored.com/gfwlist -server=/.gvlib.com/127.0.0.1#5335 -ipset=/.gvlib.com/gfwlist -server=/.gvm.com.tw/127.0.0.1#5335 -ipset=/.gvm.com.tw/gfwlist -server=/.gvt0.com/127.0.0.1#5335 -ipset=/.gvt0.com/gfwlist -server=/.gvt1.com/127.0.0.1#5335 -ipset=/.gvt1.com/gfwlist -server=/.gvt3.com/127.0.0.1#5335 -ipset=/.gvt3.com/gfwlist -server=/.gwtproject.org/127.0.0.1#5335 -ipset=/.gwtproject.org/gfwlist -server=/.gyalwarinpoche.com/127.0.0.1#5335 -ipset=/.gyalwarinpoche.com/gfwlist -server=/.gyatsostudio.com/127.0.0.1#5335 -ipset=/.gyatsostudio.com/gfwlist -server=/.gzm.tv/127.0.0.1#5335 -ipset=/.gzm.tv/gfwlist -server=/.gzone-anime.info/127.0.0.1#5335 -ipset=/.gzone-anime.info/gfwlist -server=/.h-china.org/127.0.0.1#5335 -ipset=/.h-china.org/gfwlist -server=/.h-moe.com/127.0.0.1#5335 -ipset=/.h-moe.com/gfwlist -server=/.h1n1china.org/127.0.0.1#5335 -ipset=/.h1n1china.org/gfwlist -server=/.h528.com/127.0.0.1#5335 -ipset=/.h528.com/gfwlist -server=/.h5dm.com/127.0.0.1#5335 -ipset=/.h5dm.com/gfwlist -server=/.h5galgame.me/127.0.0.1#5335 -ipset=/.h5galgame.me/gfwlist -server=/.hacg.club/127.0.0.1#5335 -ipset=/.hacg.club/gfwlist -server=/.hacg.in/127.0.0.1#5335 -ipset=/.hacg.in/gfwlist -server=/.hacg.li/127.0.0.1#5335 -ipset=/.hacg.li/gfwlist -server=/.hacg.me/127.0.0.1#5335 -ipset=/.hacg.me/gfwlist -server=/.hacg.red/127.0.0.1#5335 -ipset=/.hacg.red/gfwlist -server=/.hacker.org/127.0.0.1#5335 -ipset=/.hacker.org/gfwlist -server=/.hackthatphone.net/127.0.0.1#5335 -ipset=/.hackthatphone.net/gfwlist -server=/.hahaxixi.github.io/127.0.0.1#5335 -ipset=/.hahaxixi.github.io/gfwlist -server=/.hahlo.com/127.0.0.1#5335 -ipset=/.hahlo.com/gfwlist -server=/.hakkatv.org.tw/127.0.0.1#5335 -ipset=/.hakkatv.org.tw/gfwlist -server=/.handcraftedsoftware.org/127.0.0.1#5335 -ipset=/.handcraftedsoftware.org/gfwlist -server=/.hanime.tv/127.0.0.1#5335 -ipset=/.hanime.tv/gfwlist -server=/.hanunyi.com/127.0.0.1#5335 -ipset=/.hanunyi.com/gfwlist -server=/.haoel.github.io/127.0.0.1#5335 -ipset=/.haoel.github.io/gfwlist -server=/.happy-vpn.com/127.0.0.1#5335 -ipset=/.happy-vpn.com/gfwlist -server=/.haproxy.org/127.0.0.1#5335 -ipset=/.haproxy.org/gfwlist -server=/.hardsextube.com/127.0.0.1#5335 -ipset=/.hardsextube.com/gfwlist -server=/.harunyahya.com/127.0.0.1#5335 -ipset=/.harunyahya.com/gfwlist -server=/.hautelook.com/127.0.0.1#5335 -ipset=/.hautelook.com/gfwlist -server=/.hautelookcdn.com/127.0.0.1#5335 -ipset=/.hautelookcdn.com/gfwlist -server=/.have8.com/127.0.0.1#5335 -ipset=/.have8.com/gfwlist -server=/.hbg.com/127.0.0.1#5335 -ipset=/.hbg.com/gfwlist -server=/.hbo.com/127.0.0.1#5335 -ipset=/.hbo.com/gfwlist -server=/.hclips.com/127.0.0.1#5335 -ipset=/.hclips.com/gfwlist -server=/.hdlt.me/127.0.0.1#5335 -ipset=/.hdlt.me/gfwlist -server=/.hdtvb.net/127.0.0.1#5335 -ipset=/.hdtvb.net/gfwlist -server=/.hdzog.com/127.0.0.1#5335 -ipset=/.hdzog.com/gfwlist -server=/.heartyit.com/127.0.0.1#5335 -ipset=/.heartyit.com/gfwlist -server=/.heavy-r.com/127.0.0.1#5335 -ipset=/.heavy-r.com/gfwlist -server=/.hec.su/127.0.0.1#5335 -ipset=/.hec.su/gfwlist -server=/.hecaitou.net/127.0.0.1#5335 -ipset=/.hecaitou.net/gfwlist -server=/.hechaji.com/127.0.0.1#5335 -ipset=/.hechaji.com/gfwlist -server=/.heeact.edu.tw/127.0.0.1#5335 -ipset=/.heeact.edu.tw/gfwlist -server=/.hegre-art.com/127.0.0.1#5335 -ipset=/.hegre-art.com/gfwlist -server=/.heix.pp.ru/127.0.0.1#5335 -ipset=/.heix.pp.ru/gfwlist -server=/.helloandroid.com/127.0.0.1#5335 -ipset=/.helloandroid.com/gfwlist -server=/.helloqueer.com/127.0.0.1#5335 -ipset=/.helloqueer.com/gfwlist -server=/.helloss.pw/127.0.0.1#5335 -ipset=/.helloss.pw/gfwlist -server=/.hellotxt.com/127.0.0.1#5335 -ipset=/.hellotxt.com/gfwlist -server=/.help.linksalpha.com/127.0.0.1#5335 -ipset=/.help.linksalpha.com/gfwlist -server=/.helpeachpeople.com/127.0.0.1#5335 -ipset=/.helpeachpeople.com/gfwlist -server=/.helplinfen.com/127.0.0.1#5335 -ipset=/.helplinfen.com/gfwlist -server=/.helpster.de/127.0.0.1#5335 -ipset=/.helpster.de/gfwlist -server=/.helpzhuling.org/127.0.0.1#5335 -ipset=/.helpzhuling.org/gfwlist -server=/.hentai.to/127.0.0.1#5335 -ipset=/.hentai.to/gfwlist -server=/.hentaitube.tv/127.0.0.1#5335 -ipset=/.hentaitube.tv/gfwlist -server=/.hentaivideoworld.com/127.0.0.1#5335 -ipset=/.hentaivideoworld.com/gfwlist -server=/.heqinglian.net/127.0.0.1#5335 -ipset=/.heqinglian.net/gfwlist -server=/.heungkongdiscuss.com/127.0.0.1#5335 -ipset=/.heungkongdiscuss.com/gfwlist -server=/.hexieshe.com/127.0.0.1#5335 -ipset=/.hexieshe.com/gfwlist -server=/.hexieshe.xyz/127.0.0.1#5335 -ipset=/.hexieshe.xyz/gfwlist -server=/.hexxeh.net/127.0.0.1#5335 -ipset=/.hexxeh.net/gfwlist -server=/.heyzo.com/127.0.0.1#5335 -ipset=/.heyzo.com/gfwlist -server=/.hgseav.com/127.0.0.1#5335 -ipset=/.hgseav.com/gfwlist -server=/.hhdcb3office.org/127.0.0.1#5335 -ipset=/.hhdcb3office.org/gfwlist -server=/.hhthesakyatrizin.org/127.0.0.1#5335 -ipset=/.hhthesakyatrizin.org/gfwlist -server=/.hi-on.org.tw/127.0.0.1#5335 -ipset=/.hi-on.org.tw/gfwlist -server=/.hidden-advent.org/127.0.0.1#5335 -ipset=/.hidden-advent.org/gfwlist -server=/.hide.me/127.0.0.1#5335 -ipset=/.hide.me/gfwlist -server=/.hidein.net/127.0.0.1#5335 -ipset=/.hidein.net/gfwlist -server=/.hideipvpn.com/127.0.0.1#5335 -ipset=/.hideipvpn.com/gfwlist -server=/.hideman.net/127.0.0.1#5335 -ipset=/.hideman.net/gfwlist -server=/.hideme.nl/127.0.0.1#5335 -ipset=/.hideme.nl/gfwlist -server=/.hidemy.name/127.0.0.1#5335 -ipset=/.hidemy.name/gfwlist -server=/.hidemyass.com/127.0.0.1#5335 -ipset=/.hidemyass.com/gfwlist -server=/.hidemycomp.com/127.0.0.1#5335 -ipset=/.hidemycomp.com/gfwlist -server=/.higfw.com/127.0.0.1#5335 -ipset=/.higfw.com/gfwlist -server=/.highpeakspureearth.com/127.0.0.1#5335 -ipset=/.highpeakspureearth.com/gfwlist -server=/.highrockmedia.com/127.0.0.1#5335 -ipset=/.highrockmedia.com/gfwlist -server=/.hihiforum.com/127.0.0.1#5335 -ipset=/.hihiforum.com/gfwlist -server=/.hihistory.net/127.0.0.1#5335 -ipset=/.hihistory.net/gfwlist -server=/.hiitch.com/127.0.0.1#5335 -ipset=/.hiitch.com/gfwlist -server=/.hikinggfw.org/127.0.0.1#5335 -ipset=/.hikinggfw.org/gfwlist -server=/.hilive.tv/127.0.0.1#5335 -ipset=/.hilive.tv/gfwlist -server=/.himalayan-foundation.org/127.0.0.1#5335 -ipset=/.himalayan-foundation.org/gfwlist -server=/.himalayanglacier.com/127.0.0.1#5335 -ipset=/.himalayanglacier.com/gfwlist -server=/.himemix.com/127.0.0.1#5335 -ipset=/.himemix.com/gfwlist -server=/.himemix.net/127.0.0.1#5335 -ipset=/.himemix.net/gfwlist -server=/.hitbtc.com/127.0.0.1#5335 -ipset=/.hitbtc.com/gfwlist -server=/.hitomi.la/127.0.0.1#5335 -ipset=/.hitomi.la/gfwlist -server=/.hiwifi.com/127.0.0.1#5335 -ipset=/.hiwifi.com/gfwlist -server=/.hizb-ut-tahrir.info/127.0.0.1#5335 -ipset=/.hizb-ut-tahrir.info/gfwlist -server=/.hizb-ut-tahrir.org/127.0.0.1#5335 -ipset=/.hizb-ut-tahrir.org/gfwlist -server=/.hizbuttahrir.org/127.0.0.1#5335 -ipset=/.hizbuttahrir.org/gfwlist -server=/.hjclub.info/127.0.0.1#5335 -ipset=/.hjclub.info/gfwlist -server=/.hk-pub.com/127.0.0.1#5335 -ipset=/.hk-pub.com/gfwlist -server=/.hk.geocities.com/127.0.0.1#5335 -ipset=/.hk.geocities.com/gfwlist -server=/.hk.jiepang.com/127.0.0.1#5335 -ipset=/.hk.jiepang.com/gfwlist -server=/.hk.knowledge.yahoo.com/127.0.0.1#5335 -ipset=/.hk.knowledge.yahoo.com/gfwlist -server=/.hk.myblog.yahoo.com/127.0.0.1#5335 -ipset=/.hk.myblog.yahoo.com/gfwlist -server=/.hk.news.yahoo.com/127.0.0.1#5335 -ipset=/.hk.news.yahoo.com/gfwlist -server=/.hk.rd.yahoo.com/127.0.0.1#5335 -ipset=/.hk.rd.yahoo.com/gfwlist -server=/.hk.yahoo.com/127.0.0.1#5335 -ipset=/.hk.yahoo.com/gfwlist -server=/.hk01.com/127.0.0.1#5335 -ipset=/.hk01.com/gfwlist -server=/.hk32168.com/127.0.0.1#5335 -ipset=/.hk32168.com/gfwlist -server=/.hka8964.wordpress.com/127.0.0.1#5335 -ipset=/.hka8964.wordpress.com/gfwlist -server=/.hkacg.com/127.0.0.1#5335 -ipset=/.hkacg.com/gfwlist -server=/.hkacg.net/127.0.0.1#5335 -ipset=/.hkacg.net/gfwlist -server=/.hkanews.wordpress.com/127.0.0.1#5335 -ipset=/.hkanews.wordpress.com/gfwlist -server=/.hkatvnews.com/127.0.0.1#5335 -ipset=/.hkatvnews.com/gfwlist -server=/.hkbc.net/127.0.0.1#5335 -ipset=/.hkbc.net/gfwlist -server=/.hkbf.org/127.0.0.1#5335 -ipset=/.hkbf.org/gfwlist -server=/.hkbookcity.com/127.0.0.1#5335 -ipset=/.hkbookcity.com/gfwlist -server=/.hkchurch.org/127.0.0.1#5335 -ipset=/.hkchurch.org/gfwlist -server=/.hkci.org.hk/127.0.0.1#5335 -ipset=/.hkci.org.hk/gfwlist -server=/.hkcmi.edu/127.0.0.1#5335 -ipset=/.hkcmi.edu/gfwlist -server=/.hkcnews.com/127.0.0.1#5335 -ipset=/.hkcnews.com/gfwlist -server=/.hkcoc.com/127.0.0.1#5335 -ipset=/.hkcoc.com/gfwlist -server=/.hkcoc.weather.com.hk/127.0.0.1#5335 -ipset=/.hkcoc.weather.com.hk/gfwlist -server=/.hkday.net/127.0.0.1#5335 -ipset=/.hkday.net/gfwlist -server=/.hkdf.org/127.0.0.1#5335 -ipset=/.hkdf.org/gfwlist -server=/.hkej.com/127.0.0.1#5335 -ipset=/.hkej.com/gfwlist -server=/.hkfaa.com/127.0.0.1#5335 -ipset=/.hkfaa.com/gfwlist -server=/.hkfreezone.com/127.0.0.1#5335 -ipset=/.hkfreezone.com/gfwlist -server=/.hkfront.org/127.0.0.1#5335 -ipset=/.hkfront.org/gfwlist -server=/.hkgalden.com/127.0.0.1#5335 -ipset=/.hkgalden.com/gfwlist -server=/.hkgolden.com/127.0.0.1#5335 -ipset=/.hkgolden.com/gfwlist -server=/.hkhkhk.com/127.0.0.1#5335 -ipset=/.hkhkhk.com/gfwlist -server=/.hkhrc.org.hk/127.0.0.1#5335 -ipset=/.hkhrc.org.hk/gfwlist -server=/.hkhrm.org.hk/127.0.0.1#5335 -ipset=/.hkhrm.org.hk/gfwlist -server=/.hkip.org.uk/127.0.0.1#5335 -ipset=/.hkip.org.uk/gfwlist -server=/.hkjc.com/127.0.0.1#5335 -ipset=/.hkjc.com/gfwlist -server=/.hkjp.org/127.0.0.1#5335 -ipset=/.hkjp.org/gfwlist -server=/.hklft.com/127.0.0.1#5335 -ipset=/.hklft.com/gfwlist -server=/.hklts.org.hk/127.0.0.1#5335 -ipset=/.hklts.org.hk/gfwlist -server=/.hkptu.org/127.0.0.1#5335 -ipset=/.hkptu.org/gfwlist -server=/.hkreporter.com/127.0.0.1#5335 -ipset=/.hkreporter.com/gfwlist -server=/.hkreporter.loved.hk/127.0.0.1#5335 -ipset=/.hkreporter.loved.hk/gfwlist -server=/.hkupop.hku.hk/127.0.0.1#5335 -ipset=/.hkupop.hku.hk/gfwlist -server=/.hkusu.net/127.0.0.1#5335 -ipset=/.hkusu.net/gfwlist -server=/.hkvwet.com/127.0.0.1#5335 -ipset=/.hkvwet.com/gfwlist -server=/.hkwcc.org.hk/127.0.0.1#5335 -ipset=/.hkwcc.org.hk/gfwlist -server=/.hkzone.org/127.0.0.1#5335 -ipset=/.hkzone.org/gfwlist -server=/.hmonghot.com/127.0.0.1#5335 -ipset=/.hmonghot.com/gfwlist -server=/.hmvdigital.ca/127.0.0.1#5335 -ipset=/.hmvdigital.ca/gfwlist -server=/.hmvdigital.com/127.0.0.1#5335 -ipset=/.hmvdigital.com/gfwlist -server=/.hnjhj.com/127.0.0.1#5335 -ipset=/.hnjhj.com/gfwlist -server=/.hnntube.com/127.0.0.1#5335 -ipset=/.hnntube.com/gfwlist -server=/.hojemacau.com.mo/127.0.0.1#5335 -ipset=/.hojemacau.com.mo/gfwlist -server=/.hola.com/127.0.0.1#5335 -ipset=/.hola.com/gfwlist -server=/.hola.org/127.0.0.1#5335 -ipset=/.hola.org/gfwlist -server=/.holymountaincn.com/127.0.0.1#5335 -ipset=/.holymountaincn.com/gfwlist -server=/.holyspiritspeaks.org/127.0.0.1#5335 -ipset=/.holyspiritspeaks.org/gfwlist -server=/.home.sina.com/127.0.0.1#5335 -ipset=/.home.sina.com/gfwlist -server=/.homedepot.com/127.0.0.1#5335 -ipset=/.homedepot.com/gfwlist -server=/.homeperversion.com/127.0.0.1#5335 -ipset=/.homeperversion.com/gfwlist -server=/.homeservershow.com/127.0.0.1#5335 -ipset=/.homeservershow.com/gfwlist -server=/.hongkongfp.com/127.0.0.1#5335 -ipset=/.hongkongfp.com/gfwlist -server=/.hongmeimei.com/127.0.0.1#5335 -ipset=/.hongmeimei.com/gfwlist -server=/.hongzhi.li/127.0.0.1#5335 -ipset=/.hongzhi.li/gfwlist -server=/.hootsuite.com/127.0.0.1#5335 -ipset=/.hootsuite.com/gfwlist -server=/.hoovers.com/127.0.0.1#5335 -ipset=/.hoovers.com/gfwlist -server=/.hopedialogue.org/127.0.0.1#5335 -ipset=/.hopedialogue.org/gfwlist -server=/.hopto.org/127.0.0.1#5335 -ipset=/.hopto.org/gfwlist -server=/.hornygamer.com/127.0.0.1#5335 -ipset=/.hornygamer.com/gfwlist -server=/.hornytrip.com/127.0.0.1#5335 -ipset=/.hornytrip.com/gfwlist -server=/.hotav.tv/127.0.0.1#5335 -ipset=/.hotav.tv/gfwlist -server=/.hotels.cn/127.0.0.1#5335 -ipset=/.hotels.cn/gfwlist -server=/.hotfrog.com.tw/127.0.0.1#5335 -ipset=/.hotfrog.com.tw/gfwlist -server=/.hotgoo.com/127.0.0.1#5335 -ipset=/.hotgoo.com/gfwlist -server=/.hotpornshow.com/127.0.0.1#5335 -ipset=/.hotpornshow.com/gfwlist -server=/.hotpot.hk/127.0.0.1#5335 -ipset=/.hotpot.hk/gfwlist -server=/.hotshame.com/127.0.0.1#5335 -ipset=/.hotshame.com/gfwlist -server=/.hotspotshield.com/127.0.0.1#5335 -ipset=/.hotspotshield.com/gfwlist -server=/.hotvpn.com/127.0.0.1#5335 -ipset=/.hotvpn.com/gfwlist -server=/.hougaige.com/127.0.0.1#5335 -ipset=/.hougaige.com/gfwlist -server=/.howtoforge.com/127.0.0.1#5335 -ipset=/.howtoforge.com/gfwlist -server=/.hoxx.com/127.0.0.1#5335 -ipset=/.hoxx.com/gfwlist -server=/.hpa.gov.tw/127.0.0.1#5335 -ipset=/.hpa.gov.tw/gfwlist -server=/.hqcdp.org/127.0.0.1#5335 -ipset=/.hqcdp.org/gfwlist -server=/.hqjapanesesex.com/127.0.0.1#5335 -ipset=/.hqjapanesesex.com/gfwlist -server=/.hqmovies.com/127.0.0.1#5335 -ipset=/.hqmovies.com/gfwlist -server=/.hqsbnet.wordpress.com/127.0.0.1#5335 -ipset=/.hqsbnet.wordpress.com/gfwlist -server=/.hqsbonline.wordpress.com/127.0.0.1#5335 -ipset=/.hqsbonline.wordpress.com/gfwlist -server=/.hrcchina.org/127.0.0.1#5335 -ipset=/.hrcchina.org/gfwlist -server=/.hrcir.com/127.0.0.1#5335 -ipset=/.hrcir.com/gfwlist -server=/.hrea.org/127.0.0.1#5335 -ipset=/.hrea.org/gfwlist -server=/.hrichina.org/127.0.0.1#5335 -ipset=/.hrichina.org/gfwlist -server=/.hrtsea.com/127.0.0.1#5335 -ipset=/.hrtsea.com/gfwlist -server=/.hrw.org/127.0.0.1#5335 -ipset=/.hrw.org/gfwlist -server=/.hrweb.org/127.0.0.1#5335 -ipset=/.hrweb.org/gfwlist -server=/.hsjp.net/127.0.0.1#5335 -ipset=/.hsjp.net/gfwlist -server=/.hsselite.com/127.0.0.1#5335 -ipset=/.hsselite.com/gfwlist -server=/.hst.net.tw/127.0.0.1#5335 -ipset=/.hst.net.tw/gfwlist -server=/.hstern.net/127.0.0.1#5335 -ipset=/.hstern.net/gfwlist -server=/.hstt.net/127.0.0.1#5335 -ipset=/.hstt.net/gfwlist -server=/.ht.ly/127.0.0.1#5335 -ipset=/.ht.ly/gfwlist -server=/.htkou.net/127.0.0.1#5335 -ipset=/.htkou.net/gfwlist -server=/.htl.li/127.0.0.1#5335 -ipset=/.htl.li/gfwlist -server=/.html5rocks.com/127.0.0.1#5335 -ipset=/.html5rocks.com/gfwlist -server=/.https443.net/127.0.0.1#5335 -ipset=/.https443.net/gfwlist -server=/.https443.org/127.0.0.1#5335 -ipset=/.https443.org/gfwlist -server=/.hua-yue.net/127.0.0.1#5335 -ipset=/.hua-yue.net/gfwlist -server=/.huaglad.com/127.0.0.1#5335 -ipset=/.huaglad.com/gfwlist -server=/.huanghuagang.org/127.0.0.1#5335 -ipset=/.huanghuagang.org/gfwlist -server=/.huangyiyu.com/127.0.0.1#5335 -ipset=/.huangyiyu.com/gfwlist -server=/.huaren.us/127.0.0.1#5335 -ipset=/.huaren.us/gfwlist -server=/.huaren4us.com/127.0.0.1#5335 -ipset=/.huaren4us.com/gfwlist -server=/.huashangnews.com/127.0.0.1#5335 -ipset=/.huashangnews.com/gfwlist -server=/.huaxia-news.com/127.0.0.1#5335 -ipset=/.huaxia-news.com/gfwlist -server=/.huaxiabao.org/127.0.0.1#5335 -ipset=/.huaxiabao.org/gfwlist -server=/.huaxin.ph/127.0.0.1#5335 -ipset=/.huaxin.ph/gfwlist -server=/.huayuworld.org/127.0.0.1#5335 -ipset=/.huayuworld.org/gfwlist -server=/.hudatoriq.web.id/127.0.0.1#5335 -ipset=/.hudatoriq.web.id/gfwlist -server=/.hudson.org/127.0.0.1#5335 -ipset=/.hudson.org/gfwlist -server=/.hugoroy.eu/127.0.0.1#5335 -ipset=/.hugoroy.eu/gfwlist -server=/.huhaitai.com/127.0.0.1#5335 -ipset=/.huhaitai.com/gfwlist -server=/.huhamhire.com/127.0.0.1#5335 -ipset=/.huhamhire.com/gfwlist -server=/.huiyi.in/127.0.0.1#5335 -ipset=/.huiyi.in/gfwlist -server=/.hulkshare.com/127.0.0.1#5335 -ipset=/.hulkshare.com/gfwlist -server=/.hulu.com/127.0.0.1#5335 -ipset=/.hulu.com/gfwlist -server=/.huluim.com/127.0.0.1#5335 -ipset=/.huluim.com/gfwlist -server=/.humanrightsbriefing.org/127.0.0.1#5335 -ipset=/.humanrightsbriefing.org/gfwlist -server=/.hung-ya.com/127.0.0.1#5335 -ipset=/.hung-ya.com/gfwlist -server=/.hungerstrikeforaids.org/127.0.0.1#5335 -ipset=/.hungerstrikeforaids.org/gfwlist -server=/.huobi.com/127.0.0.1#5335 -ipset=/.huobi.com/gfwlist -server=/.huobi.pro/127.0.0.1#5335 -ipset=/.huobi.pro/gfwlist -server=/.huobipro.com/127.0.0.1#5335 -ipset=/.huobipro.com/gfwlist -server=/.huping.net/127.0.0.1#5335 -ipset=/.huping.net/gfwlist -server=/.hurgokbayrak.com/127.0.0.1#5335 -ipset=/.hurgokbayrak.com/gfwlist -server=/.hurriyet.com.tr/127.0.0.1#5335 -ipset=/.hurriyet.com.tr/gfwlist -server=/.hut2.ru/127.0.0.1#5335 -ipset=/.hut2.ru/gfwlist -server=/.hutianyi.net/127.0.0.1#5335 -ipset=/.hutianyi.net/gfwlist -server=/.hutong9.net/127.0.0.1#5335 -ipset=/.hutong9.net/gfwlist -server=/.huyandex.com/127.0.0.1#5335 -ipset=/.huyandex.com/gfwlist -server=/.hwadzan.tw/127.0.0.1#5335 -ipset=/.hwadzan.tw/gfwlist -server=/.hwayue.org.tw/127.0.0.1#5335 -ipset=/.hwayue.org.tw/gfwlist -server=/.hwinfo.com/127.0.0.1#5335 -ipset=/.hwinfo.com/gfwlist -server=/.hxwk.org/127.0.0.1#5335 -ipset=/.hxwk.org/gfwlist -server=/.hxwq.org/127.0.0.1#5335 -ipset=/.hxwq.org/gfwlist -server=/.hybrid-analysis.com/127.0.0.1#5335 -ipset=/.hybrid-analysis.com/gfwlist -server=/.hyperrate.com/127.0.0.1#5335 -ipset=/.hyperrate.com/gfwlist -server=/.i-cable.com/127.0.0.1#5335 -ipset=/.i-cable.com/gfwlist -server=/.i-part.com.tw/127.0.0.1#5335 -ipset=/.i-part.com.tw/gfwlist -server=/.i.lithium.com/127.0.0.1#5335 -ipset=/.i.lithium.com/gfwlist -server=/.i1.hk/127.0.0.1#5335 -ipset=/.i1.hk/gfwlist -server=/.i2p2.de/127.0.0.1#5335 -ipset=/.i2p2.de/gfwlist -server=/.i2runner.com/127.0.0.1#5335 -ipset=/.i2runner.com/gfwlist -server=/.i818hk.com/127.0.0.1#5335 -ipset=/.i818hk.com/gfwlist -server=/.iam.soy/127.0.0.1#5335 -ipset=/.iam.soy/gfwlist -server=/.iamtopone.com/127.0.0.1#5335 -ipset=/.iamtopone.com/gfwlist -server=/.iask.bz/127.0.0.1#5335 -ipset=/.iask.bz/gfwlist -server=/.iask.ca/127.0.0.1#5335 -ipset=/.iask.ca/gfwlist -server=/.iav19.com/127.0.0.1#5335 -ipset=/.iav19.com/gfwlist -server=/.iblist.com/127.0.0.1#5335 -ipset=/.iblist.com/gfwlist -server=/.iblogserv-f.net/127.0.0.1#5335 -ipset=/.iblogserv-f.net/gfwlist -server=/.ibros.org/127.0.0.1#5335 -ipset=/.ibros.org/gfwlist -server=/.ibvpn.com/127.0.0.1#5335 -ipset=/.ibvpn.com/gfwlist -server=/.icams.com/127.0.0.1#5335 -ipset=/.icams.com/gfwlist -server=/.ice.audionow.com/127.0.0.1#5335 -ipset=/.ice.audionow.com/gfwlist -server=/.icfcdn.com/127.0.0.1#5335 -ipset=/.icfcdn.com/gfwlist -server=/.icij.org/127.0.0.1#5335 -ipset=/.icij.org/gfwlist -server=/.icl-fi.org/127.0.0.1#5335 -ipset=/.icl-fi.org/gfwlist -server=/.icoco.com/127.0.0.1#5335 -ipset=/.icoco.com/gfwlist -server=/.iconpaper.org/127.0.0.1#5335 -ipset=/.iconpaper.org/gfwlist -server=/.icu-project.org/127.0.0.1#5335 -ipset=/.icu-project.org/gfwlist -server=/.id.heroku.com/127.0.0.1#5335 -ipset=/.id.heroku.com/gfwlist -server=/.iddddg.com/127.0.0.1#5335 -ipset=/.iddddg.com/gfwlist -server=/.idemocracy.asia/127.0.0.1#5335 -ipset=/.idemocracy.asia/gfwlist -server=/.identi.ca/127.0.0.1#5335 -ipset=/.identi.ca/gfwlist -server=/.idiomconnection.com/127.0.0.1#5335 -ipset=/.idiomconnection.com/gfwlist -server=/.idouga.com/127.0.0.1#5335 -ipset=/.idouga.com/gfwlist -server=/.idreamx.com/127.0.0.1#5335 -ipset=/.idreamx.com/gfwlist -server=/.idv.tw/127.0.0.1#5335 -ipset=/.idv.tw/gfwlist -server=/.ieasy5.com/127.0.0.1#5335 -ipset=/.ieasy5.com/gfwlist -server=/.ied2k.net/127.0.0.1#5335 -ipset=/.ied2k.net/gfwlist -server=/.ienergy1.com/127.0.0.1#5335 -ipset=/.ienergy1.com/gfwlist -server=/.ifan.cz.cc/127.0.0.1#5335 -ipset=/.ifan.cz.cc/gfwlist -server=/.ifanqiang.com/127.0.0.1#5335 -ipset=/.ifanqiang.com/gfwlist -server=/.ifcss.org/127.0.0.1#5335 -ipset=/.ifcss.org/gfwlist -server=/.ifjc.org/127.0.0.1#5335 -ipset=/.ifjc.org/gfwlist -server=/.ifreewares.com/127.0.0.1#5335 -ipset=/.ifreewares.com/gfwlist -server=/.ift.tt/127.0.0.1#5335 -ipset=/.ift.tt/gfwlist -server=/.igcd.net/127.0.0.1#5335 -ipset=/.igcd.net/gfwlist -server=/.igfw.net/127.0.0.1#5335 -ipset=/.igfw.net/gfwlist -server=/.igfw.tech/127.0.0.1#5335 -ipset=/.igfw.tech/gfwlist -server=/.igmg.de/127.0.0.1#5335 -ipset=/.igmg.de/gfwlist -server=/.ignitedetroit.net/127.0.0.1#5335 -ipset=/.ignitedetroit.net/gfwlist -server=/.igoogle.com/127.0.0.1#5335 -ipset=/.igoogle.com/gfwlist -server=/.igotmail.com.tw/127.0.0.1#5335 -ipset=/.igotmail.com.tw/gfwlist -server=/.igvita.com/127.0.0.1#5335 -ipset=/.igvita.com/gfwlist -server=/.ihakka.net/127.0.0.1#5335 -ipset=/.ihakka.net/gfwlist -server=/.iicns.com/127.0.0.1#5335 -ipset=/.iicns.com/gfwlist -server=/.iipdigital.usembassy.gov/127.0.0.1#5335 -ipset=/.iipdigital.usembassy.gov/gfwlist -server=/.ikstar.com/127.0.0.1#5335 -ipset=/.ikstar.com/gfwlist -server=/.ikwb.com/127.0.0.1#5335 -ipset=/.ikwb.com/gfwlist -server=/.illusionfactory.com/127.0.0.1#5335 -ipset=/.illusionfactory.com/gfwlist -server=/.ilove80.be/127.0.0.1#5335 -ipset=/.ilove80.be/gfwlist -server=/.ilovelongtoes.com/127.0.0.1#5335 -ipset=/.ilovelongtoes.com/gfwlist -server=/.im.tv/127.0.0.1#5335 -ipset=/.im.tv/gfwlist -server=/.im88.tw/127.0.0.1#5335 -ipset=/.im88.tw/gfwlist -server=/.imageab.com/127.0.0.1#5335 -ipset=/.imageab.com/gfwlist -server=/.imagefap.com/127.0.0.1#5335 -ipset=/.imagefap.com/gfwlist -server=/.imageflea.com/127.0.0.1#5335 -ipset=/.imageflea.com/gfwlist -server=/.images-gaytube.com/127.0.0.1#5335 -ipset=/.images-gaytube.com/gfwlist -server=/.images.comico.tw/127.0.0.1#5335 -ipset=/.images.comico.tw/gfwlist -server=/.imageshack.us/127.0.0.1#5335 -ipset=/.imageshack.us/gfwlist -server=/.imagevenue.com/127.0.0.1#5335 -ipset=/.imagevenue.com/gfwlist -server=/.imagezilla.net/127.0.0.1#5335 -ipset=/.imagezilla.net/gfwlist -server=/.imb.org/127.0.0.1#5335 -ipset=/.imb.org/gfwlist -server=/.img.ly/127.0.0.1#5335 -ipset=/.img.ly/gfwlist -server=/.imgchili.net/127.0.0.1#5335 -ipset=/.imgchili.net/gfwlist -server=/.imgur.com/127.0.0.1#5335 -ipset=/.imgur.com/gfwlist -server=/.imkev.com/127.0.0.1#5335 -ipset=/.imkev.com/gfwlist -server=/.imlive.com/127.0.0.1#5335 -ipset=/.imlive.com/gfwlist -server=/.immigration.gov.tw/127.0.0.1#5335 -ipset=/.immigration.gov.tw/gfwlist -server=/.immoral.jp/127.0.0.1#5335 -ipset=/.immoral.jp/gfwlist -server=/.impact.org.au/127.0.0.1#5335 -ipset=/.impact.org.au/gfwlist -server=/.impp.mn/127.0.0.1#5335 -ipset=/.impp.mn/gfwlist -server=/.in-disguise.com/127.0.0.1#5335 -ipset=/.in-disguise.com/gfwlist -server=/.in99.org/127.0.0.1#5335 -ipset=/.in99.org/gfwlist -server=/.incapdns.net/127.0.0.1#5335 -ipset=/.incapdns.net/gfwlist -server=/.incloak.com/127.0.0.1#5335 -ipset=/.incloak.com/gfwlist -server=/.incredibox.fr/127.0.0.1#5335 -ipset=/.incredibox.fr/gfwlist -server=/.indiandefensenews.in/127.0.0.1#5335 -ipset=/.indiandefensenews.in/gfwlist -server=/.indiemerch.com/127.0.0.1#5335 -ipset=/.indiemerch.com/gfwlist -server=/.info-graf.fr/127.0.0.1#5335 -ipset=/.info-graf.fr/gfwlist -server=/.initiativesforchina.org/127.0.0.1#5335 -ipset=/.initiativesforchina.org/gfwlist -server=/.inkui.com/127.0.0.1#5335 -ipset=/.inkui.com/gfwlist -server=/.inmediahk.net/127.0.0.1#5335 -ipset=/.inmediahk.net/gfwlist -server=/.innermongolia.org/127.0.0.1#5335 -ipset=/.innermongolia.org/gfwlist -server=/.inote.tw/127.0.0.1#5335 -ipset=/.inote.tw/gfwlist -server=/.insecam.org/127.0.0.1#5335 -ipset=/.insecam.org/gfwlist -server=/.insidevoa.com/127.0.0.1#5335 -ipset=/.insidevoa.com/gfwlist -server=/.instagram.com/127.0.0.1#5335 -ipset=/.instagram.com/gfwlist -server=/.instanthq.com/127.0.0.1#5335 -ipset=/.instanthq.com/gfwlist -server=/.institut-tibetain.org/127.0.0.1#5335 -ipset=/.institut-tibetain.org/gfwlist -server=/.international-news.newsmagazine.asia/127.0.0.1#5335 -ipset=/.international-news.newsmagazine.asia/gfwlist -server=/.internetdefenseleague.org/127.0.0.1#5335 -ipset=/.internetdefenseleague.org/gfwlist -server=/.internetfreedom.org/127.0.0.1#5335 -ipset=/.internetfreedom.org/gfwlist -server=/.internetpopculture.com/127.0.0.1#5335 -ipset=/.internetpopculture.com/gfwlist -server=/.inthenameofconfuciusmovie.com/127.0.0.1#5335 -ipset=/.inthenameofconfuciusmovie.com/gfwlist -server=/.investigating.wordpress.com/127.0.0.1#5335 -ipset=/.investigating.wordpress.com/gfwlist -server=/.inxian.com/127.0.0.1#5335 -ipset=/.inxian.com/gfwlist -server=/.iownyour.biz/127.0.0.1#5335 -ipset=/.iownyour.biz/gfwlist -server=/.iownyour.org/127.0.0.1#5335 -ipset=/.iownyour.org/gfwlist -server=/.ipalter.com/127.0.0.1#5335 -ipset=/.ipalter.com/gfwlist -server=/.ipfire.org/127.0.0.1#5335 -ipset=/.ipfire.org/gfwlist -server=/.ipfs.io/127.0.0.1#5335 -ipset=/.ipfs.io/gfwlist -server=/.iphone4hongkong.com/127.0.0.1#5335 -ipset=/.iphone4hongkong.com/gfwlist -server=/.iphonehacks.com/127.0.0.1#5335 -ipset=/.iphonehacks.com/gfwlist -server=/.iphonetaiwan.org/127.0.0.1#5335 -ipset=/.iphonetaiwan.org/gfwlist -server=/.iphonix.fr/127.0.0.1#5335 -ipset=/.iphonix.fr/gfwlist -server=/.ipicture.ru/127.0.0.1#5335 -ipset=/.ipicture.ru/gfwlist -server=/.ipjetable.net/127.0.0.1#5335 -ipset=/.ipjetable.net/gfwlist -server=/.iportal.me/127.0.0.1#5335 -ipset=/.iportal.me/gfwlist -server=/.ippotv.com/127.0.0.1#5335 -ipset=/.ippotv.com/gfwlist -server=/.ipredator.se/127.0.0.1#5335 -ipset=/.ipredator.se/gfwlist -server=/.iptv.com.tw/127.0.0.1#5335 -ipset=/.iptv.com.tw/gfwlist -server=/.iptvbin.com/127.0.0.1#5335 -ipset=/.iptvbin.com/gfwlist -server=/.ipvanish.com/127.0.0.1#5335 -ipset=/.ipvanish.com/gfwlist -server=/.iredmail.org/127.0.0.1#5335 -ipset=/.iredmail.org/gfwlist -server=/.ironbigfools.compython.net/127.0.0.1#5335 -ipset=/.ironbigfools.compython.net/gfwlist -server=/.ironpython.net/127.0.0.1#5335 -ipset=/.ironpython.net/gfwlist -server=/.ironsocket.com/127.0.0.1#5335 -ipset=/.ironsocket.com/gfwlist -server=/.is-a-hunter.com/127.0.0.1#5335 -ipset=/.is-a-hunter.com/gfwlist -server=/.is.gd/127.0.0.1#5335 -ipset=/.is.gd/gfwlist -server=/.isaacmao.com/127.0.0.1#5335 -ipset=/.isaacmao.com/gfwlist -server=/.isasecret.com/127.0.0.1#5335 -ipset=/.isasecret.com/gfwlist -server=/.isc.sans.edu/127.0.0.1#5335 -ipset=/.isc.sans.edu/gfwlist -server=/.isgreat.org/127.0.0.1#5335 -ipset=/.isgreat.org/gfwlist -server=/.islahhaber.net/127.0.0.1#5335 -ipset=/.islahhaber.net/gfwlist -server=/.islam.org.hk/127.0.0.1#5335 -ipset=/.islam.org.hk/gfwlist -server=/.islamhouse.com/127.0.0.1#5335 -ipset=/.islamhouse.com/gfwlist -server=/.islamicity.com/127.0.0.1#5335 -ipset=/.islamicity.com/gfwlist -server=/.islamicpluralism.org/127.0.0.1#5335 -ipset=/.islamicpluralism.org/gfwlist -server=/.islamtoday.net/127.0.0.1#5335 -ipset=/.islamtoday.net/gfwlist -server=/.ismaelan.com/127.0.0.1#5335 -ipset=/.ismaelan.com/gfwlist -server=/.ismalltits.com/127.0.0.1#5335 -ipset=/.ismalltits.com/gfwlist -server=/.ismprofessional.net/127.0.0.1#5335 -ipset=/.ismprofessional.net/gfwlist -server=/.isohunt.com/127.0.0.1#5335 -ipset=/.isohunt.com/gfwlist -server=/.israbox.com/127.0.0.1#5335 -ipset=/.israbox.com/gfwlist -server=/.issuu.com/127.0.0.1#5335 -ipset=/.issuu.com/gfwlist -server=/.istars.co.nz/127.0.0.1#5335 -ipset=/.istars.co.nz/gfwlist -server=/.istiqlalhewer.com/127.0.0.1#5335 -ipset=/.istiqlalhewer.com/gfwlist -server=/.istockphoto.com/127.0.0.1#5335 -ipset=/.istockphoto.com/gfwlist -server=/.isunaffairs.com/127.0.0.1#5335 -ipset=/.isunaffairs.com/gfwlist -server=/.isuntv.com/127.0.0.1#5335 -ipset=/.isuntv.com/gfwlist -server=/.itaboo.info/127.0.0.1#5335 -ipset=/.itaboo.info/gfwlist -server=/.itaiwan.gov.tw/127.0.0.1#5335 -ipset=/.itaiwan.gov.tw/gfwlist -server=/.italiatibet.org/127.0.0.1#5335 -ipset=/.italiatibet.org/gfwlist -server=/.itasoftware.com/127.0.0.1#5335 -ipset=/.itasoftware.com/gfwlist -server=/.itemdb.com/127.0.0.1#5335 -ipset=/.itemdb.com/gfwlist -server=/.ithelp.ithome.com.tw/127.0.0.1#5335 -ipset=/.ithelp.ithome.com.tw/gfwlist -server=/.itsaol.com/127.0.0.1#5335 -ipset=/.itsaol.com/gfwlist -server=/.itshidden.com/127.0.0.1#5335 -ipset=/.itshidden.com/gfwlist -server=/.itsky.it/127.0.0.1#5335 -ipset=/.itsky.it/gfwlist -server=/.itweet.net/127.0.0.1#5335 -ipset=/.itweet.net/gfwlist -server=/.iu45.com/127.0.0.1#5335 -ipset=/.iu45.com/gfwlist -server=/.iuhrdf.org/127.0.0.1#5335 -ipset=/.iuhrdf.org/gfwlist -server=/.iuksky.com/127.0.0.1#5335 -ipset=/.iuksky.com/gfwlist -server=/.ivacy.com/127.0.0.1#5335 -ipset=/.ivacy.com/gfwlist -server=/.iverycd.com/127.0.0.1#5335 -ipset=/.iverycd.com/gfwlist -server=/.ivpn.net/127.0.0.1#5335 -ipset=/.ivpn.net/gfwlist -server=/.ixquick.com/127.0.0.1#5335 -ipset=/.ixquick.com/gfwlist -server=/.ixxx.com/127.0.0.1#5335 -ipset=/.ixxx.com/gfwlist -server=/.iyouport.com/127.0.0.1#5335 -ipset=/.iyouport.com/gfwlist -server=/.izaobao.us/127.0.0.1#5335 -ipset=/.izaobao.us/gfwlist -server=/.izles.net/127.0.0.1#5335 -ipset=/.izles.net/gfwlist -server=/.izlesem.org/127.0.0.1#5335 -ipset=/.izlesem.org/gfwlist -server=/.j.mp/127.0.0.1#5335 -ipset=/.j.mp/gfwlist -server=/.jamaat.org/127.0.0.1#5335 -ipset=/.jamaat.org/gfwlist -server=/.jamyangnorbu.com/127.0.0.1#5335 -ipset=/.jamyangnorbu.com/gfwlist -server=/.jandyx.com/127.0.0.1#5335 -ipset=/.jandyx.com/gfwlist -server=/.janwongphoto.com/127.0.0.1#5335 -ipset=/.janwongphoto.com/gfwlist -server=/.japan-whores.com/127.0.0.1#5335 -ipset=/.japan-whores.com/gfwlist -server=/.japantimes.co.jp/127.0.0.1#5335 -ipset=/.japantimes.co.jp/gfwlist -server=/.jav.com/127.0.0.1#5335 -ipset=/.jav.com/gfwlist -server=/.jav101.com/127.0.0.1#5335 -ipset=/.jav101.com/gfwlist -server=/.jav2be.com/127.0.0.1#5335 -ipset=/.jav2be.com/gfwlist -server=/.jav68.tv/127.0.0.1#5335 -ipset=/.jav68.tv/gfwlist -server=/.javakiba.org/127.0.0.1#5335 -ipset=/.javakiba.org/gfwlist -server=/.javbus.com/127.0.0.1#5335 -ipset=/.javbus.com/gfwlist -server=/.javfor.me/127.0.0.1#5335 -ipset=/.javfor.me/gfwlist -server=/.javhd.com/127.0.0.1#5335 -ipset=/.javhd.com/gfwlist -server=/.javhip.com/127.0.0.1#5335 -ipset=/.javhip.com/gfwlist -server=/.javhub.net/127.0.0.1#5335 -ipset=/.javhub.net/gfwlist -server=/.javhuge.com/127.0.0.1#5335 -ipset=/.javhuge.com/gfwlist -server=/.javlibrary.com/127.0.0.1#5335 -ipset=/.javlibrary.com/gfwlist -server=/.javmobile.net/127.0.0.1#5335 -ipset=/.javmobile.net/gfwlist -server=/.javmoo.com/127.0.0.1#5335 -ipset=/.javmoo.com/gfwlist -server=/.javmoo.xyz/127.0.0.1#5335 -ipset=/.javmoo.xyz/gfwlist -server=/.javseen.com/127.0.0.1#5335 -ipset=/.javseen.com/gfwlist -server=/.javtag.com/127.0.0.1#5335 -ipset=/.javtag.com/gfwlist -server=/.javzoo.com/127.0.0.1#5335 -ipset=/.javzoo.com/gfwlist -server=/.javzz.com/127.0.0.1#5335 -ipset=/.javzz.com/gfwlist -server=/.jbtalks.cc/127.0.0.1#5335 -ipset=/.jbtalks.cc/gfwlist -server=/.jbtalks.com/127.0.0.1#5335 -ipset=/.jbtalks.com/gfwlist -server=/.jbtalks.my/127.0.0.1#5335 -ipset=/.jbtalks.my/gfwlist -server=/.jcpenney.com/127.0.0.1#5335 -ipset=/.jcpenney.com/gfwlist -server=/.jdwsy.com/127.0.0.1#5335 -ipset=/.jdwsy.com/gfwlist -server=/.jeanyim.com/127.0.0.1#5335 -ipset=/.jeanyim.com/gfwlist -server=/.jetos.com/127.0.0.1#5335 -ipset=/.jetos.com/gfwlist -server=/.jex.com/127.0.0.1#5335 -ipset=/.jex.com/gfwlist -server=/.jfqu36.club/127.0.0.1#5335 -ipset=/.jfqu36.club/gfwlist -server=/.jfqu37.xyz/127.0.0.1#5335 -ipset=/.jfqu37.xyz/gfwlist -server=/.jgoodies.com/127.0.0.1#5335 -ipset=/.jgoodies.com/gfwlist -server=/.jiangweiping.com/127.0.0.1#5335 -ipset=/.jiangweiping.com/gfwlist -server=/.jiaoyou8.com/127.0.0.1#5335 -ipset=/.jiaoyou8.com/gfwlist -server=/.jiehua.cz/127.0.0.1#5335 -ipset=/.jiehua.cz/gfwlist -server=/.jieshibaobao.com/127.0.0.1#5335 -ipset=/.jieshibaobao.com/gfwlist -server=/.jigglegifs.com/127.0.0.1#5335 -ipset=/.jigglegifs.com/gfwlist -server=/.jigong1024.com/127.0.0.1#5335 -ipset=/.jigong1024.com/gfwlist -server=/.jihadintel.meforum.org/127.0.0.1#5335 -ipset=/.jihadintel.meforum.org/gfwlist -server=/.jihadology.net/127.0.0.1#5335 -ipset=/.jihadology.net/gfwlist -server=/.jiji.com/127.0.0.1#5335 -ipset=/.jiji.com/gfwlist -server=/.jims.net/127.0.0.1#5335 -ipset=/.jims.net/gfwlist -server=/.jinbushe.org/127.0.0.1#5335 -ipset=/.jinbushe.org/gfwlist -server=/.jingpin.org/127.0.0.1#5335 -ipset=/.jingpin.org/gfwlist -server=/.jingsim.org/127.0.0.1#5335 -ipset=/.jingsim.org/gfwlist -server=/.jinpianwang.com/127.0.0.1#5335 -ipset=/.jinpianwang.com/gfwlist -server=/.jinroukong.com/127.0.0.1#5335 -ipset=/.jinroukong.com/gfwlist -server=/.jintian.net/127.0.0.1#5335 -ipset=/.jintian.net/gfwlist -server=/.jinx.com/127.0.0.1#5335 -ipset=/.jinx.com/gfwlist -server=/.jitouch.com/127.0.0.1#5335 -ipset=/.jitouch.com/gfwlist -server=/.jizzthis.com/127.0.0.1#5335 -ipset=/.jizzthis.com/gfwlist -server=/.jjgirls.com/127.0.0.1#5335 -ipset=/.jjgirls.com/gfwlist -server=/.jkb.cc/127.0.0.1#5335 -ipset=/.jkb.cc/gfwlist -server=/.jkforum.net/127.0.0.1#5335 -ipset=/.jkforum.net/gfwlist -server=/.jkub.com/127.0.0.1#5335 -ipset=/.jkub.com/gfwlist -server=/.jma.go.jp/127.0.0.1#5335 -ipset=/.jma.go.jp/gfwlist -server=/.jmscult.com/127.0.0.1#5335 -ipset=/.jmscult.com/gfwlist -server=/.joachims.org/127.0.0.1#5335 -ipset=/.joachims.org/gfwlist -server=/.jobnewera.wordpress.com/127.0.0.1#5335 -ipset=/.jobnewera.wordpress.com/gfwlist -server=/.jobso.tv/127.0.0.1#5335 -ipset=/.jobso.tv/gfwlist -server=/.joinmastodon.org/127.0.0.1#5335 -ipset=/.joinmastodon.org/gfwlist -server=/.journalchretien.net/127.0.0.1#5335 -ipset=/.journalchretien.net/gfwlist -server=/.journalofdemocracy.org/127.0.0.1#5335 -ipset=/.journalofdemocracy.org/gfwlist -server=/.joymiihub.com/127.0.0.1#5335 -ipset=/.joymiihub.com/gfwlist -server=/.joyourself.com/127.0.0.1#5335 -ipset=/.joyourself.com/gfwlist -server=/.jpl.nasa.gov/127.0.0.1#5335 -ipset=/.jpl.nasa.gov/gfwlist -server=/.jpopforum.net/127.0.0.1#5335 -ipset=/.jpopforum.net/gfwlist -server=/.jtvnw.net/127.0.0.1#5335 -ipset=/.jtvnw.net/gfwlist -server=/.jubushoushen.com/127.0.0.1#5335 -ipset=/.jubushoushen.com/gfwlist -server=/.juhuaren.com/127.0.0.1#5335 -ipset=/.juhuaren.com/gfwlist -server=/.jukujo-club.com/127.0.0.1#5335 -ipset=/.jukujo-club.com/gfwlist -server=/.juliepost.com/127.0.0.1#5335 -ipset=/.juliepost.com/gfwlist -server=/.juliereyc.com/127.0.0.1#5335 -ipset=/.juliereyc.com/gfwlist -server=/.junauza.com/127.0.0.1#5335 -ipset=/.junauza.com/gfwlist -server=/.june4commemoration.org/127.0.0.1#5335 -ipset=/.june4commemoration.org/gfwlist -server=/.junefourth-20.net/127.0.0.1#5335 -ipset=/.junefourth-20.net/gfwlist -server=/.jungleheart.com/127.0.0.1#5335 -ipset=/.jungleheart.com/gfwlist -server=/.juoaa.com/127.0.0.1#5335 -ipset=/.juoaa.com/gfwlist -server=/.justdied.com/127.0.0.1#5335 -ipset=/.justdied.com/gfwlist -server=/.justfreevpn.com/127.0.0.1#5335 -ipset=/.justfreevpn.com/gfwlist -server=/.justicefortenzin.org/127.0.0.1#5335 -ipset=/.justicefortenzin.org/gfwlist -server=/.justpaste.it/127.0.0.1#5335 -ipset=/.justpaste.it/gfwlist -server=/.justtristan.com/127.0.0.1#5335 -ipset=/.justtristan.com/gfwlist -server=/.juyuange.org/127.0.0.1#5335 -ipset=/.juyuange.org/gfwlist -server=/.juziyue.com/127.0.0.1#5335 -ipset=/.juziyue.com/gfwlist -server=/.jwmusic.org/127.0.0.1#5335 -ipset=/.jwmusic.org/gfwlist -server=/.jyxf.net/127.0.0.1#5335 -ipset=/.jyxf.net/gfwlist -server=/.k-doujin.net/127.0.0.1#5335 -ipset=/.k-doujin.net/gfwlist -server=/.ka-wai.com/127.0.0.1#5335 -ipset=/.ka-wai.com/gfwlist -server=/.kagyu.org/127.0.0.1#5335 -ipset=/.kagyu.org/gfwlist -server=/.kagyumonlam.org/127.0.0.1#5335 -ipset=/.kagyumonlam.org/gfwlist -server=/.kagyunews.com.hk/127.0.0.1#5335 -ipset=/.kagyunews.com.hk/gfwlist -server=/.kagyuoffice.org/127.0.0.1#5335 -ipset=/.kagyuoffice.org/gfwlist -server=/.kaiyuan.de/127.0.0.1#5335 -ipset=/.kaiyuan.de/gfwlist -server=/.kakao.com/127.0.0.1#5335 -ipset=/.kakao.com/gfwlist -server=/.kalachakralugano.org/127.0.0.1#5335 -ipset=/.kalachakralugano.org/gfwlist -server=/.kankan.today/127.0.0.1#5335 -ipset=/.kankan.today/gfwlist -server=/.kannewyork.com/127.0.0.1#5335 -ipset=/.kannewyork.com/gfwlist -server=/.kanshifang.com/127.0.0.1#5335 -ipset=/.kanshifang.com/gfwlist -server=/.kantie.org/127.0.0.1#5335 -ipset=/.kantie.org/gfwlist -server=/.kanzhongguo.com/127.0.0.1#5335 -ipset=/.kanzhongguo.com/gfwlist -server=/.kanzhongguo.eu/127.0.0.1#5335 -ipset=/.kanzhongguo.eu/gfwlist -server=/.kaotic.com/127.0.0.1#5335 -ipset=/.kaotic.com/gfwlist -server=/.karayou.com/127.0.0.1#5335 -ipset=/.karayou.com/gfwlist -server=/.karkhung.com/127.0.0.1#5335 -ipset=/.karkhung.com/gfwlist -server=/.karmapa-teachings.org/127.0.0.1#5335 -ipset=/.karmapa-teachings.org/gfwlist -server=/.karmapa.org/127.0.0.1#5335 -ipset=/.karmapa.org/gfwlist -server=/.kawaiikawaii.jp/127.0.0.1#5335 -ipset=/.kawaiikawaii.jp/gfwlist -server=/.kawase.com/127.0.0.1#5335 -ipset=/.kawase.com/gfwlist -server=/.kb.monitorware.com/127.0.0.1#5335 -ipset=/.kb.monitorware.com/gfwlist -server=/.kba-tx.org/127.0.0.1#5335 -ipset=/.kba-tx.org/gfwlist -server=/.kcoolonline.com/127.0.0.1#5335 -ipset=/.kcoolonline.com/gfwlist -server=/.kebrum.com/127.0.0.1#5335 -ipset=/.kebrum.com/gfwlist -server=/.kechara.com/127.0.0.1#5335 -ipset=/.kechara.com/gfwlist -server=/.keezmovies.com/127.0.0.1#5335 -ipset=/.keezmovies.com/gfwlist -server=/.kendatire.com/127.0.0.1#5335 -ipset=/.kendatire.com/gfwlist -server=/.kendincos.net/127.0.0.1#5335 -ipset=/.kendincos.net/gfwlist -server=/.kenengba.com/127.0.0.1#5335 -ipset=/.kenengba.com/gfwlist -server=/.keontech.net/127.0.0.1#5335 -ipset=/.keontech.net/gfwlist -server=/.kepard.com/127.0.0.1#5335 -ipset=/.kepard.com/gfwlist -server=/.kex.com/127.0.0.1#5335 -ipset=/.kex.com/gfwlist -server=/.keycdn.com/127.0.0.1#5335 -ipset=/.keycdn.com/gfwlist -server=/.khabdha.org/127.0.0.1#5335 -ipset=/.khabdha.org/gfwlist -server=/.khatrimaza.org/127.0.0.1#5335 -ipset=/.khatrimaza.org/gfwlist -server=/.khmusic.com.tw/127.0.0.1#5335 -ipset=/.khmusic.com.tw/gfwlist -server=/.kichiku-doujinko.com/127.0.0.1#5335 -ipset=/.kichiku-doujinko.com/gfwlist -server=/.kik.com/127.0.0.1#5335 -ipset=/.kik.com/gfwlist -server=/.killwall.com/127.0.0.1#5335 -ipset=/.killwall.com/gfwlist -server=/.kindleren.com/127.0.0.1#5335 -ipset=/.kindleren.com/gfwlist -server=/.kineox.free.fr/127.0.0.1#5335 -ipset=/.kineox.free.fr/gfwlist -server=/.kingdomsalvation.org/127.0.0.1#5335 -ipset=/.kingdomsalvation.org/gfwlist -server=/.kinghost.com/127.0.0.1#5335 -ipset=/.kinghost.com/gfwlist -server=/.kingstone.com.tw/127.0.0.1#5335 -ipset=/.kingstone.com.tw/gfwlist -server=/.kink.com/127.0.0.1#5335 -ipset=/.kink.com/gfwlist -server=/.kinmen.org.tw/127.0.0.1#5335 -ipset=/.kinmen.org.tw/gfwlist -server=/.kinmen.travel/127.0.0.1#5335 -ipset=/.kinmen.travel/gfwlist -server=/.kinokuniya.com/127.0.0.1#5335 -ipset=/.kinokuniya.com/gfwlist -server=/.kir.jp/127.0.0.1#5335 -ipset=/.kir.jp/gfwlist -server=/.kissbbao.cn/127.0.0.1#5335 -ipset=/.kissbbao.cn/gfwlist -server=/.kiwi.kz/127.0.0.1#5335 -ipset=/.kiwi.kz/gfwlist -server=/.kk-whys.co.jp/127.0.0.1#5335 -ipset=/.kk-whys.co.jp/gfwlist -server=/.kkbox.com/127.0.0.1#5335 -ipset=/.kkbox.com/gfwlist -server=/.kknews.cc/127.0.0.1#5335 -ipset=/.kknews.cc/gfwlist -server=/.kmuh.org.tw/127.0.0.1#5335 -ipset=/.kmuh.org.tw/gfwlist -server=/.kobo.com/127.0.0.1#5335 -ipset=/.kobo.com/gfwlist -server=/.kobobooks.com/127.0.0.1#5335 -ipset=/.kobobooks.com/gfwlist -server=/.kodingen.com/127.0.0.1#5335 -ipset=/.kodingen.com/gfwlist -server=/.kompozer.net/127.0.0.1#5335 -ipset=/.kompozer.net/gfwlist -server=/.konachan.com/127.0.0.1#5335 -ipset=/.konachan.com/gfwlist -server=/.kone.com/127.0.0.1#5335 -ipset=/.kone.com/gfwlist -server=/.koolsolutions.com/127.0.0.1#5335 -ipset=/.koolsolutions.com/gfwlist -server=/.koornk.com/127.0.0.1#5335 -ipset=/.koornk.com/gfwlist -server=/.koranmandarin.com/127.0.0.1#5335 -ipset=/.koranmandarin.com/gfwlist -server=/.korea.net/127.0.0.1#5335 -ipset=/.korea.net/gfwlist -server=/.korenan2.com/127.0.0.1#5335 -ipset=/.korenan2.com/gfwlist -server=/.ksdl.org/127.0.0.1#5335 -ipset=/.ksdl.org/gfwlist -server=/.ksnews.com.tw/127.0.0.1#5335 -ipset=/.ksnews.com.tw/gfwlist -server=/.kspcoin.com/127.0.0.1#5335 -ipset=/.kspcoin.com/gfwlist -server=/.ktzhk.com/127.0.0.1#5335 -ipset=/.ktzhk.com/gfwlist -server=/.kucoin.com/127.0.0.1#5335 -ipset=/.kucoin.com/gfwlist -server=/.kun.im/127.0.0.1#5335 -ipset=/.kun.im/gfwlist -server=/.kurashsultan.com/127.0.0.1#5335 -ipset=/.kurashsultan.com/gfwlist -server=/.kurtmunger.com/127.0.0.1#5335 -ipset=/.kurtmunger.com/gfwlist -server=/.kusocity.com/127.0.0.1#5335 -ipset=/.kusocity.com/gfwlist -server=/.kwcg.ca/127.0.0.1#5335 -ipset=/.kwcg.ca/gfwlist -server=/.kwongwah.com.my/127.0.0.1#5335 -ipset=/.kwongwah.com.my/gfwlist -server=/.kxsw.life/127.0.0.1#5335 -ipset=/.kxsw.life/gfwlist -server=/.kyofun.com/127.0.0.1#5335 -ipset=/.kyofun.com/gfwlist -server=/.kyohk.net/127.0.0.1#5335 -ipset=/.kyohk.net/gfwlist -server=/.kyoyue.com/127.0.0.1#5335 -ipset=/.kyoyue.com/gfwlist -server=/.kyzyhello.com/127.0.0.1#5335 -ipset=/.kyzyhello.com/gfwlist -server=/.kzeng.info/127.0.0.1#5335 -ipset=/.kzeng.info/gfwlist -server=/.la-forum.org/127.0.0.1#5335 -ipset=/.la-forum.org/gfwlist -server=/.labiennale.org/127.0.0.1#5335 -ipset=/.labiennale.org/gfwlist -server=/.ladbrokes.com/127.0.0.1#5335 -ipset=/.ladbrokes.com/gfwlist -server=/.lagranepoca.com/127.0.0.1#5335 -ipset=/.lagranepoca.com/gfwlist -server=/.lalulalu.com/127.0.0.1#5335 -ipset=/.lalulalu.com/gfwlist -server=/.lama.com.tw/127.0.0.1#5335 -ipset=/.lama.com.tw/gfwlist -server=/.lamayeshe.com/127.0.0.1#5335 -ipset=/.lamayeshe.com/gfwlist -server=/.lamnia.co.uk/127.0.0.1#5335 -ipset=/.lamnia.co.uk/gfwlist -server=/.lamrim.com/127.0.0.1#5335 -ipset=/.lamrim.com/gfwlist -server=/.lanterncn.cn/127.0.0.1#5335 -ipset=/.lanterncn.cn/gfwlist -server=/.lantosfoundation.org/127.0.0.1#5335 -ipset=/.lantosfoundation.org/gfwlist -server=/.laod.cn/127.0.0.1#5335 -ipset=/.laod.cn/gfwlist -server=/.laogai.org/127.0.0.1#5335 -ipset=/.laogai.org/gfwlist -server=/.laomiu.com/127.0.0.1#5335 -ipset=/.laomiu.com/gfwlist -server=/.laoyang.info/127.0.0.1#5335 -ipset=/.laoyang.info/gfwlist -server=/.laptoplockdown.com/127.0.0.1#5335 -ipset=/.laptoplockdown.com/gfwlist -server=/.laqingdan.net/127.0.0.1#5335 -ipset=/.laqingdan.net/gfwlist -server=/.larsgeorge.com/127.0.0.1#5335 -ipset=/.larsgeorge.com/gfwlist -server=/.lastcombat.com/127.0.0.1#5335 -ipset=/.lastcombat.com/gfwlist -server=/.lastfm.es/127.0.0.1#5335 -ipset=/.lastfm.es/gfwlist -server=/.latelinenews.com/127.0.0.1#5335 -ipset=/.latelinenews.com/gfwlist -server=/.latibet.org/127.0.0.1#5335 -ipset=/.latibet.org/gfwlist -server=/.lbank.info/127.0.0.1#5335 -ipset=/.lbank.info/gfwlist -server=/.le-vpn.com/127.0.0.1#5335 -ipset=/.le-vpn.com/gfwlist -server=/.leafyvpn.net/127.0.0.1#5335 -ipset=/.leafyvpn.net/gfwlist -server=/.lecloud.net/127.0.0.1#5335 -ipset=/.lecloud.net/gfwlist -server=/.lefora.com/127.0.0.1#5335 -ipset=/.lefora.com/gfwlist -server=/.left21.hk/127.0.0.1#5335 -ipset=/.left21.hk/gfwlist -server=/.legalporno.com/127.0.0.1#5335 -ipset=/.legalporno.com/gfwlist -server=/.legaltech.law.com/127.0.0.1#5335 -ipset=/.legaltech.law.com/gfwlist -server=/.legsjapan.com/127.0.0.1#5335 -ipset=/.legsjapan.com/gfwlist -server=/.leirentv.ca/127.0.0.1#5335 -ipset=/.leirentv.ca/gfwlist -server=/.leisurecafe.ca/127.0.0.1#5335 -ipset=/.leisurecafe.ca/gfwlist -server=/.leisurepro.com/127.0.0.1#5335 -ipset=/.leisurepro.com/gfwlist -server=/.lematin.ch/127.0.0.1#5335 -ipset=/.lematin.ch/gfwlist -server=/.lemonde.fr/127.0.0.1#5335 -ipset=/.lemonde.fr/gfwlist -server=/.lenwhite.com/127.0.0.1#5335 -ipset=/.lenwhite.com/gfwlist -server=/.lerosua.org/127.0.0.1#5335 -ipset=/.lerosua.org/gfwlist -server=/.lers.google/127.0.0.1#5335 -ipset=/.lers.google/gfwlist -server=/.lesoir.be/127.0.0.1#5335 -ipset=/.lesoir.be/gfwlist -server=/.letou.com/127.0.0.1#5335 -ipset=/.letou.com/gfwlist -server=/.letscorp.net/127.0.0.1#5335 -ipset=/.letscorp.net/gfwlist -server=/.lflink.com/127.0.0.1#5335 -ipset=/.lflink.com/gfwlist -server=/.lflinkup.com/127.0.0.1#5335 -ipset=/.lflinkup.com/gfwlist -server=/.lflinkup.net/127.0.0.1#5335 -ipset=/.lflinkup.net/gfwlist -server=/.lflinkup.org/127.0.0.1#5335 -ipset=/.lflinkup.org/gfwlist -server=/.lhakar.org/127.0.0.1#5335 -ipset=/.lhakar.org/gfwlist -server=/.lhasocialwork.org/127.0.0.1#5335 -ipset=/.lhasocialwork.org/gfwlist -server=/.liangyou.net/127.0.0.1#5335 -ipset=/.liangyou.net/gfwlist -server=/.liangzhichuanmei.com/127.0.0.1#5335 -ipset=/.liangzhichuanmei.com/gfwlist -server=/.lianyue.net/127.0.0.1#5335 -ipset=/.lianyue.net/gfwlist -server=/.liaowangxizang.net/127.0.0.1#5335 -ipset=/.liaowangxizang.net/gfwlist -server=/.liberal.org.hk/127.0.0.1#5335 -ipset=/.liberal.org.hk/gfwlist -server=/.libertytimes.com.tw/127.0.0.1#5335 -ipset=/.libertytimes.com.tw/gfwlist -server=/.lifemiles.com/127.0.0.1#5335 -ipset=/.lifemiles.com/gfwlist -server=/.lighten.org.tw/127.0.0.1#5335 -ipset=/.lighten.org.tw/gfwlist -server=/.lighti.me/127.0.0.1#5335 -ipset=/.lighti.me/gfwlist -server=/.lightnovel.cn/127.0.0.1#5335 -ipset=/.lightnovel.cn/gfwlist -server=/.lightyearvpn.com/127.0.0.1#5335 -ipset=/.lightyearvpn.com/gfwlist -server=/.lihkg.com/127.0.0.1#5335 -ipset=/.lihkg.com/gfwlist -server=/.like.com/127.0.0.1#5335 -ipset=/.like.com/gfwlist -server=/.limiao.net/127.0.0.1#5335 -ipset=/.limiao.net/gfwlist -server=/.line-apps.com/127.0.0.1#5335 -ipset=/.line-apps.com/gfwlist -server=/.line-scdn.net/127.0.0.1#5335 -ipset=/.line-scdn.net/gfwlist -server=/.line.me/127.0.0.1#5335 -ipset=/.line.me/gfwlist -server=/.line.naver.jp/127.0.0.1#5335 -ipset=/.line.naver.jp/gfwlist -server=/.linear-abematv.akamaized.net/127.0.0.1#5335 -ipset=/.linear-abematv.akamaized.net/gfwlist -server=/.linglingfa.com/127.0.0.1#5335 -ipset=/.linglingfa.com/gfwlist -server=/.lingvodics.com/127.0.0.1#5335 -ipset=/.lingvodics.com/gfwlist -server=/.link-o-rama.com/127.0.0.1#5335 -ipset=/.link-o-rama.com/gfwlist -server=/.linkideo.com/127.0.0.1#5335 -ipset=/.linkideo.com/gfwlist -server=/.linkuswell.com/127.0.0.1#5335 -ipset=/.linkuswell.com/gfwlist -server=/.linux.org.hk/127.0.0.1#5335 -ipset=/.linux.org.hk/gfwlist -server=/.lionsroar.com/127.0.0.1#5335 -ipset=/.lionsroar.com/gfwlist -server=/.lipuman.com/127.0.0.1#5335 -ipset=/.lipuman.com/gfwlist -server=/.liquidvpn.com/127.0.0.1#5335 -ipset=/.liquidvpn.com/gfwlist -server=/.listentoyoutube.com/127.0.0.1#5335 -ipset=/.listentoyoutube.com/gfwlist -server=/.listorious.com/127.0.0.1#5335 -ipset=/.listorious.com/gfwlist -server=/.liu-xiaobo.org/127.0.0.1#5335 -ipset=/.liu-xiaobo.org/gfwlist -server=/.liudejun.com/127.0.0.1#5335 -ipset=/.liudejun.com/gfwlist -server=/.liuhanyu.com/127.0.0.1#5335 -ipset=/.liuhanyu.com/gfwlist -server=/.liujianshu.com/127.0.0.1#5335 -ipset=/.liujianshu.com/gfwlist -server=/.liuxiaobo.net/127.0.0.1#5335 -ipset=/.liuxiaobo.net/gfwlist -server=/.liuxiaotong.com/127.0.0.1#5335 -ipset=/.liuxiaotong.com/gfwlist -server=/.livecoin.net/127.0.0.1#5335 -ipset=/.livecoin.net/gfwlist -server=/.livedoor.jp/127.0.0.1#5335 -ipset=/.livedoor.jp/gfwlist -server=/.liveleak.com/127.0.0.1#5335 -ipset=/.liveleak.com/gfwlist -server=/.livestation.com/127.0.0.1#5335 -ipset=/.livestation.com/gfwlist -server=/.livestream.com/127.0.0.1#5335 -ipset=/.livestream.com/gfwlist -server=/.livevideo.com/127.0.0.1#5335 -ipset=/.livevideo.com/gfwlist -server=/.livingonline.us/127.0.0.1#5335 -ipset=/.livingonline.us/gfwlist -server=/.livingstream.com/127.0.0.1#5335 -ipset=/.livingstream.com/gfwlist -server=/.liwangyang.com/127.0.0.1#5335 -ipset=/.liwangyang.com/gfwlist -server=/.lizhizhuangbi.com/127.0.0.1#5335 -ipset=/.lizhizhuangbi.com/gfwlist -server=/.lkcn.net/127.0.0.1#5335 -ipset=/.lkcn.net/gfwlist -server=/.load.to/127.0.0.1#5335 -ipset=/.load.to/gfwlist -server=/.lobsangwangyal.com/127.0.0.1#5335 -ipset=/.lobsangwangyal.com/gfwlist -server=/.localbitcoins.com/127.0.0.1#5335 -ipset=/.localbitcoins.com/gfwlist -server=/.localdomain.ws/127.0.0.1#5335 -ipset=/.localdomain.ws/gfwlist -server=/.localpresshk.com/127.0.0.1#5335 -ipset=/.localpresshk.com/gfwlist -server=/.lockestek.com/127.0.0.1#5335 -ipset=/.lockestek.com/gfwlist -server=/.logbot.net/127.0.0.1#5335 -ipset=/.logbot.net/gfwlist -server=/.login.target.com/127.0.0.1#5335 -ipset=/.login.target.com/gfwlist -server=/.logiqx.com/127.0.0.1#5335 -ipset=/.logiqx.com/gfwlist -server=/.londonchinese.ca/127.0.0.1#5335 -ipset=/.londonchinese.ca/gfwlist -server=/.longhair.hk/127.0.0.1#5335 -ipset=/.longhair.hk/gfwlist -server=/.longmusic.com/127.0.0.1#5335 -ipset=/.longmusic.com/gfwlist -server=/.longtermly.net/127.0.0.1#5335 -ipset=/.longtermly.net/gfwlist -server=/.longtoes.com/127.0.0.1#5335 -ipset=/.longtoes.com/gfwlist -server=/.lookpic.com/127.0.0.1#5335 -ipset=/.lookpic.com/gfwlist -server=/.looktoronto.com/127.0.0.1#5335 -ipset=/.looktoronto.com/gfwlist -server=/.lotuslight.org.hk/127.0.0.1#5335 -ipset=/.lotuslight.org.hk/gfwlist -server=/.lotuslight.org.tw/127.0.0.1#5335 -ipset=/.lotuslight.org.tw/gfwlist -server=/.lovetvshow.com/127.0.0.1#5335 -ipset=/.lovetvshow.com/gfwlist -server=/.lpsg.com/127.0.0.1#5335 -ipset=/.lpsg.com/gfwlist -server=/.lrfz.com/127.0.0.1#5335 -ipset=/.lrfz.com/gfwlist -server=/.lrip.org/127.0.0.1#5335 -ipset=/.lrip.org/gfwlist -server=/.lsd.org.hk/127.0.0.1#5335 -ipset=/.lsd.org.hk/gfwlist -server=/.lsforum.net/127.0.0.1#5335 -ipset=/.lsforum.net/gfwlist -server=/.lsm.org/127.0.0.1#5335 -ipset=/.lsm.org/gfwlist -server=/.lsmchinese.org/127.0.0.1#5335 -ipset=/.lsmchinese.org/gfwlist -server=/.lsmkorean.org/127.0.0.1#5335 -ipset=/.lsmkorean.org/gfwlist -server=/.lsmwebcast.com/127.0.0.1#5335 -ipset=/.lsmwebcast.com/gfwlist -server=/.lsxszzg.com/127.0.0.1#5335 -ipset=/.lsxszzg.com/gfwlist -server=/.ltn.com.tw/127.0.0.1#5335 -ipset=/.ltn.com.tw/gfwlist -server=/.luke54.com/127.0.0.1#5335 -ipset=/.luke54.com/gfwlist -server=/.luke54.org/127.0.0.1#5335 -ipset=/.luke54.org/gfwlist -server=/.lupm.org/127.0.0.1#5335 -ipset=/.lupm.org/gfwlist -server=/.lushstories.com/127.0.0.1#5335 -ipset=/.lushstories.com/gfwlist -server=/.luxebc.com/127.0.0.1#5335 -ipset=/.luxebc.com/gfwlist -server=/.lvhai.org/127.0.0.1#5335 -ipset=/.lvhai.org/gfwlist -server=/.lvv2.com/127.0.0.1#5335 -ipset=/.lvv2.com/gfwlist -server=/.lyfhk.net/127.0.0.1#5335 -ipset=/.lyfhk.net/gfwlist -server=/.lzmtnews.org/127.0.0.1#5335 -ipset=/.lzmtnews.org/gfwlist -server=/.m.hkgalden.com/127.0.0.1#5335 -ipset=/.m.hkgalden.com/gfwlist -server=/.m.me/127.0.0.1#5335 -ipset=/.m.me/gfwlist -server=/.m.plixi.com/127.0.0.1#5335 -ipset=/.m.plixi.com/gfwlist -server=/.m.slandr.net/127.0.0.1#5335 -ipset=/.m.slandr.net/gfwlist -server=/.macgamestore.com/127.0.0.1#5335 -ipset=/.macgamestore.com/gfwlist -server=/.macrovpn.com/127.0.0.1#5335 -ipset=/.macrovpn.com/gfwlist -server=/.macts.com.tw/127.0.0.1#5335 -ipset=/.macts.com.tw/gfwlist -server=/.mad-ar.ch/127.0.0.1#5335 -ipset=/.mad-ar.ch/gfwlist -server=/.madewithcode.com/127.0.0.1#5335 -ipset=/.madewithcode.com/gfwlist -server=/.madonna-av.com/127.0.0.1#5335 -ipset=/.madonna-av.com/gfwlist -server=/.madrau.com/127.0.0.1#5335 -ipset=/.madrau.com/gfwlist -server=/.madthumbs.com/127.0.0.1#5335 -ipset=/.madthumbs.com/gfwlist -server=/.magazines.sina.com.tw/127.0.0.1#5335 -ipset=/.magazines.sina.com.tw/gfwlist -server=/.magic-net.info/127.0.0.1#5335 -ipset=/.magic-net.info/gfwlist -server=/.mahabodhi.org/127.0.0.1#5335 -ipset=/.mahabodhi.org/gfwlist -server=/.maiio.net/127.0.0.1#5335 -ipset=/.maiio.net/gfwlist -server=/.mail-archive.com/127.0.0.1#5335 -ipset=/.mail-archive.com/gfwlist -server=/.maildns.xyz/127.0.0.1#5335 -ipset=/.maildns.xyz/gfwlist -server=/.maiplus.com/127.0.0.1#5335 -ipset=/.maiplus.com/gfwlist -server=/.maizhong.org/127.0.0.1#5335 -ipset=/.maizhong.org/gfwlist -server=/.makemymood.com/127.0.0.1#5335 -ipset=/.makemymood.com/gfwlist -server=/.makkahnewspaper.com/127.0.0.1#5335 -ipset=/.makkahnewspaper.com/gfwlist -server=/.makzhou.warehouse333.com/127.0.0.1#5335 -ipset=/.makzhou.warehouse333.com/gfwlist -server=/.malaysiakini.com/127.0.0.1#5335 -ipset=/.malaysiakini.com/gfwlist -server=/.mamingzhe.com/127.0.0.1#5335 -ipset=/.mamingzhe.com/gfwlist -server=/.manchukuo.net/127.0.0.1#5335 -ipset=/.manchukuo.net/gfwlist -server=/.mangafox.com/127.0.0.1#5335 -ipset=/.mangafox.com/gfwlist -server=/.mangafox.me/127.0.0.1#5335 -ipset=/.mangafox.me/gfwlist -server=/.maniash.com/127.0.0.1#5335 -ipset=/.maniash.com/gfwlist -server=/.manicur4ik.ru/127.0.0.1#5335 -ipset=/.manicur4ik.ru/gfwlist -server=/.mansion.com/127.0.0.1#5335 -ipset=/.mansion.com/gfwlist -server=/.mansionpoker.com/127.0.0.1#5335 -ipset=/.mansionpoker.com/gfwlist -server=/.manta.com/127.0.0.1#5335 -ipset=/.manta.com/gfwlist -server=/.maplew.com/127.0.0.1#5335 -ipset=/.maplew.com/gfwlist -server=/.marc.info/127.0.0.1#5335 -ipset=/.marc.info/gfwlist -server=/.marguerite.su/127.0.0.1#5335 -ipset=/.marguerite.su/gfwlist -server=/.martau.com/127.0.0.1#5335 -ipset=/.martau.com/gfwlist -server=/.martincartoons.com/127.0.0.1#5335 -ipset=/.martincartoons.com/gfwlist -server=/.martsangkagyuofficial.org/127.0.0.1#5335 -ipset=/.martsangkagyuofficial.org/gfwlist -server=/.marxist.com/127.0.0.1#5335 -ipset=/.marxist.com/gfwlist -server=/.marxist.net/127.0.0.1#5335 -ipset=/.marxist.net/gfwlist -server=/.mash.to/127.0.0.1#5335 -ipset=/.mash.to/gfwlist -server=/.maskedip.com/127.0.0.1#5335 -ipset=/.maskedip.com/gfwlist -server=/.mastodon.cloud/127.0.0.1#5335 -ipset=/.mastodon.cloud/gfwlist -server=/.mastodon.host/127.0.0.1#5335 -ipset=/.mastodon.host/gfwlist -server=/.mastodon.social/127.0.0.1#5335 -ipset=/.mastodon.social/gfwlist -server=/.matainja.com/127.0.0.1#5335 -ipset=/.matainja.com/gfwlist -server=/.material.io/127.0.0.1#5335 -ipset=/.material.io/gfwlist -server=/.mathable.io/127.0.0.1#5335 -ipset=/.mathable.io/gfwlist -server=/.mathiew-badimon.com/127.0.0.1#5335 -ipset=/.mathiew-badimon.com/gfwlist -server=/.matome-plus.com/127.0.0.1#5335 -ipset=/.matome-plus.com/gfwlist -server=/.matome-plus.net/127.0.0.1#5335 -ipset=/.matome-plus.net/gfwlist -server=/.matsushimakaede.com/127.0.0.1#5335 -ipset=/.matsushimakaede.com/gfwlist -server=/.matters.news/127.0.0.1#5335 -ipset=/.matters.news/gfwlist -server=/.mattwilcox.net/127.0.0.1#5335 -ipset=/.mattwilcox.net/gfwlist -server=/.maturejp.com/127.0.0.1#5335 -ipset=/.maturejp.com/gfwlist -server=/.maxing.jp/127.0.0.1#5335 -ipset=/.maxing.jp/gfwlist -server=/.mayimayi.com/127.0.0.1#5335 -ipset=/.mayimayi.com/gfwlist -server=/.mcadforums.com/127.0.0.1#5335 -ipset=/.mcadforums.com/gfwlist -server=/.mcaf.ee/127.0.0.1#5335 -ipset=/.mcaf.ee/gfwlist -server=/.mcfog.com/127.0.0.1#5335 -ipset=/.mcfog.com/gfwlist -server=/.mcreasite.com/127.0.0.1#5335 -ipset=/.mcreasite.com/gfwlist -server=/.md-t.org/127.0.0.1#5335 -ipset=/.md-t.org/gfwlist -server=/.me.me/127.0.0.1#5335 -ipset=/.me.me/gfwlist -server=/.me.youthwant.com.tw/127.0.0.1#5335 -ipset=/.me.youthwant.com.tw/gfwlist -server=/.meansys.com/127.0.0.1#5335 -ipset=/.meansys.com/gfwlist -server=/.media.nu.nl/127.0.0.1#5335 -ipset=/.media.nu.nl/gfwlist -server=/.media.org.hk/127.0.0.1#5335 -ipset=/.media.org.hk/gfwlist -server=/.mediachinese.com/127.0.0.1#5335 -ipset=/.mediachinese.com/gfwlist -server=/.mediafreakcity.com/127.0.0.1#5335 -ipset=/.mediafreakcity.com/gfwlist -server=/.medium.com/127.0.0.1#5335 -ipset=/.medium.com/gfwlist -server=/.meetav.com/127.0.0.1#5335 -ipset=/.meetav.com/gfwlist -server=/.meetup.com/127.0.0.1#5335 -ipset=/.meetup.com/gfwlist -server=/.mefeedia.com/127.0.0.1#5335 -ipset=/.mefeedia.com/gfwlist -server=/.mefound.com/127.0.0.1#5335 -ipset=/.mefound.com/gfwlist -server=/.mega.nz/127.0.0.1#5335 -ipset=/.mega.nz/gfwlist -server=/.megaproxy.com/127.0.0.1#5335 -ipset=/.megaproxy.com/gfwlist -server=/.megarotic.com/127.0.0.1#5335 -ipset=/.megarotic.com/gfwlist -server=/.megavideo.com/127.0.0.1#5335 -ipset=/.megavideo.com/gfwlist -server=/.megurineluka.com/127.0.0.1#5335 -ipset=/.megurineluka.com/gfwlist -server=/.meirixiaochao.com/127.0.0.1#5335 -ipset=/.meirixiaochao.com/gfwlist -server=/.meltoday.com/127.0.0.1#5335 -ipset=/.meltoday.com/gfwlist -server=/.meme.yahoo.com/127.0.0.1#5335 -ipset=/.meme.yahoo.com/gfwlist -server=/.memehk.com/127.0.0.1#5335 -ipset=/.memehk.com/gfwlist -server=/.memorybbs.com/127.0.0.1#5335 -ipset=/.memorybbs.com/gfwlist -server=/.memri.org/127.0.0.1#5335 -ipset=/.memri.org/gfwlist -server=/.memrijttm.org/127.0.0.1#5335 -ipset=/.memrijttm.org/gfwlist -server=/.mercatox.com/127.0.0.1#5335 -ipset=/.mercatox.com/gfwlist -server=/.mercyprophet.org/127.0.0.1#5335 -ipset=/.mercyprophet.org/gfwlist -server=/.mergersandinquisitions.org/127.0.0.1#5335 -ipset=/.mergersandinquisitions.org/gfwlist -server=/.meridian-trust.org/127.0.0.1#5335 -ipset=/.meridian-trust.org/gfwlist -server=/.meripet.biz/127.0.0.1#5335 -ipset=/.meripet.biz/gfwlist -server=/.meripet.com/127.0.0.1#5335 -ipset=/.meripet.com/gfwlist -server=/.merit-times.com.tw/127.0.0.1#5335 -ipset=/.merit-times.com.tw/gfwlist -server=/.meshrep.com/127.0.0.1#5335 -ipset=/.meshrep.com/gfwlist -server=/.messenger.com/127.0.0.1#5335 -ipset=/.messenger.com/gfwlist -server=/.metart.com/127.0.0.1#5335 -ipset=/.metart.com/gfwlist -server=/.metarthunter.com/127.0.0.1#5335 -ipset=/.metarthunter.com/gfwlist -server=/.meteorshowersonline.com/127.0.0.1#5335 -ipset=/.meteorshowersonline.com/gfwlist -server=/.metrolife.ca/127.0.0.1#5335 -ipset=/.metrolife.ca/gfwlist -server=/.metroradio.com.hk/127.0.0.1#5335 -ipset=/.metroradio.com.hk/gfwlist -server=/.meyou.jp/127.0.0.1#5335 -ipset=/.meyou.jp/gfwlist -server=/.meyul.com/127.0.0.1#5335 -ipset=/.meyul.com/gfwlist -server=/.mfxmedia.com/127.0.0.1#5335 -ipset=/.mfxmedia.com/gfwlist -server=/.mgoon.com/127.0.0.1#5335 -ipset=/.mgoon.com/gfwlist -server=/.mgstage.com/127.0.0.1#5335 -ipset=/.mgstage.com/gfwlist -server=/.mh4u.org/127.0.0.1#5335 -ipset=/.mh4u.org/gfwlist -server=/.mhradio.org/127.0.0.1#5335 -ipset=/.mhradio.org/gfwlist -server=/.michaelanti.com/127.0.0.1#5335 -ipset=/.michaelanti.com/gfwlist -server=/.michaelmarketl.com/127.0.0.1#5335 -ipset=/.michaelmarketl.com/gfwlist -server=/.microvpn.com/127.0.0.1#5335 -ipset=/.microvpn.com/gfwlist -server=/.middle-way.net/127.0.0.1#5335 -ipset=/.middle-way.net/gfwlist -server=/.mihr.com/127.0.0.1#5335 -ipset=/.mihr.com/gfwlist -server=/.mihua.org/127.0.0.1#5335 -ipset=/.mihua.org/gfwlist -server=/.mike.cz.cc/127.0.0.1#5335 -ipset=/.mike.cz.cc/gfwlist -server=/.mikesoltys.com/127.0.0.1#5335 -ipset=/.mikesoltys.com/gfwlist -server=/.milph.net/127.0.0.1#5335 -ipset=/.milph.net/gfwlist -server=/.milsurps.com/127.0.0.1#5335 -ipset=/.milsurps.com/gfwlist -server=/.mimiai.net/127.0.0.1#5335 -ipset=/.mimiai.net/gfwlist -server=/.mimivip.com/127.0.0.1#5335 -ipset=/.mimivip.com/gfwlist -server=/.mimivv.com/127.0.0.1#5335 -ipset=/.mimivv.com/gfwlist -server=/.mindrolling.org/127.0.0.1#5335 -ipset=/.mindrolling.org/gfwlist -server=/.minghui-a.org/127.0.0.1#5335 -ipset=/.minghui-a.org/gfwlist -server=/.minghui-b.org/127.0.0.1#5335 -ipset=/.minghui-b.org/gfwlist -server=/.minghui-school.org/127.0.0.1#5335 -ipset=/.minghui-school.org/gfwlist -server=/.minghui.or.kr/127.0.0.1#5335 -ipset=/.minghui.or.kr/gfwlist -server=/.minghui.org/127.0.0.1#5335 -ipset=/.minghui.org/gfwlist -server=/.minghuiyw.wordpress.com/127.0.0.1#5335 -ipset=/.minghuiyw.wordpress.com/gfwlist -server=/.mingjinglishi.com/127.0.0.1#5335 -ipset=/.mingjinglishi.com/gfwlist -server=/.mingjingnews.com/127.0.0.1#5335 -ipset=/.mingjingnews.com/gfwlist -server=/.mingjingtimes.com/127.0.0.1#5335 -ipset=/.mingjingtimes.com/gfwlist -server=/.mingpao.com/127.0.0.1#5335 -ipset=/.mingpao.com/gfwlist -server=/.mingpaocanada.com/127.0.0.1#5335 -ipset=/.mingpaocanada.com/gfwlist -server=/.mingpaomonthly.com/127.0.0.1#5335 -ipset=/.mingpaomonthly.com/gfwlist -server=/.mingpaonews.com/127.0.0.1#5335 -ipset=/.mingpaonews.com/gfwlist -server=/.mingpaony.com/127.0.0.1#5335 -ipset=/.mingpaony.com/gfwlist -server=/.mingpaosf.com/127.0.0.1#5335 -ipset=/.mingpaosf.com/gfwlist -server=/.mingpaotor.com/127.0.0.1#5335 -ipset=/.mingpaotor.com/gfwlist -server=/.mingpaovan.com/127.0.0.1#5335 -ipset=/.mingpaovan.com/gfwlist -server=/.mingshengbao.com/127.0.0.1#5335 -ipset=/.mingshengbao.com/gfwlist -server=/.minhhue.net/127.0.0.1#5335 -ipset=/.minhhue.net/gfwlist -server=/.miniforum.org/127.0.0.1#5335 -ipset=/.miniforum.org/gfwlist -server=/.ministrybooks.org/127.0.0.1#5335 -ipset=/.ministrybooks.org/gfwlist -server=/.minzhuhua.net/127.0.0.1#5335 -ipset=/.minzhuhua.net/gfwlist -server=/.minzhuzhanxian.com/127.0.0.1#5335 -ipset=/.minzhuzhanxian.com/gfwlist -server=/.minzhuzhongguo.org/127.0.0.1#5335 -ipset=/.minzhuzhongguo.org/gfwlist -server=/.miroguide.com/127.0.0.1#5335 -ipset=/.miroguide.com/gfwlist -server=/.mirrorbooks.com/127.0.0.1#5335 -ipset=/.mirrorbooks.com/gfwlist -server=/.mist.vip/127.0.0.1#5335 -ipset=/.mist.vip/gfwlist -server=/.mitao.com.tw/127.0.0.1#5335 -ipset=/.mitao.com.tw/gfwlist -server=/.mitbbs.com/127.0.0.1#5335 -ipset=/.mitbbs.com/gfwlist -server=/.mitbbsau.com/127.0.0.1#5335 -ipset=/.mitbbsau.com/gfwlist -server=/.mixero.com/127.0.0.1#5335 -ipset=/.mixero.com/gfwlist -server=/.mixpod.com/127.0.0.1#5335 -ipset=/.mixpod.com/gfwlist -server=/.mixx.com/127.0.0.1#5335 -ipset=/.mixx.com/gfwlist -server=/.mizzmona.com/127.0.0.1#5335 -ipset=/.mizzmona.com/gfwlist -server=/.mjib.gov.tw/127.0.0.1#5335 -ipset=/.mjib.gov.tw/gfwlist -server=/.mk5000.com/127.0.0.1#5335 -ipset=/.mk5000.com/gfwlist -server=/.mlcool.com/127.0.0.1#5335 -ipset=/.mlcool.com/gfwlist -server=/.mlzs.work/127.0.0.1#5335 -ipset=/.mlzs.work/gfwlist -server=/.mm-cg.com/127.0.0.1#5335 -ipset=/.mm-cg.com/gfwlist -server=/.mmaaxx.com/127.0.0.1#5335 -ipset=/.mmaaxx.com/gfwlist -server=/.mmmca.com/127.0.0.1#5335 -ipset=/.mmmca.com/gfwlist -server=/.mnewstv.com/127.0.0.1#5335 -ipset=/.mnewstv.com/gfwlist -server=/.mo.nightlife141.com/127.0.0.1#5335 -ipset=/.mo.nightlife141.com/gfwlist -server=/.mobatek.net/127.0.0.1#5335 -ipset=/.mobatek.net/gfwlist -server=/.mobile01.com/127.0.0.1#5335 -ipset=/.mobile01.com/gfwlist -server=/.mobileways.de/127.0.0.1#5335 -ipset=/.mobileways.de/gfwlist -server=/.moby.to/127.0.0.1#5335 -ipset=/.moby.to/gfwlist -server=/.mobypicture.com/127.0.0.1#5335 -ipset=/.mobypicture.com/gfwlist -server=/.moeaic.gov.tw/127.0.0.1#5335 -ipset=/.moeaic.gov.tw/gfwlist -server=/.moeerolibrary.com/127.0.0.1#5335 -ipset=/.moeerolibrary.com/gfwlist -server=/.mofa.gov.tw/127.0.0.1#5335 -ipset=/.mofa.gov.tw/gfwlist -server=/.mofaxiehui.com/127.0.0.1#5335 -ipset=/.mofaxiehui.com/gfwlist -server=/.mofos.com/127.0.0.1#5335 -ipset=/.mofos.com/gfwlist -server=/.mog.com/127.0.0.1#5335 -ipset=/.mog.com/gfwlist -server=/.mohu.club/127.0.0.1#5335 -ipset=/.mohu.club/gfwlist -server=/.mohu.ml/127.0.0.1#5335 -ipset=/.mohu.ml/gfwlist -server=/.mojim.com/127.0.0.1#5335 -ipset=/.mojim.com/gfwlist -server=/.mol.gov.tw/127.0.0.1#5335 -ipset=/.mol.gov.tw/gfwlist -server=/.molihua.org/127.0.0.1#5335 -ipset=/.molihua.org/gfwlist -server=/.mondex.org/127.0.0.1#5335 -ipset=/.mondex.org/gfwlist -server=/.money-link.com.tw/127.0.0.1#5335 -ipset=/.money-link.com.tw/gfwlist -server=/.moneyhome.biz/127.0.0.1#5335 -ipset=/.moneyhome.biz/gfwlist -server=/.monitorchina.org/127.0.0.1#5335 -ipset=/.monitorchina.org/gfwlist -server=/.monocloud.me/127.0.0.1#5335 -ipset=/.monocloud.me/gfwlist -server=/.monster.com/127.0.0.1#5335 -ipset=/.monster.com/gfwlist -server=/.moodyz.com/127.0.0.1#5335 -ipset=/.moodyz.com/gfwlist -server=/.moonbbs.com/127.0.0.1#5335 -ipset=/.moonbbs.com/gfwlist -server=/.moonbingo.com/127.0.0.1#5335 -ipset=/.moonbingo.com/gfwlist -server=/.morningsun.org/127.0.0.1#5335 -ipset=/.morningsun.org/gfwlist -server=/.moroneta.com/127.0.0.1#5335 -ipset=/.moroneta.com/gfwlist -server=/.mos.ru/127.0.0.1#5335 -ipset=/.mos.ru/gfwlist -server=/.motherless.com/127.0.0.1#5335 -ipset=/.motherless.com/gfwlist -server=/.motiyun.com/127.0.0.1#5335 -ipset=/.motiyun.com/gfwlist -server=/.motor4ik.ru/127.0.0.1#5335 -ipset=/.motor4ik.ru/gfwlist -server=/.mousebreaker.com/127.0.0.1#5335 -ipset=/.mousebreaker.com/gfwlist -server=/.movements.org/127.0.0.1#5335 -ipset=/.movements.org/gfwlist -server=/.moviefap.com/127.0.0.1#5335 -ipset=/.moviefap.com/gfwlist -server=/.mp3buscador.com/127.0.0.1#5335 -ipset=/.mp3buscador.com/gfwlist -server=/.mp3ye.eu/127.0.0.1#5335 -ipset=/.mp3ye.eu/gfwlist -server=/.mpettis.com/127.0.0.1#5335 -ipset=/.mpettis.com/gfwlist -server=/.mpfinance.com/127.0.0.1#5335 -ipset=/.mpfinance.com/gfwlist -server=/.mpinews.com/127.0.0.1#5335 -ipset=/.mpinews.com/gfwlist -server=/.mponline.hk/127.0.0.1#5335 -ipset=/.mponline.hk/gfwlist -server=/.mqxd.org/127.0.0.1#5335 -ipset=/.mqxd.org/gfwlist -server=/.mrbasic.com/127.0.0.1#5335 -ipset=/.mrbasic.com/gfwlist -server=/.mrbonus.com/127.0.0.1#5335 -ipset=/.mrbonus.com/gfwlist -server=/.mrface.com/127.0.0.1#5335 -ipset=/.mrface.com/gfwlist -server=/.mrslove.com/127.0.0.1#5335 -ipset=/.mrslove.com/gfwlist -server=/.mrtweet.com/127.0.0.1#5335 -ipset=/.mrtweet.com/gfwlist -server=/.msa-it.org/127.0.0.1#5335 -ipset=/.msa-it.org/gfwlist -server=/.msguancha.com/127.0.0.1#5335 -ipset=/.msguancha.com/gfwlist -server=/.msha.gov/127.0.0.1#5335 -ipset=/.msha.gov/gfwlist -server=/.mswe1.org/127.0.0.1#5335 -ipset=/.mswe1.org/gfwlist -server=/.mthruf.com/127.0.0.1#5335 -ipset=/.mthruf.com/gfwlist -server=/.mtw.tl/127.0.0.1#5335 -ipset=/.mtw.tl/gfwlist -server=/.muchosucko.com/127.0.0.1#5335 -ipset=/.muchosucko.com/gfwlist -server=/.mullvad.net/127.0.0.1#5335 -ipset=/.mullvad.net/gfwlist -server=/.multiply.com/127.0.0.1#5335 -ipset=/.multiply.com/gfwlist -server=/.multiproxy.org/127.0.0.1#5335 -ipset=/.multiproxy.org/gfwlist -server=/.multiupload.com/127.0.0.1#5335 -ipset=/.multiupload.com/gfwlist -server=/.mummysgold.com/127.0.0.1#5335 -ipset=/.mummysgold.com/gfwlist -server=/.murmur.tw/127.0.0.1#5335 -ipset=/.murmur.tw/gfwlist -server=/.musicade.net/127.0.0.1#5335 -ipset=/.musicade.net/gfwlist -server=/.muslimvideo.com/127.0.0.1#5335 -ipset=/.muslimvideo.com/gfwlist -server=/.muzi.com/127.0.0.1#5335 -ipset=/.muzi.com/gfwlist -server=/.muzi.net/127.0.0.1#5335 -ipset=/.muzi.net/gfwlist -server=/.muzu.tv/127.0.0.1#5335 -ipset=/.muzu.tv/gfwlist -server=/.mvdis.gov.tw/127.0.0.1#5335 -ipset=/.mvdis.gov.tw/gfwlist -server=/.mvg.jp/127.0.0.1#5335 -ipset=/.mvg.jp/gfwlist -server=/.mx981.com/127.0.0.1#5335 -ipset=/.mx981.com/gfwlist -server=/.my-formosa.com/127.0.0.1#5335 -ipset=/.my-formosa.com/gfwlist -server=/.my-private-network.co.uk/127.0.0.1#5335 -ipset=/.my-private-network.co.uk/gfwlist -server=/.my-proxy.com/127.0.0.1#5335 -ipset=/.my-proxy.com/gfwlist -server=/.my.mail.ru/127.0.0.1#5335 -ipset=/.my.mail.ru/gfwlist -server=/.my.pcloud.com/127.0.0.1#5335 -ipset=/.my.pcloud.com/gfwlist -server=/.my03.com/127.0.0.1#5335 -ipset=/.my03.com/gfwlist -server=/.myanniu.com/127.0.0.1#5335 -ipset=/.myanniu.com/gfwlist -server=/.myaudiocast.com/127.0.0.1#5335 -ipset=/.myaudiocast.com/gfwlist -server=/.mybbs.us/127.0.0.1#5335 -ipset=/.mybbs.us/gfwlist -server=/.mybet.com/127.0.0.1#5335 -ipset=/.mybet.com/gfwlist -server=/.myca168.com/127.0.0.1#5335 -ipset=/.myca168.com/gfwlist -server=/.mycanadanow.com/127.0.0.1#5335 -ipset=/.mycanadanow.com/gfwlist -server=/.mychinamyhome.com/127.0.0.1#5335 -ipset=/.mychinamyhome.com/gfwlist -server=/.mychinanet.com/127.0.0.1#5335 -ipset=/.mychinanet.com/gfwlist -server=/.mychinanews.com/127.0.0.1#5335 -ipset=/.mychinanews.com/gfwlist -server=/.mychinese.news/127.0.0.1#5335 -ipset=/.mychinese.news/gfwlist -server=/.mycnnews.com/127.0.0.1#5335 -ipset=/.mycnnews.com/gfwlist -server=/.mydad.info/127.0.0.1#5335 -ipset=/.mydad.info/gfwlist -server=/.myddns.com/127.0.0.1#5335 -ipset=/.myddns.com/gfwlist -server=/.myeasytv.com/127.0.0.1#5335 -ipset=/.myeasytv.com/gfwlist -server=/.myeclipseide.com/127.0.0.1#5335 -ipset=/.myeclipseide.com/gfwlist -server=/.myforum.com.hk/127.0.0.1#5335 -ipset=/.myforum.com.hk/gfwlist -server=/.myforum.com.uk/127.0.0.1#5335 -ipset=/.myforum.com.uk/gfwlist -server=/.myfreecams.com/127.0.0.1#5335 -ipset=/.myfreecams.com/gfwlist -server=/.myfreepaysite.com/127.0.0.1#5335 -ipset=/.myfreepaysite.com/gfwlist -server=/.myfreshnet.com/127.0.0.1#5335 -ipset=/.myfreshnet.com/gfwlist -server=/.myftp.info/127.0.0.1#5335 -ipset=/.myftp.info/gfwlist -server=/.myftp.name/127.0.0.1#5335 -ipset=/.myftp.name/gfwlist -server=/.myiphide.com/127.0.0.1#5335 -ipset=/.myiphide.com/gfwlist -server=/.mykomica.org/127.0.0.1#5335 -ipset=/.mykomica.org/gfwlist -server=/.mylftv.com/127.0.0.1#5335 -ipset=/.mylftv.com/gfwlist -server=/.mymoe.moe/127.0.0.1#5335 -ipset=/.mymoe.moe/gfwlist -server=/.mymom.info/127.0.0.1#5335 -ipset=/.mymom.info/gfwlist -server=/.mymusic.net.tw/127.0.0.1#5335 -ipset=/.mymusic.net.tw/gfwlist -server=/.mynetav.net/127.0.0.1#5335 -ipset=/.mynetav.net/gfwlist -server=/.mynetav.org/127.0.0.1#5335 -ipset=/.mynetav.org/gfwlist -server=/.mynumber.org/127.0.0.1#5335 -ipset=/.mynumber.org/gfwlist -server=/.myparagliding.com/127.0.0.1#5335 -ipset=/.myparagliding.com/gfwlist -server=/.mypicture.info/127.0.0.1#5335 -ipset=/.mypicture.info/gfwlist -server=/.mypop3.net/127.0.0.1#5335 -ipset=/.mypop3.net/gfwlist -server=/.mypop3.org/127.0.0.1#5335 -ipset=/.mypop3.org/gfwlist -server=/.mypopescu.com/127.0.0.1#5335 -ipset=/.mypopescu.com/gfwlist -server=/.myreadingmanga.info/127.0.0.1#5335 -ipset=/.myreadingmanga.info/gfwlist -server=/.mysecondarydns.com/127.0.0.1#5335 -ipset=/.mysecondarydns.com/gfwlist -server=/.mysinablog.com/127.0.0.1#5335 -ipset=/.mysinablog.com/gfwlist -server=/.mysite.verizon.net/127.0.0.1#5335 -ipset=/.mysite.verizon.net/gfwlist -server=/.myspace.com/127.0.0.1#5335 -ipset=/.myspace.com/gfwlist -server=/.myspacecdn.com/127.0.0.1#5335 -ipset=/.myspacecdn.com/gfwlist -server=/.mytalkbox.com/127.0.0.1#5335 -ipset=/.mytalkbox.com/gfwlist -server=/.mytizi.com/127.0.0.1#5335 -ipset=/.mytizi.com/gfwlist -server=/.mywww.biz/127.0.0.1#5335 -ipset=/.mywww.biz/gfwlist -server=/.myz.info/127.0.0.1#5335 -ipset=/.myz.info/gfwlist -server=/.naacoalition.org/127.0.0.1#5335 -ipset=/.naacoalition.org/gfwlist -server=/.naiadsystems.com/127.0.0.1#5335 -ipset=/.naiadsystems.com/gfwlist -server=/.naitik.net/127.0.0.1#5335 -ipset=/.naitik.net/gfwlist -server=/.nakido.com/127.0.0.1#5335 -ipset=/.nakido.com/gfwlist -server=/.nalandabodhi.org/127.0.0.1#5335 -ipset=/.nalandabodhi.org/gfwlist -server=/.nalandawest.org/127.0.0.1#5335 -ipset=/.nalandawest.org/gfwlist -server=/.namgyal.org/127.0.0.1#5335 -ipset=/.namgyal.org/gfwlist -server=/.namgyalmonastery.org/127.0.0.1#5335 -ipset=/.namgyalmonastery.org/gfwlist -server=/.namsisi.com/127.0.0.1#5335 -ipset=/.namsisi.com/gfwlist -server=/.nanyang.com/127.0.0.1#5335 -ipset=/.nanyang.com/gfwlist -server=/.nanyangpost.com/127.0.0.1#5335 -ipset=/.nanyangpost.com/gfwlist -server=/.nanzao.com/127.0.0.1#5335 -ipset=/.nanzao.com/gfwlist -server=/.naol.ca/127.0.0.1#5335 -ipset=/.naol.ca/gfwlist -server=/.naol.cc/127.0.0.1#5335 -ipset=/.naol.cc/gfwlist -server=/.nat.gov.tw/127.0.0.1#5335 -ipset=/.nat.gov.tw/gfwlist -server=/.nat.moe/127.0.0.1#5335 -ipset=/.nat.moe/gfwlist -server=/.national-lottery.co.uk/127.0.0.1#5335 -ipset=/.national-lottery.co.uk/gfwlist -server=/.nationwide.com/127.0.0.1#5335 -ipset=/.nationwide.com/gfwlist -server=/.naughtyamerica.com/127.0.0.1#5335 -ipset=/.naughtyamerica.com/gfwlist -server=/.navyfamily.navy.mil/127.0.0.1#5335 -ipset=/.navyfamily.navy.mil/gfwlist -server=/.navyreserve.navy.mil/127.0.0.1#5335 -ipset=/.navyreserve.navy.mil/gfwlist -server=/.naweeklytimes.com/127.0.0.1#5335 -ipset=/.naweeklytimes.com/gfwlist -server=/.nbtvpn.com/127.0.0.1#5335 -ipset=/.nbtvpn.com/gfwlist -server=/.nccwatch.org.tw/127.0.0.1#5335 -ipset=/.nccwatch.org.tw/gfwlist -server=/.nch.com.tw/127.0.0.1#5335 -ipset=/.nch.com.tw/gfwlist -server=/.ncn.org/127.0.0.1#5335 -ipset=/.ncn.org/gfwlist -server=/.nde.de/127.0.0.1#5335 -ipset=/.nde.de/gfwlist -server=/.ndr.de/127.0.0.1#5335 -ipset=/.ndr.de/gfwlist -server=/.ned.org/127.0.0.1#5335 -ipset=/.ned.org/gfwlist -server=/.nekoslovakia.net/127.0.0.1#5335 -ipset=/.nekoslovakia.net/gfwlist -server=/.neo-miracle.com/127.0.0.1#5335 -ipset=/.neo-miracle.com/gfwlist -server=/.nepusoku.com/127.0.0.1#5335 -ipset=/.nepusoku.com/gfwlist -server=/.net-fits.pro/127.0.0.1#5335 -ipset=/.net-fits.pro/gfwlist -server=/.netbirds.com/127.0.0.1#5335 -ipset=/.netbirds.com/gfwlist -server=/.netcolony.com/127.0.0.1#5335 -ipset=/.netcolony.com/gfwlist -server=/.netflix.com/127.0.0.1#5335 -ipset=/.netflix.com/gfwlist -server=/.netme.cc/127.0.0.1#5335 -ipset=/.netme.cc/gfwlist -server=/.netsneak.com/127.0.0.1#5335 -ipset=/.netsneak.com/gfwlist -server=/.network54.com/127.0.0.1#5335 -ipset=/.network54.com/gfwlist -server=/.networkedblogs.com/127.0.0.1#5335 -ipset=/.networkedblogs.com/gfwlist -server=/.networktunnel.net/127.0.0.1#5335 -ipset=/.networktunnel.net/gfwlist -server=/.neverforget8964.org/127.0.0.1#5335 -ipset=/.neverforget8964.org/gfwlist -server=/.new-3lunch.net/127.0.0.1#5335 -ipset=/.new-3lunch.net/gfwlist -server=/.new-akiba.com/127.0.0.1#5335 -ipset=/.new-akiba.com/gfwlist -server=/.new96.ca/127.0.0.1#5335 -ipset=/.new96.ca/gfwlist -server=/.newcenturymc.com/127.0.0.1#5335 -ipset=/.newcenturymc.com/gfwlist -server=/.newcenturynews.com/127.0.0.1#5335 -ipset=/.newcenturynews.com/gfwlist -server=/.newchen.com/127.0.0.1#5335 -ipset=/.newchen.com/gfwlist -server=/.newgrounds.com/127.0.0.1#5335 -ipset=/.newgrounds.com/gfwlist -server=/.newipnow.com/127.0.0.1#5335 -ipset=/.newipnow.com/gfwlist -server=/.newlandmagazine.com.au/127.0.0.1#5335 -ipset=/.newlandmagazine.com.au/gfwlist -server=/.newnews.ca/127.0.0.1#5335 -ipset=/.newnews.ca/gfwlist -server=/.news.cnyes.com/127.0.0.1#5335 -ipset=/.news.cnyes.com/gfwlist -server=/.news.hk.msn.com/127.0.0.1#5335 -ipset=/.news.hk.msn.com/gfwlist -server=/.news.hkpeanut.com/127.0.0.1#5335 -ipset=/.news.hkpeanut.com/gfwlist -server=/.news.msn.com.tw/127.0.0.1#5335 -ipset=/.news.msn.com.tw/gfwlist -server=/.news.now.com/127.0.0.1#5335 -ipset=/.news.now.com/gfwlist -server=/.news.omy.sg/127.0.0.1#5335 -ipset=/.news.omy.sg/gfwlist -server=/.news.seehua.com/127.0.0.1#5335 -ipset=/.news.seehua.com/gfwlist -server=/.news.sina.com.hk/127.0.0.1#5335 -ipset=/.news.sina.com.hk/gfwlist -server=/.news.sina.com.tw/127.0.0.1#5335 -ipset=/.news.sina.com.tw/gfwlist -server=/.news.sinchew.com.my/127.0.0.1#5335 -ipset=/.news.sinchew.com.my/gfwlist -server=/.news.singtao.ca/127.0.0.1#5335 -ipset=/.news.singtao.ca/gfwlist -server=/.news.tvbs.com.tw/127.0.0.1#5335 -ipset=/.news.tvbs.com.tw/gfwlist -server=/.news100.com.tw/127.0.0.1#5335 -ipset=/.news100.com.tw/gfwlist -server=/.newsancai.com/127.0.0.1#5335 -ipset=/.newsancai.com/gfwlist -server=/.newschinacomment.org/127.0.0.1#5335 -ipset=/.newschinacomment.org/gfwlist -server=/.newscn.org/127.0.0.1#5335 -ipset=/.newscn.org/gfwlist -server=/.newsdetox.ca/127.0.0.1#5335 -ipset=/.newsdetox.ca/gfwlist -server=/.newsdh.com/127.0.0.1#5335 -ipset=/.newsdh.com/gfwlist -server=/.newstamago.com/127.0.0.1#5335 -ipset=/.newstamago.com/gfwlist -server=/.newstapa.org/127.0.0.1#5335 -ipset=/.newstapa.org/gfwlist -server=/.newstarnet.com/127.0.0.1#5335 -ipset=/.newstarnet.com/gfwlist -server=/.newtaiwan.com.tw/127.0.0.1#5335 -ipset=/.newtaiwan.com.tw/gfwlist -server=/.newtalk.tw/127.0.0.1#5335 -ipset=/.newtalk.tw/gfwlist -server=/.newyorktimes.com/127.0.0.1#5335 -ipset=/.newyorktimes.com/gfwlist -server=/.nexon.com/127.0.0.1#5335 -ipset=/.nexon.com/gfwlist -server=/.next11.co.jp/127.0.0.1#5335 -ipset=/.next11.co.jp/gfwlist -server=/.nextmag.com.tw/127.0.0.1#5335 -ipset=/.nextmag.com.tw/gfwlist -server=/.nextmedia.com/127.0.0.1#5335 -ipset=/.nextmedia.com/gfwlist -server=/.nexton-net.jp/127.0.0.1#5335 -ipset=/.nexton-net.jp/gfwlist -server=/.nexttv.com.tw/127.0.0.1#5335 -ipset=/.nexttv.com.tw/gfwlist -server=/.nf.id.au/127.0.0.1#5335 -ipset=/.nf.id.au/gfwlist -server=/.nfjtyd.com/127.0.0.1#5335 -ipset=/.nfjtyd.com/gfwlist -server=/.nflxext.com/127.0.0.1#5335 -ipset=/.nflxext.com/gfwlist -server=/.nflximg.com/127.0.0.1#5335 -ipset=/.nflximg.com/gfwlist -server=/.nflximg.net/127.0.0.1#5335 -ipset=/.nflximg.net/gfwlist -server=/.nflxso.net/127.0.0.1#5335 -ipset=/.nflxso.net/gfwlist -server=/.nflxvideo.net/127.0.0.1#5335 -ipset=/.nflxvideo.net/gfwlist -server=/.nga.mil/127.0.0.1#5335 -ipset=/.nga.mil/gfwlist -server=/.ngensis.com/127.0.0.1#5335 -ipset=/.ngensis.com/gfwlist -server=/.nhentai.net/127.0.0.1#5335 -ipset=/.nhentai.net/gfwlist -server=/.nhi.gov.tw/127.0.0.1#5335 -ipset=/.nhi.gov.tw/gfwlist -server=/.nhk-ondemand.jp/127.0.0.1#5335 -ipset=/.nhk-ondemand.jp/gfwlist -server=/.nic.cz.cc/127.0.0.1#5335 -ipset=/.nic.cz.cc/gfwlist -server=/.nic.google/127.0.0.1#5335 -ipset=/.nic.google/gfwlist -server=/.nic.gov/127.0.0.1#5335 -ipset=/.nic.gov/gfwlist -server=/.nicovideo.jp/127.0.0.1#5335 -ipset=/.nicovideo.jp/gfwlist -server=/.nighost.org/127.0.0.1#5335 -ipset=/.nighost.org/gfwlist -server=/.nikkei.com/127.0.0.1#5335 -ipset=/.nikkei.com/gfwlist -server=/.ninecommentaries.com/127.0.0.1#5335 -ipset=/.ninecommentaries.com/gfwlist -server=/.ninjacloak.com/127.0.0.1#5335 -ipset=/.ninjacloak.com/gfwlist -server=/.ninjaproxy.ninja/127.0.0.1#5335 -ipset=/.ninjaproxy.ninja/gfwlist -server=/.nintendium.com/127.0.0.1#5335 -ipset=/.nintendium.com/gfwlist -server=/.ninth.biz/127.0.0.1#5335 -ipset=/.ninth.biz/gfwlist -server=/.niu.moe/127.0.0.1#5335 -ipset=/.niu.moe/gfwlist -server=/.niusnews.com/127.0.0.1#5335 -ipset=/.niusnews.com/gfwlist -server=/.njactb.org/127.0.0.1#5335 -ipset=/.njactb.org/gfwlist -server=/.njuice.com/127.0.0.1#5335 -ipset=/.njuice.com/gfwlist -server=/.nko.navy.mil/127.0.0.1#5335 -ipset=/.nko.navy.mil/gfwlist -server=/.nlfreevpn.com/127.0.0.1#5335 -ipset=/.nlfreevpn.com/gfwlist -server=/.no-ip.org/127.0.0.1#5335 -ipset=/.no-ip.org/gfwlist -server=/.nobel.se/127.0.0.1#5335 -ipset=/.nobel.se/gfwlist -server=/.nobodycanstop.us/127.0.0.1#5335 -ipset=/.nobodycanstop.us/gfwlist -server=/.nofile.io/127.0.0.1#5335 -ipset=/.nofile.io/gfwlist -server=/.nokogiri.org/127.0.0.1#5335 -ipset=/.nokogiri.org/gfwlist -server=/.nokola.com/127.0.0.1#5335 -ipset=/.nokola.com/gfwlist -server=/.noodlevpn.com/127.0.0.1#5335 -ipset=/.noodlevpn.com/gfwlist -server=/.norbulingka.org/127.0.0.1#5335 -ipset=/.norbulingka.org/gfwlist -server=/.nordstrom.com/127.0.0.1#5335 -ipset=/.nordstrom.com/gfwlist -server=/.nordstromimage.com/127.0.0.1#5335 -ipset=/.nordstromimage.com/gfwlist -server=/.nordstromrack.com/127.0.0.1#5335 -ipset=/.nordstromrack.com/gfwlist -server=/.nordvpn.com/127.0.0.1#5335 -ipset=/.nordvpn.com/gfwlist -server=/.notify.dropboxapi.com/127.0.0.1#5335 -ipset=/.notify.dropboxapi.com/gfwlist -server=/.nottinghampost.com/127.0.0.1#5335 -ipset=/.nottinghampost.com/gfwlist -server=/.novelasia.com/127.0.0.1#5335 -ipset=/.novelasia.com/gfwlist -server=/.now.com/127.0.0.1#5335 -ipset=/.now.com/gfwlist -server=/.now.im/127.0.0.1#5335 -ipset=/.now.im/gfwlist -server=/.nownews.com/127.0.0.1#5335 -ipset=/.nownews.com/gfwlist -server=/.nowtorrents.com/127.0.0.1#5335 -ipset=/.nowtorrents.com/gfwlist -server=/.noypf.com/127.0.0.1#5335 -ipset=/.noypf.com/gfwlist -server=/.npa.go.jp/127.0.0.1#5335 -ipset=/.npa.go.jp/gfwlist -server=/.npa.gov.tw/127.0.0.1#5335 -ipset=/.npa.gov.tw/gfwlist -server=/.npnt.me/127.0.0.1#5335 -ipset=/.npnt.me/gfwlist -server=/.nps.gov/127.0.0.1#5335 -ipset=/.nps.gov/gfwlist -server=/.npsboost.com/127.0.0.1#5335 -ipset=/.npsboost.com/gfwlist -server=/.nradio.me/127.0.0.1#5335 -ipset=/.nradio.me/gfwlist -server=/.nrk.no/127.0.0.1#5335 -ipset=/.nrk.no/gfwlist -server=/.ns01.biz/127.0.0.1#5335 -ipset=/.ns01.biz/gfwlist -server=/.ns01.info/127.0.0.1#5335 -ipset=/.ns01.info/gfwlist -server=/.ns01.us/127.0.0.1#5335 -ipset=/.ns01.us/gfwlist -server=/.ns02.biz/127.0.0.1#5335 -ipset=/.ns02.biz/gfwlist -server=/.ns02.info/127.0.0.1#5335 -ipset=/.ns02.info/gfwlist -server=/.ns02.us/127.0.0.1#5335 -ipset=/.ns02.us/gfwlist -server=/.ns1.name/127.0.0.1#5335 -ipset=/.ns1.name/gfwlist -server=/.ns2.name/127.0.0.1#5335 -ipset=/.ns2.name/gfwlist -server=/.ns3.name/127.0.0.1#5335 -ipset=/.ns3.name/gfwlist -server=/.nsc.gov.tw/127.0.0.1#5335 -ipset=/.nsc.gov.tw/gfwlist -server=/.ntbk.gov.tw/127.0.0.1#5335 -ipset=/.ntbk.gov.tw/gfwlist -server=/.ntbna.gov.tw/127.0.0.1#5335 -ipset=/.ntbna.gov.tw/gfwlist -server=/.ntbt.gov.tw/127.0.0.1#5335 -ipset=/.ntbt.gov.tw/gfwlist -server=/.ntd.tv/127.0.0.1#5335 -ipset=/.ntd.tv/gfwlist -server=/.ntdtv.ca/127.0.0.1#5335 -ipset=/.ntdtv.ca/gfwlist -server=/.ntdtv.co.kr/127.0.0.1#5335 -ipset=/.ntdtv.co.kr/gfwlist -server=/.ntdtv.com/127.0.0.1#5335 -ipset=/.ntdtv.com/gfwlist -server=/.ntdtv.cz/127.0.0.1#5335 -ipset=/.ntdtv.cz/gfwlist -server=/.ntdtv.org/127.0.0.1#5335 -ipset=/.ntdtv.org/gfwlist -server=/.ntdtv.ru/127.0.0.1#5335 -ipset=/.ntdtv.ru/gfwlist -server=/.ntdtvla.com/127.0.0.1#5335 -ipset=/.ntdtvla.com/gfwlist -server=/.ntrfun.com/127.0.0.1#5335 -ipset=/.ntrfun.com/gfwlist -server=/.ntsna.gov.tw/127.0.0.1#5335 -ipset=/.ntsna.gov.tw/gfwlist -server=/.nubiles.net/127.0.0.1#5335 -ipset=/.nubiles.net/gfwlist -server=/.nuexpo.com/127.0.0.1#5335 -ipset=/.nuexpo.com/gfwlist -server=/.nukistream.com/127.0.0.1#5335 -ipset=/.nukistream.com/gfwlist -server=/.nurgo-software.com/127.0.0.1#5335 -ipset=/.nurgo-software.com/gfwlist -server=/.nusatrip.com/127.0.0.1#5335 -ipset=/.nusatrip.com/gfwlist -server=/.nutaku.net/127.0.0.1#5335 -ipset=/.nutaku.net/gfwlist -server=/.nuuvem.com/127.0.0.1#5335 -ipset=/.nuuvem.com/gfwlist -server=/.nuvid.com/127.0.0.1#5335 -ipset=/.nuvid.com/gfwlist -server=/.nuzcom.com/127.0.0.1#5335 -ipset=/.nuzcom.com/gfwlist -server=/.nvdst.com/127.0.0.1#5335 -ipset=/.nvdst.com/gfwlist -server=/.nvquan.org/127.0.0.1#5335 -ipset=/.nvquan.org/gfwlist -server=/.nvtongzhisheng.org/127.0.0.1#5335 -ipset=/.nvtongzhisheng.org/gfwlist -server=/.nwtca.org/127.0.0.1#5335 -ipset=/.nwtca.org/gfwlist -server=/.ny.stgloballink.com/127.0.0.1#5335 -ipset=/.ny.stgloballink.com/gfwlist -server=/.ny.visiontimes.com/127.0.0.1#5335 -ipset=/.ny.visiontimes.com/gfwlist -server=/.nyaa.eu/127.0.0.1#5335 -ipset=/.nyaa.eu/gfwlist -server=/.nyaa.si/127.0.0.1#5335 -ipset=/.nyaa.si/gfwlist -server=/.nydus.ca/127.0.0.1#5335 -ipset=/.nydus.ca/gfwlist -server=/.nylon-angel.com/127.0.0.1#5335 -ipset=/.nylon-angel.com/gfwlist -server=/.nylonstockingsonline.com/127.0.0.1#5335 -ipset=/.nylonstockingsonline.com/gfwlist -server=/.nyt.com/127.0.0.1#5335 -ipset=/.nyt.com/gfwlist -server=/.nytchina.com/127.0.0.1#5335 -ipset=/.nytchina.com/gfwlist -server=/.nytcn.me/127.0.0.1#5335 -ipset=/.nytcn.me/gfwlist -server=/.nytco.com/127.0.0.1#5335 -ipset=/.nytco.com/gfwlist -server=/.nytimes.com/127.0.0.1#5335 -ipset=/.nytimes.com/gfwlist -server=/.nytimes.map.fastly.net/127.0.0.1#5335 -ipset=/.nytimes.map.fastly.net/gfwlist -server=/.nytimg.com/127.0.0.1#5335 -ipset=/.nytimg.com/gfwlist -server=/.nytstyle.com/127.0.0.1#5335 -ipset=/.nytstyle.com/gfwlist -server=/.nzchinese.com/127.0.0.1#5335 -ipset=/.nzchinese.com/gfwlist -server=/.nzchinese.net.nz/127.0.0.1#5335 -ipset=/.nzchinese.net.nz/gfwlist -server=/.observechina.net/127.0.0.1#5335 -ipset=/.observechina.net/gfwlist -server=/.obutu.com/127.0.0.1#5335 -ipset=/.obutu.com/gfwlist -server=/.ocaspro.com/127.0.0.1#5335 -ipset=/.ocaspro.com/gfwlist -server=/.occupytiananmen.com/127.0.0.1#5335 -ipset=/.occupytiananmen.com/gfwlist -server=/.oclp.hk/127.0.0.1#5335 -ipset=/.oclp.hk/gfwlist -server=/.ocreampies.com/127.0.0.1#5335 -ipset=/.ocreampies.com/gfwlist -server=/.ocry.com/127.0.0.1#5335 -ipset=/.ocry.com/gfwlist -server=/.october-review.org/127.0.0.1#5335 -ipset=/.october-review.org/gfwlist -server=/.oculus.com/127.0.0.1#5335 -ipset=/.oculus.com/gfwlist -server=/.oculuscdn.com/127.0.0.1#5335 -ipset=/.oculuscdn.com/gfwlist -server=/.oex.com/127.0.0.1#5335 -ipset=/.oex.com/gfwlist -server=/.offbeatchina.com/127.0.0.1#5335 -ipset=/.offbeatchina.com/gfwlist -server=/.officeoftibet.com/127.0.0.1#5335 -ipset=/.officeoftibet.com/gfwlist -server=/.ofile.org/127.0.0.1#5335 -ipset=/.ofile.org/gfwlist -server=/.ogaoga.org/127.0.0.1#5335 -ipset=/.ogaoga.org/gfwlist -server=/.ogate.org/127.0.0.1#5335 -ipset=/.ogate.org/gfwlist -server=/.oiktv.com/127.0.0.1#5335 -ipset=/.oiktv.com/gfwlist -server=/.oizoblog.com/127.0.0.1#5335 -ipset=/.oizoblog.com/gfwlist -server=/.ok.ru/127.0.0.1#5335 -ipset=/.ok.ru/gfwlist -server=/.okayfreedom.com/127.0.0.1#5335 -ipset=/.okayfreedom.com/gfwlist -server=/.okex.com/127.0.0.1#5335 -ipset=/.okex.com/gfwlist -server=/.okk.tw/127.0.0.1#5335 -ipset=/.okk.tw/gfwlist -server=/.old-cat.net/127.0.0.1#5335 -ipset=/.old-cat.net/gfwlist -server=/.old.nabble.com/127.0.0.1#5335 -ipset=/.old.nabble.com/gfwlist -server=/.olumpo.com/127.0.0.1#5335 -ipset=/.olumpo.com/gfwlist -server=/.olympicwatch.org/127.0.0.1#5335 -ipset=/.olympicwatch.org/gfwlist -server=/.omgili.com/127.0.0.1#5335 -ipset=/.omgili.com/gfwlist -server=/.omni7.jp/127.0.0.1#5335 -ipset=/.omni7.jp/gfwlist -server=/.omnitalk.com/127.0.0.1#5335 -ipset=/.omnitalk.com/gfwlist -server=/.omnitalk.org/127.0.0.1#5335 -ipset=/.omnitalk.org/gfwlist -server=/.on.cc/127.0.0.1#5335 -ipset=/.on.cc/gfwlist -server=/.on2.com/127.0.0.1#5335 -ipset=/.on2.com/gfwlist -server=/.onapp.com/127.0.0.1#5335 -ipset=/.onapp.com/gfwlist -server=/.onedrive.live.com/127.0.0.1#5335 -ipset=/.onedrive.live.com/gfwlist -server=/.onedumb.com/127.0.0.1#5335 -ipset=/.onedumb.com/gfwlist -server=/.onejav.com/127.0.0.1#5335 -ipset=/.onejav.com/gfwlist -server=/.onion.city/127.0.0.1#5335 -ipset=/.onion.city/gfwlist -server=/.online.recoveryversion.org/127.0.0.1#5335 -ipset=/.online.recoveryversion.org/gfwlist -server=/.onlinecha.com/127.0.0.1#5335 -ipset=/.onlinecha.com/gfwlist -server=/.onlineyoutube.com/127.0.0.1#5335 -ipset=/.onlineyoutube.com/gfwlist -server=/.onlytweets.com/127.0.0.1#5335 -ipset=/.onlytweets.com/gfwlist -server=/.onmoon.com/127.0.0.1#5335 -ipset=/.onmoon.com/gfwlist -server=/.onmoon.net/127.0.0.1#5335 -ipset=/.onmoon.net/gfwlist -server=/.onmypc.biz/127.0.0.1#5335 -ipset=/.onmypc.biz/gfwlist -server=/.onmypc.info/127.0.0.1#5335 -ipset=/.onmypc.info/gfwlist -server=/.onmypc.net/127.0.0.1#5335 -ipset=/.onmypc.net/gfwlist -server=/.onmypc.org/127.0.0.1#5335 -ipset=/.onmypc.org/gfwlist -server=/.onmypc.us/127.0.0.1#5335 -ipset=/.onmypc.us/gfwlist -server=/.onthehunt.com/127.0.0.1#5335 -ipset=/.onthehunt.com/gfwlist -server=/.ontrac.com/127.0.0.1#5335 -ipset=/.ontrac.com/gfwlist -server=/.oopsforum.com/127.0.0.1#5335 -ipset=/.oopsforum.com/gfwlist -server=/.open.com.hk/127.0.0.1#5335 -ipset=/.open.com.hk/gfwlist -server=/.openallweb.com/127.0.0.1#5335 -ipset=/.openallweb.com/gfwlist -server=/.opendemocracy.net/127.0.0.1#5335 -ipset=/.opendemocracy.net/gfwlist -server=/.opendn.xyz/127.0.0.1#5335 -ipset=/.opendn.xyz/gfwlist -server=/.openervpn.in/127.0.0.1#5335 -ipset=/.openervpn.in/gfwlist -server=/.openid.net/127.0.0.1#5335 -ipset=/.openid.net/gfwlist -server=/.openleaks.org/127.0.0.1#5335 -ipset=/.openleaks.org/gfwlist -server=/.openvpn.net/127.0.0.1#5335 -ipset=/.openvpn.net/gfwlist -server=/.openvpn.org/127.0.0.1#5335 -ipset=/.openvpn.org/gfwlist -server=/.openwebster.com/127.0.0.1#5335 -ipset=/.openwebster.com/gfwlist -server=/.openwrt.org.cn/127.0.0.1#5335 -ipset=/.openwrt.org.cn/gfwlist -server=/.opml.radiotime.com/127.0.0.1#5335 -ipset=/.opml.radiotime.com/gfwlist -server=/.opus-gaming.com/127.0.0.1#5335 -ipset=/.opus-gaming.com/gfwlist -server=/.organcare.org.tw/127.0.0.1#5335 -ipset=/.organcare.org.tw/gfwlist -server=/.organharvestinvestigation.net/127.0.0.1#5335 -ipset=/.organharvestinvestigation.net/gfwlist -server=/.organiccrap.com/127.0.0.1#5335 -ipset=/.organiccrap.com/gfwlist -server=/.orgasm.com/127.0.0.1#5335 -ipset=/.orgasm.com/gfwlist -server=/.orgfree.com/127.0.0.1#5335 -ipset=/.orgfree.com/gfwlist -server=/.orient-doll.com/127.0.0.1#5335 -ipset=/.orient-doll.com/gfwlist -server=/.orientaldaily.com.my/127.0.0.1#5335 -ipset=/.orientaldaily.com.my/gfwlist -server=/.orn.jp/127.0.0.1#5335 -ipset=/.orn.jp/gfwlist -server=/.orzistic.org/127.0.0.1#5335 -ipset=/.orzistic.org/gfwlist -server=/.osfoora.com/127.0.0.1#5335 -ipset=/.osfoora.com/gfwlist -server=/.otcbtc.com/127.0.0.1#5335 -ipset=/.otcbtc.com/gfwlist -server=/.otnd.org/127.0.0.1#5335 -ipset=/.otnd.org/gfwlist -server=/.otto.de/127.0.0.1#5335 -ipset=/.otto.de/gfwlist -server=/.otzo.com/127.0.0.1#5335 -ipset=/.otzo.com/gfwlist -server=/.ourdearamy.com/127.0.0.1#5335 -ipset=/.ourdearamy.com/gfwlist -server=/.ourhobby.com/127.0.0.1#5335 -ipset=/.ourhobby.com/gfwlist -server=/.oursogo.com/127.0.0.1#5335 -ipset=/.oursogo.com/gfwlist -server=/.oursteps.com.au/127.0.0.1#5335 -ipset=/.oursteps.com.au/gfwlist -server=/.oursweb.net/127.0.0.1#5335 -ipset=/.oursweb.net/gfwlist -server=/.ourtv.hk/127.0.0.1#5335 -ipset=/.ourtv.hk/gfwlist -server=/.overplay.net/127.0.0.1#5335 -ipset=/.overplay.net/gfwlist -server=/.oversea.istarshine.com/127.0.0.1#5335 -ipset=/.oversea.istarshine.com/gfwlist -server=/.ow.ly/127.0.0.1#5335 -ipset=/.ow.ly/gfwlist -server=/.owl.li/127.0.0.1#5335 -ipset=/.owl.li/gfwlist -server=/.oyax.com/127.0.0.1#5335 -ipset=/.oyax.com/gfwlist -server=/.ozvoice.org/127.0.0.1#5335 -ipset=/.ozvoice.org/gfwlist -server=/.ozxw.com/127.0.0.1#5335 -ipset=/.ozxw.com/gfwlist -server=/.ozyoyo.com/127.0.0.1#5335 -ipset=/.ozyoyo.com/gfwlist -server=/.pachosting.com/127.0.0.1#5335 -ipset=/.pachosting.com/gfwlist -server=/.pacificpoker.com/127.0.0.1#5335 -ipset=/.pacificpoker.com/gfwlist -server=/.packetix.net/127.0.0.1#5335 -ipset=/.packetix.net/gfwlist -server=/.pacopacomama.com/127.0.0.1#5335 -ipset=/.pacopacomama.com/gfwlist -server=/.padmanet.com/127.0.0.1#5335 -ipset=/.padmanet.com/gfwlist -server=/.page.bid.yahoo.com/127.0.0.1#5335 -ipset=/.page.bid.yahoo.com/gfwlist -server=/.page2rss.com/127.0.0.1#5335 -ipset=/.page2rss.com/gfwlist -server=/.pagodabox.com/127.0.0.1#5335 -ipset=/.pagodabox.com/gfwlist -server=/.palacemoon.com/127.0.0.1#5335 -ipset=/.palacemoon.com/gfwlist -server=/.paldengyal.com/127.0.0.1#5335 -ipset=/.paldengyal.com/gfwlist -server=/.paljorpublications.com/127.0.0.1#5335 -ipset=/.paljorpublications.com/gfwlist -server=/.paltalk.com/127.0.0.1#5335 -ipset=/.paltalk.com/gfwlist -server=/.panamapapers.sueddeutsche.de/127.0.0.1#5335 -ipset=/.panamapapers.sueddeutsche.de/gfwlist -server=/.pandapow.co/127.0.0.1#5335 -ipset=/.pandapow.co/gfwlist -server=/.pandapow.net/127.0.0.1#5335 -ipset=/.pandapow.net/gfwlist -server=/.pandavpn-jp.com/127.0.0.1#5335 -ipset=/.pandavpn-jp.com/gfwlist -server=/.pandora.com/127.0.0.1#5335 -ipset=/.pandora.com/gfwlist -server=/.pandora.tv/127.0.0.1#5335 -ipset=/.pandora.tv/gfwlist -server=/.panluan.net/127.0.0.1#5335 -ipset=/.panluan.net/gfwlist -server=/.panoramio.com/127.0.0.1#5335 -ipset=/.panoramio.com/gfwlist -server=/.pao-pao.net/127.0.0.1#5335 -ipset=/.pao-pao.net/gfwlist -server=/.paper.li/127.0.0.1#5335 -ipset=/.paper.li/gfwlist -server=/.paperb.us/127.0.0.1#5335 -ipset=/.paperb.us/gfwlist -server=/.paradisehill.cc/127.0.0.1#5335 -ipset=/.paradisehill.cc/gfwlist -server=/.paradisepoker.com/127.0.0.1#5335 -ipset=/.paradisepoker.com/gfwlist -server=/.parkansky.com/127.0.0.1#5335 -ipset=/.parkansky.com/gfwlist -server=/.partycasino.com/127.0.0.1#5335 -ipset=/.partycasino.com/gfwlist -server=/.partypoker.com/127.0.0.1#5335 -ipset=/.partypoker.com/gfwlist -server=/.passion.com/127.0.0.1#5335 -ipset=/.passion.com/gfwlist -server=/.passiontimes.hk/127.0.0.1#5335 -ipset=/.passiontimes.hk/gfwlist -server=/.paste.ee/127.0.0.1#5335 -ipset=/.paste.ee/gfwlist -server=/.pastebin.com/127.0.0.1#5335 -ipset=/.pastebin.com/gfwlist -server=/.pastie.org/127.0.0.1#5335 -ipset=/.pastie.org/gfwlist -server=/.pbwiki.com/127.0.0.1#5335 -ipset=/.pbwiki.com/gfwlist -server=/.pbworks.com/127.0.0.1#5335 -ipset=/.pbworks.com/gfwlist -server=/.pbxes.com/127.0.0.1#5335 -ipset=/.pbxes.com/gfwlist -server=/.pbxes.org/127.0.0.1#5335 -ipset=/.pbxes.org/gfwlist -server=/.pcanywhere.net/127.0.0.1#5335 -ipset=/.pcanywhere.net/gfwlist -server=/.pcc.gov.tw/127.0.0.1#5335 -ipset=/.pcc.gov.tw/gfwlist -server=/.pcdvd.com.tw/127.0.0.1#5335 -ipset=/.pcdvd.com.tw/gfwlist -server=/.pchome.com.tw/127.0.0.1#5335 -ipset=/.pchome.com.tw/gfwlist -server=/.pcij.org/127.0.0.1#5335 -ipset=/.pcij.org/gfwlist -server=/.pcstore.com.tw/127.0.0.1#5335 -ipset=/.pcstore.com.tw/gfwlist -server=/.pct.org.tw/127.0.0.1#5335 -ipset=/.pct.org.tw/gfwlist -server=/.pdetails.com/127.0.0.1#5335 -ipset=/.pdetails.com/gfwlist -server=/.pdproxy.com/127.0.0.1#5335 -ipset=/.pdproxy.com/gfwlist -server=/.pds.nasa.gov/127.0.0.1#5335 -ipset=/.pds.nasa.gov/gfwlist -server=/.peace.ca/127.0.0.1#5335 -ipset=/.peace.ca/gfwlist -server=/.peacefire.org/127.0.0.1#5335 -ipset=/.peacefire.org/gfwlist -server=/.peacehall.com/127.0.0.1#5335 -ipset=/.peacehall.com/gfwlist -server=/.pearlher.org/127.0.0.1#5335 -ipset=/.pearlher.org/gfwlist -server=/.peeasian.com/127.0.0.1#5335 -ipset=/.peeasian.com/gfwlist -server=/.pekingduck.org/127.0.0.1#5335 -ipset=/.pekingduck.org/gfwlist -server=/.pemulihan.or.id/127.0.0.1#5335 -ipset=/.pemulihan.or.id/gfwlist -server=/.pen.io/127.0.0.1#5335 -ipset=/.pen.io/gfwlist -server=/.penchinese.com/127.0.0.1#5335 -ipset=/.penchinese.com/gfwlist -server=/.penchinese.net/127.0.0.1#5335 -ipset=/.penchinese.net/gfwlist -server=/.pengyulong.com/127.0.0.1#5335 -ipset=/.pengyulong.com/gfwlist -server=/.penisbot.com/127.0.0.1#5335 -ipset=/.penisbot.com/gfwlist -server=/.penthouse.com/127.0.0.1#5335 -ipset=/.penthouse.com/gfwlist -server=/.peoplebookcafe.com/127.0.0.1#5335 -ipset=/.peoplebookcafe.com/gfwlist -server=/.peoplenews.tw/127.0.0.1#5335 -ipset=/.peoplenews.tw/gfwlist -server=/.peopo.org/127.0.0.1#5335 -ipset=/.peopo.org/gfwlist -server=/.percy.in/127.0.0.1#5335 -ipset=/.percy.in/gfwlist -server=/.perfectgirls.net/127.0.0.1#5335 -ipset=/.perfectgirls.net/gfwlist -server=/.perfectvpn.net/127.0.0.1#5335 -ipset=/.perfectvpn.net/gfwlist -server=/.periscope.tv/127.0.0.1#5335 -ipset=/.periscope.tv/gfwlist -server=/.persecutionblog.com/127.0.0.1#5335 -ipset=/.persecutionblog.com/gfwlist -server=/.persiankitty.com/127.0.0.1#5335 -ipset=/.persiankitty.com/gfwlist -server=/.pfd.org.hk/127.0.0.1#5335 -ipset=/.pfd.org.hk/gfwlist -server=/.phapluan.org/127.0.0.1#5335 -ipset=/.phapluan.org/gfwlist -server=/.phayul.com/127.0.0.1#5335 -ipset=/.phayul.com/gfwlist -server=/.philborges.com/127.0.0.1#5335 -ipset=/.philborges.com/gfwlist -server=/.philly.com/127.0.0.1#5335 -ipset=/.philly.com/gfwlist -server=/.phmsociety.org/127.0.0.1#5335 -ipset=/.phmsociety.org/gfwlist -server=/.phncdn.com/127.0.0.1#5335 -ipset=/.phncdn.com/gfwlist -server=/.phosphation13.rssing.com/127.0.0.1#5335 -ipset=/.phosphation13.rssing.com/gfwlist -server=/.photodharma.net/127.0.0.1#5335 -ipset=/.photodharma.net/gfwlist -server=/.photofocus.com/127.0.0.1#5335 -ipset=/.photofocus.com/gfwlist -server=/.phprcdn.com/127.0.0.1#5335 -ipset=/.phprcdn.com/gfwlist -server=/.phuquocservices.com/127.0.0.1#5335 -ipset=/.phuquocservices.com/gfwlist -server=/.picacomic.com/127.0.0.1#5335 -ipset=/.picacomic.com/gfwlist -server=/.picacomiccn.com/127.0.0.1#5335 -ipset=/.picacomiccn.com/gfwlist -server=/.picasaweb.com/127.0.0.1#5335 -ipset=/.picasaweb.com/gfwlist -server=/.picidae.net/127.0.0.1#5335 -ipset=/.picidae.net/gfwlist -server=/.pictures.playboy.com/127.0.0.1#5335 -ipset=/.pictures.playboy.com/gfwlist -server=/.picturesocial.com/127.0.0.1#5335 -ipset=/.picturesocial.com/gfwlist -server=/.pin-cong.com/127.0.0.1#5335 -ipset=/.pin-cong.com/gfwlist -server=/.pin6.com/127.0.0.1#5335 -ipset=/.pin6.com/gfwlist -server=/.pincong.rocks/127.0.0.1#5335 -ipset=/.pincong.rocks/gfwlist -server=/.ping.fm/127.0.0.1#5335 -ipset=/.ping.fm/gfwlist -server=/.pinimg.com/127.0.0.1#5335 -ipset=/.pinimg.com/gfwlist -server=/.pinkrod.com/127.0.0.1#5335 -ipset=/.pinkrod.com/gfwlist -server=/.pinoy-n.com/127.0.0.1#5335 -ipset=/.pinoy-n.com/gfwlist -server=/.pinterest.at/127.0.0.1#5335 -ipset=/.pinterest.at/gfwlist -server=/.pinterest.ca/127.0.0.1#5335 -ipset=/.pinterest.ca/gfwlist -server=/.pinterest.co.kr/127.0.0.1#5335 -ipset=/.pinterest.co.kr/gfwlist -server=/.pinterest.co.uk/127.0.0.1#5335 -ipset=/.pinterest.co.uk/gfwlist -server=/.pinterest.com/127.0.0.1#5335 -ipset=/.pinterest.com/gfwlist -server=/.pinterest.de/127.0.0.1#5335 -ipset=/.pinterest.de/gfwlist -server=/.pinterest.dk/127.0.0.1#5335 -ipset=/.pinterest.dk/gfwlist -server=/.pinterest.fr/127.0.0.1#5335 -ipset=/.pinterest.fr/gfwlist -server=/.pinterest.jp/127.0.0.1#5335 -ipset=/.pinterest.jp/gfwlist -server=/.pinterest.nl/127.0.0.1#5335 -ipset=/.pinterest.nl/gfwlist -server=/.pinterest.se/127.0.0.1#5335 -ipset=/.pinterest.se/gfwlist -server=/.pioneer-worker.forums-free.com/127.0.0.1#5335 -ipset=/.pioneer-worker.forums-free.com/gfwlist -server=/.pipii.tv/127.0.0.1#5335 -ipset=/.pipii.tv/gfwlist -server=/.piposay.com/127.0.0.1#5335 -ipset=/.piposay.com/gfwlist -server=/.piraattilahti.org/127.0.0.1#5335 -ipset=/.piraattilahti.org/gfwlist -server=/.piring.com/127.0.0.1#5335 -ipset=/.piring.com/gfwlist -server=/.pixelqi.com/127.0.0.1#5335 -ipset=/.pixelqi.com/gfwlist -server=/.pixiv.net/127.0.0.1#5335 -ipset=/.pixiv.net/gfwlist -server=/.pixnet.net/127.0.0.1#5335 -ipset=/.pixnet.net/gfwlist -server=/.pk.com/127.0.0.1#5335 -ipset=/.pk.com/gfwlist -server=/.pki.goog/127.0.0.1#5335 -ipset=/.pki.goog/gfwlist -server=/.placemix.com/127.0.0.1#5335 -ipset=/.placemix.com/gfwlist -server=/.playboy.com/127.0.0.1#5335 -ipset=/.playboy.com/gfwlist -server=/.playboyplus.com/127.0.0.1#5335 -ipset=/.playboyplus.com/gfwlist -server=/.player.fm/127.0.0.1#5335 -ipset=/.player.fm/gfwlist -server=/.playno1.com/127.0.0.1#5335 -ipset=/.playno1.com/gfwlist -server=/.playpcesor.com/127.0.0.1#5335 -ipset=/.playpcesor.com/gfwlist -server=/.plays.com.tw/127.0.0.1#5335 -ipset=/.plays.com.tw/gfwlist -server=/.plm.org.hk/127.0.0.1#5335 -ipset=/.plm.org.hk/gfwlist -server=/.plunder.com/127.0.0.1#5335 -ipset=/.plunder.com/gfwlist -server=/.plurk.com/127.0.0.1#5335 -ipset=/.plurk.com/gfwlist -server=/.plus.codes/127.0.0.1#5335 -ipset=/.plus.codes/gfwlist -server=/.plus28.com/127.0.0.1#5335 -ipset=/.plus28.com/gfwlist -server=/.plusbb.com/127.0.0.1#5335 -ipset=/.plusbb.com/gfwlist -server=/.pmatehunter.com/127.0.0.1#5335 -ipset=/.pmatehunter.com/gfwlist -server=/.pmates.com/127.0.0.1#5335 -ipset=/.pmates.com/gfwlist -server=/.po2b.com/127.0.0.1#5335 -ipset=/.po2b.com/gfwlist -server=/.pobieramy.top/127.0.0.1#5335 -ipset=/.pobieramy.top/gfwlist -server=/.podictionary.com/127.0.0.1#5335 -ipset=/.podictionary.com/gfwlist -server=/.pokerstars.com/127.0.0.1#5335 -ipset=/.pokerstars.com/gfwlist -server=/.pokerstars.net/127.0.0.1#5335 -ipset=/.pokerstars.net/gfwlist -server=/.politicalchina.org/127.0.0.1#5335 -ipset=/.politicalchina.org/gfwlist -server=/.politicalconsultation.org/127.0.0.1#5335 -ipset=/.politicalconsultation.org/gfwlist -server=/.politiscales.net/127.0.0.1#5335 -ipset=/.politiscales.net/gfwlist -server=/.poloniex.com/127.0.0.1#5335 -ipset=/.poloniex.com/gfwlist -server=/.polymer-project.org/127.0.0.1#5335 -ipset=/.polymer-project.org/gfwlist -server=/.polymerhk.com/127.0.0.1#5335 -ipset=/.polymerhk.com/gfwlist -server=/.popo.tw/127.0.0.1#5335 -ipset=/.popo.tw/gfwlist -server=/.popvote.hk/127.0.0.1#5335 -ipset=/.popvote.hk/gfwlist -server=/.popyard.com/127.0.0.1#5335 -ipset=/.popyard.com/gfwlist -server=/.popyard.org/127.0.0.1#5335 -ipset=/.popyard.org/gfwlist -server=/.porn.com/127.0.0.1#5335 -ipset=/.porn.com/gfwlist -server=/.porn2.com/127.0.0.1#5335 -ipset=/.porn2.com/gfwlist -server=/.porn5.com/127.0.0.1#5335 -ipset=/.porn5.com/gfwlist -server=/.pornbase.org/127.0.0.1#5335 -ipset=/.pornbase.org/gfwlist -server=/.pornbest.org/127.0.0.1#5335 -ipset=/.pornbest.org/gfwlist -server=/.pornerbros.com/127.0.0.1#5335 -ipset=/.pornerbros.com/gfwlist -server=/.pornhd.com/127.0.0.1#5335 -ipset=/.pornhd.com/gfwlist -server=/.pornhost.com/127.0.0.1#5335 -ipset=/.pornhost.com/gfwlist -server=/.pornhub.com/127.0.0.1#5335 -ipset=/.pornhub.com/gfwlist -server=/.pornhubdeutsch.net/127.0.0.1#5335 -ipset=/.pornhubdeutsch.net/gfwlist -server=/.pornmm.net/127.0.0.1#5335 -ipset=/.pornmm.net/gfwlist -server=/.pornoxo.com/127.0.0.1#5335 -ipset=/.pornoxo.com/gfwlist -server=/.pornrapidshare.com/127.0.0.1#5335 -ipset=/.pornrapidshare.com/gfwlist -server=/.pornsharing.com/127.0.0.1#5335 -ipset=/.pornsharing.com/gfwlist -server=/.pornsocket.com/127.0.0.1#5335 -ipset=/.pornsocket.com/gfwlist -server=/.pornstarclub.com/127.0.0.1#5335 -ipset=/.pornstarclub.com/gfwlist -server=/.porntube.com/127.0.0.1#5335 -ipset=/.porntube.com/gfwlist -server=/.porntubenews.com/127.0.0.1#5335 -ipset=/.porntubenews.com/gfwlist -server=/.porntvblog.com/127.0.0.1#5335 -ipset=/.porntvblog.com/gfwlist -server=/.pornvisit.com/127.0.0.1#5335 -ipset=/.pornvisit.com/gfwlist -server=/.port25.biz/127.0.0.1#5335 -ipset=/.port25.biz/gfwlist -server=/.portablevpn.nl/127.0.0.1#5335 -ipset=/.portablevpn.nl/gfwlist -server=/.poskotanews.com/127.0.0.1#5335 -ipset=/.poskotanews.com/gfwlist -server=/.post01.com/127.0.0.1#5335 -ipset=/.post01.com/gfwlist -server=/.post76.com/127.0.0.1#5335 -ipset=/.post76.com/gfwlist -server=/.post852.com/127.0.0.1#5335 -ipset=/.post852.com/gfwlist -server=/.postadult.com/127.0.0.1#5335 -ipset=/.postadult.com/gfwlist -server=/.postimg.org/127.0.0.1#5335 -ipset=/.postimg.org/gfwlist -server=/.potato.im/127.0.0.1#5335 -ipset=/.potato.im/gfwlist -server=/.potvpn.com/127.0.0.1#5335 -ipset=/.potvpn.com/gfwlist -server=/.power.com/127.0.0.1#5335 -ipset=/.power.com/gfwlist -server=/.powercx.com/127.0.0.1#5335 -ipset=/.powercx.com/gfwlist -server=/.powerphoto.org/127.0.0.1#5335 -ipset=/.powerphoto.org/gfwlist -server=/.prayforchina.net/127.0.0.1#5335 -ipset=/.prayforchina.net/gfwlist -server=/.premeforwindows7.com/127.0.0.1#5335 -ipset=/.premeforwindows7.com/gfwlist -server=/.premproxy.com/127.0.0.1#5335 -ipset=/.premproxy.com/gfwlist -server=/.presentationzen.com/127.0.0.1#5335 -ipset=/.presentationzen.com/gfwlist -server=/.presidentlee.tw/127.0.0.1#5335 -ipset=/.presidentlee.tw/gfwlist -server=/.prestige-av.com/127.0.0.1#5335 -ipset=/.prestige-av.com/gfwlist -server=/.pride.google/127.0.0.1#5335 -ipset=/.pride.google/gfwlist -server=/.prism-break.org/127.0.0.1#5335 -ipset=/.prism-break.org/gfwlist -server=/.prisoneralert.com/127.0.0.1#5335 -ipset=/.prisoneralert.com/gfwlist -server=/.pritunl.com/127.0.0.1#5335 -ipset=/.pritunl.com/gfwlist -server=/.privacybox.de/127.0.0.1#5335 -ipset=/.privacybox.de/gfwlist -server=/.privateinternetaccess.com/127.0.0.1#5335 -ipset=/.privateinternetaccess.com/gfwlist -server=/.privatepaste.com/127.0.0.1#5335 -ipset=/.privatepaste.com/gfwlist -server=/.privatetunnel.com/127.0.0.1#5335 -ipset=/.privatetunnel.com/gfwlist -server=/.privatevpn.com/127.0.0.1#5335 -ipset=/.privatevpn.com/gfwlist -server=/.procopytips.com/127.0.0.1#5335 -ipset=/.procopytips.com/gfwlist -server=/.prosiben.de/127.0.0.1#5335 -ipset=/.prosiben.de/gfwlist -server=/.protonvpn.com/127.0.0.1#5335 -ipset=/.protonvpn.com/gfwlist -server=/.provideocoalition.com/127.0.0.1#5335 -ipset=/.provideocoalition.com/gfwlist -server=/.provpnaccounts.com/127.0.0.1#5335 -ipset=/.provpnaccounts.com/gfwlist -server=/.proxfree.com/127.0.0.1#5335 -ipset=/.proxfree.com/gfwlist -server=/.proxifier.com/127.0.0.1#5335 -ipset=/.proxifier.com/gfwlist -server=/.proxomitron.info/127.0.0.1#5335 -ipset=/.proxomitron.info/gfwlist -server=/.proxpn.com/127.0.0.1#5335 -ipset=/.proxpn.com/gfwlist -server=/.proxy1.xyz/127.0.0.1#5335 -ipset=/.proxy1.xyz/gfwlist -server=/.proxyanonimo.es/127.0.0.1#5335 -ipset=/.proxyanonimo.es/gfwlist -server=/.proxydns.com/127.0.0.1#5335 -ipset=/.proxydns.com/gfwlist -server=/.proxylist.org.uk/127.0.0.1#5335 -ipset=/.proxylist.org.uk/gfwlist -server=/.proxynetwork.org.uk/127.0.0.1#5335 -ipset=/.proxynetwork.org.uk/gfwlist -server=/.proxypy.net/127.0.0.1#5335 -ipset=/.proxypy.net/gfwlist -server=/.proxyroad.com/127.0.0.1#5335 -ipset=/.proxyroad.com/gfwlist -server=/.proxytunnel.net/127.0.0.1#5335 -ipset=/.proxytunnel.net/gfwlist -server=/.proyectoclubes.com/127.0.0.1#5335 -ipset=/.proyectoclubes.com/gfwlist -server=/.prozz.net/127.0.0.1#5335 -ipset=/.prozz.net/gfwlist -server=/.psblog.name/127.0.0.1#5335 -ipset=/.psblog.name/gfwlist -server=/.pscp.tv/127.0.0.1#5335 -ipset=/.pscp.tv/gfwlist -server=/.psiphon.ca/127.0.0.1#5335 -ipset=/.psiphon.ca/gfwlist -server=/.psiphon.civisec.org/127.0.0.1#5335 -ipset=/.psiphon.civisec.org/gfwlist -server=/.psiphon3.com/127.0.0.1#5335 -ipset=/.psiphon3.com/gfwlist -server=/.psiphontoday.com/127.0.0.1#5335 -ipset=/.psiphontoday.com/gfwlist -server=/.pts.org.tw/127.0.0.1#5335 -ipset=/.pts.org.tw/gfwlist -server=/.ptt.cc/127.0.0.1#5335 -ipset=/.ptt.cc/gfwlist -server=/.pttgame.com/127.0.0.1#5335 -ipset=/.pttgame.com/gfwlist -server=/.pttvan.org/127.0.0.1#5335 -ipset=/.pttvan.org/gfwlist -server=/.pubu.com.tw/127.0.0.1#5335 -ipset=/.pubu.com.tw/gfwlist -server=/.puffinbrowser.com/127.0.0.1#5335 -ipset=/.puffinbrowser.com/gfwlist -server=/.puffstore.com/127.0.0.1#5335 -ipset=/.puffstore.com/gfwlist -server=/.pullfolio.com/127.0.0.1#5335 -ipset=/.pullfolio.com/gfwlist -server=/.pulse.yahoo.com/127.0.0.1#5335 -ipset=/.pulse.yahoo.com/gfwlist -server=/.pure18.com/127.0.0.1#5335 -ipset=/.pure18.com/gfwlist -server=/.pureconcepts.net/127.0.0.1#5335 -ipset=/.pureconcepts.net/gfwlist -server=/.pureinsight.org/127.0.0.1#5335 -ipset=/.pureinsight.org/gfwlist -server=/.purepdf.com/127.0.0.1#5335 -ipset=/.purepdf.com/gfwlist -server=/.purevpn.com/127.0.0.1#5335 -ipset=/.purevpn.com/gfwlist -server=/.purplelotus.org/127.0.0.1#5335 -ipset=/.purplelotus.org/gfwlist -server=/.pursuestar.com/127.0.0.1#5335 -ipset=/.pursuestar.com/gfwlist -server=/.pushchinawall.com/127.0.0.1#5335 -ipset=/.pushchinawall.com/gfwlist -server=/.pussyspace.com/127.0.0.1#5335 -ipset=/.pussyspace.com/gfwlist -server=/.putihome.org/127.0.0.1#5335 -ipset=/.putihome.org/gfwlist -server=/.putty.org/127.0.0.1#5335 -ipset=/.putty.org/gfwlist -server=/.puuko.com/127.0.0.1#5335 -ipset=/.puuko.com/gfwlist -server=/.pwned.com/127.0.0.1#5335 -ipset=/.pwned.com/gfwlist -server=/.python.com/127.0.0.1#5335 -ipset=/.python.com/gfwlist -server=/.pytorch.org/127.0.0.1#5335 -ipset=/.pytorch.org/gfwlist -server=/.qanote.com/127.0.0.1#5335 -ipset=/.qanote.com/gfwlist -server=/.qgirl.com.tw/127.0.0.1#5335 -ipset=/.qgirl.com.tw/gfwlist -server=/.qhigh.com/127.0.0.1#5335 -ipset=/.qhigh.com/gfwlist -server=/.qi-gong.me/127.0.0.1#5335 -ipset=/.qi-gong.me/gfwlist -server=/.qiandao.today/127.0.0.1#5335 -ipset=/.qiandao.today/gfwlist -server=/.qiangyou.org/127.0.0.1#5335 -ipset=/.qiangyou.org/gfwlist -server=/.qidian.ca/127.0.0.1#5335 -ipset=/.qidian.ca/gfwlist -server=/.qienkuen.org/127.0.0.1#5335 -ipset=/.qienkuen.org/gfwlist -server=/.qiwen.lu/127.0.0.1#5335 -ipset=/.qiwen.lu/gfwlist -server=/.qixianglu.cn/127.0.0.1#5335 -ipset=/.qixianglu.cn/gfwlist -server=/.qkshare.com/127.0.0.1#5335 -ipset=/.qkshare.com/gfwlist -server=/.qoos.com/127.0.0.1#5335 -ipset=/.qoos.com/gfwlist -server=/.qpoe.com/127.0.0.1#5335 -ipset=/.qpoe.com/gfwlist -server=/.qq.co.za/127.0.0.1#5335 -ipset=/.qq.co.za/gfwlist -server=/.qstatus.com/127.0.0.1#5335 -ipset=/.qstatus.com/gfwlist -server=/.qtrac.eu/127.0.0.1#5335 -ipset=/.qtrac.eu/gfwlist -server=/.qtweeter.com/127.0.0.1#5335 -ipset=/.qtweeter.com/gfwlist -server=/.quannengshen.org/127.0.0.1#5335 -ipset=/.quannengshen.org/gfwlist -server=/.quantumbooter.net/127.0.0.1#5335 -ipset=/.quantumbooter.net/gfwlist -server=/.questvisual.com/127.0.0.1#5335 -ipset=/.questvisual.com/gfwlist -server=/.quitccp.net/127.0.0.1#5335 -ipset=/.quitccp.net/gfwlist -server=/.quitccp.org/127.0.0.1#5335 -ipset=/.quitccp.org/gfwlist -server=/.quora.com/127.0.0.1#5335 -ipset=/.quora.com/gfwlist -server=/.quoracdn.net/127.0.0.1#5335 -ipset=/.quoracdn.net/gfwlist -server=/.quran.com/127.0.0.1#5335 -ipset=/.quran.com/gfwlist -server=/.quranexplorer.com/127.0.0.1#5335 -ipset=/.quranexplorer.com/gfwlist -server=/.qusi8.net/127.0.0.1#5335 -ipset=/.qusi8.net/gfwlist -server=/.qvodzy.org/127.0.0.1#5335 -ipset=/.qvodzy.org/gfwlist -server=/.qxbbs.org/127.0.0.1#5335 -ipset=/.qxbbs.org/gfwlist -server=/.qz.com/127.0.0.1#5335 -ipset=/.qz.com/gfwlist -server=/.r18.com/127.0.0.1#5335 -ipset=/.r18.com/gfwlist -server=/.ra.gg/127.0.0.1#5335 -ipset=/.ra.gg/gfwlist -server=/.radicalparty.org/127.0.0.1#5335 -ipset=/.radicalparty.org/gfwlist -server=/.radioaustralia.net.au/127.0.0.1#5335 -ipset=/.radioaustralia.net.au/gfwlist -server=/.radiohilight.net/127.0.0.1#5335 -ipset=/.radiohilight.net/gfwlist -server=/.radiovaticana.org/127.0.0.1#5335 -ipset=/.radiovaticana.org/gfwlist -server=/.radiovncr.com/127.0.0.1#5335 -ipset=/.radiovncr.com/gfwlist -server=/.rael.org/127.0.0.1#5335 -ipset=/.rael.org/gfwlist -server=/.raggedbanner.com/127.0.0.1#5335 -ipset=/.raggedbanner.com/gfwlist -server=/.raidcall.com.tw/127.0.0.1#5335 -ipset=/.raidcall.com.tw/gfwlist -server=/.raidtalk.com.tw/127.0.0.1#5335 -ipset=/.raidtalk.com.tw/gfwlist -server=/.raizoji.or.jp/127.0.0.1#5335 -ipset=/.raizoji.or.jp/gfwlist -server=/.ramcity.com.au/127.0.0.1#5335 -ipset=/.ramcity.com.au/gfwlist -server=/.rangwang.biz/127.0.0.1#5335 -ipset=/.rangwang.biz/gfwlist -server=/.rangzen.com/127.0.0.1#5335 -ipset=/.rangzen.com/gfwlist -server=/.rangzen.net/127.0.0.1#5335 -ipset=/.rangzen.net/gfwlist -server=/.rangzen.org/127.0.0.1#5335 -ipset=/.rangzen.org/gfwlist -server=/.ranyunfei.com/127.0.0.1#5335 -ipset=/.ranyunfei.com/gfwlist -server=/.rapbull.net/127.0.0.1#5335 -ipset=/.rapbull.net/gfwlist -server=/.rapidmoviez.com/127.0.0.1#5335 -ipset=/.rapidmoviez.com/gfwlist -server=/.rapidvpn.com/127.0.0.1#5335 -ipset=/.rapidvpn.com/gfwlist -server=/.rarbgprx.org/127.0.0.1#5335 -ipset=/.rarbgprx.org/gfwlist -server=/.raremovie.cc/127.0.0.1#5335 -ipset=/.raremovie.cc/gfwlist -server=/.raremovie.net/127.0.0.1#5335 -ipset=/.raremovie.net/gfwlist -server=/.raw.githubusercontent.com/127.0.0.1#5335 -ipset=/.raw.githubusercontent.com/gfwlist -server=/.rawgit.com/127.0.0.1#5335 -ipset=/.rawgit.com/gfwlist -server=/.rawgithub.com/127.0.0.1#5335 -ipset=/.rawgithub.com/gfwlist -server=/.razyboard.com/127.0.0.1#5335 -ipset=/.razyboard.com/gfwlist -server=/.rcam.target.com/127.0.0.1#5335 -ipset=/.rcam.target.com/gfwlist -server=/.rcinet.ca/127.0.0.1#5335 -ipset=/.rcinet.ca/gfwlist -server=/.rconversation.blogs.com/127.0.0.1#5335 -ipset=/.rconversation.blogs.com/gfwlist -server=/.rd.com/127.0.0.1#5335 -ipset=/.rd.com/gfwlist -server=/.rdio.com/127.0.0.1#5335 -ipset=/.rdio.com/gfwlist -server=/.read01.com/127.0.0.1#5335 -ipset=/.read01.com/gfwlist -server=/.read100.com/127.0.0.1#5335 -ipset=/.read100.com/gfwlist -server=/.readingtimes.com.tw/127.0.0.1#5335 -ipset=/.readingtimes.com.tw/gfwlist -server=/.readmoo.com/127.0.0.1#5335 -ipset=/.readmoo.com/gfwlist -server=/.readydown.com/127.0.0.1#5335 -ipset=/.readydown.com/gfwlist -server=/.realcourage.org/127.0.0.1#5335 -ipset=/.realcourage.org/gfwlist -server=/.realforum.zkiz.com/127.0.0.1#5335 -ipset=/.realforum.zkiz.com/gfwlist -server=/.realitykings.com/127.0.0.1#5335 -ipset=/.realitykings.com/gfwlist -server=/.realraptalk.com/127.0.0.1#5335 -ipset=/.realraptalk.com/gfwlist -server=/.realsexpass.com/127.0.0.1#5335 -ipset=/.realsexpass.com/gfwlist -server=/.rebatesrule.net/127.0.0.1#5335 -ipset=/.rebatesrule.net/gfwlist -server=/.recordhistory.org/127.0.0.1#5335 -ipset=/.recordhistory.org/gfwlist -server=/.recovery.org.tw/127.0.0.1#5335 -ipset=/.recovery.org.tw/gfwlist -server=/.recoveryversion.com.tw/127.0.0.1#5335 -ipset=/.recoveryversion.com.tw/gfwlist -server=/.red-lang.org/127.0.0.1#5335 -ipset=/.red-lang.org/gfwlist -server=/.redballoonsolidarity.org/127.0.0.1#5335 -ipset=/.redballoonsolidarity.org/gfwlist -server=/.redchinacn.net/127.0.0.1#5335 -ipset=/.redchinacn.net/gfwlist -server=/.redchinacn.org/127.0.0.1#5335 -ipset=/.redchinacn.org/gfwlist -server=/.redd.it/127.0.0.1#5335 -ipset=/.redd.it/gfwlist -server=/.reddit.com/127.0.0.1#5335 -ipset=/.reddit.com/gfwlist -server=/.redditlist.com/127.0.0.1#5335 -ipset=/.redditlist.com/gfwlist -server=/.redditmedia.com/127.0.0.1#5335 -ipset=/.redditmedia.com/gfwlist -server=/.redditstatic.com/127.0.0.1#5335 -ipset=/.redditstatic.com/gfwlist -server=/.redhotlabs.com/127.0.0.1#5335 -ipset=/.redhotlabs.com/gfwlist -server=/.redtube.com/127.0.0.1#5335 -ipset=/.redtube.com/gfwlist -server=/.referer.us/127.0.0.1#5335 -ipset=/.referer.us/gfwlist -server=/.reflectivecode.com/127.0.0.1#5335 -ipset=/.reflectivecode.com/gfwlist -server=/.registry.google/127.0.0.1#5335 -ipset=/.registry.google/gfwlist -server=/.relaxbbs.com/127.0.0.1#5335 -ipset=/.relaxbbs.com/gfwlist -server=/.relay.com.tw/127.0.0.1#5335 -ipset=/.relay.com.tw/gfwlist -server=/.releaseinternational.org/127.0.0.1#5335 -ipset=/.releaseinternational.org/gfwlist -server=/.religioustolerance.org/127.0.0.1#5335 -ipset=/.religioustolerance.org/gfwlist -server=/.renminbao.com/127.0.0.1#5335 -ipset=/.renminbao.com/gfwlist -server=/.renyurenquan.org/127.0.0.1#5335 -ipset=/.renyurenquan.org/gfwlist -server=/.research.google/127.0.0.1#5335 -ipset=/.research.google/gfwlist -server=/.resilio.com/127.0.0.1#5335 -ipset=/.resilio.com/gfwlist -server=/.retweeteffect.com/127.0.0.1#5335 -ipset=/.retweeteffect.com/gfwlist -server=/.retweetist.com/127.0.0.1#5335 -ipset=/.retweetist.com/gfwlist -server=/.retweetrank.com/127.0.0.1#5335 -ipset=/.retweetrank.com/gfwlist -server=/.reuters.com/127.0.0.1#5335 -ipset=/.reuters.com/gfwlist -server=/.reutersmedia.net/127.0.0.1#5335 -ipset=/.reutersmedia.net/gfwlist -server=/.revleft.com/127.0.0.1#5335 -ipset=/.revleft.com/gfwlist -server=/.revver.com/127.0.0.1#5335 -ipset=/.revver.com/gfwlist -server=/.rfa.org/127.0.0.1#5335 -ipset=/.rfa.org/gfwlist -server=/.rfachina.com/127.0.0.1#5335 -ipset=/.rfachina.com/gfwlist -server=/.rfalive1.akacast.akamaistream.net/127.0.0.1#5335 -ipset=/.rfalive1.akacast.akamaistream.net/gfwlist -server=/.rfamobile.org/127.0.0.1#5335 -ipset=/.rfamobile.org/gfwlist -server=/.rfaweb.org/127.0.0.1#5335 -ipset=/.rfaweb.org/gfwlist -server=/.rferl.org/127.0.0.1#5335 -ipset=/.rferl.org/gfwlist -server=/.rfi.fr/127.0.0.1#5335 -ipset=/.rfi.fr/gfwlist -server=/.rg3.github.io/127.0.0.1#5335 -ipset=/.rg3.github.io/gfwlist -server=/.rightbtc.com/127.0.0.1#5335 -ipset=/.rightbtc.com/gfwlist -server=/.rigpa.org/127.0.0.1#5335 -ipset=/.rigpa.org/gfwlist -server=/.rileyguide.com/127.0.0.1#5335 -ipset=/.rileyguide.com/gfwlist -server=/.riseup.net/127.0.0.1#5335 -ipset=/.riseup.net/gfwlist -server=/.ritouki.jp/127.0.0.1#5335 -ipset=/.ritouki.jp/gfwlist -server=/.ritter.vg/127.0.0.1#5335 -ipset=/.ritter.vg/gfwlist -server=/.rixcloud.com/127.0.0.1#5335 -ipset=/.rixcloud.com/gfwlist -server=/.rixcloud.us/127.0.0.1#5335 -ipset=/.rixcloud.us/gfwlist -server=/.rlwlw.com/127.0.0.1#5335 -ipset=/.rlwlw.com/gfwlist -server=/.rmjdw.com/127.0.0.1#5335 -ipset=/.rmjdw.com/gfwlist -server=/.rmjdw132.info/127.0.0.1#5335 -ipset=/.rmjdw132.info/gfwlist -server=/.roadshow.hk/127.0.0.1#5335 -ipset=/.roadshow.hk/gfwlist -server=/.roboforex.com/127.0.0.1#5335 -ipset=/.roboforex.com/gfwlist -server=/.robustnessiskey.com/127.0.0.1#5335 -ipset=/.robustnessiskey.com/gfwlist -server=/.rocket-inc.net/127.0.0.1#5335 -ipset=/.rocket-inc.net/gfwlist -server=/.rocksdb.org/127.0.0.1#5335 -ipset=/.rocksdb.org/gfwlist -server=/.rojo.com/127.0.0.1#5335 -ipset=/.rojo.com/gfwlist -server=/.rolia.net/127.0.0.1#5335 -ipset=/.rolia.net/gfwlist -server=/.ronjoneswriter.com/127.0.0.1#5335 -ipset=/.ronjoneswriter.com/gfwlist -server=/.roodo.com/127.0.0.1#5335 -ipset=/.roodo.com/gfwlist -server=/.rosechina.net/127.0.0.1#5335 -ipset=/.rosechina.net/gfwlist -server=/.rotten.com/127.0.0.1#5335 -ipset=/.rotten.com/gfwlist -server=/.rsdlmonitor.com/127.0.0.1#5335 -ipset=/.rsdlmonitor.com/gfwlist -server=/.rsf-chinese.org/127.0.0.1#5335 -ipset=/.rsf-chinese.org/gfwlist -server=/.rsf.org/127.0.0.1#5335 -ipset=/.rsf.org/gfwlist -server=/.rsgamen.org/127.0.0.1#5335 -ipset=/.rsgamen.org/gfwlist -server=/.rssmeme.com/127.0.0.1#5335 -ipset=/.rssmeme.com/gfwlist -server=/.rtalabel.org/127.0.0.1#5335 -ipset=/.rtalabel.org/gfwlist -server=/.rthk.hk/127.0.0.1#5335 -ipset=/.rthk.hk/gfwlist -server=/.rthk.org.hk/127.0.0.1#5335 -ipset=/.rthk.org.hk/gfwlist -server=/.rthklive2-lh.akamaihd.net/127.0.0.1#5335 -ipset=/.rthklive2-lh.akamaihd.net/gfwlist -server=/.rti.org.tw/127.0.0.1#5335 -ipset=/.rti.org.tw/gfwlist -server=/.rtycminnesota.org/127.0.0.1#5335 -ipset=/.rtycminnesota.org/gfwlist -server=/.rukor.org/127.0.0.1#5335 -ipset=/.rukor.org/gfwlist -server=/.runbtx.com/127.0.0.1#5335 -ipset=/.runbtx.com/gfwlist -server=/.rushbee.com/127.0.0.1#5335 -ipset=/.rushbee.com/gfwlist -server=/.ruten.com.tw/127.0.0.1#5335 -ipset=/.ruten.com.tw/gfwlist -server=/.rutube.ru/127.0.0.1#5335 -ipset=/.rutube.ru/gfwlist -server=/.ruyiseek.com/127.0.0.1#5335 -ipset=/.ruyiseek.com/gfwlist -server=/.rxhj.net/127.0.0.1#5335 -ipset=/.rxhj.net/gfwlist -server=/.s-cute.com/127.0.0.1#5335 -ipset=/.s-cute.com/gfwlist -server=/.s-dragon.org/127.0.0.1#5335 -ipset=/.s-dragon.org/gfwlist -server=/.s1.nudezz.com/127.0.0.1#5335 -ipset=/.s1.nudezz.com/gfwlist -server=/.s1heng.com/127.0.0.1#5335 -ipset=/.s1heng.com/gfwlist -server=/.s1s1s1.com/127.0.0.1#5335 -ipset=/.s1s1s1.com/gfwlist -server=/.s3-ap-northeast-1.amazonaws.com/127.0.0.1#5335 -ipset=/.s3-ap-northeast-1.amazonaws.com/gfwlist -server=/.s3-ap-southeast-2.amazonaws.com/127.0.0.1#5335 -ipset=/.s3-ap-southeast-2.amazonaws.com/gfwlist -server=/.s8forum.com/127.0.0.1#5335 -ipset=/.s8forum.com/gfwlist -server=/.sacks.com/127.0.0.1#5335 -ipset=/.sacks.com/gfwlist -server=/.sacom.hk/127.0.0.1#5335 -ipset=/.sacom.hk/gfwlist -server=/.sadistic-v.com/127.0.0.1#5335 -ipset=/.sadistic-v.com/gfwlist -server=/.sadpanda.us/127.0.0.1#5335 -ipset=/.sadpanda.us/gfwlist -server=/.safervpn.com/127.0.0.1#5335 -ipset=/.safervpn.com/gfwlist -server=/.safety.google/127.0.0.1#5335 -ipset=/.safety.google/gfwlist -server=/.saintyculture.com/127.0.0.1#5335 -ipset=/.saintyculture.com/gfwlist -server=/.saiq.me/127.0.0.1#5335 -ipset=/.saiq.me/gfwlist -server=/.sakuralive.com/127.0.0.1#5335 -ipset=/.sakuralive.com/gfwlist -server=/.sakya.org/127.0.0.1#5335 -ipset=/.sakya.org/gfwlist -server=/.salvation.org.hk/127.0.0.1#5335 -ipset=/.salvation.org.hk/gfwlist -server=/.sambhota.org/127.0.0.1#5335 -ipset=/.sambhota.org/gfwlist -server=/.sanmin.com.tw/127.0.0.1#5335 -ipset=/.sanmin.com.tw/gfwlist -server=/.sapikachu.net/127.0.0.1#5335 -ipset=/.sapikachu.net/gfwlist -server=/.saveliuxiaobo.com/127.0.0.1#5335 -ipset=/.saveliuxiaobo.com/gfwlist -server=/.savemedia.com/127.0.0.1#5335 -ipset=/.savemedia.com/gfwlist -server=/.savethedate.foo/127.0.0.1#5335 -ipset=/.savethedate.foo/gfwlist -server=/.savethesounds.info/127.0.0.1#5335 -ipset=/.savethesounds.info/gfwlist -server=/.savetibet.de/127.0.0.1#5335 -ipset=/.savetibet.de/gfwlist -server=/.savetibet.fr/127.0.0.1#5335 -ipset=/.savetibet.fr/gfwlist -server=/.savetibet.nl/127.0.0.1#5335 -ipset=/.savetibet.nl/gfwlist -server=/.savetibet.org/127.0.0.1#5335 -ipset=/.savetibet.org/gfwlist -server=/.savetibet.ru/127.0.0.1#5335 -ipset=/.savetibet.ru/gfwlist -server=/.savetibetstore.org/127.0.0.1#5335 -ipset=/.savetibetstore.org/gfwlist -server=/.savevid.com/127.0.0.1#5335 -ipset=/.savevid.com/gfwlist -server=/.say2.info/127.0.0.1#5335 -ipset=/.say2.info/gfwlist -server=/.sbme.me/127.0.0.1#5335 -ipset=/.sbme.me/gfwlist -server=/.scache.vzw.com/127.0.0.1#5335 -ipset=/.scache.vzw.com/gfwlist -server=/.scache1.vzw.com/127.0.0.1#5335 -ipset=/.scache1.vzw.com/gfwlist -server=/.scache2.vzw.com/127.0.0.1#5335 -ipset=/.scache2.vzw.com/gfwlist -server=/.scasino.com/127.0.0.1#5335 -ipset=/.scasino.com/gfwlist -server=/.schema.org/127.0.0.1#5335 -ipset=/.schema.org/gfwlist -server=/.sciencenets.com/127.0.0.1#5335 -ipset=/.sciencenets.com/gfwlist -server=/.scieron.com/127.0.0.1#5335 -ipset=/.scieron.com/gfwlist -server=/.scmp.com/127.0.0.1#5335 -ipset=/.scmp.com/gfwlist -server=/.scmpchinese.com/127.0.0.1#5335 -ipset=/.scmpchinese.com/gfwlist -server=/.scramble.io/127.0.0.1#5335 -ipset=/.scramble.io/gfwlist -server=/.scribd.com/127.0.0.1#5335 -ipset=/.scribd.com/gfwlist -server=/.scriptspot.com/127.0.0.1#5335 -ipset=/.scriptspot.com/gfwlist -server=/.seapuff.com/127.0.0.1#5335 -ipset=/.seapuff.com/gfwlist -server=/.search.aol.com/127.0.0.1#5335 -ipset=/.search.aol.com/gfwlist -server=/.search.yahoo.co.jp/127.0.0.1#5335 -ipset=/.search.yahoo.co.jp/gfwlist -server=/.search.yahoo.com/127.0.0.1#5335 -ipset=/.search.yahoo.com/gfwlist -server=/.searchtruth.com/127.0.0.1#5335 -ipset=/.searchtruth.com/gfwlist -server=/.secretchina.com/127.0.0.1#5335 -ipset=/.secretchina.com/gfwlist -server=/.secretgarden.no/127.0.0.1#5335 -ipset=/.secretgarden.no/gfwlist -server=/.secretsline.biz/127.0.0.1#5335 -ipset=/.secretsline.biz/gfwlist -server=/.secure.logmein.com/127.0.0.1#5335 -ipset=/.secure.logmein.com/gfwlist -server=/.secure.raxcdn.com/127.0.0.1#5335 -ipset=/.secure.raxcdn.com/gfwlist -server=/.securetunnel.com/127.0.0.1#5335 -ipset=/.securetunnel.com/gfwlist -server=/.securityinabox.org/127.0.0.1#5335 -ipset=/.securityinabox.org/gfwlist -server=/.securitykiss.com/127.0.0.1#5335 -ipset=/.securitykiss.com/gfwlist -server=/.see.xxx/127.0.0.1#5335 -ipset=/.see.xxx/gfwlist -server=/.seed4.me/127.0.0.1#5335 -ipset=/.seed4.me/gfwlist -server=/.seesmic.com/127.0.0.1#5335 -ipset=/.seesmic.com/gfwlist -server=/.seevpn.com/127.0.0.1#5335 -ipset=/.seevpn.com/gfwlist -server=/.seezone.net/127.0.0.1#5335 -ipset=/.seezone.net/gfwlist -server=/.sejie.com/127.0.0.1#5335 -ipset=/.sejie.com/gfwlist -server=/.sellclassics.com/127.0.0.1#5335 -ipset=/.sellclassics.com/gfwlist -server=/.sendsmtp.com/127.0.0.1#5335 -ipset=/.sendsmtp.com/gfwlist -server=/.sendspace.com/127.0.0.1#5335 -ipset=/.sendspace.com/gfwlist -server=/.servehttp.com/127.0.0.1#5335 -ipset=/.servehttp.com/gfwlist -server=/.serveuser.com/127.0.0.1#5335 -ipset=/.serveuser.com/gfwlist -server=/.serveusers.com/127.0.0.1#5335 -ipset=/.serveusers.com/gfwlist -server=/.sesawe.net/127.0.0.1#5335 -ipset=/.sesawe.net/gfwlist -server=/.sesawe.org/127.0.0.1#5335 -ipset=/.sesawe.org/gfwlist -server=/.sethwklein.net/127.0.0.1#5335 -ipset=/.sethwklein.net/gfwlist -server=/.setn.com/127.0.0.1#5335 -ipset=/.setn.com/gfwlist -server=/.settv.com.tw/127.0.0.1#5335 -ipset=/.settv.com.tw/gfwlist -server=/.sevenload.com/127.0.0.1#5335 -ipset=/.sevenload.com/gfwlist -server=/.sex-11.com/127.0.0.1#5335 -ipset=/.sex-11.com/gfwlist -server=/.sex.com/127.0.0.1#5335 -ipset=/.sex.com/gfwlist -server=/.sex3.com/127.0.0.1#5335 -ipset=/.sex3.com/gfwlist -server=/.sex8.cc/127.0.0.1#5335 -ipset=/.sex8.cc/gfwlist -server=/.sexandsubmission.com/127.0.0.1#5335 -ipset=/.sexandsubmission.com/gfwlist -server=/.sexbot.com/127.0.0.1#5335 -ipset=/.sexbot.com/gfwlist -server=/.sexhu.com/127.0.0.1#5335 -ipset=/.sexhu.com/gfwlist -server=/.sexhuang.com/127.0.0.1#5335 -ipset=/.sexhuang.com/gfwlist -server=/.sexidude.com/127.0.0.1#5335 -ipset=/.sexidude.com/gfwlist -server=/.sexinsex.net/127.0.0.1#5335 -ipset=/.sexinsex.net/gfwlist -server=/.sextvx.com/127.0.0.1#5335 -ipset=/.sextvx.com/gfwlist -server=/.sexxxy.biz/127.0.0.1#5335 -ipset=/.sexxxy.biz/gfwlist -server=/.sfileydy.com/127.0.0.1#5335 -ipset=/.sfileydy.com/gfwlist -server=/.sfshibao.com/127.0.0.1#5335 -ipset=/.sfshibao.com/gfwlist -server=/.sftindia.org/127.0.0.1#5335 -ipset=/.sftindia.org/gfwlist -server=/.sftuk.org/127.0.0.1#5335 -ipset=/.sftuk.org/gfwlist -server=/.sgwritings.com/127.0.0.1#5335 -ipset=/.sgwritings.com/gfwlist -server=/.sgzhan.com/127.0.0.1#5335 -ipset=/.sgzhan.com/gfwlist -server=/.shadeyouvpn.com/127.0.0.1#5335 -ipset=/.shadeyouvpn.com/gfwlist -server=/.shadow.ma/127.0.0.1#5335 -ipset=/.shadow.ma/gfwlist -server=/.shadowsky.xyz/127.0.0.1#5335 -ipset=/.shadowsky.xyz/gfwlist -server=/.shadowsocks-r.com/127.0.0.1#5335 -ipset=/.shadowsocks-r.com/gfwlist -server=/.shadowsocks.asia/127.0.0.1#5335 -ipset=/.shadowsocks.asia/gfwlist -server=/.shadowsocks.be/127.0.0.1#5335 -ipset=/.shadowsocks.be/gfwlist -server=/.shadowsocks.com/127.0.0.1#5335 -ipset=/.shadowsocks.com/gfwlist -server=/.shadowsocks.org/127.0.0.1#5335 -ipset=/.shadowsocks.org/gfwlist -server=/.shadowsocks9.com/127.0.0.1#5335 -ipset=/.shadowsocks9.com/gfwlist -server=/.shambalapost.com/127.0.0.1#5335 -ipset=/.shambalapost.com/gfwlist -server=/.shambhalasun.com/127.0.0.1#5335 -ipset=/.shambhalasun.com/gfwlist -server=/.shangfang.org/127.0.0.1#5335 -ipset=/.shangfang.org/gfwlist -server=/.shapeservices.com/127.0.0.1#5335 -ipset=/.shapeservices.com/gfwlist -server=/.share.america.gov/127.0.0.1#5335 -ipset=/.share.america.gov/gfwlist -server=/.share.dmhy.org/127.0.0.1#5335 -ipset=/.share.dmhy.org/gfwlist -server=/.share.youthwant.com.tw/127.0.0.1#5335 -ipset=/.share.youthwant.com.tw/gfwlist -server=/.sharebee.com/127.0.0.1#5335 -ipset=/.sharebee.com/gfwlist -server=/.sharecool.org/127.0.0.1#5335 -ipset=/.sharecool.org/gfwlist -server=/.sharpdaily.com.hk/127.0.0.1#5335 -ipset=/.sharpdaily.com.hk/gfwlist -server=/.sharpdaily.hk/127.0.0.1#5335 -ipset=/.sharpdaily.hk/gfwlist -server=/.sharpdaily.tw/127.0.0.1#5335 -ipset=/.sharpdaily.tw/gfwlist -server=/.shat-tibet.com/127.0.0.1#5335 -ipset=/.shat-tibet.com/gfwlist -server=/.shattered.io/127.0.0.1#5335 -ipset=/.shattered.io/gfwlist -server=/.sheikyermami.com/127.0.0.1#5335 -ipset=/.sheikyermami.com/gfwlist -server=/.shellfire.de/127.0.0.1#5335 -ipset=/.shellfire.de/gfwlist -server=/.shenshou.org/127.0.0.1#5335 -ipset=/.shenshou.org/gfwlist -server=/.shenyun.com/127.0.0.1#5335 -ipset=/.shenyun.com/gfwlist -server=/.shenyunperformingarts.org/127.0.0.1#5335 -ipset=/.shenyunperformingarts.org/gfwlist -server=/.shenzhoufilm.com/127.0.0.1#5335 -ipset=/.shenzhoufilm.com/gfwlist -server=/.sherabgyaltsen.com/127.0.0.1#5335 -ipset=/.sherabgyaltsen.com/gfwlist -server=/.shiatv.net/127.0.0.1#5335 -ipset=/.shiatv.net/gfwlist -server=/.shicheng.org/127.0.0.1#5335 -ipset=/.shicheng.org/gfwlist -server=/.shiksha.com/127.0.0.1#5335 -ipset=/.shiksha.com/gfwlist -server=/.shinychan.com/127.0.0.1#5335 -ipset=/.shinychan.com/gfwlist -server=/.shipcamouflage.com/127.0.0.1#5335 -ipset=/.shipcamouflage.com/gfwlist -server=/.shireyishunjian.com/127.0.0.1#5335 -ipset=/.shireyishunjian.com/gfwlist -server=/.shitaotv.org/127.0.0.1#5335 -ipset=/.shitaotv.org/gfwlist -server=/.shixiao.org/127.0.0.1#5335 -ipset=/.shixiao.org/gfwlist -server=/.shizhao.org/127.0.0.1#5335 -ipset=/.shizhao.org/gfwlist -server=/.shodanhq.com/127.0.0.1#5335 -ipset=/.shodanhq.com/gfwlist -server=/.shooshtime.com/127.0.0.1#5335 -ipset=/.shooshtime.com/gfwlist -server=/.shop2000.com.tw/127.0.0.1#5335 -ipset=/.shop2000.com.tw/gfwlist -server=/.shopping.com/127.0.0.1#5335 -ipset=/.shopping.com/gfwlist -server=/.showbiz.omy.sg/127.0.0.1#5335 -ipset=/.showbiz.omy.sg/gfwlist -server=/.showhaotu.com/127.0.0.1#5335 -ipset=/.showhaotu.com/gfwlist -server=/.showtime.jp/127.0.0.1#5335 -ipset=/.showtime.jp/gfwlist -server=/.shutterstock.com/127.0.0.1#5335 -ipset=/.shutterstock.com/gfwlist -server=/.shwchurch.org/127.0.0.1#5335 -ipset=/.shwchurch.org/gfwlist -server=/.shwchurch3.com/127.0.0.1#5335 -ipset=/.shwchurch3.com/gfwlist -server=/.siddharthasintent.org/127.0.0.1#5335 -ipset=/.siddharthasintent.org/gfwlist -server=/.sidelinesnews.com/127.0.0.1#5335 -ipset=/.sidelinesnews.com/gfwlist -server=/.sidelinessportseatery.com/127.0.0.1#5335 -ipset=/.sidelinessportseatery.com/gfwlist -server=/.sierrafriendsoftibet.org/127.0.0.1#5335 -ipset=/.sierrafriendsoftibet.org/gfwlist -server=/.sijihuisuo.club/127.0.0.1#5335 -ipset=/.sijihuisuo.club/gfwlist -server=/.sijihuisuo.com/127.0.0.1#5335 -ipset=/.sijihuisuo.com/gfwlist -server=/.sikaozhe1997.github.io/127.0.0.1#5335 -ipset=/.sikaozhe1997.github.io/gfwlist -server=/.silkbook.com/127.0.0.1#5335 -ipset=/.silkbook.com/gfwlist -server=/.simbolostwitter.com/127.0.0.1#5335 -ipset=/.simbolostwitter.com/gfwlist -server=/.simplecd.org/127.0.0.1#5335 -ipset=/.simplecd.org/gfwlist -server=/.simpleproductivityblog.com/127.0.0.1#5335 -ipset=/.simpleproductivityblog.com/gfwlist -server=/.singaporepools.com.sg/127.0.0.1#5335 -ipset=/.singaporepools.com.sg/gfwlist -server=/.singfortibet.com/127.0.0.1#5335 -ipset=/.singfortibet.com/gfwlist -server=/.singpao.com.hk/127.0.0.1#5335 -ipset=/.singpao.com.hk/gfwlist -server=/.singtao.com/127.0.0.1#5335 -ipset=/.singtao.com/gfwlist -server=/.singtaousa.com/127.0.0.1#5335 -ipset=/.singtaousa.com/gfwlist -server=/.sino-monthly.com/127.0.0.1#5335 -ipset=/.sino-monthly.com/gfwlist -server=/.sinoants.com/127.0.0.1#5335 -ipset=/.sinoants.com/gfwlist -server=/.sinocast.com/127.0.0.1#5335 -ipset=/.sinocast.com/gfwlist -server=/.sinocism.com/127.0.0.1#5335 -ipset=/.sinocism.com/gfwlist -server=/.sinomontreal.ca/127.0.0.1#5335 -ipset=/.sinomontreal.ca/gfwlist -server=/.sinonet.ca/127.0.0.1#5335 -ipset=/.sinonet.ca/gfwlist -server=/.sinopitt.info/127.0.0.1#5335 -ipset=/.sinopitt.info/gfwlist -server=/.sinoquebec.com/127.0.0.1#5335 -ipset=/.sinoquebec.com/gfwlist -server=/.sis.xxx/127.0.0.1#5335 -ipset=/.sis.xxx/gfwlist -server=/.sis001.com/127.0.0.1#5335 -ipset=/.sis001.com/gfwlist -server=/.sis001.us/127.0.0.1#5335 -ipset=/.sis001.us/gfwlist -server=/.site2unblock.com/127.0.0.1#5335 -ipset=/.site2unblock.com/gfwlist -server=/.site90.net/127.0.0.1#5335 -ipset=/.site90.net/gfwlist -server=/.sitebro.tw/127.0.0.1#5335 -ipset=/.sitebro.tw/gfwlist -server=/.sitekreator.com/127.0.0.1#5335 -ipset=/.sitekreator.com/gfwlist -server=/.siteks.uk.to/127.0.0.1#5335 -ipset=/.siteks.uk.to/gfwlist -server=/.sitemaps.org/127.0.0.1#5335 -ipset=/.sitemaps.org/gfwlist -server=/.six-degrees.io/127.0.0.1#5335 -ipset=/.six-degrees.io/gfwlist -server=/.sixth.biz/127.0.0.1#5335 -ipset=/.sixth.biz/gfwlist -server=/.sjrt.org/127.0.0.1#5335 -ipset=/.sjrt.org/gfwlist -server=/.sjum.cn/127.0.0.1#5335 -ipset=/.sjum.cn/gfwlist -server=/.sketchappsources.com/127.0.0.1#5335 -ipset=/.sketchappsources.com/gfwlist -server=/.skimtube.com/127.0.0.1#5335 -ipset=/.skimtube.com/gfwlist -server=/.skybet.com/127.0.0.1#5335 -ipset=/.skybet.com/gfwlist -server=/.skyking.com.tw/127.0.0.1#5335 -ipset=/.skyking.com.tw/gfwlist -server=/.skyvegas.com/127.0.0.1#5335 -ipset=/.skyvegas.com/gfwlist -server=/.skyxvpn.com/127.0.0.1#5335 -ipset=/.skyxvpn.com/gfwlist -server=/.slacker.com/127.0.0.1#5335 -ipset=/.slacker.com/gfwlist -server=/.slaytizle.com/127.0.0.1#5335 -ipset=/.slaytizle.com/gfwlist -server=/.sleazydream.com/127.0.0.1#5335 -ipset=/.sleazydream.com/gfwlist -server=/.slheng.com/127.0.0.1#5335 -ipset=/.slheng.com/gfwlist -server=/.slickvpn.com/127.0.0.1#5335 -ipset=/.slickvpn.com/gfwlist -server=/.slideshare.net/127.0.0.1#5335 -ipset=/.slideshare.net/gfwlist -server=/.slinkset.com/127.0.0.1#5335 -ipset=/.slinkset.com/gfwlist -server=/.slutload.com/127.0.0.1#5335 -ipset=/.slutload.com/gfwlist -server=/.slutmoonbeam.com/127.0.0.1#5335 -ipset=/.slutmoonbeam.com/gfwlist -server=/.slyip.com/127.0.0.1#5335 -ipset=/.slyip.com/gfwlist -server=/.slyip.net/127.0.0.1#5335 -ipset=/.slyip.net/gfwlist -server=/.sm-miracle.com/127.0.0.1#5335 -ipset=/.sm-miracle.com/gfwlist -server=/.smartdnsproxy.com/127.0.0.1#5335 -ipset=/.smartdnsproxy.com/gfwlist -server=/.smarthide.com/127.0.0.1#5335 -ipset=/.smarthide.com/gfwlist -server=/.smchbooks.com/127.0.0.1#5335 -ipset=/.smchbooks.com/gfwlist -server=/.smhric.org/127.0.0.1#5335 -ipset=/.smhric.org/gfwlist -server=/.smyxy.org/127.0.0.1#5335 -ipset=/.smyxy.org/gfwlist -server=/.snapchat.com/127.0.0.1#5335 -ipset=/.snapchat.com/gfwlist -server=/.snaptu.com/127.0.0.1#5335 -ipset=/.snaptu.com/gfwlist -server=/.sndcdn.com/127.0.0.1#5335 -ipset=/.sndcdn.com/gfwlist -server=/.sneakme.net/127.0.0.1#5335 -ipset=/.sneakme.net/gfwlist -server=/.snowlionpub.com/127.0.0.1#5335 -ipset=/.snowlionpub.com/gfwlist -server=/.sobees.com/127.0.0.1#5335 -ipset=/.sobees.com/gfwlist -server=/.soc.mil/127.0.0.1#5335 -ipset=/.soc.mil/gfwlist -server=/.socialwhale.com/127.0.0.1#5335 -ipset=/.socialwhale.com/gfwlist -server=/.socks-proxy.net/127.0.0.1#5335 -ipset=/.socks-proxy.net/gfwlist -server=/.sockscap64.com/127.0.0.1#5335 -ipset=/.sockscap64.com/gfwlist -server=/.sockslist.net/127.0.0.1#5335 -ipset=/.sockslist.net/gfwlist -server=/.socrec.org/127.0.0.1#5335 -ipset=/.socrec.org/gfwlist -server=/.sod.co.jp/127.0.0.1#5335 -ipset=/.sod.co.jp/gfwlist -server=/.sodatea.github.io/127.0.0.1#5335 -ipset=/.sodatea.github.io/gfwlist -server=/.softether-download.com/127.0.0.1#5335 -ipset=/.softether-download.com/gfwlist -server=/.softether.co.jp/127.0.0.1#5335 -ipset=/.softether.co.jp/gfwlist -server=/.softether.org/127.0.0.1#5335 -ipset=/.softether.org/gfwlist -server=/.softfamous.com/127.0.0.1#5335 -ipset=/.softfamous.com/gfwlist -server=/.softsmirror.cf/127.0.0.1#5335 -ipset=/.softsmirror.cf/gfwlist -server=/.softwarebychuck.com/127.0.0.1#5335 -ipset=/.softwarebychuck.com/gfwlist -server=/.softwaredownload.gitbooks.io/127.0.0.1#5335 -ipset=/.softwaredownload.gitbooks.io/gfwlist -server=/.sogclub.com/127.0.0.1#5335 -ipset=/.sogclub.com/gfwlist -server=/.sogrady.me/127.0.0.1#5335 -ipset=/.sogrady.me/gfwlist -server=/.soh.tw/127.0.0.1#5335 -ipset=/.soh.tw/gfwlist -server=/.sohcradio.com/127.0.0.1#5335 -ipset=/.sohcradio.com/gfwlist -server=/.sohfrance.org/127.0.0.1#5335 -ipset=/.sohfrance.org/gfwlist -server=/.sokamonline.com/127.0.0.1#5335 -ipset=/.sokamonline.com/gfwlist -server=/.sokmil.com/127.0.0.1#5335 -ipset=/.sokmil.com/gfwlist -server=/.solarsystem.nasa.gov/127.0.0.1#5335 -ipset=/.solarsystem.nasa.gov/gfwlist -server=/.solidaritetibet.org/127.0.0.1#5335 -ipset=/.solidaritetibet.org/gfwlist -server=/.solidfiles.com/127.0.0.1#5335 -ipset=/.solidfiles.com/gfwlist -server=/.somee.com/127.0.0.1#5335 -ipset=/.somee.com/gfwlist -server=/.songjianjun.com/127.0.0.1#5335 -ipset=/.songjianjun.com/gfwlist -server=/.sonicbbs.cc/127.0.0.1#5335 -ipset=/.sonicbbs.cc/gfwlist -server=/.sonidodelaesperanza.org/127.0.0.1#5335 -ipset=/.sonidodelaesperanza.org/gfwlist -server=/.sopcast.com/127.0.0.1#5335 -ipset=/.sopcast.com/gfwlist -server=/.sopcast.org/127.0.0.1#5335 -ipset=/.sopcast.org/gfwlist -server=/.sorazone.net/127.0.0.1#5335 -ipset=/.sorazone.net/gfwlist -server=/.sorting-algorithms.com/127.0.0.1#5335 -ipset=/.sorting-algorithms.com/gfwlist -server=/.sos.org/127.0.0.1#5335 -ipset=/.sos.org/gfwlist -server=/.sosreader.com/127.0.0.1#5335 -ipset=/.sosreader.com/gfwlist -server=/.sostibet.org/127.0.0.1#5335 -ipset=/.sostibet.org/gfwlist -server=/.soubory.com/127.0.0.1#5335 -ipset=/.soubory.com/gfwlist -server=/.soul-plus.net/127.0.0.1#5335 -ipset=/.soul-plus.net/gfwlist -server=/.soulcaliburhentai.net/127.0.0.1#5335 -ipset=/.soulcaliburhentai.net/gfwlist -server=/.soumo.info/127.0.0.1#5335 -ipset=/.soumo.info/gfwlist -server=/.soundcloud.com/127.0.0.1#5335 -ipset=/.soundcloud.com/gfwlist -server=/.soundofhope.kr/127.0.0.1#5335 -ipset=/.soundofhope.kr/gfwlist -server=/.soundofhope.org/127.0.0.1#5335 -ipset=/.soundofhope.org/gfwlist -server=/.soup.io/127.0.0.1#5335 -ipset=/.soup.io/gfwlist -server=/.soupofmedia.com/127.0.0.1#5335 -ipset=/.soupofmedia.com/gfwlist -server=/.sourcewadio.com/127.0.0.1#5335 -ipset=/.sourcewadio.com/gfwlist -server=/.southnews.com.tw/127.0.0.1#5335 -ipset=/.southnews.com.tw/gfwlist -server=/.sowers.org.hk/127.0.0.1#5335 -ipset=/.sowers.org.hk/gfwlist -server=/.soylentnews.org/127.0.0.1#5335 -ipset=/.soylentnews.org/gfwlist -server=/.spaces.hightail.com/127.0.0.1#5335 -ipset=/.spaces.hightail.com/gfwlist -server=/.spankbang.com/127.0.0.1#5335 -ipset=/.spankbang.com/gfwlist -server=/.spankingtube.com/127.0.0.1#5335 -ipset=/.spankingtube.com/gfwlist -server=/.spankwire.com/127.0.0.1#5335 -ipset=/.spankwire.com/gfwlist -server=/.spb.com/127.0.0.1#5335 -ipset=/.spb.com/gfwlist -server=/.speakerdeck.com/127.0.0.1#5335 -ipset=/.speakerdeck.com/gfwlist -server=/.specxinzl.jigsy.com/127.0.0.1#5335 -ipset=/.specxinzl.jigsy.com/gfwlist -server=/.speedify.com/127.0.0.1#5335 -ipset=/.speedify.com/gfwlist -server=/.spem.at/127.0.0.1#5335 -ipset=/.spem.at/gfwlist -server=/.spencertipping.com/127.0.0.1#5335 -ipset=/.spencertipping.com/gfwlist -server=/.spendee.com/127.0.0.1#5335 -ipset=/.spendee.com/gfwlist -server=/.spicevpn.com/127.0.0.1#5335 -ipset=/.spicevpn.com/gfwlist -server=/.spideroak.com/127.0.0.1#5335 -ipset=/.spideroak.com/gfwlist -server=/.spike.com/127.0.0.1#5335 -ipset=/.spike.com/gfwlist -server=/.sports.williamhill.com/127.0.0.1#5335 -ipset=/.sports.williamhill.com/gfwlist -server=/.spotflux.com/127.0.0.1#5335 -ipset=/.spotflux.com/gfwlist -server=/.spotify.com/127.0.0.1#5335 -ipset=/.spotify.com/gfwlist -server=/.spreadshirt.es/127.0.0.1#5335 -ipset=/.spreadshirt.es/gfwlist -server=/.spring4u.info/127.0.0.1#5335 -ipset=/.spring4u.info/gfwlist -server=/.springboardplatform.com/127.0.0.1#5335 -ipset=/.springboardplatform.com/gfwlist -server=/.sproutcore.com/127.0.0.1#5335 -ipset=/.sproutcore.com/gfwlist -server=/.sproxy.info/127.0.0.1#5335 -ipset=/.sproxy.info/gfwlist -server=/.squirly.info/127.0.0.1#5335 -ipset=/.squirly.info/gfwlist -server=/.srocket.us/127.0.0.1#5335 -ipset=/.srocket.us/gfwlist -server=/.ss-link.com/127.0.0.1#5335 -ipset=/.ss-link.com/gfwlist -server=/.ss.carryzhou.com/127.0.0.1#5335 -ipset=/.ss.carryzhou.com/gfwlist -server=/.ss.levyhsu.com/127.0.0.1#5335 -ipset=/.ss.levyhsu.com/gfwlist -server=/.ss7.vzw.com/127.0.0.1#5335 -ipset=/.ss7.vzw.com/gfwlist -server=/.ssglobal.co/127.0.0.1#5335 -ipset=/.ssglobal.co/gfwlist -server=/.ssglobal.me/127.0.0.1#5335 -ipset=/.ssglobal.me/gfwlist -server=/.ssh91.com/127.0.0.1#5335 -ipset=/.ssh91.com/gfwlist -server=/.ssl.webpack.de/127.0.0.1#5335 -ipset=/.ssl.webpack.de/gfwlist -server=/.ssl443.org/127.0.0.1#5335 -ipset=/.ssl443.org/gfwlist -server=/.sspanel.net/127.0.0.1#5335 -ipset=/.sspanel.net/gfwlist -server=/.sspro.ml/127.0.0.1#5335 -ipset=/.sspro.ml/gfwlist -server=/.ssr.tools/127.0.0.1#5335 -ipset=/.ssr.tools/gfwlist -server=/.ssrshare.com/127.0.0.1#5335 -ipset=/.ssrshare.com/gfwlist -server=/.sss.camp/127.0.0.1#5335 -ipset=/.sss.camp/gfwlist -server=/.sstmlt.moe/127.0.0.1#5335 -ipset=/.sstmlt.moe/gfwlist -server=/.sstmlt.net/127.0.0.1#5335 -ipset=/.sstmlt.net/gfwlist -server=/.stage64.hk/127.0.0.1#5335 -ipset=/.stage64.hk/gfwlist -server=/.standupfortibet.org/127.0.0.1#5335 -ipset=/.standupfortibet.org/gfwlist -server=/.starfishfx.com/127.0.0.1#5335 -ipset=/.starfishfx.com/gfwlist -server=/.starp2p.com/127.0.0.1#5335 -ipset=/.starp2p.com/gfwlist -server=/.startpage.com/127.0.0.1#5335 -ipset=/.startpage.com/gfwlist -server=/.startuplivingchina.com/127.0.0.1#5335 -ipset=/.startuplivingchina.com/gfwlist -server=/.stat.gov.tw/127.0.0.1#5335 -ipset=/.stat.gov.tw/gfwlist -server=/.static-economist.com/127.0.0.1#5335 -ipset=/.static-economist.com/gfwlist -server=/.static.comico.tw/127.0.0.1#5335 -ipset=/.static.comico.tw/gfwlist -server=/.static.shemalez.com/127.0.0.1#5335 -ipset=/.static.shemalez.com/gfwlist -server=/.static01.nyt.com/127.0.0.1#5335 -ipset=/.static01.nyt.com/gfwlist -server=/.staticflickr.com/127.0.0.1#5335 -ipset=/.staticflickr.com/gfwlist -server=/.statueofdemocracy.org/127.0.0.1#5335 -ipset=/.statueofdemocracy.org/gfwlist -server=/.stc.com.sa/127.0.0.1#5335 -ipset=/.stc.com.sa/gfwlist -server=/.steamcommunity.com/127.0.0.1#5335 -ipset=/.steamcommunity.com/gfwlist -server=/.steel-storm.com/127.0.0.1#5335 -ipset=/.steel-storm.com/gfwlist -server=/.steemit.com/127.0.0.1#5335 -ipset=/.steemit.com/gfwlist -server=/.steganos.com/127.0.0.1#5335 -ipset=/.steganos.com/gfwlist -server=/.steganos.net/127.0.0.1#5335 -ipset=/.steganos.net/gfwlist -server=/.stepchina.com/127.0.0.1#5335 -ipset=/.stepchina.com/gfwlist -server=/.stephaniered.com/127.0.0.1#5335 -ipset=/.stephaniered.com/gfwlist -server=/.sthoo.com/127.0.0.1#5335 -ipset=/.sthoo.com/gfwlist -server=/.stickam.com/127.0.0.1#5335 -ipset=/.stickam.com/gfwlist -server=/.stileproject.com/127.0.0.1#5335 -ipset=/.stileproject.com/gfwlist -server=/.sto.cc/127.0.0.1#5335 -ipset=/.sto.cc/gfwlist -server=/.stoporganharvesting.org/127.0.0.1#5335 -ipset=/.stoporganharvesting.org/gfwlist -server=/.stoptibetcrisis.net/127.0.0.1#5335 -ipset=/.stoptibetcrisis.net/gfwlist -server=/.storagenewsletter.com/127.0.0.1#5335 -ipset=/.storagenewsletter.com/gfwlist -server=/.stories.google/127.0.0.1#5335 -ipset=/.stories.google/gfwlist -server=/.storify.com/127.0.0.1#5335 -ipset=/.storify.com/gfwlist -server=/.storm.mg/127.0.0.1#5335 -ipset=/.storm.mg/gfwlist -server=/.stormmediagroup.com/127.0.0.1#5335 -ipset=/.stormmediagroup.com/gfwlist -server=/.stoweboyd.com/127.0.0.1#5335 -ipset=/.stoweboyd.com/gfwlist -server=/.stranabg.com/127.0.0.1#5335 -ipset=/.stranabg.com/gfwlist -server=/.straplessdildo.com/127.0.0.1#5335 -ipset=/.straplessdildo.com/gfwlist -server=/.streamingthe.net/127.0.0.1#5335 -ipset=/.streamingthe.net/gfwlist -server=/.strikingly.com/127.0.0.1#5335 -ipset=/.strikingly.com/gfwlist -server=/.strongvpn.com/127.0.0.1#5335 -ipset=/.strongvpn.com/gfwlist -server=/.strongwindpress.com/127.0.0.1#5335 -ipset=/.strongwindpress.com/gfwlist -server=/.studentsforafreetibet.org/127.0.0.1#5335 -ipset=/.studentsforafreetibet.org/gfwlist -server=/.stumbleupon.com/127.0.0.1#5335 -ipset=/.stumbleupon.com/gfwlist -server=/.stupidvideos.com/127.0.0.1#5335 -ipset=/.stupidvideos.com/gfwlist -server=/.subacme.rerouted.org/127.0.0.1#5335 -ipset=/.subacme.rerouted.org/gfwlist -server=/.successfn.com/127.0.0.1#5335 -ipset=/.successfn.com/gfwlist -server=/.sugarsync.com/127.0.0.1#5335 -ipset=/.sugarsync.com/gfwlist -server=/.sugobbs.com/127.0.0.1#5335 -ipset=/.sugobbs.com/gfwlist -server=/.sugumiru18.com/127.0.0.1#5335 -ipset=/.sugumiru18.com/gfwlist -server=/.suissl.com/127.0.0.1#5335 -ipset=/.suissl.com/gfwlist -server=/.sujiatun.wordpress.com/127.0.0.1#5335 -ipset=/.sujiatun.wordpress.com/gfwlist -server=/.sukebei.nyaa.si/127.0.0.1#5335 -ipset=/.sukebei.nyaa.si/gfwlist -server=/.sulian.me/127.0.0.1#5335 -ipset=/.sulian.me/gfwlist -server=/.summify.com/127.0.0.1#5335 -ipset=/.summify.com/gfwlist -server=/.sumrando.com/127.0.0.1#5335 -ipset=/.sumrando.com/gfwlist -server=/.sun1911.com/127.0.0.1#5335 -ipset=/.sun1911.com/gfwlist -server=/.sunmedia.ca/127.0.0.1#5335 -ipset=/.sunmedia.ca/gfwlist -server=/.sunporno.com/127.0.0.1#5335 -ipset=/.sunporno.com/gfwlist -server=/.sunskyforum.com/127.0.0.1#5335 -ipset=/.sunskyforum.com/gfwlist -server=/.sunta.com.tw/127.0.0.1#5335 -ipset=/.sunta.com.tw/gfwlist -server=/.sunvpn.net/127.0.0.1#5335 -ipset=/.sunvpn.net/gfwlist -server=/.sunwinism.joinbbs.net/127.0.0.1#5335 -ipset=/.sunwinism.joinbbs.net/gfwlist -server=/.suoluo.org/127.0.0.1#5335 -ipset=/.suoluo.org/gfwlist -server=/.supchina.com/127.0.0.1#5335 -ipset=/.supchina.com/gfwlist -server=/.superfreevpn.com/127.0.0.1#5335 -ipset=/.superfreevpn.com/gfwlist -server=/.superokayama.com/127.0.0.1#5335 -ipset=/.superokayama.com/gfwlist -server=/.superpages.com/127.0.0.1#5335 -ipset=/.superpages.com/gfwlist -server=/.supervpn.net/127.0.0.1#5335 -ipset=/.supervpn.net/gfwlist -server=/.superzooi.com/127.0.0.1#5335 -ipset=/.superzooi.com/gfwlist -server=/.suppig.net/127.0.0.1#5335 -ipset=/.suppig.net/gfwlist -server=/.suprememastertv.com/127.0.0.1#5335 -ipset=/.suprememastertv.com/gfwlist -server=/.surfeasy.com/127.0.0.1#5335 -ipset=/.surfeasy.com/gfwlist -server=/.suroot.com/127.0.0.1#5335 -ipset=/.suroot.com/gfwlist -server=/.surrenderat20.net/127.0.0.1#5335 -ipset=/.surrenderat20.net/gfwlist -server=/.sustainability.google/127.0.0.1#5335 -ipset=/.sustainability.google/gfwlist -server=/.suyangg.com/127.0.0.1#5335 -ipset=/.suyangg.com/gfwlist -server=/.svsfx.com/127.0.0.1#5335 -ipset=/.svsfx.com/gfwlist -server=/.swagbucks.com/127.0.0.1#5335 -ipset=/.swagbucks.com/gfwlist -server=/.swissinfo.ch/127.0.0.1#5335 -ipset=/.swissinfo.ch/gfwlist -server=/.swissvpn.net/127.0.0.1#5335 -ipset=/.swissvpn.net/gfwlist -server=/.switch1.jp/127.0.0.1#5335 -ipset=/.switch1.jp/gfwlist -server=/.switchvpn.net/127.0.0.1#5335 -ipset=/.switchvpn.net/gfwlist -server=/.sydneytoday.com/127.0.0.1#5335 -ipset=/.sydneytoday.com/gfwlist -server=/.sylfoundation.org/127.0.0.1#5335 -ipset=/.sylfoundation.org/gfwlist -server=/.syncback.com/127.0.0.1#5335 -ipset=/.syncback.com/gfwlist -server=/.synergyse.com/127.0.0.1#5335 -ipset=/.synergyse.com/gfwlist -server=/.sysresccd.org/127.0.0.1#5335 -ipset=/.sysresccd.org/gfwlist -server=/.sytes.net/127.0.0.1#5335 -ipset=/.sytes.net/gfwlist -server=/.szbbs.net/127.0.0.1#5335 -ipset=/.szbbs.net/gfwlist -server=/.szetowah.org.hk/127.0.0.1#5335 -ipset=/.szetowah.org.hk/gfwlist -server=/.t-g.com/127.0.0.1#5335 -ipset=/.t-g.com/gfwlist -server=/.t.co/127.0.0.1#5335 -ipset=/.t.co/gfwlist -server=/.t.me/127.0.0.1#5335 -ipset=/.t.me/gfwlist -server=/.t.orzdream.com/127.0.0.1#5335 -ipset=/.t.orzdream.com/gfwlist -server=/.t35.com/127.0.0.1#5335 -ipset=/.t35.com/gfwlist -server=/.t66y.com/127.0.0.1#5335 -ipset=/.t66y.com/gfwlist -server=/.taa-usa.org/127.0.0.1#5335 -ipset=/.taa-usa.org/gfwlist -server=/.taaze.tw/127.0.0.1#5335 -ipset=/.taaze.tw/gfwlist -server=/.tabtter.jp/127.0.0.1#5335 -ipset=/.tabtter.jp/gfwlist -server=/.tacc.cwb.gov.tw/127.0.0.1#5335 -ipset=/.tacc.cwb.gov.tw/gfwlist -server=/.tacem.org/127.0.0.1#5335 -ipset=/.tacem.org/gfwlist -server=/.taconet.com.tw/127.0.0.1#5335 -ipset=/.taconet.com.tw/gfwlist -server=/.taedp.org.tw/127.0.0.1#5335 -ipset=/.taedp.org.tw/gfwlist -server=/.tafm.org/127.0.0.1#5335 -ipset=/.tafm.org/gfwlist -server=/.tagwa.org.au/127.0.0.1#5335 -ipset=/.tagwa.org.au/gfwlist -server=/.tagwalk.com/127.0.0.1#5335 -ipset=/.tagwalk.com/gfwlist -server=/.tahr.org.tw/127.0.0.1#5335 -ipset=/.tahr.org.tw/gfwlist -server=/.taipei.gov.tw/127.0.0.1#5335 -ipset=/.taipei.gov.tw/gfwlist -server=/.taipeisociety.org/127.0.0.1#5335 -ipset=/.taipeisociety.org/gfwlist -server=/.taiwan-sex.com/127.0.0.1#5335 -ipset=/.taiwan-sex.com/gfwlist -server=/.taiwanbible.com/127.0.0.1#5335 -ipset=/.taiwanbible.com/gfwlist -server=/.taiwancon.com/127.0.0.1#5335 -ipset=/.taiwancon.com/gfwlist -server=/.taiwandaily.net/127.0.0.1#5335 -ipset=/.taiwandaily.net/gfwlist -server=/.taiwandc.org/127.0.0.1#5335 -ipset=/.taiwandc.org/gfwlist -server=/.taiwanjobs.gov.tw/127.0.0.1#5335 -ipset=/.taiwanjobs.gov.tw/gfwlist -server=/.taiwanjustice.com/127.0.0.1#5335 -ipset=/.taiwanjustice.com/gfwlist -server=/.taiwanjustice.net/127.0.0.1#5335 -ipset=/.taiwanjustice.net/gfwlist -server=/.taiwankiss.com/127.0.0.1#5335 -ipset=/.taiwankiss.com/gfwlist -server=/.taiwannation.50webs.com/127.0.0.1#5335 -ipset=/.taiwannation.50webs.com/gfwlist -server=/.taiwannation.com/127.0.0.1#5335 -ipset=/.taiwannation.com/gfwlist -server=/.taiwanncf.org.tw/127.0.0.1#5335 -ipset=/.taiwanncf.org.tw/gfwlist -server=/.taiwannews.com.tw/127.0.0.1#5335 -ipset=/.taiwannews.com.tw/gfwlist -server=/.taiwantp.net/127.0.0.1#5335 -ipset=/.taiwantp.net/gfwlist -server=/.taiwantt.org.tw/127.0.0.1#5335 -ipset=/.taiwantt.org.tw/gfwlist -server=/.taiwanus.net/127.0.0.1#5335 -ipset=/.taiwanus.net/gfwlist -server=/.taiwanyes.com/127.0.0.1#5335 -ipset=/.taiwanyes.com/gfwlist -server=/.taiwanyes.ning.com/127.0.0.1#5335 -ipset=/.taiwanyes.ning.com/gfwlist -server=/.talk853.com/127.0.0.1#5335 -ipset=/.talk853.com/gfwlist -server=/.talkboxapp.com/127.0.0.1#5335 -ipset=/.talkboxapp.com/gfwlist -server=/.talkcc.com/127.0.0.1#5335 -ipset=/.talkcc.com/gfwlist -server=/.talkonly.net/127.0.0.1#5335 -ipset=/.talkonly.net/gfwlist -server=/.tamiaode.tk/127.0.0.1#5335 -ipset=/.tamiaode.tk/gfwlist -server=/.tanc.org/127.0.0.1#5335 -ipset=/.tanc.org/gfwlist -server=/.tangben.com/127.0.0.1#5335 -ipset=/.tangben.com/gfwlist -server=/.tangren.us/127.0.0.1#5335 -ipset=/.tangren.us/gfwlist -server=/.taoism.net/127.0.0.1#5335 -ipset=/.taoism.net/gfwlist -server=/.taolun.info/127.0.0.1#5335 -ipset=/.taolun.info/gfwlist -server=/.tapanwap.com/127.0.0.1#5335 -ipset=/.tapanwap.com/gfwlist -server=/.tapatalk.com/127.0.0.1#5335 -ipset=/.tapatalk.com/gfwlist -server=/.tascn.com.au/127.0.0.1#5335 -ipset=/.tascn.com.au/gfwlist -server=/.taup.net/127.0.0.1#5335 -ipset=/.taup.net/gfwlist -server=/.taweet.com/127.0.0.1#5335 -ipset=/.taweet.com/gfwlist -server=/.tbcollege.org/127.0.0.1#5335 -ipset=/.tbcollege.org/gfwlist -server=/.tbi.org.hk/127.0.0.1#5335 -ipset=/.tbi.org.hk/gfwlist -server=/.tbicn.org/127.0.0.1#5335 -ipset=/.tbicn.org/gfwlist -server=/.tbjyt.org/127.0.0.1#5335 -ipset=/.tbjyt.org/gfwlist -server=/.tbpic.info/127.0.0.1#5335 -ipset=/.tbpic.info/gfwlist -server=/.tbrc.org/127.0.0.1#5335 -ipset=/.tbrc.org/gfwlist -server=/.tbs-rainbow.org/127.0.0.1#5335 -ipset=/.tbs-rainbow.org/gfwlist -server=/.tbsec.org/127.0.0.1#5335 -ipset=/.tbsec.org/gfwlist -server=/.tbskkinabalu.page.tl/127.0.0.1#5335 -ipset=/.tbskkinabalu.page.tl/gfwlist -server=/.tbsmalaysia.org/127.0.0.1#5335 -ipset=/.tbsmalaysia.org/gfwlist -server=/.tbsn.org/127.0.0.1#5335 -ipset=/.tbsn.org/gfwlist -server=/.tbsseattle.org/127.0.0.1#5335 -ipset=/.tbsseattle.org/gfwlist -server=/.tbssqh.org/127.0.0.1#5335 -ipset=/.tbssqh.org/gfwlist -server=/.tbswd.org/127.0.0.1#5335 -ipset=/.tbswd.org/gfwlist -server=/.tbtemple.org.uk/127.0.0.1#5335 -ipset=/.tbtemple.org.uk/gfwlist -server=/.tbthouston.org/127.0.0.1#5335 -ipset=/.tbthouston.org/gfwlist -server=/.tccwonline.org/127.0.0.1#5335 -ipset=/.tccwonline.org/gfwlist -server=/.tcewf.org/127.0.0.1#5335 -ipset=/.tcewf.org/gfwlist -server=/.tchrd.org/127.0.0.1#5335 -ipset=/.tchrd.org/gfwlist -server=/.tcnynj.org/127.0.0.1#5335 -ipset=/.tcnynj.org/gfwlist -server=/.tcpspeed.co/127.0.0.1#5335 -ipset=/.tcpspeed.co/gfwlist -server=/.tcpspeed.com/127.0.0.1#5335 -ipset=/.tcpspeed.com/gfwlist -server=/.tcsofbc.org/127.0.0.1#5335 -ipset=/.tcsofbc.org/gfwlist -server=/.tcsovi.org/127.0.0.1#5335 -ipset=/.tcsovi.org/gfwlist -server=/.tdm.com.mo/127.0.0.1#5335 -ipset=/.tdm.com.mo/gfwlist -server=/.teachparentstech.org/127.0.0.1#5335 -ipset=/.teachparentstech.org/gfwlist -server=/.teamamericany.com/127.0.0.1#5335 -ipset=/.teamamericany.com/gfwlist -server=/.techviz.net/127.0.0.1#5335 -ipset=/.techviz.net/gfwlist -server=/.teck.in/127.0.0.1#5335 -ipset=/.teck.in/gfwlist -server=/.teco-hk.org/127.0.0.1#5335 -ipset=/.teco-hk.org/gfwlist -server=/.teco-mo.org/127.0.0.1#5335 -ipset=/.teco-mo.org/gfwlist -server=/.teddysun.com/127.0.0.1#5335 -ipset=/.teddysun.com/gfwlist -server=/.teeniefuck.net/127.0.0.1#5335 -ipset=/.teeniefuck.net/gfwlist -server=/.teensinasia.com/127.0.0.1#5335 -ipset=/.teensinasia.com/gfwlist -server=/.telecomspace.com/127.0.0.1#5335 -ipset=/.telecomspace.com/gfwlist -server=/.telegra.ph/127.0.0.1#5335 -ipset=/.telegra.ph/gfwlist -server=/.telegram.dog/127.0.0.1#5335 -ipset=/.telegram.dog/gfwlist -server=/.telegram.me/127.0.0.1#5335 -ipset=/.telegram.me/gfwlist -server=/.telegram.org/127.0.0.1#5335 -ipset=/.telegram.org/gfwlist -server=/.telegramdownload.com/127.0.0.1#5335 -ipset=/.telegramdownload.com/gfwlist -server=/.telegraph.co.uk/127.0.0.1#5335 -ipset=/.telegraph.co.uk/gfwlist -server=/.telesco.pe/127.0.0.1#5335 -ipset=/.telesco.pe/gfwlist -server=/.tellme.pw/127.0.0.1#5335 -ipset=/.tellme.pw/gfwlist -server=/.tenacy.com/127.0.0.1#5335 -ipset=/.tenacy.com/gfwlist -server=/.tensorflow.org/127.0.0.1#5335 -ipset=/.tensorflow.org/gfwlist -server=/.tenzinpalmo.com/127.0.0.1#5335 -ipset=/.tenzinpalmo.com/gfwlist -server=/.terminus2049.github.io/127.0.0.1#5335 -ipset=/.terminus2049.github.io/gfwlist -server=/.tew.org/127.0.0.1#5335 -ipset=/.tew.org/gfwlist -server=/.textnow.me/127.0.0.1#5335 -ipset=/.textnow.me/gfwlist -server=/.tfhub.dev/127.0.0.1#5335 -ipset=/.tfhub.dev/gfwlist -server=/.thaicn.com/127.0.0.1#5335 -ipset=/.thaicn.com/gfwlist -server=/.thb.gov.tw/127.0.0.1#5335 -ipset=/.thb.gov.tw/gfwlist -server=/.theatrum-belli.com/127.0.0.1#5335 -ipset=/.theatrum-belli.com/gfwlist -server=/.thebcomplex.com/127.0.0.1#5335 -ipset=/.thebcomplex.com/gfwlist -server=/.theblemish.com/127.0.0.1#5335 -ipset=/.theblemish.com/gfwlist -server=/.thebobs.com/127.0.0.1#5335 -ipset=/.thebobs.com/gfwlist -server=/.thebodyshop-usa.com/127.0.0.1#5335 -ipset=/.thebodyshop-usa.com/gfwlist -server=/.thecenter.mit.edu/127.0.0.1#5335 -ipset=/.thecenter.mit.edu/gfwlist -server=/.thechinabeat.org/127.0.0.1#5335 -ipset=/.thechinabeat.org/gfwlist -server=/.thedalailamamovie.com/127.0.0.1#5335 -ipset=/.thedalailamamovie.com/gfwlist -server=/.thedw.us/127.0.0.1#5335 -ipset=/.thedw.us/gfwlist -server=/.thefacebook.com/127.0.0.1#5335 -ipset=/.thefacebook.com/gfwlist -server=/.thegly.com/127.0.0.1#5335 -ipset=/.thegly.com/gfwlist -server=/.theguardian.com/127.0.0.1#5335 -ipset=/.theguardian.com/gfwlist -server=/.thehots.info/127.0.0.1#5335 -ipset=/.thehots.info/gfwlist -server=/.thehousenews.com/127.0.0.1#5335 -ipset=/.thehousenews.com/gfwlist -server=/.thehun.net/127.0.0.1#5335 -ipset=/.thehun.net/gfwlist -server=/.theinitium.com/127.0.0.1#5335 -ipset=/.theinitium.com/gfwlist -server=/.themoviedb.org/127.0.0.1#5335 -ipset=/.themoviedb.org/gfwlist -server=/.thenewslens.com/127.0.0.1#5335 -ipset=/.thenewslens.com/gfwlist -server=/.thepiratebay.org/127.0.0.1#5335 -ipset=/.thepiratebay.org/gfwlist -server=/.theporndude.com/127.0.0.1#5335 -ipset=/.theporndude.com/gfwlist -server=/.theportalwiki.com/127.0.0.1#5335 -ipset=/.theportalwiki.com/gfwlist -server=/.thereallove.kr/127.0.0.1#5335 -ipset=/.thereallove.kr/gfwlist -server=/.therock.net.nz/127.0.0.1#5335 -ipset=/.therock.net.nz/gfwlist -server=/.thespeeder.com/127.0.0.1#5335 -ipset=/.thespeeder.com/gfwlist -server=/.thestandnews.com/127.0.0.1#5335 -ipset=/.thestandnews.com/gfwlist -server=/.thetibetcenter.org/127.0.0.1#5335 -ipset=/.thetibetcenter.org/gfwlist -server=/.thetibetconnection.org/127.0.0.1#5335 -ipset=/.thetibetconnection.org/gfwlist -server=/.thetibetmuseum.org/127.0.0.1#5335 -ipset=/.thetibetmuseum.org/gfwlist -server=/.thetibetpost.com/127.0.0.1#5335 -ipset=/.thetibetpost.com/gfwlist -server=/.thetinhat.com/127.0.0.1#5335 -ipset=/.thetinhat.com/gfwlist -server=/.thetrotskymovie.com/127.0.0.1#5335 -ipset=/.thetrotskymovie.com/gfwlist -server=/.thetvdb.com/127.0.0.1#5335 -ipset=/.thetvdb.com/gfwlist -server=/.thevivekspot.com/127.0.0.1#5335 -ipset=/.thevivekspot.com/gfwlist -server=/.thewgo.org/127.0.0.1#5335 -ipset=/.thewgo.org/gfwlist -server=/.theync.com/127.0.0.1#5335 -ipset=/.theync.com/gfwlist -server=/.thinkgeek.com/127.0.0.1#5335 -ipset=/.thinkgeek.com/gfwlist -server=/.thinkingtaiwan.com/127.0.0.1#5335 -ipset=/.thinkingtaiwan.com/gfwlist -server=/.thinkwithgoogle.com/127.0.0.1#5335 -ipset=/.thinkwithgoogle.com/gfwlist -server=/.thisav.com/127.0.0.1#5335 -ipset=/.thisav.com/gfwlist -server=/.thlib.org/127.0.0.1#5335 -ipset=/.thlib.org/gfwlist -server=/.thomasbernhard.org/127.0.0.1#5335 -ipset=/.thomasbernhard.org/gfwlist -server=/.thongdreams.com/127.0.0.1#5335 -ipset=/.thongdreams.com/gfwlist -server=/.threatchaos.com/127.0.0.1#5335 -ipset=/.threatchaos.com/gfwlist -server=/.throughnightsfire.com/127.0.0.1#5335 -ipset=/.throughnightsfire.com/gfwlist -server=/.thumbzilla.com/127.0.0.1#5335 -ipset=/.thumbzilla.com/gfwlist -server=/.thywords.com/127.0.0.1#5335 -ipset=/.thywords.com/gfwlist -server=/.tiananmenduizhi.com/127.0.0.1#5335 -ipset=/.tiananmenduizhi.com/gfwlist -server=/.tiananmenmother.org/127.0.0.1#5335 -ipset=/.tiananmenmother.org/gfwlist -server=/.tiananmenuniv.com/127.0.0.1#5335 -ipset=/.tiananmenuniv.com/gfwlist -server=/.tiananmenuniv.net/127.0.0.1#5335 -ipset=/.tiananmenuniv.net/gfwlist -server=/.tiandixing.org/127.0.0.1#5335 -ipset=/.tiandixing.org/gfwlist -server=/.tianhuayuan.com/127.0.0.1#5335 -ipset=/.tianhuayuan.com/gfwlist -server=/.tianlawoffice.com/127.0.0.1#5335 -ipset=/.tianlawoffice.com/gfwlist -server=/.tianti.io/127.0.0.1#5335 -ipset=/.tianti.io/gfwlist -server=/.tiantibooks.org/127.0.0.1#5335 -ipset=/.tiantibooks.org/gfwlist -server=/.tianyantong.org.cn/127.0.0.1#5335 -ipset=/.tianyantong.org.cn/gfwlist -server=/.tianzhu.org/127.0.0.1#5335 -ipset=/.tianzhu.org/gfwlist -server=/.tibet-envoy.eu/127.0.0.1#5335 -ipset=/.tibet-envoy.eu/gfwlist -server=/.tibet-foundation.org/127.0.0.1#5335 -ipset=/.tibet-foundation.org/gfwlist -server=/.tibet-house-trust.co.uk/127.0.0.1#5335 -ipset=/.tibet-house-trust.co.uk/gfwlist -server=/.tibet-info.net/127.0.0.1#5335 -ipset=/.tibet-info.net/gfwlist -server=/.tibet-initiative.de/127.0.0.1#5335 -ipset=/.tibet-initiative.de/gfwlist -server=/.tibet-munich.de/127.0.0.1#5335 -ipset=/.tibet-munich.de/gfwlist -server=/.tibet.a.se/127.0.0.1#5335 -ipset=/.tibet.a.se/gfwlist -server=/.tibet.at/127.0.0.1#5335 -ipset=/.tibet.at/gfwlist -server=/.tibet.ca/127.0.0.1#5335 -ipset=/.tibet.ca/gfwlist -server=/.tibet.com/127.0.0.1#5335 -ipset=/.tibet.com/gfwlist -server=/.tibet.fr/127.0.0.1#5335 -ipset=/.tibet.fr/gfwlist -server=/.tibet.net/127.0.0.1#5335 -ipset=/.tibet.net/gfwlist -server=/.tibet.nu/127.0.0.1#5335 -ipset=/.tibet.nu/gfwlist -server=/.tibet.org/127.0.0.1#5335 -ipset=/.tibet.org/gfwlist -server=/.tibet.sk/127.0.0.1#5335 -ipset=/.tibet.sk/gfwlist -server=/.tibet.to/127.0.0.1#5335 -ipset=/.tibet.to/gfwlist -server=/.tibet3rdpole.org/127.0.0.1#5335 -ipset=/.tibet3rdpole.org/gfwlist -server=/.tibetaction.net/127.0.0.1#5335 -ipset=/.tibetaction.net/gfwlist -server=/.tibetaid.org/127.0.0.1#5335 -ipset=/.tibetaid.org/gfwlist -server=/.tibetalk.com/127.0.0.1#5335 -ipset=/.tibetalk.com/gfwlist -server=/.tibetan-alliance.org/127.0.0.1#5335 -ipset=/.tibetan-alliance.org/gfwlist -server=/.tibetan.fr/127.0.0.1#5335 -ipset=/.tibetan.fr/gfwlist -server=/.tibetanaidproject.org/127.0.0.1#5335 -ipset=/.tibetanaidproject.org/gfwlist -server=/.tibetanarts.org/127.0.0.1#5335 -ipset=/.tibetanarts.org/gfwlist -server=/.tibetanbuddhistinstitute.org/127.0.0.1#5335 -ipset=/.tibetanbuddhistinstitute.org/gfwlist -server=/.tibetancommunity.org/127.0.0.1#5335 -ipset=/.tibetancommunity.org/gfwlist -server=/.tibetancommunityuk.net/127.0.0.1#5335 -ipset=/.tibetancommunityuk.net/gfwlist -server=/.tibetanculture.org/127.0.0.1#5335 -ipset=/.tibetanculture.org/gfwlist -server=/.tibetanfeministcollective.org/127.0.0.1#5335 -ipset=/.tibetanfeministcollective.org/gfwlist -server=/.tibetanjournal.com/127.0.0.1#5335 -ipset=/.tibetanjournal.com/gfwlist -server=/.tibetanlanguage.org/127.0.0.1#5335 -ipset=/.tibetanlanguage.org/gfwlist -server=/.tibetanliberation.org/127.0.0.1#5335 -ipset=/.tibetanliberation.org/gfwlist -server=/.tibetanpaintings.com/127.0.0.1#5335 -ipset=/.tibetanpaintings.com/gfwlist -server=/.tibetanphotoproject.com/127.0.0.1#5335 -ipset=/.tibetanphotoproject.com/gfwlist -server=/.tibetanpoliticalreview.org/127.0.0.1#5335 -ipset=/.tibetanpoliticalreview.org/gfwlist -server=/.tibetanreview.net/127.0.0.1#5335 -ipset=/.tibetanreview.net/gfwlist -server=/.tibetansports.org/127.0.0.1#5335 -ipset=/.tibetansports.org/gfwlist -server=/.tibetanwomen.org/127.0.0.1#5335 -ipset=/.tibetanwomen.org/gfwlist -server=/.tibetanyouth.org/127.0.0.1#5335 -ipset=/.tibetanyouth.org/gfwlist -server=/.tibetanyouthcongress.org/127.0.0.1#5335 -ipset=/.tibetanyouthcongress.org/gfwlist -server=/.tibetcharity.dk/127.0.0.1#5335 -ipset=/.tibetcharity.dk/gfwlist -server=/.tibetcharity.in/127.0.0.1#5335 -ipset=/.tibetcharity.in/gfwlist -server=/.tibetchild.org/127.0.0.1#5335 -ipset=/.tibetchild.org/gfwlist -server=/.tibetcity.com/127.0.0.1#5335 -ipset=/.tibetcity.com/gfwlist -server=/.tibetcollection.com/127.0.0.1#5335 -ipset=/.tibetcollection.com/gfwlist -server=/.tibetcorps.org/127.0.0.1#5335 -ipset=/.tibetcorps.org/gfwlist -server=/.tibetexpress.net/127.0.0.1#5335 -ipset=/.tibetexpress.net/gfwlist -server=/.tibetfocus.com/127.0.0.1#5335 -ipset=/.tibetfocus.com/gfwlist -server=/.tibetfund.org/127.0.0.1#5335 -ipset=/.tibetfund.org/gfwlist -server=/.tibetgermany.com/127.0.0.1#5335 -ipset=/.tibetgermany.com/gfwlist -server=/.tibetgermany.de/127.0.0.1#5335 -ipset=/.tibetgermany.de/gfwlist -server=/.tibethaus.com/127.0.0.1#5335 -ipset=/.tibethaus.com/gfwlist -server=/.tibetheritagefund.org/127.0.0.1#5335 -ipset=/.tibetheritagefund.org/gfwlist -server=/.tibethouse.jp/127.0.0.1#5335 -ipset=/.tibethouse.jp/gfwlist -server=/.tibethouse.org/127.0.0.1#5335 -ipset=/.tibethouse.org/gfwlist -server=/.tibethouse.us/127.0.0.1#5335 -ipset=/.tibethouse.us/gfwlist -server=/.tibetinfonet.net/127.0.0.1#5335 -ipset=/.tibetinfonet.net/gfwlist -server=/.tibetjustice.org/127.0.0.1#5335 -ipset=/.tibetjustice.org/gfwlist -server=/.tibetkomite.dk/127.0.0.1#5335 -ipset=/.tibetkomite.dk/gfwlist -server=/.tibetlibre.free.fr/127.0.0.1#5335 -ipset=/.tibetlibre.free.fr/gfwlist -server=/.tibetmuseum.org/127.0.0.1#5335 -ipset=/.tibetmuseum.org/gfwlist -server=/.tibetnetwork.org/127.0.0.1#5335 -ipset=/.tibetnetwork.org/gfwlist -server=/.tibetoffice.ch/127.0.0.1#5335 -ipset=/.tibetoffice.ch/gfwlist -server=/.tibetoffice.com.au/127.0.0.1#5335 -ipset=/.tibetoffice.com.au/gfwlist -server=/.tibetoffice.eu/127.0.0.1#5335 -ipset=/.tibetoffice.eu/gfwlist -server=/.tibetoffice.org/127.0.0.1#5335 -ipset=/.tibetoffice.org/gfwlist -server=/.tibetonline.com/127.0.0.1#5335 -ipset=/.tibetonline.com/gfwlist -server=/.tibetonline.tv/127.0.0.1#5335 -ipset=/.tibetonline.tv/gfwlist -server=/.tibetoralhistory.org/127.0.0.1#5335 -ipset=/.tibetoralhistory.org/gfwlist -server=/.tibetpolicy.eu/127.0.0.1#5335 -ipset=/.tibetpolicy.eu/gfwlist -server=/.tibetrelieffund.co.uk/127.0.0.1#5335 -ipset=/.tibetrelieffund.co.uk/gfwlist -server=/.tibetsites.com/127.0.0.1#5335 -ipset=/.tibetsites.com/gfwlist -server=/.tibetsociety.com/127.0.0.1#5335 -ipset=/.tibetsociety.com/gfwlist -server=/.tibetsun.com/127.0.0.1#5335 -ipset=/.tibetsun.com/gfwlist -server=/.tibetsupportgroup.org/127.0.0.1#5335 -ipset=/.tibetsupportgroup.org/gfwlist -server=/.tibetswiss.ch/127.0.0.1#5335 -ipset=/.tibetswiss.ch/gfwlist -server=/.tibettelegraph.com/127.0.0.1#5335 -ipset=/.tibettelegraph.com/gfwlist -server=/.tibettimes.net/127.0.0.1#5335 -ipset=/.tibettimes.net/gfwlist -server=/.tibetwrites.org/127.0.0.1#5335 -ipset=/.tibetwrites.org/gfwlist -server=/.ticket.com.tw/127.0.0.1#5335 -ipset=/.ticket.com.tw/gfwlist -server=/.tigervpn.com/127.0.0.1#5335 -ipset=/.tigervpn.com/gfwlist -server=/.tiktok.com/127.0.0.1#5335 -ipset=/.tiktok.com/gfwlist -server=/.tiltbrush.com/127.0.0.1#5335 -ipset=/.tiltbrush.com/gfwlist -server=/.timdir.com/127.0.0.1#5335 -ipset=/.timdir.com/gfwlist -server=/.time.com/127.0.0.1#5335 -ipset=/.time.com/gfwlist -server=/.times.hinet.net/127.0.0.1#5335 -ipset=/.times.hinet.net/gfwlist -server=/.timsah.com/127.0.0.1#5335 -ipset=/.timsah.com/gfwlist -server=/.tinc-vpn.org/127.0.0.1#5335 -ipset=/.tinc-vpn.org/gfwlist -server=/.tineye.com/127.0.0.1#5335 -ipset=/.tineye.com/gfwlist -server=/.tintuc101.com/127.0.0.1#5335 -ipset=/.tintuc101.com/gfwlist -server=/.tiny.cc/127.0.0.1#5335 -ipset=/.tiny.cc/gfwlist -server=/.tinychat.com/127.0.0.1#5335 -ipset=/.tinychat.com/gfwlist -server=/.tinypaste.com/127.0.0.1#5335 -ipset=/.tinypaste.com/gfwlist -server=/.tipo.gov.tw/127.0.0.1#5335 -ipset=/.tipo.gov.tw/gfwlist -server=/.tistory.com/127.0.0.1#5335 -ipset=/.tistory.com/gfwlist -server=/.tkcs-collins.com/127.0.0.1#5335 -ipset=/.tkcs-collins.com/gfwlist -server=/.tma.co.jp/127.0.0.1#5335 -ipset=/.tma.co.jp/gfwlist -server=/.tmagazine.com/127.0.0.1#5335 -ipset=/.tmagazine.com/gfwlist -server=/.tmdb.org/127.0.0.1#5335 -ipset=/.tmdb.org/gfwlist -server=/.tmdfish.com/127.0.0.1#5335 -ipset=/.tmdfish.com/gfwlist -server=/.tmi.me/127.0.0.1#5335 -ipset=/.tmi.me/gfwlist -server=/.tmpp.org/127.0.0.1#5335 -ipset=/.tmpp.org/gfwlist -server=/.tn1.shemalez.com/127.0.0.1#5335 -ipset=/.tn1.shemalez.com/gfwlist -server=/.tn2.shemalez.com/127.0.0.1#5335 -ipset=/.tn2.shemalez.com/gfwlist -server=/.tn3.shemalez.com/127.0.0.1#5335 -ipset=/.tn3.shemalez.com/gfwlist -server=/.tnaflix.com/127.0.0.1#5335 -ipset=/.tnaflix.com/gfwlist -server=/.tngrnow.com/127.0.0.1#5335 -ipset=/.tngrnow.com/gfwlist -server=/.tngrnow.net/127.0.0.1#5335 -ipset=/.tngrnow.net/gfwlist -server=/.tnp.org/127.0.0.1#5335 -ipset=/.tnp.org/gfwlist -server=/.to-porno.com/127.0.0.1#5335 -ipset=/.to-porno.com/gfwlist -server=/.togetter.com/127.0.0.1#5335 -ipset=/.togetter.com/gfwlist -server=/.toh.info/127.0.0.1#5335 -ipset=/.toh.info/gfwlist -server=/.tokyo-247.com/127.0.0.1#5335 -ipset=/.tokyo-247.com/gfwlist -server=/.tokyo-hot.com/127.0.0.1#5335 -ipset=/.tokyo-hot.com/gfwlist -server=/.tokyo-porn-tube.com/127.0.0.1#5335 -ipset=/.tokyo-porn-tube.com/gfwlist -server=/.tokyocn.com/127.0.0.1#5335 -ipset=/.tokyocn.com/gfwlist -server=/.tongil.or.kr/127.0.0.1#5335 -ipset=/.tongil.or.kr/gfwlist -server=/.tono-oka.jp/127.0.0.1#5335 -ipset=/.tono-oka.jp/gfwlist -server=/.tonyyan.net/127.0.0.1#5335 -ipset=/.tonyyan.net/gfwlist -server=/.toodoc.com/127.0.0.1#5335 -ipset=/.toodoc.com/gfwlist -server=/.toonel.net/127.0.0.1#5335 -ipset=/.toonel.net/gfwlist -server=/.top.tv/127.0.0.1#5335 -ipset=/.top.tv/gfwlist -server=/.top10vpn.com/127.0.0.1#5335 -ipset=/.top10vpn.com/gfwlist -server=/.top81.ws/127.0.0.1#5335 -ipset=/.top81.ws/gfwlist -server=/.topbtc.com/127.0.0.1#5335 -ipset=/.topbtc.com/gfwlist -server=/.topic.youthwant.com.tw/127.0.0.1#5335 -ipset=/.topic.youthwant.com.tw/gfwlist -server=/.topnews.in/127.0.0.1#5335 -ipset=/.topnews.in/gfwlist -server=/.toppornsites.com/127.0.0.1#5335 -ipset=/.toppornsites.com/gfwlist -server=/.topshareware.com/127.0.0.1#5335 -ipset=/.topshareware.com/gfwlist -server=/.topsy.com/127.0.0.1#5335 -ipset=/.topsy.com/gfwlist -server=/.toptip.ca/127.0.0.1#5335 -ipset=/.toptip.ca/gfwlist -server=/.tor.blingblingsquad.net/127.0.0.1#5335 -ipset=/.tor.blingblingsquad.net/gfwlist -server=/.tor.updatestar.com/127.0.0.1#5335 -ipset=/.tor.updatestar.com/gfwlist -server=/.tora.to/127.0.0.1#5335 -ipset=/.tora.to/gfwlist -server=/.torcn.com/127.0.0.1#5335 -ipset=/.torcn.com/gfwlist -server=/.torguard.net/127.0.0.1#5335 -ipset=/.torguard.net/gfwlist -server=/.torproject.org/127.0.0.1#5335 -ipset=/.torproject.org/gfwlist -server=/.torrentprivacy.com/127.0.0.1#5335 -ipset=/.torrentprivacy.com/gfwlist -server=/.torrentproject.se/127.0.0.1#5335 -ipset=/.torrentproject.se/gfwlist -server=/.torrenty.org/127.0.0.1#5335 -ipset=/.torrenty.org/gfwlist -server=/.torrentz.eu/127.0.0.1#5335 -ipset=/.torrentz.eu/gfwlist -server=/.torvpn.com/127.0.0.1#5335 -ipset=/.torvpn.com/gfwlist -server=/.tosh.comedycentral.com/127.0.0.1#5335 -ipset=/.tosh.comedycentral.com/gfwlist -server=/.totalvpn.com/127.0.0.1#5335 -ipset=/.totalvpn.com/gfwlist -server=/.toutiaoabc.com/127.0.0.1#5335 -ipset=/.toutiaoabc.com/gfwlist -server=/.toutyrater.github.io/127.0.0.1#5335 -ipset=/.toutyrater.github.io/gfwlist -server=/.towngain.com/127.0.0.1#5335 -ipset=/.towngain.com/gfwlist -server=/.toypark.in/127.0.0.1#5335 -ipset=/.toypark.in/gfwlist -server=/.toythieves.com/127.0.0.1#5335 -ipset=/.toythieves.com/gfwlist -server=/.toytractorshow.com/127.0.0.1#5335 -ipset=/.toytractorshow.com/gfwlist -server=/.tparents.org/127.0.0.1#5335 -ipset=/.tparents.org/gfwlist -server=/.tpi.org.tw/127.0.0.1#5335 -ipset=/.tpi.org.tw/gfwlist -server=/.tracfone.com/127.0.0.1#5335 -ipset=/.tracfone.com/gfwlist -server=/.traffichaus.com/127.0.0.1#5335 -ipset=/.traffichaus.com/gfwlist -server=/.transparency.org/127.0.0.1#5335 -ipset=/.transparency.org/gfwlist -server=/.treemall.com.tw/127.0.0.1#5335 -ipset=/.treemall.com.tw/gfwlist -server=/.trendsmap.com/127.0.0.1#5335 -ipset=/.trendsmap.com/gfwlist -server=/.trialofccp.org/127.0.0.1#5335 -ipset=/.trialofccp.org/gfwlist -server=/.trickip.net/127.0.0.1#5335 -ipset=/.trickip.net/gfwlist -server=/.trickip.org/127.0.0.1#5335 -ipset=/.trickip.org/gfwlist -server=/.trouw.nl/127.0.0.1#5335 -ipset=/.trouw.nl/gfwlist -server=/.trt.net.tr/127.0.0.1#5335 -ipset=/.trt.net.tr/gfwlist -server=/.trtc.com.tw/127.0.0.1#5335 -ipset=/.trtc.com.tw/gfwlist -server=/.truebuddha-md.org/127.0.0.1#5335 -ipset=/.truebuddha-md.org/gfwlist -server=/.trulyergonomic.com/127.0.0.1#5335 -ipset=/.trulyergonomic.com/gfwlist -server=/.truth101.co.tv/127.0.0.1#5335 -ipset=/.truth101.co.tv/gfwlist -server=/.truthontour.org/127.0.0.1#5335 -ipset=/.truthontour.org/gfwlist -server=/.truveo.com/127.0.0.1#5335 -ipset=/.truveo.com/gfwlist -server=/.tryheart.jp/127.0.0.1#5335 -ipset=/.tryheart.jp/gfwlist -server=/.tsctv.net/127.0.0.1#5335 -ipset=/.tsctv.net/gfwlist -server=/.tsdr.uspto.gov/127.0.0.1#5335 -ipset=/.tsdr.uspto.gov/gfwlist -server=/.tsemtulku.com/127.0.0.1#5335 -ipset=/.tsemtulku.com/gfwlist -server=/.tsquare.tv/127.0.0.1#5335 -ipset=/.tsquare.tv/gfwlist -server=/.tsu.org.tw/127.0.0.1#5335 -ipset=/.tsu.org.tw/gfwlist -server=/.tsunagarumon.com/127.0.0.1#5335 -ipset=/.tsunagarumon.com/gfwlist -server=/.tt1069.com/127.0.0.1#5335 -ipset=/.tt1069.com/gfwlist -server=/.tttan.com/127.0.0.1#5335 -ipset=/.tttan.com/gfwlist -server=/.ttvnw.net/127.0.0.1#5335 -ipset=/.ttvnw.net/gfwlist -server=/.tu8964.com/127.0.0.1#5335 -ipset=/.tu8964.com/gfwlist -server=/.tubaholic.com/127.0.0.1#5335 -ipset=/.tubaholic.com/gfwlist -server=/.tube.com/127.0.0.1#5335 -ipset=/.tube.com/gfwlist -server=/.tube8.com/127.0.0.1#5335 -ipset=/.tube8.com/gfwlist -server=/.tube911.com/127.0.0.1#5335 -ipset=/.tube911.com/gfwlist -server=/.tubecup.com/127.0.0.1#5335 -ipset=/.tubecup.com/gfwlist -server=/.tubegals.com/127.0.0.1#5335 -ipset=/.tubegals.com/gfwlist -server=/.tubeislam.com/127.0.0.1#5335 -ipset=/.tubeislam.com/gfwlist -server=/.tubepornclassic.com/127.0.0.1#5335 -ipset=/.tubepornclassic.com/gfwlist -server=/.tubestack.com/127.0.0.1#5335 -ipset=/.tubestack.com/gfwlist -server=/.tubewolf.com/127.0.0.1#5335 -ipset=/.tubewolf.com/gfwlist -server=/.tui.orzdream.com/127.0.0.1#5335 -ipset=/.tui.orzdream.com/gfwlist -server=/.tuibeitu.net/127.0.0.1#5335 -ipset=/.tuibeitu.net/gfwlist -server=/.tuidang.net/127.0.0.1#5335 -ipset=/.tuidang.net/gfwlist -server=/.tuidang.org/127.0.0.1#5335 -ipset=/.tuidang.org/gfwlist -server=/.tuidang.se/127.0.0.1#5335 -ipset=/.tuidang.se/gfwlist -server=/.tuitwit.com/127.0.0.1#5335 -ipset=/.tuitwit.com/gfwlist -server=/.tumblr.com/127.0.0.1#5335 -ipset=/.tumblr.com/gfwlist -server=/.tumutanzi.com/127.0.0.1#5335 -ipset=/.tumutanzi.com/gfwlist -server=/.tumview.com/127.0.0.1#5335 -ipset=/.tumview.com/gfwlist -server=/.tunein.com/127.0.0.1#5335 -ipset=/.tunein.com/gfwlist -server=/.tunnelbear.com/127.0.0.1#5335 -ipset=/.tunnelbear.com/gfwlist -server=/.tunnelr.com/127.0.0.1#5335 -ipset=/.tunnelr.com/gfwlist -server=/.tuo8.blue/127.0.0.1#5335 -ipset=/.tuo8.blue/gfwlist -server=/.tuo8.cc/127.0.0.1#5335 -ipset=/.tuo8.cc/gfwlist -server=/.tuo8.club/127.0.0.1#5335 -ipset=/.tuo8.club/gfwlist -server=/.tuo8.fit/127.0.0.1#5335 -ipset=/.tuo8.fit/gfwlist -server=/.tuo8.hk/127.0.0.1#5335 -ipset=/.tuo8.hk/gfwlist -server=/.tuo8.in/127.0.0.1#5335 -ipset=/.tuo8.in/gfwlist -server=/.tuo8.ninja/127.0.0.1#5335 -ipset=/.tuo8.ninja/gfwlist -server=/.tuo8.org/127.0.0.1#5335 -ipset=/.tuo8.org/gfwlist -server=/.tuo8.pw/127.0.0.1#5335 -ipset=/.tuo8.pw/gfwlist -server=/.tuo8.red/127.0.0.1#5335 -ipset=/.tuo8.red/gfwlist -server=/.tuo8.space/127.0.0.1#5335 -ipset=/.tuo8.space/gfwlist -server=/.turansam.org/127.0.0.1#5335 -ipset=/.turansam.org/gfwlist -server=/.turbobit.net/127.0.0.1#5335 -ipset=/.turbobit.net/gfwlist -server=/.turbohide.com/127.0.0.1#5335 -ipset=/.turbohide.com/gfwlist -server=/.turbotwitter.com/127.0.0.1#5335 -ipset=/.turbotwitter.com/gfwlist -server=/.turntable.fm/127.0.0.1#5335 -ipset=/.turntable.fm/gfwlist -server=/.tushycash.com/127.0.0.1#5335 -ipset=/.tushycash.com/gfwlist -server=/.tuvpn.com/127.0.0.1#5335 -ipset=/.tuvpn.com/gfwlist -server=/.tuzaijidi.com/127.0.0.1#5335 -ipset=/.tuzaijidi.com/gfwlist -server=/.tv.com/127.0.0.1#5335 -ipset=/.tv.com/gfwlist -server=/.tvants.com/127.0.0.1#5335 -ipset=/.tvants.com/gfwlist -server=/.tvboxnow.com/127.0.0.1#5335 -ipset=/.tvboxnow.com/gfwlist -server=/.tvider.com/127.0.0.1#5335 -ipset=/.tvider.com/gfwlist -server=/.tvmost.com.hk/127.0.0.1#5335 -ipset=/.tvmost.com.hk/gfwlist -server=/.tvplayvideos.com/127.0.0.1#5335 -ipset=/.tvplayvideos.com/gfwlist -server=/.tvunetworks.com/127.0.0.1#5335 -ipset=/.tvunetworks.com/gfwlist -server=/.tw-blog.com/127.0.0.1#5335 -ipset=/.tw-blog.com/gfwlist -server=/.tw-npo.org/127.0.0.1#5335 -ipset=/.tw-npo.org/gfwlist -server=/.tw.answers.yahoo.com/127.0.0.1#5335 -ipset=/.tw.answers.yahoo.com/gfwlist -server=/.tw.bid.yahoo.com/127.0.0.1#5335 -ipset=/.tw.bid.yahoo.com/gfwlist -server=/.tw.gigacircle.com/127.0.0.1#5335 -ipset=/.tw.gigacircle.com/gfwlist -server=/.tw.iqiyi.com/127.0.0.1#5335 -ipset=/.tw.iqiyi.com/gfwlist -server=/.tw.jiepang.com/127.0.0.1#5335 -ipset=/.tw.jiepang.com/gfwlist -server=/.tw.knowledge.yahoo.com/127.0.0.1#5335 -ipset=/.tw.knowledge.yahoo.com/gfwlist -server=/.tw.mall.yahoo.com/127.0.0.1#5335 -ipset=/.tw.mall.yahoo.com/gfwlist -server=/.tw.mobi.yahoo.com/127.0.0.1#5335 -ipset=/.tw.mobi.yahoo.com/gfwlist -server=/.tw.money.yahoo.com/127.0.0.1#5335 -ipset=/.tw.money.yahoo.com/gfwlist -server=/.tw.myblog.yahoo.com/127.0.0.1#5335 -ipset=/.tw.myblog.yahoo.com/gfwlist -server=/.tw.news.yahoo.com/127.0.0.1#5335 -ipset=/.tw.news.yahoo.com/gfwlist -server=/.tw.streetvoice.com/127.0.0.1#5335 -ipset=/.tw.streetvoice.com/gfwlist -server=/.tw.tomonews.net/127.0.0.1#5335 -ipset=/.tw.tomonews.net/gfwlist -server=/.tw.voa.mobi/127.0.0.1#5335 -ipset=/.tw.voa.mobi/gfwlist -server=/.tw.yahoo.com/127.0.0.1#5335 -ipset=/.tw.yahoo.com/gfwlist -server=/.tw01.org/127.0.0.1#5335 -ipset=/.tw01.org/gfwlist -server=/.twaitter.com/127.0.0.1#5335 -ipset=/.twaitter.com/gfwlist -server=/.twapperkeeper.com/127.0.0.1#5335 -ipset=/.twapperkeeper.com/gfwlist -server=/.twaud.io/127.0.0.1#5335 -ipset=/.twaud.io/gfwlist -server=/.twavi.com/127.0.0.1#5335 -ipset=/.twavi.com/gfwlist -server=/.twbbs.net.tw/127.0.0.1#5335 -ipset=/.twbbs.net.tw/gfwlist -server=/.twbbs.org/127.0.0.1#5335 -ipset=/.twbbs.org/gfwlist -server=/.twbbs.tw/127.0.0.1#5335 -ipset=/.twbbs.tw/gfwlist -server=/.twblogger.com/127.0.0.1#5335 -ipset=/.twblogger.com/gfwlist -server=/.tweepguide.com/127.0.0.1#5335 -ipset=/.tweepguide.com/gfwlist -server=/.tweeplike.me/127.0.0.1#5335 -ipset=/.tweeplike.me/gfwlist -server=/.tweepmag.com/127.0.0.1#5335 -ipset=/.tweepmag.com/gfwlist -server=/.tweepml.org/127.0.0.1#5335 -ipset=/.tweepml.org/gfwlist -server=/.tweetbackup.com/127.0.0.1#5335 -ipset=/.tweetbackup.com/gfwlist -server=/.tweetboard.com/127.0.0.1#5335 -ipset=/.tweetboard.com/gfwlist -server=/.tweetboner.biz/127.0.0.1#5335 -ipset=/.tweetboner.biz/gfwlist -server=/.tweetcs.com/127.0.0.1#5335 -ipset=/.tweetcs.com/gfwlist -server=/.tweetdeck.com/127.0.0.1#5335 -ipset=/.tweetdeck.com/gfwlist -server=/.tweetedtimes.com/127.0.0.1#5335 -ipset=/.tweetedtimes.com/gfwlist -server=/.tweetmylast.fm/127.0.0.1#5335 -ipset=/.tweetmylast.fm/gfwlist -server=/.tweetphoto.com/127.0.0.1#5335 -ipset=/.tweetphoto.com/gfwlist -server=/.tweetrans.com/127.0.0.1#5335 -ipset=/.tweetrans.com/gfwlist -server=/.tweetree.com/127.0.0.1#5335 -ipset=/.tweetree.com/gfwlist -server=/.tweettunnel.com/127.0.0.1#5335 -ipset=/.tweettunnel.com/gfwlist -server=/.tweetwally.com/127.0.0.1#5335 -ipset=/.tweetwally.com/gfwlist -server=/.tweetymail.com/127.0.0.1#5335 -ipset=/.tweetymail.com/gfwlist -server=/.tweez.net/127.0.0.1#5335 -ipset=/.tweez.net/gfwlist -server=/.twelve.today/127.0.0.1#5335 -ipset=/.twelve.today/gfwlist -server=/.twerkingbutt.com/127.0.0.1#5335 -ipset=/.twerkingbutt.com/gfwlist -server=/.twftp.org/127.0.0.1#5335 -ipset=/.twftp.org/gfwlist -server=/.twgreatdaily.com/127.0.0.1#5335 -ipset=/.twgreatdaily.com/gfwlist -server=/.twibase.com/127.0.0.1#5335 -ipset=/.twibase.com/gfwlist -server=/.twibble.de/127.0.0.1#5335 -ipset=/.twibble.de/gfwlist -server=/.twibbon.com/127.0.0.1#5335 -ipset=/.twibbon.com/gfwlist -server=/.twibs.com/127.0.0.1#5335 -ipset=/.twibs.com/gfwlist -server=/.twicountry.org/127.0.0.1#5335 -ipset=/.twicountry.org/gfwlist -server=/.twicsy.com/127.0.0.1#5335 -ipset=/.twicsy.com/gfwlist -server=/.twiends.com/127.0.0.1#5335 -ipset=/.twiends.com/gfwlist -server=/.twifan.com/127.0.0.1#5335 -ipset=/.twifan.com/gfwlist -server=/.twiffo.com/127.0.0.1#5335 -ipset=/.twiffo.com/gfwlist -server=/.twiggit.org/127.0.0.1#5335 -ipset=/.twiggit.org/gfwlist -server=/.twilightsex.com/127.0.0.1#5335 -ipset=/.twilightsex.com/gfwlist -server=/.twilog.org/127.0.0.1#5335 -ipset=/.twilog.org/gfwlist -server=/.twimbow.com/127.0.0.1#5335 -ipset=/.twimbow.com/gfwlist -server=/.twimg.com/127.0.0.1#5335 -ipset=/.twimg.com/gfwlist -server=/.twindexx.com/127.0.0.1#5335 -ipset=/.twindexx.com/gfwlist -server=/.twip.me/127.0.0.1#5335 -ipset=/.twip.me/gfwlist -server=/.twipple.jp/127.0.0.1#5335 -ipset=/.twipple.jp/gfwlist -server=/.twishort.com/127.0.0.1#5335 -ipset=/.twishort.com/gfwlist -server=/.twistar.cc/127.0.0.1#5335 -ipset=/.twistar.cc/gfwlist -server=/.twister.net.co/127.0.0.1#5335 -ipset=/.twister.net.co/gfwlist -server=/.twisterio.com/127.0.0.1#5335 -ipset=/.twisterio.com/gfwlist -server=/.twisternow.com/127.0.0.1#5335 -ipset=/.twisternow.com/gfwlist -server=/.twistory.net/127.0.0.1#5335 -ipset=/.twistory.net/gfwlist -server=/.twit2d.com/127.0.0.1#5335 -ipset=/.twit2d.com/gfwlist -server=/.twitbrowser.net/127.0.0.1#5335 -ipset=/.twitbrowser.net/gfwlist -server=/.twitcause.com/127.0.0.1#5335 -ipset=/.twitcause.com/gfwlist -server=/.twitch.tv/127.0.0.1#5335 -ipset=/.twitch.tv/gfwlist -server=/.twitchcdn.net/127.0.0.1#5335 -ipset=/.twitchcdn.net/gfwlist -server=/.twitgether.com/127.0.0.1#5335 -ipset=/.twitgether.com/gfwlist -server=/.twitgoo.com/127.0.0.1#5335 -ipset=/.twitgoo.com/gfwlist -server=/.twitiq.com/127.0.0.1#5335 -ipset=/.twitiq.com/gfwlist -server=/.twitlonger.com/127.0.0.1#5335 -ipset=/.twitlonger.com/gfwlist -server=/.twitmania.com/127.0.0.1#5335 -ipset=/.twitmania.com/gfwlist -server=/.twitoaster.com/127.0.0.1#5335 -ipset=/.twitoaster.com/gfwlist -server=/.twitonmsn.com/127.0.0.1#5335 -ipset=/.twitonmsn.com/gfwlist -server=/.twitpic.com/127.0.0.1#5335 -ipset=/.twitpic.com/gfwlist -server=/.twitstat.com/127.0.0.1#5335 -ipset=/.twitstat.com/gfwlist -server=/.twittbot.net/127.0.0.1#5335 -ipset=/.twittbot.net/gfwlist -server=/.twitter.com/127.0.0.1#5335 -ipset=/.twitter.com/gfwlist -server=/.twitter.jp/127.0.0.1#5335 -ipset=/.twitter.jp/gfwlist -server=/.twitter4j.org/127.0.0.1#5335 -ipset=/.twitter4j.org/gfwlist -server=/.twittercounter.com/127.0.0.1#5335 -ipset=/.twittercounter.com/gfwlist -server=/.twitterfeed.com/127.0.0.1#5335 -ipset=/.twitterfeed.com/gfwlist -server=/.twittergadget.com/127.0.0.1#5335 -ipset=/.twittergadget.com/gfwlist -server=/.twitterkr.com/127.0.0.1#5335 -ipset=/.twitterkr.com/gfwlist -server=/.twittermail.com/127.0.0.1#5335 -ipset=/.twittermail.com/gfwlist -server=/.twitterrific.com/127.0.0.1#5335 -ipset=/.twitterrific.com/gfwlist -server=/.twittertim.es/127.0.0.1#5335 -ipset=/.twittertim.es/gfwlist -server=/.twitthat.com/127.0.0.1#5335 -ipset=/.twitthat.com/gfwlist -server=/.twitturk.com/127.0.0.1#5335 -ipset=/.twitturk.com/gfwlist -server=/.twitturly.com/127.0.0.1#5335 -ipset=/.twitturly.com/gfwlist -server=/.twitvid.com/127.0.0.1#5335 -ipset=/.twitvid.com/gfwlist -server=/.twitzap.com/127.0.0.1#5335 -ipset=/.twitzap.com/gfwlist -server=/.twiyia.com/127.0.0.1#5335 -ipset=/.twiyia.com/gfwlist -server=/.twnorth.org.tw/127.0.0.1#5335 -ipset=/.twnorth.org.tw/gfwlist -server=/.twskype.com/127.0.0.1#5335 -ipset=/.twskype.com/gfwlist -server=/.twstar.net/127.0.0.1#5335 -ipset=/.twstar.net/gfwlist -server=/.twt.tl/127.0.0.1#5335 -ipset=/.twt.tl/gfwlist -server=/.twtkr.com/127.0.0.1#5335 -ipset=/.twtkr.com/gfwlist -server=/.twtr2src.ogaoga.org/127.0.0.1#5335 -ipset=/.twtr2src.ogaoga.org/gfwlist -server=/.twtrland.com/127.0.0.1#5335 -ipset=/.twtrland.com/gfwlist -server=/.twttr.com/127.0.0.1#5335 -ipset=/.twttr.com/gfwlist -server=/.twurl.nl/127.0.0.1#5335 -ipset=/.twurl.nl/gfwlist -server=/.twyac.org/127.0.0.1#5335 -ipset=/.twyac.org/gfwlist -server=/.txxx.com/127.0.0.1#5335 -ipset=/.txxx.com/gfwlist -server=/.tycool.com/127.0.0.1#5335 -ipset=/.tycool.com/gfwlist -server=/.typepad.com/127.0.0.1#5335 -ipset=/.typepad.com/gfwlist -server=/.u15.info/127.0.0.1#5335 -ipset=/.u15.info/gfwlist -server=/.u9un.com/127.0.0.1#5335 -ipset=/.u9un.com/gfwlist -server=/.ub0.cc/127.0.0.1#5335 -ipset=/.ub0.cc/gfwlist -server=/.ubddns.org/127.0.0.1#5335 -ipset=/.ubddns.org/gfwlist -server=/.uberproxy.net/127.0.0.1#5335 -ipset=/.uberproxy.net/gfwlist -server=/.uc-japan.org/127.0.0.1#5335 -ipset=/.uc-japan.org/gfwlist -server=/.ucdc1998.org/127.0.0.1#5335 -ipset=/.ucdc1998.org/gfwlist -server=/.uderzo.it/127.0.0.1#5335 -ipset=/.uderzo.it/gfwlist -server=/.udn.com/127.0.0.1#5335 -ipset=/.udn.com/gfwlist -server=/.uforadio.com.tw/127.0.0.1#5335 -ipset=/.uforadio.com.tw/gfwlist -server=/.ufreevpn.com/127.0.0.1#5335 -ipset=/.ufreevpn.com/gfwlist -server=/.ugo.com/127.0.0.1#5335 -ipset=/.ugo.com/gfwlist -server=/.uhdwallpapers.org/127.0.0.1#5335 -ipset=/.uhdwallpapers.org/gfwlist -server=/.uhrp.org/127.0.0.1#5335 -ipset=/.uhrp.org/gfwlist -server=/.uighur.narod.ru/127.0.0.1#5335 -ipset=/.uighur.narod.ru/gfwlist -server=/.uighur.nl/127.0.0.1#5335 -ipset=/.uighur.nl/gfwlist -server=/.uighurbiz.net/127.0.0.1#5335 -ipset=/.uighurbiz.net/gfwlist -server=/.ukcdp.co.uk/127.0.0.1#5335 -ipset=/.ukcdp.co.uk/gfwlist -server=/.ukliferadio.co.uk/127.0.0.1#5335 -ipset=/.ukliferadio.co.uk/gfwlist -server=/.uku.im/127.0.0.1#5335 -ipset=/.uku.im/gfwlist -server=/.ulike.net/127.0.0.1#5335 -ipset=/.ulike.net/gfwlist -server=/.ulop.net/127.0.0.1#5335 -ipset=/.ulop.net/gfwlist -server=/.ultravpn.fr/127.0.0.1#5335 -ipset=/.ultravpn.fr/gfwlist -server=/.ultraxs.com/127.0.0.1#5335 -ipset=/.ultraxs.com/gfwlist -server=/.unblock-us.com/127.0.0.1#5335 -ipset=/.unblock-us.com/gfwlist -server=/.unblock.cn.com/127.0.0.1#5335 -ipset=/.unblock.cn.com/gfwlist -server=/.unblockdmm.com/127.0.0.1#5335 -ipset=/.unblockdmm.com/gfwlist -server=/.unblocker.yt/127.0.0.1#5335 -ipset=/.unblocker.yt/gfwlist -server=/.unblocksit.es/127.0.0.1#5335 -ipset=/.unblocksit.es/gfwlist -server=/.uncyclomedia.org/127.0.0.1#5335 -ipset=/.uncyclomedia.org/gfwlist -server=/.uncyclopedia.hk/127.0.0.1#5335 -ipset=/.uncyclopedia.hk/gfwlist -server=/.uncyclopedia.tw/127.0.0.1#5335 -ipset=/.uncyclopedia.tw/gfwlist -server=/.underwoodammo.com/127.0.0.1#5335 -ipset=/.underwoodammo.com/gfwlist -server=/.unholyknight.com/127.0.0.1#5335 -ipset=/.unholyknight.com/gfwlist -server=/.uni.cc/127.0.0.1#5335 -ipset=/.uni.cc/gfwlist -server=/.unification.net/127.0.0.1#5335 -ipset=/.unification.net/gfwlist -server=/.unification.org.tw/127.0.0.1#5335 -ipset=/.unification.org.tw/gfwlist -server=/.unirule.cloud/127.0.0.1#5335 -ipset=/.unirule.cloud/gfwlist -server=/.unitedsocialpress.com/127.0.0.1#5335 -ipset=/.unitedsocialpress.com/gfwlist -server=/.unix100.com/127.0.0.1#5335 -ipset=/.unix100.com/gfwlist -server=/.unknownspace.org/127.0.0.1#5335 -ipset=/.unknownspace.org/gfwlist -server=/.unodedos.com/127.0.0.1#5335 -ipset=/.unodedos.com/gfwlist -server=/.unpo.org/127.0.0.1#5335 -ipset=/.unpo.org/gfwlist -server=/.unseen.is/127.0.0.1#5335 -ipset=/.unseen.is/gfwlist -server=/.untraceable.us/127.0.0.1#5335 -ipset=/.untraceable.us/gfwlist -server=/.uocn.org/127.0.0.1#5335 -ipset=/.uocn.org/gfwlist -server=/.upcoming.yahoo.com/127.0.0.1#5335 -ipset=/.upcoming.yahoo.com/gfwlist -server=/.updates.tdesktop.com/127.0.0.1#5335 -ipset=/.updates.tdesktop.com/gfwlist -server=/.upholdjustice.org/127.0.0.1#5335 -ipset=/.upholdjustice.org/gfwlist -server=/.upload4u.info/127.0.0.1#5335 -ipset=/.upload4u.info/gfwlist -server=/.upmedia.mg/127.0.0.1#5335 -ipset=/.upmedia.mg/gfwlist -server=/.upornia.com/127.0.0.1#5335 -ipset=/.upornia.com/gfwlist -server=/.uproxy.org/127.0.0.1#5335 -ipset=/.uproxy.org/gfwlist -server=/.uptodown.com/127.0.0.1#5335 -ipset=/.uptodown.com/gfwlist -server=/.upwill.org/127.0.0.1#5335 -ipset=/.upwill.org/gfwlist -server=/.ur7s.com/127.0.0.1#5335 -ipset=/.ur7s.com/gfwlist -server=/.uraban.me/127.0.0.1#5335 -ipset=/.uraban.me/gfwlist -server=/.urbansurvival.com/127.0.0.1#5335 -ipset=/.urbansurvival.com/gfwlist -server=/.urchin.com/127.0.0.1#5335 -ipset=/.urchin.com/gfwlist -server=/.urlborg.com/127.0.0.1#5335 -ipset=/.urlborg.com/gfwlist -server=/.urlparser.com/127.0.0.1#5335 -ipset=/.urlparser.com/gfwlist -server=/.us.to/127.0.0.1#5335 -ipset=/.us.to/gfwlist -server=/.usacn.com/127.0.0.1#5335 -ipset=/.usacn.com/gfwlist -server=/.usaip.eu/127.0.0.1#5335 -ipset=/.usaip.eu/gfwlist -server=/.userapi.nytlog.com/127.0.0.1#5335 -ipset=/.userapi.nytlog.com/gfwlist -server=/.usfk.mil/127.0.0.1#5335 -ipset=/.usfk.mil/gfwlist -server=/.ushuarencity.echainhost.com/127.0.0.1#5335 -ipset=/.ushuarencity.echainhost.com/gfwlist -server=/.usinfo.state.gov/127.0.0.1#5335 -ipset=/.usinfo.state.gov/gfwlist -server=/.usma.edu/127.0.0.1#5335 -ipset=/.usma.edu/gfwlist -server=/.usmc.mil/127.0.0.1#5335 -ipset=/.usmc.mil/gfwlist -server=/.usno.navy.mil/127.0.0.1#5335 -ipset=/.usno.navy.mil/gfwlist -server=/.usocctn.com/127.0.0.1#5335 -ipset=/.usocctn.com/gfwlist -server=/.ustream.tv/127.0.0.1#5335 -ipset=/.ustream.tv/gfwlist -server=/.usunitednews.com/127.0.0.1#5335 -ipset=/.usunitednews.com/gfwlist -server=/.usus.cc/127.0.0.1#5335 -ipset=/.usus.cc/gfwlist -server=/.utopianpal.com/127.0.0.1#5335 -ipset=/.utopianpal.com/gfwlist -server=/.uu-gg.com/127.0.0.1#5335 -ipset=/.uu-gg.com/gfwlist -server=/.uukanshu.com/127.0.0.1#5335 -ipset=/.uukanshu.com/gfwlist -server=/.uvwxyz.xyz/127.0.0.1#5335 -ipset=/.uvwxyz.xyz/gfwlist -server=/.uwants.com/127.0.0.1#5335 -ipset=/.uwants.com/gfwlist -server=/.uwants.net/127.0.0.1#5335 -ipset=/.uwants.net/gfwlist -server=/.uyghur-j.org/127.0.0.1#5335 -ipset=/.uyghur-j.org/gfwlist -server=/.uyghur.co.uk/127.0.0.1#5335 -ipset=/.uyghur.co.uk/gfwlist -server=/.uyghuramerican.org/127.0.0.1#5335 -ipset=/.uyghuramerican.org/gfwlist -server=/.uyghurcanadiansociety.org/127.0.0.1#5335 -ipset=/.uyghurcanadiansociety.org/gfwlist -server=/.uyghurcongress.org/127.0.0.1#5335 -ipset=/.uyghurcongress.org/gfwlist -server=/.uyghurensemble.co.uk/127.0.0.1#5335 -ipset=/.uyghurensemble.co.uk/gfwlist -server=/.uyghurpen.org/127.0.0.1#5335 -ipset=/.uyghurpen.org/gfwlist -server=/.uyghurpress.com/127.0.0.1#5335 -ipset=/.uyghurpress.com/gfwlist -server=/.uyghurstudies.org/127.0.0.1#5335 -ipset=/.uyghurstudies.org/gfwlist -server=/.uygur.org/127.0.0.1#5335 -ipset=/.uygur.org/gfwlist -server=/.v2ray.com/127.0.0.1#5335 -ipset=/.v2ray.com/gfwlist -server=/.van001.com/127.0.0.1#5335 -ipset=/.van001.com/gfwlist -server=/.van698.com/127.0.0.1#5335 -ipset=/.van698.com/gfwlist -server=/.vanemu.cn/127.0.0.1#5335 -ipset=/.vanemu.cn/gfwlist -server=/.vanilla-jp.com/127.0.0.1#5335 -ipset=/.vanilla-jp.com/gfwlist -server=/.vanpeople.com/127.0.0.1#5335 -ipset=/.vanpeople.com/gfwlist -server=/.vansky.com/127.0.0.1#5335 -ipset=/.vansky.com/gfwlist -server=/.vaticannews.va/127.0.0.1#5335 -ipset=/.vaticannews.va/gfwlist -server=/.vatn.org/127.0.0.1#5335 -ipset=/.vatn.org/gfwlist -server=/.vcf-online.org/127.0.0.1#5335 -ipset=/.vcf-online.org/gfwlist -server=/.vcfbuilder.org/127.0.0.1#5335 -ipset=/.vcfbuilder.org/gfwlist -server=/.vegas.williamhill.com/127.0.0.1#5335 -ipset=/.vegas.williamhill.com/gfwlist -server=/.vegasred.com/127.0.0.1#5335 -ipset=/.vegasred.com/gfwlist -server=/.velkaepocha.sk/127.0.0.1#5335 -ipset=/.velkaepocha.sk/gfwlist -server=/.venbbs.com/127.0.0.1#5335 -ipset=/.venbbs.com/gfwlist -server=/.venchina.com/127.0.0.1#5335 -ipset=/.venchina.com/gfwlist -server=/.venetianmacao.com/127.0.0.1#5335 -ipset=/.venetianmacao.com/gfwlist -server=/.ventureswell.com/127.0.0.1#5335 -ipset=/.ventureswell.com/gfwlist -server=/.veoh.com/127.0.0.1#5335 -ipset=/.veoh.com/gfwlist -server=/.vermonttibet.org/127.0.0.1#5335 -ipset=/.vermonttibet.org/gfwlist -server=/.versavpn.com/127.0.0.1#5335 -ipset=/.versavpn.com/gfwlist -server=/.verybs.com/127.0.0.1#5335 -ipset=/.verybs.com/gfwlist -server=/.vevo.com/127.0.0.1#5335 -ipset=/.vevo.com/gfwlist -server=/.vft.com.tw/127.0.0.1#5335 -ipset=/.vft.com.tw/gfwlist -server=/.viber.com/127.0.0.1#5335 -ipset=/.viber.com/gfwlist -server=/.vica.info/127.0.0.1#5335 -ipset=/.vica.info/gfwlist -server=/.victimsofcommunism.org/127.0.0.1#5335 -ipset=/.victimsofcommunism.org/gfwlist -server=/.vid.me/127.0.0.1#5335 -ipset=/.vid.me/gfwlist -server=/.vidble.com/127.0.0.1#5335 -ipset=/.vidble.com/gfwlist -server=/.video.aol.com/127.0.0.1#5335 -ipset=/.video.aol.com/gfwlist -server=/.video.ap.org/127.0.0.1#5335 -ipset=/.video.ap.org/gfwlist -server=/.video.fdbox.com/127.0.0.1#5335 -ipset=/.video.fdbox.com/gfwlist -server=/.video.foxbusiness.com/127.0.0.1#5335 -ipset=/.video.foxbusiness.com/gfwlist -server=/.video.pbs.org/127.0.0.1#5335 -ipset=/.video.pbs.org/gfwlist -server=/.video.yahoo.com/127.0.0.1#5335 -ipset=/.video.yahoo.com/gfwlist -server=/.videobam.com/127.0.0.1#5335 -ipset=/.videobam.com/gfwlist -server=/.videodetective.com/127.0.0.1#5335 -ipset=/.videodetective.com/gfwlist -server=/.videomega.tv/127.0.0.1#5335 -ipset=/.videomega.tv/gfwlist -server=/.videomo.com/127.0.0.1#5335 -ipset=/.videomo.com/gfwlist -server=/.videopediaworld.com/127.0.0.1#5335 -ipset=/.videopediaworld.com/gfwlist -server=/.videopress.com/127.0.0.1#5335 -ipset=/.videopress.com/gfwlist -server=/.vietdaikynguyen.com/127.0.0.1#5335 -ipset=/.vietdaikynguyen.com/gfwlist -server=/.vijayatemple.org/127.0.0.1#5335 -ipset=/.vijayatemple.org/gfwlist -server=/.vimeo.com/127.0.0.1#5335 -ipset=/.vimeo.com/gfwlist -server=/.vimperator.org/127.0.0.1#5335 -ipset=/.vimperator.org/gfwlist -server=/.vincnd.com/127.0.0.1#5335 -ipset=/.vincnd.com/gfwlist -server=/.vine.co/127.0.0.1#5335 -ipset=/.vine.co/gfwlist -server=/.vinniev.com/127.0.0.1#5335 -ipset=/.vinniev.com/gfwlist -server=/.vip-enterprise.com/127.0.0.1#5335 -ipset=/.vip-enterprise.com/gfwlist -server=/.virtualrealporn.com/127.0.0.1#5335 -ipset=/.virtualrealporn.com/gfwlist -server=/.visibletweets.com/127.0.0.1#5335 -ipset=/.visibletweets.com/gfwlist -server=/.vital247.org/127.0.0.1#5335 -ipset=/.vital247.org/gfwlist -server=/.viu.com/127.0.0.1#5335 -ipset=/.viu.com/gfwlist -server=/.vivahentai4u.net/127.0.0.1#5335 -ipset=/.vivahentai4u.net/gfwlist -server=/.vivatube.com/127.0.0.1#5335 -ipset=/.vivatube.com/gfwlist -server=/.vivthomas.com/127.0.0.1#5335 -ipset=/.vivthomas.com/gfwlist -server=/.vizvaz.com/127.0.0.1#5335 -ipset=/.vizvaz.com/gfwlist -server=/.vjav.com/127.0.0.1#5335 -ipset=/.vjav.com/gfwlist -server=/.vjmedia.com.hk/127.0.0.1#5335 -ipset=/.vjmedia.com.hk/gfwlist -server=/.vllcs.org/127.0.0.1#5335 -ipset=/.vllcs.org/gfwlist -server=/.vlog.xuite.net/127.0.0.1#5335 -ipset=/.vlog.xuite.net/gfwlist -server=/.vmixcore.com/127.0.0.1#5335 -ipset=/.vmixcore.com/gfwlist -server=/.vmpsoft.com/127.0.0.1#5335 -ipset=/.vmpsoft.com/gfwlist -server=/.vnet.link/127.0.0.1#5335 -ipset=/.vnet.link/gfwlist -server=/.voa-11.akacast.akamaistream.net/127.0.0.1#5335 -ipset=/.voa-11.akacast.akamaistream.net/gfwlist -server=/.voacantonese.com/127.0.0.1#5335 -ipset=/.voacantonese.com/gfwlist -server=/.voachinese.com/127.0.0.1#5335 -ipset=/.voachinese.com/gfwlist -server=/.voachineseblog.com/127.0.0.1#5335 -ipset=/.voachineseblog.com/gfwlist -server=/.voagd.com/127.0.0.1#5335 -ipset=/.voagd.com/gfwlist -server=/.voanews.com/127.0.0.1#5335 -ipset=/.voanews.com/gfwlist -server=/.voatibetan.com/127.0.0.1#5335 -ipset=/.voatibetan.com/gfwlist -server=/.voatibetanenglish.com/127.0.0.1#5335 -ipset=/.voatibetanenglish.com/gfwlist -server=/.vocativ.com/127.0.0.1#5335 -ipset=/.vocativ.com/gfwlist -server=/.vocn.tv/127.0.0.1#5335 -ipset=/.vocn.tv/gfwlist -server=/.vod-abematv.akamaized.net/127.0.0.1#5335 -ipset=/.vod-abematv.akamaized.net/gfwlist -server=/.vod.wwe.com/127.0.0.1#5335 -ipset=/.vod.wwe.com/gfwlist -server=/.vot.org/127.0.0.1#5335 -ipset=/.vot.org/gfwlist -server=/.vovo2000.com/127.0.0.1#5335 -ipset=/.vovo2000.com/gfwlist -server=/.voxer.com/127.0.0.1#5335 -ipset=/.voxer.com/gfwlist -server=/.voy.com/127.0.0.1#5335 -ipset=/.voy.com/gfwlist -server=/.vpn.ac/127.0.0.1#5335 -ipset=/.vpn.ac/gfwlist -server=/.vpn.cjb.net/127.0.0.1#5335 -ipset=/.vpn.cjb.net/gfwlist -server=/.vpn.cmu.edu/127.0.0.1#5335 -ipset=/.vpn.cmu.edu/gfwlist -server=/.vpn.sv.cmu.edu/127.0.0.1#5335 -ipset=/.vpn.sv.cmu.edu/gfwlist -server=/.vpn4all.com/127.0.0.1#5335 -ipset=/.vpn4all.com/gfwlist -server=/.vpnaccount.org/127.0.0.1#5335 -ipset=/.vpnaccount.org/gfwlist -server=/.vpnaccounts.com/127.0.0.1#5335 -ipset=/.vpnaccounts.com/gfwlist -server=/.vpnbook.com/127.0.0.1#5335 -ipset=/.vpnbook.com/gfwlist -server=/.vpncomparison.org/127.0.0.1#5335 -ipset=/.vpncomparison.org/gfwlist -server=/.vpncoupons.com/127.0.0.1#5335 -ipset=/.vpncoupons.com/gfwlist -server=/.vpncup.com/127.0.0.1#5335 -ipset=/.vpncup.com/gfwlist -server=/.vpndada.com/127.0.0.1#5335 -ipset=/.vpndada.com/gfwlist -server=/.vpnfan.com/127.0.0.1#5335 -ipset=/.vpnfan.com/gfwlist -server=/.vpnfire.com/127.0.0.1#5335 -ipset=/.vpnfire.com/gfwlist -server=/.vpnfires.biz/127.0.0.1#5335 -ipset=/.vpnfires.biz/gfwlist -server=/.vpnforgame.net/127.0.0.1#5335 -ipset=/.vpnforgame.net/gfwlist -server=/.vpngate.jp/127.0.0.1#5335 -ipset=/.vpngate.jp/gfwlist -server=/.vpngate.net/127.0.0.1#5335 -ipset=/.vpngate.net/gfwlist -server=/.vpngratis.net/127.0.0.1#5335 -ipset=/.vpngratis.net/gfwlist -server=/.vpnhq.com/127.0.0.1#5335 -ipset=/.vpnhq.com/gfwlist -server=/.vpninja.net/127.0.0.1#5335 -ipset=/.vpninja.net/gfwlist -server=/.vpnintouch.com/127.0.0.1#5335 -ipset=/.vpnintouch.com/gfwlist -server=/.vpnintouch.net/127.0.0.1#5335 -ipset=/.vpnintouch.net/gfwlist -server=/.vpnjack.com/127.0.0.1#5335 -ipset=/.vpnjack.com/gfwlist -server=/.vpnmaster.com/127.0.0.1#5335 -ipset=/.vpnmaster.com/gfwlist -server=/.vpnmentor.com/127.0.0.1#5335 -ipset=/.vpnmentor.com/gfwlist -server=/.vpnpick.com/127.0.0.1#5335 -ipset=/.vpnpick.com/gfwlist -server=/.vpnpop.com/127.0.0.1#5335 -ipset=/.vpnpop.com/gfwlist -server=/.vpnpronet.com/127.0.0.1#5335 -ipset=/.vpnpronet.com/gfwlist -server=/.vpnreactor.com/127.0.0.1#5335 -ipset=/.vpnreactor.com/gfwlist -server=/.vpnreviewz.com/127.0.0.1#5335 -ipset=/.vpnreviewz.com/gfwlist -server=/.vpnsecure.me/127.0.0.1#5335 -ipset=/.vpnsecure.me/gfwlist -server=/.vpnshazam.com/127.0.0.1#5335 -ipset=/.vpnshazam.com/gfwlist -server=/.vpnshieldapp.com/127.0.0.1#5335 -ipset=/.vpnshieldapp.com/gfwlist -server=/.vpnsp.com/127.0.0.1#5335 -ipset=/.vpnsp.com/gfwlist -server=/.vpntraffic.com/127.0.0.1#5335 -ipset=/.vpntraffic.com/gfwlist -server=/.vpntunnel.com/127.0.0.1#5335 -ipset=/.vpntunnel.com/gfwlist -server=/.vpnuk.info/127.0.0.1#5335 -ipset=/.vpnuk.info/gfwlist -server=/.vpnunlimitedapp.com/127.0.0.1#5335 -ipset=/.vpnunlimitedapp.com/gfwlist -server=/.vpnvip.com/127.0.0.1#5335 -ipset=/.vpnvip.com/gfwlist -server=/.vpnworldwide.com/127.0.0.1#5335 -ipset=/.vpnworldwide.com/gfwlist -server=/.vporn.com/127.0.0.1#5335 -ipset=/.vporn.com/gfwlist -server=/.vpser.net/127.0.0.1#5335 -ipset=/.vpser.net/gfwlist -server=/.vraiesagesse.net/127.0.0.1#5335 -ipset=/.vraiesagesse.net/gfwlist -server=/.vrmtr.com/127.0.0.1#5335 -ipset=/.vrmtr.com/gfwlist -server=/.vrsmash.com/127.0.0.1#5335 -ipset=/.vrsmash.com/gfwlist -server=/.vtunnel.com/127.0.0.1#5335 -ipset=/.vtunnel.com/gfwlist -server=/.vuku.cc/127.0.0.1#5335 -ipset=/.vuku.cc/gfwlist -server=/.vultryhw.com/127.0.0.1#5335 -ipset=/.vultryhw.com/gfwlist -server=/.w3schools.com/127.0.0.1#5335 -ipset=/.w3schools.com/gfwlist -server=/.waffle1999.com/127.0.0.1#5335 -ipset=/.waffle1999.com/gfwlist -server=/.wahas.com/127.0.0.1#5335 -ipset=/.wahas.com/gfwlist -server=/.waigaobu.com/127.0.0.1#5335 -ipset=/.waigaobu.com/gfwlist -server=/.wailaike.net/127.0.0.1#5335 -ipset=/.wailaike.net/gfwlist -server=/.waiwaier.com/127.0.0.1#5335 -ipset=/.waiwaier.com/gfwlist -server=/.wallmama.com/127.0.0.1#5335 -ipset=/.wallmama.com/gfwlist -server=/.wallornot.org/127.0.0.1#5335 -ipset=/.wallornot.org/gfwlist -server=/.wallpapercasa.com/127.0.0.1#5335 -ipset=/.wallpapercasa.com/gfwlist -server=/.wallproxy.com/127.0.0.1#5335 -ipset=/.wallproxy.com/gfwlist -server=/.waltermartin.com/127.0.0.1#5335 -ipset=/.waltermartin.com/gfwlist -server=/.waltermartin.org/127.0.0.1#5335 -ipset=/.waltermartin.org/gfwlist -server=/.wanderinghorse.net/127.0.0.1#5335 -ipset=/.wanderinghorse.net/gfwlist -server=/.wangafu.net/127.0.0.1#5335 -ipset=/.wangafu.net/gfwlist -server=/.wangjinbo.org/127.0.0.1#5335 -ipset=/.wangjinbo.org/gfwlist -server=/.wanglixiong.com/127.0.0.1#5335 -ipset=/.wanglixiong.com/gfwlist -server=/.wango.org/127.0.0.1#5335 -ipset=/.wango.org/gfwlist -server=/.wangruoshui.net/127.0.0.1#5335 -ipset=/.wangruoshui.net/gfwlist -server=/.want-daily.com/127.0.0.1#5335 -ipset=/.want-daily.com/gfwlist -server=/.wanz-factory.com/127.0.0.1#5335 -ipset=/.wanz-factory.com/gfwlist -server=/.warbler.iconfactory.net/127.0.0.1#5335 -ipset=/.warbler.iconfactory.net/gfwlist -server=/.waselpro.com/127.0.0.1#5335 -ipset=/.waselpro.com/gfwlist -server=/.washeng.net/127.0.0.1#5335 -ipset=/.washeng.net/gfwlist -server=/.washingtonpost.com/127.0.0.1#5335 -ipset=/.washingtonpost.com/gfwlist -server=/.watch8x.com/127.0.0.1#5335 -ipset=/.watch8x.com/gfwlist -server=/.watchinese.com/127.0.0.1#5335 -ipset=/.watchinese.com/gfwlist -server=/.watchmygf.net/127.0.0.1#5335 -ipset=/.watchmygf.net/gfwlist -server=/.wattpad.com/127.0.0.1#5335 -ipset=/.wattpad.com/gfwlist -server=/.wav.tv/127.0.0.1#5335 -ipset=/.wav.tv/gfwlist -server=/.waveprotocol.org/127.0.0.1#5335 -ipset=/.waveprotocol.org/gfwlist -server=/.waymo.com/127.0.0.1#5335 -ipset=/.waymo.com/gfwlist -server=/.wda.gov.tw/127.0.0.1#5335 -ipset=/.wda.gov.tw/gfwlist -server=/.wdf5.com/127.0.0.1#5335 -ipset=/.wdf5.com/gfwlist -server=/.wearehairy.com/127.0.0.1#5335 -ipset=/.wearehairy.com/gfwlist -server=/.wearn.com/127.0.0.1#5335 -ipset=/.wearn.com/gfwlist -server=/.web.dev/127.0.0.1#5335 -ipset=/.web.dev/gfwlist -server=/.web2project.net/127.0.0.1#5335 -ipset=/.web2project.net/gfwlist -server=/.webbang.net/127.0.0.1#5335 -ipset=/.webbang.net/gfwlist -server=/.webevader.org/127.0.0.1#5335 -ipset=/.webevader.org/gfwlist -server=/.webfreer.com/127.0.0.1#5335 -ipset=/.webfreer.com/gfwlist -server=/.webjb.org/127.0.0.1#5335 -ipset=/.webjb.org/gfwlist -server=/.weblagu.com/127.0.0.1#5335 -ipset=/.weblagu.com/gfwlist -server=/.webmproject.org/127.0.0.1#5335 -ipset=/.webmproject.org/gfwlist -server=/.webrtc.org/127.0.0.1#5335 -ipset=/.webrtc.org/gfwlist -server=/.webrush.net/127.0.0.1#5335 -ipset=/.webrush.net/gfwlist -server=/.webs-tv.net/127.0.0.1#5335 -ipset=/.webs-tv.net/gfwlist -server=/.website.informer.com/127.0.0.1#5335 -ipset=/.website.informer.com/gfwlist -server=/.webwarper.net/127.0.0.1#5335 -ipset=/.webwarper.net/gfwlist -server=/.webworkerdaily.com/127.0.0.1#5335 -ipset=/.webworkerdaily.com/gfwlist -server=/.weekmag.info/127.0.0.1#5335 -ipset=/.weekmag.info/gfwlist -server=/.wefightcensorship.org/127.0.0.1#5335 -ipset=/.wefightcensorship.org/gfwlist -server=/.wefong.com/127.0.0.1#5335 -ipset=/.wefong.com/gfwlist -server=/.wego.here.com/127.0.0.1#5335 -ipset=/.wego.here.com/gfwlist -server=/.weiboleak.com/127.0.0.1#5335 -ipset=/.weiboleak.com/gfwlist -server=/.weiboscope.jmsc.hku.hk/127.0.0.1#5335 -ipset=/.weiboscope.jmsc.hku.hk/gfwlist -server=/.weihuo.org/127.0.0.1#5335 -ipset=/.weihuo.org/gfwlist -server=/.weijingsheng.org/127.0.0.1#5335 -ipset=/.weijingsheng.org/gfwlist -server=/.weiming.info/127.0.0.1#5335 -ipset=/.weiming.info/gfwlist -server=/.weiquanwang.org/127.0.0.1#5335 -ipset=/.weiquanwang.org/gfwlist -server=/.weisuo.ws/127.0.0.1#5335 -ipset=/.weisuo.ws/gfwlist -server=/.welovecock.com/127.0.0.1#5335 -ipset=/.welovecock.com/gfwlist -server=/.wemigrate.org/127.0.0.1#5335 -ipset=/.wemigrate.org/gfwlist -server=/.wengewang.com/127.0.0.1#5335 -ipset=/.wengewang.com/gfwlist -server=/.wengewang.org/127.0.0.1#5335 -ipset=/.wengewang.org/gfwlist -server=/.wenhui.ch/127.0.0.1#5335 -ipset=/.wenhui.ch/gfwlist -server=/.wenxuecity.com/127.0.0.1#5335 -ipset=/.wenxuecity.com/gfwlist -server=/.wenyunchao.com/127.0.0.1#5335 -ipset=/.wenyunchao.com/gfwlist -server=/.wenzhao.ca/127.0.0.1#5335 -ipset=/.wenzhao.ca/gfwlist -server=/.westca.com/127.0.0.1#5335 -ipset=/.westca.com/gfwlist -server=/.westernshugdensociety.org/127.0.0.1#5335 -ipset=/.westernshugdensociety.org/gfwlist -server=/.westernwolves.com/127.0.0.1#5335 -ipset=/.westernwolves.com/gfwlist -server=/.westkit.net/127.0.0.1#5335 -ipset=/.westkit.net/gfwlist -server=/.westpoint.edu/127.0.0.1#5335 -ipset=/.westpoint.edu/gfwlist -server=/.wetplace.com/127.0.0.1#5335 -ipset=/.wetplace.com/gfwlist -server=/.wetpussygames.com/127.0.0.1#5335 -ipset=/.wetpussygames.com/gfwlist -server=/.wexiaobo.org/127.0.0.1#5335 -ipset=/.wexiaobo.org/gfwlist -server=/.wezhiyong.org/127.0.0.1#5335 -ipset=/.wezhiyong.org/gfwlist -server=/.wezone.net/127.0.0.1#5335 -ipset=/.wezone.net/gfwlist -server=/.wforum.com/127.0.0.1#5335 -ipset=/.wforum.com/gfwlist -server=/.wha.la/127.0.0.1#5335 -ipset=/.wha.la/gfwlist -server=/.whatblocked.com/127.0.0.1#5335 -ipset=/.whatblocked.com/gfwlist -server=/.whatbrowser.org/127.0.0.1#5335 -ipset=/.whatbrowser.org/gfwlist -server=/.whatsapp.com/127.0.0.1#5335 -ipset=/.whatsapp.com/gfwlist -server=/.whatsapp.net/127.0.0.1#5335 -ipset=/.whatsapp.net/gfwlist -server=/.wheatseeds.org/127.0.0.1#5335 -ipset=/.wheatseeds.org/gfwlist -server=/.wheelockslatin.com/127.0.0.1#5335 -ipset=/.wheelockslatin.com/gfwlist -server=/.whereiswerner.com/127.0.0.1#5335 -ipset=/.whereiswerner.com/gfwlist -server=/.wheretowatch.com/127.0.0.1#5335 -ipset=/.wheretowatch.com/gfwlist -server=/.whichav.com/127.0.0.1#5335 -ipset=/.whichav.com/gfwlist -server=/.whippedass.com/127.0.0.1#5335 -ipset=/.whippedass.com/gfwlist -server=/.whitebear.freebearblog.org/127.0.0.1#5335 -ipset=/.whitebear.freebearblog.org/gfwlist -server=/.whodns.xyz/127.0.0.1#5335 -ipset=/.whodns.xyz/gfwlist -server=/.whoer.net/127.0.0.1#5335 -ipset=/.whoer.net/gfwlist -server=/.whotalking.com/127.0.0.1#5335 -ipset=/.whotalking.com/gfwlist -server=/.whylover.com/127.0.0.1#5335 -ipset=/.whylover.com/gfwlist -server=/.whyx.org/127.0.0.1#5335 -ipset=/.whyx.org/gfwlist -server=/.widevine.com/127.0.0.1#5335 -ipset=/.widevine.com/gfwlist -server=/.wikaba.com/127.0.0.1#5335 -ipset=/.wikaba.com/gfwlist -server=/.wiki.cnitter.com/127.0.0.1#5335 -ipset=/.wiki.cnitter.com/gfwlist -server=/.wiki.gamerp.jp/127.0.0.1#5335 -ipset=/.wiki.gamerp.jp/gfwlist -server=/.wiki.jqueryui.com/127.0.0.1#5335 -ipset=/.wiki.jqueryui.com/gfwlist -server=/.wiki.moegirl.org/127.0.0.1#5335 -ipset=/.wiki.moegirl.org/gfwlist -server=/.wiki.oauth.net/127.0.0.1#5335 -ipset=/.wiki.oauth.net/gfwlist -server=/.wiki.phonegap.com/127.0.0.1#5335 -ipset=/.wiki.phonegap.com/gfwlist -server=/.wikileaks-forum.com/127.0.0.1#5335 -ipset=/.wikileaks-forum.com/gfwlist -server=/.wikileaks.ch/127.0.0.1#5335 -ipset=/.wikileaks.ch/gfwlist -server=/.wikileaks.com/127.0.0.1#5335 -ipset=/.wikileaks.com/gfwlist -server=/.wikileaks.de/127.0.0.1#5335 -ipset=/.wikileaks.de/gfwlist -server=/.wikileaks.eu/127.0.0.1#5335 -ipset=/.wikileaks.eu/gfwlist -server=/.wikileaks.lu/127.0.0.1#5335 -ipset=/.wikileaks.lu/gfwlist -server=/.wikileaks.org/127.0.0.1#5335 -ipset=/.wikileaks.org/gfwlist -server=/.wikileaks.pl/127.0.0.1#5335 -ipset=/.wikileaks.pl/gfwlist -server=/.wikimapia.org/127.0.0.1#5335 -ipset=/.wikimapia.org/gfwlist -server=/.wikipedia.org/127.0.0.1#5335 -ipset=/.wikipedia.org/gfwlist -server=/.wikiwiki.jp/127.0.0.1#5335 -ipset=/.wikiwiki.jp/gfwlist -server=/.wildammo.com/127.0.0.1#5335 -ipset=/.wildammo.com/gfwlist -server=/.williamhill.com/127.0.0.1#5335 -ipset=/.williamhill.com/gfwlist -server=/.willw.net/127.0.0.1#5335 -ipset=/.willw.net/gfwlist -server=/.windowsphoneme.com/127.0.0.1#5335 -ipset=/.windowsphoneme.com/gfwlist -server=/.windscribe.com/127.0.0.1#5335 -ipset=/.windscribe.com/gfwlist -server=/.wingamestore.com/127.0.0.1#5335 -ipset=/.wingamestore.com/gfwlist -server=/.wingy.site/127.0.0.1#5335 -ipset=/.wingy.site/gfwlist -server=/.winning11.com/127.0.0.1#5335 -ipset=/.winning11.com/gfwlist -server=/.winwhispers.info/127.0.0.1#5335 -ipset=/.winwhispers.info/gfwlist -server=/.wire.com/127.0.0.1#5335 -ipset=/.wire.com/gfwlist -server=/.wiredbytes.com/127.0.0.1#5335 -ipset=/.wiredbytes.com/gfwlist -server=/.wiredpen.com/127.0.0.1#5335 -ipset=/.wiredpen.com/gfwlist -server=/.wisdompubs.org/127.0.0.1#5335 -ipset=/.wisdompubs.org/gfwlist -server=/.wisevid.com/127.0.0.1#5335 -ipset=/.wisevid.com/gfwlist -server=/.withgoogle.com/127.0.0.1#5335 -ipset=/.withgoogle.com/gfwlist -server=/.withyoutube.com/127.0.0.1#5335 -ipset=/.withyoutube.com/gfwlist -server=/.witnessleeteaching.com/127.0.0.1#5335 -ipset=/.witnessleeteaching.com/gfwlist -server=/.witopia.net/127.0.0.1#5335 -ipset=/.witopia.net/gfwlist -server=/.wizcrafts.net/127.0.0.1#5335 -ipset=/.wizcrafts.net/gfwlist -server=/.wjbk.org/127.0.0.1#5335 -ipset=/.wjbk.org/gfwlist -server=/.wlcnew.jigsy.com/127.0.0.1#5335 -ipset=/.wlcnew.jigsy.com/gfwlist -server=/.wlx.sowiki.net/127.0.0.1#5335 -ipset=/.wlx.sowiki.net/gfwlist -server=/.wn.com/127.0.0.1#5335 -ipset=/.wn.com/gfwlist -server=/.wnacg.com/127.0.0.1#5335 -ipset=/.wnacg.com/gfwlist -server=/.wnacg.org/127.0.0.1#5335 -ipset=/.wnacg.org/gfwlist -server=/.wo.tc/127.0.0.1#5335 -ipset=/.wo.tc/gfwlist -server=/.wo3ttt.wordpress.com/127.0.0.1#5335 -ipset=/.wo3ttt.wordpress.com/gfwlist -server=/.woeser.com/127.0.0.1#5335 -ipset=/.woeser.com/gfwlist -server=/.wokar.org/127.0.0.1#5335 -ipset=/.wokar.org/gfwlist -server=/.wolfax.com/127.0.0.1#5335 -ipset=/.wolfax.com/gfwlist -server=/.woolyss.com/127.0.0.1#5335 -ipset=/.woolyss.com/gfwlist -server=/.woopie.jp/127.0.0.1#5335 -ipset=/.woopie.jp/gfwlist -server=/.woopie.tv/127.0.0.1#5335 -ipset=/.woopie.tv/gfwlist -server=/.wordpress.com/127.0.0.1#5335 -ipset=/.wordpress.com/gfwlist -server=/.workatruna.com/127.0.0.1#5335 -ipset=/.workatruna.com/gfwlist -server=/.workerdemo.org.hk/127.0.0.1#5335 -ipset=/.workerdemo.org.hk/gfwlist -server=/.workerempowerment.org/127.0.0.1#5335 -ipset=/.workerempowerment.org/gfwlist -server=/.workersthebig.net/127.0.0.1#5335 -ipset=/.workersthebig.net/gfwlist -server=/.worldcat.org/127.0.0.1#5335 -ipset=/.worldcat.org/gfwlist -server=/.worldjournal.com/127.0.0.1#5335 -ipset=/.worldjournal.com/gfwlist -server=/.worldvpn.net/127.0.0.1#5335 -ipset=/.worldvpn.net/gfwlist -server=/.wow-life.net/127.0.0.1#5335 -ipset=/.wow-life.net/gfwlist -server=/.wow.com/127.0.0.1#5335 -ipset=/.wow.com/gfwlist -server=/.wowgirls.com/127.0.0.1#5335 -ipset=/.wowgirls.com/gfwlist -server=/.wowlegacy.ml/127.0.0.1#5335 -ipset=/.wowlegacy.ml/gfwlist -server=/.wowporn.com/127.0.0.1#5335 -ipset=/.wowporn.com/gfwlist -server=/.wowrk.com/127.0.0.1#5335 -ipset=/.wowrk.com/gfwlist -server=/.woxinghuiguo.com/127.0.0.1#5335 -ipset=/.woxinghuiguo.com/gfwlist -server=/.woyaolian.org/127.0.0.1#5335 -ipset=/.woyaolian.org/gfwlist -server=/.wozy.in/127.0.0.1#5335 -ipset=/.wozy.in/gfwlist -server=/.wp.com/127.0.0.1#5335 -ipset=/.wp.com/gfwlist -server=/.wpoforum.com/127.0.0.1#5335 -ipset=/.wpoforum.com/gfwlist -server=/.wqyd.org/127.0.0.1#5335 -ipset=/.wqyd.org/gfwlist -server=/.wrchina.org/127.0.0.1#5335 -ipset=/.wrchina.org/gfwlist -server=/.wretch.cc/127.0.0.1#5335 -ipset=/.wretch.cc/gfwlist -server=/.writer.zoho.com/127.0.0.1#5335 -ipset=/.writer.zoho.com/gfwlist -server=/.wsgzao.github.io/127.0.0.1#5335 -ipset=/.wsgzao.github.io/gfwlist -server=/.wsj.com/127.0.0.1#5335 -ipset=/.wsj.com/gfwlist -server=/.wsj.net/127.0.0.1#5335 -ipset=/.wsj.net/gfwlist -server=/.wsjhk.com/127.0.0.1#5335 -ipset=/.wsjhk.com/gfwlist -server=/.wtbn.org/127.0.0.1#5335 -ipset=/.wtbn.org/gfwlist -server=/.wtfpeople.com/127.0.0.1#5335 -ipset=/.wtfpeople.com/gfwlist -server=/.wuerkaixi.com/127.0.0.1#5335 -ipset=/.wuerkaixi.com/gfwlist -server=/.wufafangwen.com/127.0.0.1#5335 -ipset=/.wufafangwen.com/gfwlist -server=/.wufi.org.tw/127.0.0.1#5335 -ipset=/.wufi.org.tw/gfwlist -server=/.wuguoguang.com/127.0.0.1#5335 -ipset=/.wuguoguang.com/gfwlist -server=/.wujie.net/127.0.0.1#5335 -ipset=/.wujie.net/gfwlist -server=/.wujieliulan.com/127.0.0.1#5335 -ipset=/.wujieliulan.com/gfwlist -server=/.wukangrui.net/127.0.0.1#5335 -ipset=/.wukangrui.net/gfwlist -server=/.wuw.red/127.0.0.1#5335 -ipset=/.wuw.red/gfwlist -server=/.wuyanblog.com/127.0.0.1#5335 -ipset=/.wuyanblog.com/gfwlist -server=/.wwitv.com/127.0.0.1#5335 -ipset=/.wwitv.com/gfwlist -server=/.www.abclite.net/127.0.0.1#5335 -ipset=/.www.abclite.net/gfwlist -server=/.www.ajsands.com/127.0.0.1#5335 -ipset=/.www.ajsands.com/gfwlist -server=/.www.americorps.gov/127.0.0.1#5335 -ipset=/.www.americorps.gov/gfwlist -server=/.www.antd.org/127.0.0.1#5335 -ipset=/.www.antd.org/gfwlist -server=/.www.aolnews.com/127.0.0.1#5335 -ipset=/.www.aolnews.com/gfwlist -server=/.www.citizenlab.org/127.0.0.1#5335 -ipset=/.www.citizenlab.org/gfwlist -server=/.www.cmoinc.org/127.0.0.1#5335 -ipset=/.www.cmoinc.org/gfwlist -server=/.www.dwheeler.com/127.0.0.1#5335 -ipset=/.www.dwheeler.com/gfwlist -server=/.www.gmiddle.com/127.0.0.1#5335 -ipset=/.www.gmiddle.com/gfwlist -server=/.www.gmiddle.net/127.0.0.1#5335 -ipset=/.www.gmiddle.net/gfwlist -server=/.www.idlcoyote.com/127.0.0.1#5335 -ipset=/.www.idlcoyote.com/gfwlist -server=/.www.kindleren.com/127.0.0.1#5335 -ipset=/.www.kindleren.com/gfwlist -server=/.www.klip.me/127.0.0.1#5335 -ipset=/.www.klip.me/gfwlist -server=/.www.lamenhu.com/127.0.0.1#5335 -ipset=/.www.lamenhu.com/gfwlist -server=/.www.linksalpha.com/127.0.0.1#5335 -ipset=/.www.linksalpha.com/gfwlist -server=/.www.monlamit.org/127.0.0.1#5335 -ipset=/.www.monlamit.org/gfwlist -server=/.www.moztw.org/127.0.0.1#5335 -ipset=/.www.moztw.org/gfwlist -server=/.www.orchidbbs.com/127.0.0.1#5335 -ipset=/.www.orchidbbs.com/gfwlist -server=/.www.owind.com/127.0.0.1#5335 -ipset=/.www.owind.com/gfwlist -server=/.www.oxid.it/127.0.0.1#5335 -ipset=/.www.oxid.it/gfwlist -server=/.www.powerpointninja.com/127.0.0.1#5335 -ipset=/.www.powerpointninja.com/gfwlist -server=/.www.s4miniarchive.com/127.0.0.1#5335 -ipset=/.www.s4miniarchive.com/gfwlist -server=/.www.shadowsocks.com/127.0.0.1#5335 -ipset=/.www.shadowsocks.com/gfwlist -server=/.www.shwchurch.org/127.0.0.1#5335 -ipset=/.www.shwchurch.org/gfwlist -server=/.www.taup.org.tw/127.0.0.1#5335 -ipset=/.www.taup.org.tw/gfwlist -server=/.www.wan-press.org/127.0.0.1#5335 -ipset=/.www.wan-press.org/gfwlist -server=/.www.wangruowang.org/127.0.0.1#5335 -ipset=/.www.wangruowang.org/gfwlist -server=/.www.websnapr.com/127.0.0.1#5335 -ipset=/.www.websnapr.com/gfwlist -server=/.www1.biz/127.0.0.1#5335 -ipset=/.www1.biz/gfwlist -server=/.wwwhost.biz/127.0.0.1#5335 -ipset=/.wwwhost.biz/gfwlist -server=/.x-art.com/127.0.0.1#5335 -ipset=/.x-art.com/gfwlist -server=/.x-berry.com/127.0.0.1#5335 -ipset=/.x-berry.com/gfwlist -server=/.x-wall.org/127.0.0.1#5335 -ipset=/.x-wall.org/gfwlist -server=/.x.company/127.0.0.1#5335 -ipset=/.x.company/gfwlist -server=/.x1949x.com/127.0.0.1#5335 -ipset=/.x1949x.com/gfwlist -server=/.x24hr.com/127.0.0.1#5335 -ipset=/.x24hr.com/gfwlist -server=/.x365x.com/127.0.0.1#5335 -ipset=/.x365x.com/gfwlist -server=/.xa.yimg.com/127.0.0.1#5335 -ipset=/.xa.yimg.com/gfwlist -server=/.xanga.com/127.0.0.1#5335 -ipset=/.xanga.com/gfwlist -server=/.xbabe.com/127.0.0.1#5335 -ipset=/.xbabe.com/gfwlist -server=/.xbookcn.com/127.0.0.1#5335 -ipset=/.xbookcn.com/gfwlist -server=/.xbtce.com/127.0.0.1#5335 -ipset=/.xbtce.com/gfwlist -server=/.xcafe.in/127.0.0.1#5335 -ipset=/.xcafe.in/gfwlist -server=/.xcity.jp/127.0.0.1#5335 -ipset=/.xcity.jp/gfwlist -server=/.xcritic.com/127.0.0.1#5335 -ipset=/.xcritic.com/gfwlist -server=/.xerotica.com/127.0.0.1#5335 -ipset=/.xerotica.com/gfwlist -server=/.xfinity.com/127.0.0.1#5335 -ipset=/.xfinity.com/gfwlist -server=/.xfm.pp.ru/127.0.0.1#5335 -ipset=/.xfm.pp.ru/gfwlist -server=/.xgmyd.com/127.0.0.1#5335 -ipset=/.xgmyd.com/gfwlist -server=/.xhamster.com/127.0.0.1#5335 -ipset=/.xhamster.com/gfwlist -server=/.xianba.net/127.0.0.1#5335 -ipset=/.xianba.net/gfwlist -server=/.xianchawang.net/127.0.0.1#5335 -ipset=/.xianchawang.net/gfwlist -server=/.xianjian.tw/127.0.0.1#5335 -ipset=/.xianjian.tw/gfwlist -server=/.xianqiao.net/127.0.0.1#5335 -ipset=/.xianqiao.net/gfwlist -server=/.xiaobaiwu.com/127.0.0.1#5335 -ipset=/.xiaobaiwu.com/gfwlist -server=/.xiaochuncnjp.com/127.0.0.1#5335 -ipset=/.xiaochuncnjp.com/gfwlist -server=/.xiaod.in/127.0.0.1#5335 -ipset=/.xiaod.in/gfwlist -server=/.xiaohexie.com/127.0.0.1#5335 -ipset=/.xiaohexie.com/gfwlist -server=/.xiaolan.me/127.0.0.1#5335 -ipset=/.xiaolan.me/gfwlist -server=/.xiaoma.org/127.0.0.1#5335 -ipset=/.xiaoma.org/gfwlist -server=/.xiezhua.com/127.0.0.1#5335 -ipset=/.xiezhua.com/gfwlist -server=/.xihua.es/127.0.0.1#5335 -ipset=/.xihua.es/gfwlist -server=/.xijie.wordpress.com/127.0.0.1#5335 -ipset=/.xijie.wordpress.com/gfwlist -server=/.xing.com/127.0.0.1#5335 -ipset=/.xing.com/gfwlist -server=/.xinhuanet.org/127.0.0.1#5335 -ipset=/.xinhuanet.org/gfwlist -server=/.xinmiao.com.hk/127.0.0.1#5335 -ipset=/.xinmiao.com.hk/gfwlist -server=/.xinqimeng.over-blog.com/127.0.0.1#5335 -ipset=/.xinqimeng.over-blog.com/gfwlist -server=/.xinsheng.net/127.0.0.1#5335 -ipset=/.xinsheng.net/gfwlist -server=/.xinshijue.com/127.0.0.1#5335 -ipset=/.xinshijue.com/gfwlist -server=/.xinyubbs.net/127.0.0.1#5335 -ipset=/.xinyubbs.net/gfwlist -server=/.xiongpian.com/127.0.0.1#5335 -ipset=/.xiongpian.com/gfwlist -server=/.xiuren.org/127.0.0.1#5335 -ipset=/.xiuren.org/gfwlist -server=/.xizang-zhiye.org/127.0.0.1#5335 -ipset=/.xizang-zhiye.org/gfwlist -server=/.xjp.cc/127.0.0.1#5335 -ipset=/.xjp.cc/gfwlist -server=/.xjtravelguide.com/127.0.0.1#5335 -ipset=/.xjtravelguide.com/gfwlist -server=/.xlfmtalk.com/127.0.0.1#5335 -ipset=/.xlfmtalk.com/gfwlist -server=/.xlfmwz.info/127.0.0.1#5335 -ipset=/.xlfmwz.info/gfwlist -server=/.xm.com/127.0.0.1#5335 -ipset=/.xm.com/gfwlist -server=/.xml-training-guide.com/127.0.0.1#5335 -ipset=/.xml-training-guide.com/gfwlist -server=/.xmovies.com/127.0.0.1#5335 -ipset=/.xmovies.com/gfwlist -server=/.xn--4gq171p.com/127.0.0.1#5335 -ipset=/.xn--4gq171p.com/gfwlist -server=/.xn--czq75pvv1aj5c.org/127.0.0.1#5335 -ipset=/.xn--czq75pvv1aj5c.org/gfwlist -server=/.xn--i2ru8q2qg.com/127.0.0.1#5335 -ipset=/.xn--i2ru8q2qg.com/gfwlist -server=/.xn--ngstr-lra8j.com/127.0.0.1#5335 -ipset=/.xn--ngstr-lra8j.com/gfwlist -server=/.xn--oiq.cc/127.0.0.1#5335 -ipset=/.xn--oiq.cc/gfwlist -server=/.xn--p8j9a0d9c9a.xn--q9jyb4c/127.0.0.1#5335 -ipset=/.xn--p8j9a0d9c9a.xn--q9jyb4c/gfwlist -server=/.xnxx.com/127.0.0.1#5335 -ipset=/.xnxx.com/gfwlist -server=/.xpdo.net/127.0.0.1#5335 -ipset=/.xpdo.net/gfwlist -server=/.xpud.org/127.0.0.1#5335 -ipset=/.xpud.org/gfwlist -server=/.xrentdvd.com/127.0.0.1#5335 -ipset=/.xrentdvd.com/gfwlist -server=/.xskywalker.com/127.0.0.1#5335 -ipset=/.xskywalker.com/gfwlist -server=/.xskywalker.net/127.0.0.1#5335 -ipset=/.xskywalker.net/gfwlist -server=/.xtube.com/127.0.0.1#5335 -ipset=/.xtube.com/gfwlist -server=/.xuchao.net/127.0.0.1#5335 -ipset=/.xuchao.net/gfwlist -server=/.xuchao.org/127.0.0.1#5335 -ipset=/.xuchao.org/gfwlist -server=/.xuehua.us/127.0.0.1#5335 -ipset=/.xuehua.us/gfwlist -server=/.xuzhiyong.net/127.0.0.1#5335 -ipset=/.xuzhiyong.net/gfwlist -server=/.xvideo.cc/127.0.0.1#5335 -ipset=/.xvideo.cc/gfwlist -server=/.xvideos-cdn.com/127.0.0.1#5335 -ipset=/.xvideos-cdn.com/gfwlist -server=/.xvideos.com/127.0.0.1#5335 -ipset=/.xvideos.com/gfwlist -server=/.xvideos.es/127.0.0.1#5335 -ipset=/.xvideos.es/gfwlist -server=/.xxbbx.com/127.0.0.1#5335 -ipset=/.xxbbx.com/gfwlist -server=/.xxlmovies.com/127.0.0.1#5335 -ipset=/.xxlmovies.com/gfwlist -server=/.xxuz.com/127.0.0.1#5335 -ipset=/.xxuz.com/gfwlist -server=/.xxx.com/127.0.0.1#5335 -ipset=/.xxx.com/gfwlist -server=/.xxx.xxx/127.0.0.1#5335 -ipset=/.xxx.xxx/gfwlist -server=/.xxxfuckmom.com/127.0.0.1#5335 -ipset=/.xxxfuckmom.com/gfwlist -server=/.xxxx.com.au/127.0.0.1#5335 -ipset=/.xxxx.com.au/gfwlist -server=/.xxxy.biz/127.0.0.1#5335 -ipset=/.xxxy.biz/gfwlist -server=/.xxxy.info/127.0.0.1#5335 -ipset=/.xxxy.info/gfwlist -server=/.xxxymovies.com/127.0.0.1#5335 -ipset=/.xxxymovies.com/gfwlist -server=/.xys.dxiong.com/127.0.0.1#5335 -ipset=/.xys.dxiong.com/gfwlist -server=/.xys.org/127.0.0.1#5335 -ipset=/.xys.org/gfwlist -server=/.xysblogs.org/127.0.0.1#5335 -ipset=/.xysblogs.org/gfwlist -server=/.xyy69.com/127.0.0.1#5335 -ipset=/.xyy69.com/gfwlist -server=/.xyy69.info/127.0.0.1#5335 -ipset=/.xyy69.info/gfwlist -server=/.yahoo.com.hk/127.0.0.1#5335 -ipset=/.yahoo.com.hk/gfwlist -server=/.yakbutterblues.com/127.0.0.1#5335 -ipset=/.yakbutterblues.com/gfwlist -server=/.yam.com/127.0.0.1#5335 -ipset=/.yam.com/gfwlist -server=/.yam.org.tw/127.0.0.1#5335 -ipset=/.yam.org.tw/gfwlist -server=/.yanghengjun.com/127.0.0.1#5335 -ipset=/.yanghengjun.com/gfwlist -server=/.yangjianli.com/127.0.0.1#5335 -ipset=/.yangjianli.com/gfwlist -server=/.yasni.co.uk/127.0.0.1#5335 -ipset=/.yasni.co.uk/gfwlist -server=/.ydy.com/127.0.0.1#5335 -ipset=/.ydy.com/gfwlist -server=/.yeahteentube.com/127.0.0.1#5335 -ipset=/.yeahteentube.com/gfwlist -server=/.yecl.net/127.0.0.1#5335 -ipset=/.yecl.net/gfwlist -server=/.yeelou.com/127.0.0.1#5335 -ipset=/.yeelou.com/gfwlist -server=/.yeeyi.com/127.0.0.1#5335 -ipset=/.yeeyi.com/gfwlist -server=/.yegle.net/127.0.0.1#5335 -ipset=/.yegle.net/gfwlist -server=/.yes-news.com/127.0.0.1#5335 -ipset=/.yes-news.com/gfwlist -server=/.yes.xxx/127.0.0.1#5335 -ipset=/.yes.xxx/gfwlist -server=/.yes123.com.tw/127.0.0.1#5335 -ipset=/.yes123.com.tw/gfwlist -server=/.yesasia.com/127.0.0.1#5335 -ipset=/.yesasia.com/gfwlist -server=/.yespornplease.com/127.0.0.1#5335 -ipset=/.yespornplease.com/gfwlist -server=/.yeyeclub.com/127.0.0.1#5335 -ipset=/.yeyeclub.com/gfwlist -server=/.ygto.com/127.0.0.1#5335 -ipset=/.ygto.com/gfwlist -server=/.yhcw.net/127.0.0.1#5335 -ipset=/.yhcw.net/gfwlist -server=/.yibada.com/127.0.0.1#5335 -ipset=/.yibada.com/gfwlist -server=/.yibaochina.com/127.0.0.1#5335 -ipset=/.yibaochina.com/gfwlist -server=/.yidio.com/127.0.0.1#5335 -ipset=/.yidio.com/gfwlist -server=/.yigeni.com/127.0.0.1#5335 -ipset=/.yigeni.com/gfwlist -server=/.yilubbs.com/127.0.0.1#5335 -ipset=/.yilubbs.com/gfwlist -server=/.yingsuoss.com/127.0.0.1#5335 -ipset=/.yingsuoss.com/gfwlist -server=/.yipub.com/127.0.0.1#5335 -ipset=/.yipub.com/gfwlist -server=/.yizhihongxing.com/127.0.0.1#5335 -ipset=/.yizhihongxing.com/gfwlist -server=/.yobit.net/127.0.0.1#5335 -ipset=/.yobit.net/gfwlist -server=/.yobt.com/127.0.0.1#5335 -ipset=/.yobt.com/gfwlist -server=/.yobt.tv/127.0.0.1#5335 -ipset=/.yobt.tv/gfwlist -server=/.yogichen.org/127.0.0.1#5335 -ipset=/.yogichen.org/gfwlist -server=/.yolasite.com/127.0.0.1#5335 -ipset=/.yolasite.com/gfwlist -server=/.yomiuri.co.jp/127.0.0.1#5335 -ipset=/.yomiuri.co.jp/gfwlist -server=/.yong.hu/127.0.0.1#5335 -ipset=/.yong.hu/gfwlist -server=/.yorkbbs.ca/127.0.0.1#5335 -ipset=/.yorkbbs.ca/gfwlist -server=/.you-get.org/127.0.0.1#5335 -ipset=/.you-get.org/gfwlist -server=/.youdontcare.com/127.0.0.1#5335 -ipset=/.youdontcare.com/gfwlist -server=/.youjizz.com/127.0.0.1#5335 -ipset=/.youjizz.com/gfwlist -server=/.youmaker.com/127.0.0.1#5335 -ipset=/.youmaker.com/gfwlist -server=/.youngpornvideos.com/127.0.0.1#5335 -ipset=/.youngpornvideos.com/gfwlist -server=/.youngspiration.hk/127.0.0.1#5335 -ipset=/.youngspiration.hk/gfwlist -server=/.youpai.org/127.0.0.1#5335 -ipset=/.youpai.org/gfwlist -server=/.youporn.com/127.0.0.1#5335 -ipset=/.youporn.com/gfwlist -server=/.youporngay.com/127.0.0.1#5335 -ipset=/.youporngay.com/gfwlist -server=/.your-freedom.net/127.0.0.1#5335 -ipset=/.your-freedom.net/gfwlist -server=/.yourepeat.com/127.0.0.1#5335 -ipset=/.yourepeat.com/gfwlist -server=/.yourlisten.com/127.0.0.1#5335 -ipset=/.yourlisten.com/gfwlist -server=/.yourlust.com/127.0.0.1#5335 -ipset=/.yourlust.com/gfwlist -server=/.yourprivatevpn.com/127.0.0.1#5335 -ipset=/.yourprivatevpn.com/gfwlist -server=/.yourtrap.com/127.0.0.1#5335 -ipset=/.yourtrap.com/gfwlist -server=/.yousendit.com/127.0.0.1#5335 -ipset=/.yousendit.com/gfwlist -server=/.youshun12.com/127.0.0.1#5335 -ipset=/.youshun12.com/gfwlist -server=/.youtu.be/127.0.0.1#5335 -ipset=/.youtu.be/gfwlist -server=/.youtube-nocookie.com/127.0.0.1#5335 -ipset=/.youtube-nocookie.com/gfwlist -server=/.youtube.com/127.0.0.1#5335 -ipset=/.youtube.com/gfwlist -server=/.youtubecn.com/127.0.0.1#5335 -ipset=/.youtubecn.com/gfwlist -server=/.youtubeeducation.com/127.0.0.1#5335 -ipset=/.youtubeeducation.com/gfwlist -server=/.youtubegaming.com/127.0.0.1#5335 -ipset=/.youtubegaming.com/gfwlist -server=/.youversion.com/127.0.0.1#5335 -ipset=/.youversion.com/gfwlist -server=/.youwin.com/127.0.0.1#5335 -ipset=/.youwin.com/gfwlist -server=/.youxu.info/127.0.0.1#5335 -ipset=/.youxu.info/gfwlist -server=/.yt.be/127.0.0.1#5335 -ipset=/.yt.be/gfwlist -server=/.ytht.net/127.0.0.1#5335 -ipset=/.ytht.net/gfwlist -server=/.ytimg.com/127.0.0.1#5335 -ipset=/.ytimg.com/gfwlist -server=/.ytn.co.kr/127.0.0.1#5335 -ipset=/.ytn.co.kr/gfwlist -server=/.yuanming.net/127.0.0.1#5335 -ipset=/.yuanming.net/gfwlist -server=/.yuanzhengtang.org/127.0.0.1#5335 -ipset=/.yuanzhengtang.org/gfwlist -server=/.yulghun.com/127.0.0.1#5335 -ipset=/.yulghun.com/gfwlist -server=/.yunchao.net/127.0.0.1#5335 -ipset=/.yunchao.net/gfwlist -server=/.yuntipub.com/127.0.0.1#5335 -ipset=/.yuntipub.com/gfwlist -server=/.yuvutu.com/127.0.0.1#5335 -ipset=/.yuvutu.com/gfwlist -server=/.yvesgeleyn.com/127.0.0.1#5335 -ipset=/.yvesgeleyn.com/gfwlist -server=/.yx51.net/127.0.0.1#5335 -ipset=/.yx51.net/gfwlist -server=/.yyii.org/127.0.0.1#5335 -ipset=/.yyii.org/gfwlist -server=/.yzzk.com/127.0.0.1#5335 -ipset=/.yzzk.com/gfwlist -server=/.zacebook.com/127.0.0.1#5335 -ipset=/.zacebook.com/gfwlist -server=/.zalmos.com/127.0.0.1#5335 -ipset=/.zalmos.com/gfwlist -server=/.zannel.com/127.0.0.1#5335 -ipset=/.zannel.com/gfwlist -server=/.zaobao.com/127.0.0.1#5335 -ipset=/.zaobao.com/gfwlist -server=/.zaozon.com/127.0.0.1#5335 -ipset=/.zaozon.com/gfwlist -server=/.zapto.org/127.0.0.1#5335 -ipset=/.zapto.org/gfwlist -server=/.zattoo.com/127.0.0.1#5335 -ipset=/.zattoo.com/gfwlist -server=/.zb.com/127.0.0.1#5335 -ipset=/.zb.com/gfwlist -server=/.zdnet.com.tw/127.0.0.1#5335 -ipset=/.zdnet.com.tw/gfwlist -server=/.zello.com/127.0.0.1#5335 -ipset=/.zello.com/gfwlist -server=/.zengjinyan.org/127.0.0.1#5335 -ipset=/.zengjinyan.org/gfwlist -server=/.zenmate.com/127.0.0.1#5335 -ipset=/.zenmate.com/gfwlist -server=/.zeronet.io/127.0.0.1#5335 -ipset=/.zeronet.io/gfwlist -server=/.zeutch.com/127.0.0.1#5335 -ipset=/.zeutch.com/gfwlist -server=/.zfreet.com/127.0.0.1#5335 -ipset=/.zfreet.com/gfwlist -server=/.zgsddh.com/127.0.0.1#5335 -ipset=/.zgsddh.com/gfwlist -server=/.zgzcjj.net/127.0.0.1#5335 -ipset=/.zgzcjj.net/gfwlist -server=/.zh.bitterwinter.org/127.0.0.1#5335 -ipset=/.zh.bitterwinter.org/gfwlist -server=/.zh.ecdm.wikia.com/127.0.0.1#5335 -ipset=/.zh.ecdm.wikia.com/gfwlist -server=/.zh.pokerstrategy.com/127.0.0.1#5335 -ipset=/.zh.pokerstrategy.com/gfwlist -server=/.zh.uncyclopedia.wikia.com/127.0.0.1#5335 -ipset=/.zh.uncyclopedia.wikia.com/gfwlist -server=/.zh.wikinews.org/127.0.0.1#5335 -ipset=/.zh.wikinews.org/gfwlist -server=/.zhanbin.net/127.0.0.1#5335 -ipset=/.zhanbin.net/gfwlist -server=/.zhangboli.net/127.0.0.1#5335 -ipset=/.zhangboli.net/gfwlist -server=/.zhangtianliang.com/127.0.0.1#5335 -ipset=/.zhangtianliang.com/gfwlist -server=/.zhanlve.org/127.0.0.1#5335 -ipset=/.zhanlve.org/gfwlist -server=/.zhao.1984.city/127.0.0.1#5335 -ipset=/.zhao.1984.city/gfwlist -server=/.zhao.jinhai.de/127.0.0.1#5335 -ipset=/.zhao.jinhai.de/gfwlist -server=/.zhenghui.org/127.0.0.1#5335 -ipset=/.zhenghui.org/gfwlist -server=/.zhengjian.org/127.0.0.1#5335 -ipset=/.zhengjian.org/gfwlist -server=/.zhengwunet.org/127.0.0.1#5335 -ipset=/.zhengwunet.org/gfwlist -server=/.zhenlibu.info/127.0.0.1#5335 -ipset=/.zhenlibu.info/gfwlist -server=/.zhenlibu1984.com/127.0.0.1#5335 -ipset=/.zhenlibu1984.com/gfwlist -server=/.zhenxiang.biz/127.0.0.1#5335 -ipset=/.zhenxiang.biz/gfwlist -server=/.zhinengluyou.com/127.0.0.1#5335 -ipset=/.zhinengluyou.com/gfwlist -server=/.zhongguo.ca/127.0.0.1#5335 -ipset=/.zhongguo.ca/gfwlist -server=/.zhongguorenquan.org/127.0.0.1#5335 -ipset=/.zhongguorenquan.org/gfwlist -server=/.zhongguotese.net/127.0.0.1#5335 -ipset=/.zhongguotese.net/gfwlist -server=/.zhongmeng.org/127.0.0.1#5335 -ipset=/.zhongmeng.org/gfwlist -server=/.zhoushuguang.com/127.0.0.1#5335 -ipset=/.zhoushuguang.com/gfwlist -server=/.zhreader.com/127.0.0.1#5335 -ipset=/.zhreader.com/gfwlist -server=/.zhuangbi.me/127.0.0.1#5335 -ipset=/.zhuangbi.me/gfwlist -server=/.zhuanxing.cn/127.0.0.1#5335 -ipset=/.zhuanxing.cn/gfwlist -server=/.zhuatieba.com/127.0.0.1#5335 -ipset=/.zhuatieba.com/gfwlist -server=/.zhuichaguoji.org/127.0.0.1#5335 -ipset=/.zhuichaguoji.org/gfwlist -server=/.zillionk.com/127.0.0.1#5335 -ipset=/.zillionk.com/gfwlist -server=/.zim.vn/127.0.0.1#5335 -ipset=/.zim.vn/gfwlist -server=/.zinio.com/127.0.0.1#5335 -ipset=/.zinio.com/gfwlist -server=/.ziporn.com/127.0.0.1#5335 -ipset=/.ziporn.com/gfwlist -server=/.zippyshare.com/127.0.0.1#5335 -ipset=/.zippyshare.com/gfwlist -server=/.zkaip.com/127.0.0.1#5335 -ipset=/.zkaip.com/gfwlist -server=/.zmw.cn/127.0.0.1#5335 -ipset=/.zmw.cn/gfwlist -server=/.zodgame.us/127.0.0.1#5335 -ipset=/.zodgame.us/gfwlist -server=/.zomobo.net/127.0.0.1#5335 -ipset=/.zomobo.net/gfwlist -server=/.zonaeuropa.com/127.0.0.1#5335 -ipset=/.zonaeuropa.com/gfwlist -server=/.zonghexinwen.com/127.0.0.1#5335 -ipset=/.zonghexinwen.com/gfwlist -server=/.zonghexinwen.net/127.0.0.1#5335 -ipset=/.zonghexinwen.net/gfwlist -server=/.zoogvpn.com/127.0.0.1#5335 -ipset=/.zoogvpn.com/gfwlist -server=/.zootool.com/127.0.0.1#5335 -ipset=/.zootool.com/gfwlist -server=/.zoozle.net/127.0.0.1#5335 -ipset=/.zoozle.net/gfwlist -server=/.zorrovpn.com/127.0.0.1#5335 -ipset=/.zorrovpn.com/gfwlist -server=/.zozotown.com/127.0.0.1#5335 -ipset=/.zozotown.com/gfwlist -server=/.zpn.im/127.0.0.1#5335 -ipset=/.zpn.im/gfwlist -server=/.zspeeder.me/127.0.0.1#5335 -ipset=/.zspeeder.me/gfwlist -server=/.zsrhao.com/127.0.0.1#5335 -ipset=/.zsrhao.com/gfwlist -server=/.zuo.la/127.0.0.1#5335 -ipset=/.zuo.la/gfwlist -server=/.zuobiao.me/127.0.0.1#5335 -ipset=/.zuobiao.me/gfwlist -server=/.zuola.com/127.0.0.1#5335 -ipset=/.zuola.com/gfwlist -server=/.zvereff.com/127.0.0.1#5335 -ipset=/.zvereff.com/gfwlist -server=/.zynaima.com/127.0.0.1#5335 -ipset=/.zynaima.com/gfwlist -server=/.zynamics.com/127.0.0.1#5335 -ipset=/.zynamics.com/gfwlist -server=/.zyns.com/127.0.0.1#5335 -ipset=/.zyns.com/gfwlist -server=/.zyzc9.com/127.0.0.1#5335 -ipset=/.zyzc9.com/gfwlist -server=/.zzcartoon.com/127.0.0.1#5335 -ipset=/.zzcartoon.com/gfwlist -server=/.zzcloud.me/127.0.0.1#5335 -ipset=/.zzcloud.me/gfwlist -server=/.zzux.com/127.0.0.1#5335 -ipset=/.zzux.com/gfwlist diff --git a/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr b/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr deleted file mode 100755 index f45565ec..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/init.d/shadowsocksr +++ /dev/null @@ -1,754 +0,0 @@ -#!/bin/sh /etc/rc.common -# -# Copyright (C) 2017 openwrt-ssr -# Copyright (C) 2017 yushi studio -# Copyright (C) 2018 lean -# -# This is free software, licensed under the GNU General Public License v3. -# See /LICENSE for more information. -# - -START=95 -STOP=15 - -SERVICE_DAEMONIZE=1 -NAME=shadowsocksr -EXTRA_COMMANDS=rules -CONFIG_FILE=/var/etc/${NAME}.json -CONFIG_UDP_FILE=/var/etc/${NAME}_u.json -CONFIG_SOCK5_FILE=/var/etc/${NAME}_s.json -CONFIG_NETFLIX_FILE=/var/etc/${NAME}_n.json -server_count=0 -redir_tcp=0 -redir_udp=0 -tunnel_enable=0 -local_enable=0 -kcp_enable_flag=0 -kcp_flag=0 -pdnsd_enable_flag=0 -switch_enable=0 -switch_server=$1 -MAXFD=32768 -CRON_FILE=/etc/crontabs/root -threads=1 - -uci_get_by_name() { - local ret=$(uci get $NAME.$1.$2 2>/dev/null) - echo ${ret:=$3} -} - -uci_get_by_type() { - local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null) - echo ${ret:=$3} -} - -uci_get_by_cfgid() { - local ret=$(uci show $NAME.@$1[0].$2 | awk -F '.' '{print $2}' 2>/dev/null) - echo ${ret:=$3} -} - -check_host() { - local host=$1 - if echo $host | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then - hostip=$host - elif [ "$host" != "${host#*:[0-9a-fA-F]}" ]; then - hostip=$host - else - hostip=$(ping $host -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1) - if echo $hostip | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then - hostip=$hostip - else - hostip="127.0.0.1" - fi - fi - echo -e $hostip -} - -add_cron() { - sed -i '/shadowsocksr/d' $CRON_FILE - sed -i '/ssrplus.log/d' $CRON_FILE && echo '0 1 * * * echo "" > /tmp/ssrplus.log' >>$CRON_FILE - [ $(uci_get_by_type server_subscribe auto_update 0) -eq 1 ] && echo "0 $(uci_get_by_type server_subscribe auto_update_time) * * * /usr/share/shadowsocksr/ssrplusupdate.sh >> /tmp/ssrplus.log 2>&1" >>$CRON_FILE - - crontab $CRON_FILE -} - -del_cron() { - sed -i '/shadowsocksr/d' $CRON_FILE - sed -i '/ssrplus.log/d' $CRON_FILE - /etc/init.d/cron restart -} - -run_mode=$(uci_get_by_type global run_mode) - -gen_config_file() { - local host=$(uci_get_by_name $1 server) - if echo $host | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then - hostip=$host - elif [ "$host" != "${host#*:[0-9a-fA-F]}" ]; then - hostip=$host - else - hostip=$(ping $host -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1) - if echo $hostip | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then - hostip=$hostip - else - hostip=$(cat /etc/ssr_ip) - fi - fi - [ "$2" == "0" -a "$kcp_flag" == "1" ] && hostip="127.0.0.1" - if [ "$2" == "0" ]; then - config_file=$CONFIG_FILE - elif [ "$2" == "1" ]; then - config_file=$CONFIG_UDP_FILE - elif [ "$2" == "2" ]; then - config_file=$CONFIG_NETFLIX_FILE - else - config_file=$CONFIG_SOCK5_FILE - fi - if [ $(uci_get_by_name $1 fast_open 0) == "1" ]; then - fastopen="true" - else - fastopen="false" - fi - local stype=$(uci_get_by_name $1 type) - if [ "$stype" == "ss" ]; then - cat <<-EOF >$config_file - { - "server": "$hostip", - "server_port": $(uci_get_by_name $1 server_port), - "local_address": "0.0.0.0", - "local_port": $3, - "password": "$(uci_get_by_name $1 password)", - "timeout": $(uci_get_by_name $1 timeout 60), - "method": "$(uci_get_by_name $1 encrypt_method_ss)", - "reuse_port": true, - "fast_open": $fastopen - } - EOF - local plugin=$(uci_get_by_name $1 plugin) - if [ -n "$plugin" ]; then - if [ "$plugin" == "simple-obfs" ]; then - plugin="obfs-local" - fi - if [ -x "/usr/bin/$plugin" ]; then - sed -i "s@$hostip\",@$hostip\",\n\"plugin\": \"$plugin\",\n\"plugin_opts\": \"$(uci_get_by_name $1 plugin_opts)\",@" $config_file - else - echo "$(date "+%Y-%m-%d %H:%M:%S") Warning!!! SIP003 plugin $plugin not found!!!" >>/tmp/ssrplus.log - fi - fi - elif [ "$stype" == "ssr" ]; then - cat <<-EOF >$config_file - { - "server": "$hostip", - "server_port": $(uci_get_by_name $1 server_port), - "local_address": "0.0.0.0", - "local_port": $3, - "password": "$(uci_get_by_name $1 password)", - "timeout": $(uci_get_by_name $1 timeout 60), - "method": "$(uci_get_by_name $1 encrypt_method)", - "protocol": "$(uci_get_by_name $1 protocol)", - "protocol_param": "$(uci_get_by_name $1 protocol_param)", - "obfs": "$(uci_get_by_name $1 obfs)", - "obfs_param": "$(uci_get_by_name $1 obfs_param)", - "reuse_port": true, - "fast_open": $fastopen - } - EOF - elif [ "$stype" == "v2ray" ]; then - lua /usr/share/shadowsocksr/genv2config.lua $GLOBAL_SERVER tcp $(uci_get_by_name $1 local_port) >/var/etc/v2-ssr-retcp.json - sed -i 's/\\//g' /var/etc/v2-ssr-retcp.json - elif [ "$stype" == "trojan" ]; then - lua /usr/share/shadowsocksr/gentrojanconfig.lua $GLOBAL_SERVER nat $(uci_get_by_name $1 local_port) >/var/etc/trojan-ssr-retcp.json - sed -i 's/\\//g' /var/etc/trojan-ssr-retcp.json - fi -} - -get_arg_out() { - case "$(uci_get_by_type access_control router_proxy 1)" in - 1) echo "-o" ;; - 2) echo "-O" ;; - esac -} - -start_rules() { - local server=$(uci_get_by_name $GLOBAL_SERVER server) - #resolve name - if echo $server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then - server=$server - elif [ "$server" != "${server#*:[0-9a-fA-F]}" ]; then - server=$server - else - server=$(ping $server -W 1 -s 1 -c 1 | grep PING | cut -d'(' -f 2 | cut -d')' -f1) - if echo $server | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then - echo $server >/etc/ssr_ip - else - server=$(cat /etc/ssr_ip) - fi - fi - kcp_server=$server - local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable 0) - if [ $kcp_enable == "1" ]; then - kcp_flag=1 - fi - local local_port=$(uci_get_by_name $GLOBAL_SERVER local_port) - local lan_ac_ips=$(uci_get_by_type access_control lan_ac_ips) - local lan_ac_mode=$(uci_get_by_type access_control lan_ac_mode) - local router_proxy=$(uci_get_by_type access_control router_proxy) - if [ "$GLOBAL_SERVER" == "$UDP_RELAY_SERVER" -a "$kcp_flag" == "0" ]; then - ARG_UDP="-u" - elif [ -n "$UDP_RELAY_SERVER" ]; then - ARG_UDP="-U" - local udp_server=$(uci_get_by_name $UDP_RELAY_SERVER server) - local udp_local_port=$(uci_get_by_name $UDP_RELAY_SERVER local_port) - fi - if [ -n "$lan_ac_ips" ]; then - case "$lan_ac_mode" in - w | W | b | B) local ac_ips="$lan_ac_mode$lan_ac_ips" ;; - esac - fi - - #deal gfw firewall rule - local gfwmode="" - if [ "$run_mode" == "gfw" ]; then - gfwmode="-g" - elif [ "$run_mode" == "router" ]; then - gfwmode="-r" - elif [ "$run_mode" == "oversea" ]; then - gfwmode="-c" - elif [ "$run_mode" == "all" ]; then - gfwmode="-z" - fi - local dports=$(uci_get_by_type global dports 1) - if [ $dports == "1" ]; then - proxyport=" " - else - proxyport="-m multiport --dports 22,53,587,465,995,993,143,80,443" - fi - if [ "$NETFLIX_SERVER" != "nil" ]; then - if [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then - netflix="1" - else - netflix="2" - fi - else - netflix="0" - fi - netflix_ip=$(check_host $(uci_get_by_name $NETFLIX_SERVER server 127.0.0.1)) - /usr/bin/ssr-rules \ - -s "$server" \ - -l "$local_port" \ - -S "$udp_server" \ - -L "$udp_local_port" \ - -a "$ac_ips" \ - -i "$(uci_get_by_type access_control wan_bp_list)" \ - -b "$(uci_get_by_type access_control wan_bp_ips)" \ - -w "$(uci_get_by_type access_control wan_fw_ips)" \ - -B "$(uci_get_by_type access_control lan_bp_ips)" \ - -p "$(uci_get_by_type access_control lan_fp_ips)" \ - -G "$(uci_get_by_type access_control lan_gm_ips)" \ - -D "$proxyport" \ - -F "$netflix" \ - -N "$netflix_ip" \ - -M "$(uci_get_by_type global netflix_proxy 0)" \ - $(get_arg_out) $gfwmode $ARG_UDP - return $? -} - -start_pdnsd() { - local usr_dns="$1" - local usr_port="$2" - local tcp_dns_list="208.67.222.222, 208.67.220.220" - [ -z "$usr_dns" ] && usr_dns="8.8.8.8" - [ -z "$usr_port" ] && usr_port="53" - [ -d /var/etc ] || mkdir -p /var/etc - if [ ! -d /var/pdnsd ]; then - mkdir -p /var/pdnsd - echo -ne "pd13\000\000\000\000" >/var/pdnsd/pdnsd.cache - chown -R nobody:nogroup /var/pdnsd - fi - cat <<-EOF >/var/etc/pdnsd.conf - global{ - perm_cache=1024; - cache_dir="/var/pdnsd"; - pid_file="/var/run/pdnsd.pid"; - run_as="nobody"; - server_ip=127.0.0.1; - server_port=5335; - status_ctl=on; - query_method=tcp_only; - min_ttl=1h; - max_ttl=1w; - timeout=10; - neg_domain_pol=on; - proc_limit=2; - procq_limit=8; - par_queries=1; - } - server{ - label="ssr-usrdns"; - ip=$usr_dns; - port=$usr_port; - timeout=6; - uptest=none; - interval=10m; - purge_cache=off; - } - EOF - /usr/sbin/pdnsd -c /var/etc/pdnsd.conf & -} - -start_redir() { - case "$(uci_get_by_name $GLOBAL_SERVER auth_enable)" in - 1 | on | true | yes | enabled) ARG_OTA="-A" ;; - *) ARG_OTA="" ;; - esac - #deal kcp - local kcp_enable=$(uci_get_by_name $GLOBAL_SERVER kcp_enable 0) - if [ "$kcp_enable" == "1" ]; then - [ ! -f "/usr/bin/kcptun-client" ] && return 1 - local kcp_str=$(/usr/bin/kcptun-client -v | grep kcptun | wc -l) - [ "0" == "$kcp_str" ] && return 1 - local kcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port) - local server_port=$(uci_get_by_name $GLOBAL_SERVER server_port) - local password=$(uci_get_by_name $GLOBAL_SERVER kcp_password) - local kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param) - [ "$password" != "" ] && password="--key "$password - service_start /usr/bin/kcptun-client \ - -r $kcp_server:$kcp_port \ - -l :$server_port $password $kcp_param - kcp_enable_flag=1 - fi - - gen_config_file $GLOBAL_SERVER 0 $(uci_get_by_name $GLOBAL_SERVER local_port 1234) - local stype=$(uci_get_by_name $GLOBAL_SERVER type) - if [ "$stype" == "ss" ]; then - sscmd="/usr/bin/ss-redir" - elif [ "$stype" == "ssr" ]; then - sscmd="/usr/bin/ssr-redir" - elif [ "$stype" == "v2ray" ]; then - sscmd="/usr/bin/v2ray/v2ray" - [ ! -f "$sscmd" ] && sscmd="/usr/bin/v2ray" - elif [ "$stype" == "trojan" ]; then - sscmd="/usr/sbin/trojan" - elif [ "$stype" == "socks5" ]; then - sscmd="/usr/sbin/redsocks2" - elif [ "$stype" == "tun" ]; then - sscmd="/usr/sbin/redsocks2" - fi - - local ntype=$(uci_get_by_name $NETFLIX_SERVER type) - if [ "$ntype" == "ss" ]; then - ncmd="/usr/bin/ss-redir" - sssock="/usr/bin/ss-local" - elif [ "$ntype" == "ssr" ]; then - ncmd="/usr/bin/ssr-redir" - sssock="/usr/bin/ssr-local" - elif [ "$ntype" == "v2ray" ]; then - ncmd="/usr/bin/v2ray/v2ray" - [ ! -f "$ncmd" ] && ncmd="/usr/bin/v2ray" - elif [ "$ntype" == "trojan" ]; then - ncmd="/usr/sbin/trojan" - elif [ "$ntype" == "socks5" ]; then - ncmd="/usr/sbin/redsocks2" - elif [ "$ntype" == "tun" ]; then - ncmd="/usr/sbin/redsocks2" - fi - - local utype=$(uci_get_by_name $UDP_RELAY_SERVER type) - if [ "$utype" == "ss" ]; then - ucmd="/usr/bin/ss-redir" - elif [ "$utype" == "ssr" ]; then - ucmd="/usr/bin/ssr-redir" - elif [ "$utype" == "v2ray" ]; then - ucmd="/usr/bin/v2ray/v2ray" - [ ! -f "$ucmd" ] && ucmd="/usr/bin/v2ray" - elif [ "$utype" == "trojan" ]; then - ucmd="/usr/sbin/trojan" - elif [ "$stype" == "socks5" ]; then - ucmd="/usr/sbin/redsocks2" - elif [ "$stype" == "tun" ]; then - ucmd="/usr/sbin/redsocks2" - fi - if [ "$(uci_get_by_type global threads 0)" == "0" ]; then - threads=$(cat /proc/cpuinfo | grep 'processor' | wc -l) - else - threads=$(uci_get_by_type global threads) - fi - - if [ "$stype" == "ss" -o "$stype" == "ssr" ]; then - local last_config_file=$CONFIG_FILE - local pid_file="/var/run/ssr-retcp.pid" - for i in $(seq 1 $threads); do - $sscmd -c $CONFIG_FILE $ARG_OTA -f /var/run/ssr-retcp_$i.pid >/dev/null 2>&1 - done - echo "$(date "+%Y-%m-%d %H:%M:%S") Shadowsocks/ShadowsocksR $threads Threads Started!" >>/tmp/ssrplus.log - elif [ "$stype" == "v2ray" ]; then - $sscmd -config /var/etc/v2-ssr-retcp.json >/dev/null 2>&1 & - echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd -version | head -1) Started!" >>/tmp/ssrplus.log - elif [ "$stype" == "trojan" ]; then - for i in $(seq 1 $threads); do - $sscmd --config /var/etc/trojan-ssr-retcp.json >/dev/null 2>&1 & - done - echo "$(date "+%Y-%m-%d %H:%M:%S") $($sscmd --version 2>&1 | head -1) , $threads Threads Started!" >>/tmp/ssrplus.log - elif [ "$stype" == "socks5" ]; then - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-retcp.conf" socks5 tcp $(uci_get_by_name $GLOBAL_SERVER local_port) \ - $(check_host $(uci_get_by_name $GLOBAL_SERVER server)) $(uci_get_by_name $GLOBAL_SERVER server_port) \ - $(uci_get_by_name $GLOBAL_SERVER auth_enable 0) $(uci_get_by_name $GLOBAL_SERVER username) $(uci_get_by_name $GLOBAL_SERVER password) - for i in $(seq 1 $threads); do - $sscmd -c /var/etc/redsocks-ssr-retcp.conf >/dev/null 2>&1 - done - echo "$(date "+%Y-%m-%d %H:%M:%S") Socks5 REDIRECT/TPROXY $threads Threads Started!" >>/tmp/ssrplus.log - elif [ "$stype" == "tun" ]; then - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-retcp.conf" vpn $(uci_get_by_name $GLOBAL_SERVER iface "br-lan") $(uci_get_by_name $GLOBAL_SERVER local_port) - for i in $(seq 1 $threads); do - $sscmd -c /var/etc/redsocks-ssr-retcp.conf >/dev/null 2>&1 - done - echo "$(date "+%Y-%m-%d %H:%M:%S") Network Tunnel REDIRECT $threads Threads Started!" >>/tmp/ssrplus.log - fi - - if [ "$NETFLIX_SERVER" != "nil" ] && [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then - if [ "$ntype" == "ss" -o "$ntype" == "ssr" ]; then - gen_config_file $NETFLIX_SERVER 2 4321 - gen_config_file $NETFLIX_SERVER 3 1088 - $sssock -c /var/etc/shadowsocksr_s.json $ARG_OTA -f /var/run/ssr-socksdns.pid >/dev/null 2>&1 - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - $ncmd -c /var/etc/shadowsocksr_n.json $ARG_OTA -f /var/run/ssr-netflix.pid >/dev/null 2>&1 - elif [ "$ntype" == "v2ray" ]; then - lua /usr/share/shadowsocksr/genv2config.lua $NETFLIX_SERVER tcp 4321 1088 >/var/etc/v2-ssr-netflix.json - $ncmd -config /var/etc/v2-ssr-netflix.json >/dev/null 2>&1 & - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - elif [ "$ntype" == "trojan" ]; then - lua /usr/share/shadowsocksr/gentrojanconfig.lua $NETFLIX_SERVER nat 4321 >/var/etc/trojan-ssr-netflix.json - sed -i 's/\\//g' /var/etc/trojan-ssr-netflix.json - $ncmd --config /var/etc/trojan-ssr-netflix.json >/dev/null 2>&1 & - lua /usr/share/shadowsocksr/gentrojanconfig.lua $NETFLIX_SERVER client 1088 >/var/etc/trojan-ssr-socksdns.json - sed -i 's/\\//g' /var/etc/trojan-ssr-socksdns.json - $ncmd --config /var/etc/trojan-ssr-socksdns.json >/dev/null 2>&1 & - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - elif [ "$ntype" == "socks5" ]; then - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-netflix.conf" socks5 tcp 4321 \ - $(check_host $(uci_get_by_name $NETFLIX_SERVER server)) $(uci_get_by_name $NETFLIX_SERVER server_port) \ - $(uci_get_by_name $NETFLIX_SERVER auth_enable 0) $(uci_get_by_name $NETFLIX_SERVER username) $(uci_get_by_name $NETFLIX_SERVER password) - $ncmd -c /var/etc/redsocks-ssr-netflix.conf >/dev/null 2>&1 - microsocks -i 127.0.0.1 -p 1088 ssr-socksdns >/dev/null 2>&1 & - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - elif [ "$ntype" == "tun" ]; then - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-netflix.conf" vpn $(uci_get_by_name $NETFLIX_SERVER iface "br-lan") 4321 - $ncmd -c /var/etc/redsocks-ssr-netflix.conf >/dev/null 2>&1 - microsocks -i 127.0.0.1 -p 1088 ssr-socksdns >/dev/null 2>&1 & - dns2socks 127.0.0.1:1088 8.8.8.8:53 127.0.0.1:5555 -q >/dev/null 2>&1 & - fi - fi - - if [ -n "$UDP_RELAY_SERVER" ]; then - if [ "$utype" == "ss" -o "$utype" == "ssr" ]; then - case "$(uci_get_by_name $UDP_RELAY_SERVER auth_enable)" in - 1 | on | true | yes | enabled) ARG_OTA="-A" ;; - *) ARG_OTA="" ;; - esac - gen_config_file $UDP_RELAY_SERVER 1 $(uci_get_by_name $UDP_RELAY_SERVER local_port 1234) - last_config_file=$CONFIG_UDP_FILE - pid_file="/var/run/ssr-reudp.pid" - $ucmd -c $last_config_file $ARG_OTA -U -f /var/run/ssr-reudp.pid >/dev/null 2>&1 - elif [ "$utype" == "v2ray" ]; then - lua /usr/share/shadowsocksr/genv2config.lua $UDP_RELAY_SERVER udp $(uci_get_by_name $UDP_RELAY_SERVER local_port) >/var/etc/v2-ssr-reudp.json - sed -i 's/\\//g' /var/etc/v2-ssr-reudp.json - $ucmd -config /var/etc/v2-ssr-reudp.json >/dev/null 2>&1 & - elif [ "$stype" == "trojan" ]; then - lua /usr/share/shadowsocksr/gentrojanconfig.lua $GLOBAL_SERVER client 10801 >/var/etc/trojan-ssr-reudp.json - sed -i 's/\\//g' /var/etc/trojan-ssr-reudp.json - $ucmd --config /var/etc/trojan-ssr-reudp.json >/dev/null 2>&1 & - ipt2socks -U -b 0.0.0.0 -4 -s 127.0.0.1 -p 10801 -l $(uci_get_by_name $UDP_RELAY_SERVER local_port) >/dev/null 2>&1 & - elif [ "$utype" == "socks5" ]; then - /usr/share/shadowsocksr/genred2config.sh "/var/etc/redsocks-ssr-reudp.conf" socks5 udp $(uci_get_by_name $UDP_RELAY_SERVER local_port) \ - $(check_host $(uci_get_by_name $UDP_RELAY_SERVER server)) $(uci_get_by_name $UDP_RELAY_SERVER server_port) \ - $(uci_get_by_name $UDP_RELAY_SERVER auth_enable 0) $(uci_get_by_name $UDP_RELAY_SERVER username) $(uci_get_by_name $UDP_RELAY_SERVER password) - $ucmd -c /var/etc/redsocks-ssr-reudp.conf >/dev/null 2>&1 - elif [ "$stype" == "tun" ]; then - redir_udp=0 - echo "$(date "+%Y-%m-%d %H:%M:%S") Network Tunnel UDP TPROXY Relay not supported!" >>/tmp/ssrplus.log - fi - fi - #deal with dns - local ssr_dns="$(uci_get_by_type global pdnsd_enable 0)" - local dnsstr="$(uci_get_by_type global tunnel_forward 8.8.4.4:53)" - local dnsserver=$(echo "$dnsstr" | awk -F ':' '{print $1}') - local dnsport=$(echo "$dnsstr" | awk -F ':' '{print $2}') - if [ "$ssr_dns" != "0" ]; then # not use custom dns service - if [ "$run_mode" == "gfw" ]; then - ipset add gfwlist $dnsserver 2>/dev/null - elif [ "$run_mode" == "oversea" ]; then - ipset add oversea $dnsserver 2>/dev/null - else - ipset add ss_spec_wan_ac $dnsserver nomatch 2>/dev/null - fi - fi - if [ "$ssr_dns" == "1" ]; then - start_pdnsd $dnsserver $dnsport - pdnsd_enable_flag=1 - elif [ "$ssr_dns" == "2" ]; then - microsocks -i 127.0.0.1 -p 10802 ssr-dns >/dev/null 2>&1 & - dns2socks 127.0.0.1:10802 $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 & - pdnsd_enable_flag=2 - fi - if [ "$(uci_get_by_type global enable_switch)" == "1" ]; then - if [ "$(uci_get_by_name $GLOBAL_SERVER switch_enable 1)" == "1" ]; then - if [ -z "$switch_server" ]; then - local switch_time=$(uci_get_by_type global switch_time) - local switch_timeout=$(uci_get_by_type global switch_timeout) - service_start /usr/bin/ssr-switch start $switch_time $switch_timeout - switch_enable=1 - fi - fi - fi - add_cron - return $? -} - -gen_service_file() { - if [ $(uci_get_by_name $1 fast_open) == "1" ]; then - fastopen="true" - else - fastopen="false" - fi - cat <<-EOF >$2 - { - "server": "0.0.0.0", - "server_port": $(uci_get_by_name $1 server_port), - "password": "$(uci_get_by_name $1 password)", - "timeout": $(uci_get_by_name $1 timeout 60), - "method": "$(uci_get_by_name $1 encrypt_method)", - "protocol": "$(uci_get_by_name $1 protocol)", - "protocol_param": "$(uci_get_by_name $1 protocol_param)", - "obfs": "$(uci_get_by_name $1 obfs)", - "obfs_param": "$(uci_get_by_name $1 obfs_param)", - "fast_open": $fastopen - } - EOF -} - -start_service() { - [ $(uci_get_by_name $1 enable 0) == "0" ] && return 1 - let server_count=server_count+1 - if [ "$server_count" == "1" ]; then - if ! (iptables-save -t filter | grep SSR-SERVER-RULE >/dev/null); then - iptables -N SSR-SERVER-RULE && \ - iptables -t filter -I INPUT -j SSR-SERVER-RULE - fi - fi - if [ "$(uci_get_by_name $1 type ssr)" == "ssr" ]; then - gen_service_file $1 /var/etc/${NAME}_$server_count.json - /usr/bin/ssr-server -c /var/etc/${NAME}_$server_count.json -u -f /var/run/ssr-server$server_count.pid >/dev/null 2>&1 - else - microsocks -i :: -p $(uci_get_by_name $1 server_port) -1 -u $(uci_get_by_name $1 username) -P $(uci_get_by_name $1 password) ssr-server$server_count >/dev/null 2>&1 & - fi - iptables -t filter -A SSR-SERVER-RULE -p tcp --dport $(uci_get_by_name $1 server_port) -j ACCEPT - iptables -t filter -A SSR-SERVER-RULE -p udp --dport $(uci_get_by_name $1 server_port) -j ACCEPT - return 0 -} - -gen_serv_include() { - FWI=$(uci get firewall.shadowsocksr.path 2>/dev/null) - [ -n "$FWI" ] || return 0 - if [ ! -f $FWI ]; then - echo '#!/bin/sh' >$FWI - fi - extract_rules() { - echo "*filter" - iptables-save -t filter | grep SSR-SERVER-RULE | sed -e "s/^-A INPUT/-I INPUT/" - echo 'COMMIT' - } - cat <<-EOF >>$FWI - iptables-save -c | grep -v "SSR-SERVER" | iptables-restore -c - iptables-restore -n <<-EOT - $(extract_rules) - EOT - EOF -} - -start_server() { - SERVER_ENABLE=$(uci_get_by_type server_global enable_server 0) - [ "$SERVER_ENABLE" == "0" ] && return 0 - mkdir -p /var/run /var/etc - config_load $NAME - config_foreach start_service server_config - gen_serv_include - return 0 -} - -start_local() { - local local_server=$(uci_get_by_type socks5_proxy server nil) - [ "$local_server" == "same" ] && local_server=$GLOBAL_SERVER - [ "$local_server" == "nil" ] && return 1 - local local_type=$(uci_get_by_name $local_server type) - mkdir -p /var/run /var/etc - - if [ "$local_type" == "ssr" ]; then - gen_config_file $local_server 3 $(uci_get_by_type socks5_proxy local_port 1080) - /usr/bin/ssr-local -c $CONFIG_SOCK5_FILE -u -f /var/run/ssr-local.pid >/dev/null 2>&1 - elif [ "$local_type" == "ss" ]; then - gen_config_file $local_server 3 $(uci_get_by_type socks5_proxy local_port 1080) - /usr/bin/ss-local -c $CONFIG_SOCK5_FILE -u -f /var/run/ssr-local.pid >/dev/null 2>&1 - elif [ "$local_type" == "v2ray" ]; then - lua /usr/share/shadowsocksr/genv2config.lua $local_server tcp 0 $(uci_get_by_type socks5_proxy local_port 1080) >/var/etc/v2-ssr-local.json - sed -i 's/\\//g' /var/etc/v2-ssr-local.json - /usr/bin/v2ray/v2ray -config /var/etc/v2-ssr-local.json >/dev/null 2>&1 & - elif [ "$local_type" == "trojan" ]; then - lua /usr/share/shadowsocksr/gentrojanconfig.lua $local_server client $(uci_get_by_type socks5_proxy local_port 1080) >/var/etc/trojan-ssr-local.json - sed -i 's/\\//g' /var/etc/trojan-ssr-local.json - /usr/sbin/trojan --config /var/etc/trojan-ssr-local.json >/dev/null 2>&1 & - else - microsocks -i :: -p $(uci_get_by_type socks5_proxy local_port 1080) ssr-local >/dev/null 2>&1 & - fi - - local_enable=1 -} - -rules() { - if [ "$GLOBAL_SERVER" == "nil" ]; then - return 1 - else - redir_tcp=1 - fi - mkdir -p /var/run /var/etc - UDP_RELAY_SERVER=$(uci_get_by_type global udp_relay_server) - [ "$UDP_RELAY_SERVER" == "same" ] && UDP_RELAY_SERVER=$GLOBAL_SERVER - [ -n "$UDP_RELAY_SERVER" ] && redir_udp=1 - if start_rules; then - return 0 - else - return 1 - fi -} - -start() { - if [ -z "$switch_server" ]; then - GLOBAL_SERVER=$(uci_get_by_type global global_server) - else - GLOBAL_SERVER=$switch_server - switch_enable=1 - fi - - NETFLIX_SERVER=$(uci_get_by_type global netflix_server nil) - if [ "$NETFLIX_SERVER" == "same" ]; then - NETFLIX_SERVER=$GLOBAL_SERVER - fi - - if rules; then - start_redir - mkdir -p /tmp/dnsmasq.d && cp -a /etc/dnsmasq.ssr /tmp/ && cp -a /etc/dnsmasq.oversea /tmp/ - if ! [ "$run_mode" == "oversea" ]; then - cat <<-EOF >/tmp/dnsmasq.d/dnsmasq-ssr.conf - conf-dir=/tmp/dnsmasq.ssr - EOF - else - cat <<-EOF >/tmp/dnsmasq.d/dnsmasq-ssr.conf - conf-dir=/tmp/dnsmasq.oversea - EOF - fi - if [ $(uci_get_by_type global adblock 0) == "0" ]; then - rm -f /tmp/dnsmasq.ssr/ad.conf - fi - /usr/share/shadowsocksr/gfw2ipset.sh - - if [ "$NETFLIX_SERVER" != "nil" ]; then - if [ "$NETFLIX_SERVER" != "$GLOBAL_SERVER" ]; then - cat /etc/config/netflix.list | while read line || [ -n "$line" ]; do - sed -i "/$line/d" /tmp/dnsmasq.ssr/gfw_list.conf - done - awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"netflix"'\n",$0)}' /etc/config/netflix.list >/tmp/dnsmasq.ssr/netflix_forward.conf - awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5555"'\n",$0)}' /etc/config/netflix.list >>/tmp/dnsmasq.ssr/netflix_forward.conf - - ipset -N netflix hash:net 2>/dev/null - cat /etc/config/netflixip.list | while read nip || [ -n "$nip" ]; do - ipset add netflix $nip 2>/dev/null - done - else - cat /etc/config/netflix.list | while read line || [ -n "$line" ]; do - sed -i "/$line/d" /tmp/dnsmasq.ssr/gfw_list.conf - done - awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"netflix"'\n",$0)}' /etc/config/netflix.list >/tmp/dnsmasq.ssr/netflix_forward.conf - awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/config/netflix.list >>/tmp/dnsmasq.ssr/netflix_forward.conf - ipset -N netflix hash:net 2>/dev/null - cat /etc/config/netflixip.list | while read nip || [ -n "$nip" ]; do - ipset add netflix $nip 2>/dev/null - done - fi - else - rm -f /tmp/dnsmasq.ssr/netflix_forward.conf - fi - - /etc/init.d/dnsmasq restart >/dev/null 2>&1 - fi - start_server - start_local - if [ $(uci_get_by_type global monitor_enable 1) == "1" ]; then - let total_count=server_count+redir_tcp+redir_udp+tunnel_enable+kcp_enable_flag+local_enable+pdnsd_enable_flag+switch_enable - if [ $total_count -gt 0 ]; then - #param:server(count) redir_tcp(0:no,1:yes) redir_udp tunnel kcp local gfw - service_start /usr/bin/ssr-monitor $server_count $redir_tcp $redir_udp $tunnel_enable $kcp_enable_flag $local_enable $pdnsd_enable_flag $switch_enable - fi - fi - - ENABLE_SERVER=$(uci_get_by_type global global_server nil) - if [ "$ENABLE_SERVER" == "nil" ]; then - return 1 - else - STYPE=$(uci_get_by_name $ENABLE_SERVER type nil) - if [ "$STYPE" == "nil" ]; then - CFGID=$(uci_get_by_cfgid servers type nil) - if [ "$CFGID" == "nil" ]; then - uci set shadowsocksr.@global[0].global_server='nil' - else - uci set shadowsocksr.@global[0].global_server=$CFGID - fi - uci commit shadowsocksr - /etc/init.d/shadowsocksr restart - fi - fi -} - -boot() { - (/usr/share/shadowsocksr/chinaipset.sh && sleep 3 && start >/dev/null 2>&1) & -} - -stop() { - /usr/bin/ssr-rules -f - srulecount=$(iptables -L | grep SSR-SERVER-RULE | wc -l) - if [ $srulecount -gt 0 ]; then - iptables -F SSR-SERVER-RULE - iptables -t filter -D INPUT -j SSR-SERVER-RULE - iptables -X SSR-SERVER-RULE 2>/dev/null - fi - if [ -z "$switch_server" ]; then - kill -9 $(busybox ps -w | grep ssr-switch | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - fi - if [ $(uci_get_by_type global monitor_enable 0) == "1" ]; then - kill -9 $(busybox ps -w | grep ssr-monitor | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - fi - killall -q -9 ssr-monitor - killall -q -9 ss-redir - killall -q -9 obfs-local - killall -q -9 v2ray-plugin - killall -q -9 ssr-redir - killall -q -9 v2ray - killall -q -9 trojan - killall -q -9 ipt2socks - kill -9 $(busybox ps -w | grep ssr-server | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - kill -9 $(busybox ps -w | grep ssr-local | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - killall -q -9 ssr-local - killall -q -9 ss-local - killall -q -9 kcptun-client - killall -q -9 dns2socks - killall -q -9 microsocks - killall -q -9 redsocks2 - if [ -f /var/run/pdnsd.pid ]; then - kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1 - else - kill -9 $(busybox ps -w | grep pdnsd | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - fi - if [ -f "/tmp/dnsmasq.d/dnsmasq-ssr.conf" ]; then - rm -f /tmp/dnsmasq.d/dnsmasq-ssr.conf /tmp/dnsmasq.ssr/* /tmp/dnsmasq.oversea/* - /etc/init.d/dnsmasq restart >/dev/null 2>&1 - fi - del_cron -} diff --git a/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus b/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus deleted file mode 100755 index bd8d02a5..00000000 --- a/package/lean/luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh - -uci -q batch <<-EOF >/dev/null - delete ucitrack.@shadowsocksr[-1] - add ucitrack shadowsocksr - set ucitrack.@shadowsocksr[-1].init=shadowsocksr - commit ucitrack - delete firewall.shadowsocksr - set firewall.shadowsocksr=include - set firewall.shadowsocksr.type=script - set firewall.shadowsocksr.path=/var/etc/shadowsocksr.include - set firewall.shadowsocksr.reload=1 - commit firewall -EOF - -touch /etc/china_ssr.txt -touch /etc/config/white.list -touch /etc/config/black.list -touch /etc/config/netflix.list -touch /etc/config/netflixip.list -touch /etc/dnsmasq.ssr/ad.conf -touch /etc/dnsmasq.ssr/gfw_list.conf - -rm -rf /tmp/luci-modulecache/* -rm -f /tmp/luci-indexcache -exit 0 diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad deleted file mode 100755 index 2c7ffef0..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-ad +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -e -if [ -f /tmp/adnew.conf ]; then - if (grep -wq "address=" /tmp/adnew.conf) ; then - cp /tmp/adnew.conf /tmp/ad.conf - else - cat /tmp/adnew.conf | grep ^\|\|[^\*]*\^$ | sed -e 's:||:address\=\/:' -e 's:\^:/0\.0\.0\.0:' > /tmp/ad.conf - fi -fi -rm -f /tmp/adnew.conf diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw deleted file mode 100755 index 07ee49c4..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-gfw +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -e - -generate_china_banned() { - cat $1 | base64 -d >/tmp/gfwlist.txt - rm -f $1 - sed -i '/^@@|/d' /tmp/gfwlist.txt - cat /tmp/gfwlist.txt | sort -u | - sed 's#!.\+##; s#|##g; s#@##g; s#http:\/\/##; s#https:\/\/##;' | - sed '/\*/d; /apple\.com/d; /sina\.cn/d; /sina\.com\.cn/d; /baidu\.com/d; /byr\.cn/d; /jlike\.com/d; /weibo\.com/d; /zhongsou\.com/d; /youdao\.com/d; /sogou\.com/d; /so\.com/d; /soso\.com/d; /aliyun\.com/d; /taobao\.com/d; /jd\.com/d; /qq\.com/d' | - sed '/^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/d' | - grep '^[0-9a-zA-Z\.-]\+$' | grep '\.' | sed 's#^\.\+##' | sort -u | - awk 'BEGIN { prev = "________"; } { - cur = $0; - if (index(cur, prev) == 1 && substr(cur, 1 + length(prev) ,1) == ".") { - } else { - print cur; - prev = cur; - } - }' | sort -u -} - -generate_china_banned /tmp/gfw.b64 >/tmp/gfw.txt -rm -f /tmp/gfwlist.txt -sed '/.*/s/.*/server=\/\.&\/127.0.0.1#5335\nipset=\/\.&\/gfwlist/' /tmp/gfw.txt >/tmp/gfwnew.txt -rm -f /tmp/gfw.txt diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor deleted file mode 100755 index 889f1d11..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-monitor +++ /dev/null @@ -1,132 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2017 openwrt-ssr -# Copyright (C) 2017 yushi studio -# -# This is free software, licensed under the GNU General Public License v3. -# See /LICENSE for more information. -# - -NAME=shadowsocksr - -uci_get_by_name() { - local ret=$(uci get $NAME.$1.$2 2>/dev/null) - echo ${ret:=$3} -} - -uci_get_by_type() { - local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null) - echo ${ret:=$3} -} - -server_process_count=$1 -redir_tcp_process=$2 -redir_udp_process=$3 -tunnel_process=$4 -kcp_process=$5 -local_process=$6 -pdnsd_process=$7 -if [ -z "$pdnsd_process" ]; then - pdnsd_process=0 -fi - -i=0 - -GLOBAL_SERVER=$(uci_get_by_type global global_server) -server=$(uci_get_by_name $GLOBAL_SERVER server) -lkcp_port=$(uci_get_by_name $GLOBAL_SERVER kcp_port) -server_port=$(uci_get_by_name $GLOBAL_SERVER server_port) -password=$(uci_get_by_name $GLOBAL_SERVER kcp_password) -kcp_param=$(uci_get_by_name $GLOBAL_SERVER kcp_param) -[ "$password" != "" ] && password="--key "${password} - -if echo "$server" | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then - server=${server} -else - server=$(cat /etc/ssr_ip) -fi - -while [ "1" == "1" ]; do #死循环 - sleep 30 - #redir tcp - if [ "$redir_tcp_process" -gt 0 ]; then - icount=$(busybox ps -w | grep ssr-retcp | grep -v grep | wc -l) - if [ "$icount" == 0 ]; then - logger -t "$NAME" "ssr redir tcp error.restart!" - /etc/init.d/shadowsocksr restart - exit 0 - fi - fi - #redir udp - if [ "$redir_udp_process" -gt 0 ]; then - icount=$(busybox ps -w | grep ssr-reudp | grep -v grep | wc -l) - if [ "$icount" == 0 ]; then - logger -t "$NAME" "ssr redir udp error.restart!" - /etc/init.d/shadowsocksr restart - exit 0 - fi - fi - #tunnel - if [ "$tunnel_process" -gt 0 ]; then - icount=$(busybox ps -w | grep ssr-tunnel | grep -v grep | wc -l) - if [ "$icount" == 0 ]; then - logger -t "$NAME" "ssr tunnel error.restart!" - /etc/init.d/shadowsocksr restart - exit 0 - fi - fi - #server - if [ "$server_process_count" -gt 0 ]; then - icount=$(busybox ps -w | grep ssr-server | grep -v grep | wc -l) - if [ "$icount" -lt "$server_process_count" ]; then #如果进程挂掉就重启它 - logger -t "$NAME" "ssr server error.restart!" - kill -9 $(busybox ps -w | grep ssr-server | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - /etc/init.d/shadowsocksr restart - fi - fi - #kcptun - if [ "$kcp_process" -gt 0 ]; then - icount=$(busybox ps -w | grep kcptun-client | grep -v grep | wc -l) - if [ "$icount" -lt "$kcp_process" ]; then #如果进程挂掉就重启它 - logger -t "$NAME" "ssr kcptun error.restart!" - killall -q -9 kcptun-client - (/usr/bin/kcptun-client -r $server:$kcp_port -l :$server_port $password $kcp_param &) - fi - fi - #localsocks - if [ "$local_process" -gt 0 ]; then - icount=$(busybox ps -w | grep ssr-local | grep -v grep | wc -l) - if [ "$icount" -lt "$local_process" ]; then #如果进程挂掉就重启它 - logger -t "$NAME" "global socks server error.restart!" - kill -9 $(busybox ps -w | grep ssr-local | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - /etc/init.d/shadowsocksr restart - fi - fi - #pdnsd - if [ "$pdnsd_process" -eq 1 ]; then - icount=$(busybox ps -w | grep pdnsd | grep -v grep | wc -l) - if [ "$icount" -lt "$pdnsd_process" ]; then #如果进程挂掉就重启它 - logger -t "$NAME" "pdnsd tunnel error.restart!" - if [ -f /var/run/pdnsd.pid ]; then - kill $(cat /var/run/pdnsd.pid) >/dev/null 2>&1 - else - kill -9 $(ps | grep pdnsd | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - fi - (/usr/sbin/pdnsd -c /var/etc/pdnsd.conf -d &) - fi - fi - #dns2socks - if [ "$pdnsd_process" -eq 2 ]; then - icount=$(busybox ps -w | grep -e ssr-dns -e dns2socks | grep -v grep | wc -l) - if [ "$icount" -lt 2 ]; then #如果进程挂掉就重启它 - logger -t "$NAME" "dns2socks $dnsstr tunnel error.restart!" - dnsstr=$(uci_get_by_type global tunnel_forward 8.8.4.4:53) - dnsserver=$(echo "$dnsstr" | awk -F ':' '{print $1}') - dnsport=$(echo "$dnsstr" | awk -F ':' '{print $2}') - killall -q -9 dns2socks - kill -9 $(busybox ps -w | grep ssr-dns | grep -v grep | awk '{print $1}') >/dev/null 2>&1 - microsocks -i 127.0.0.1 -p 10802 ssr-dns >/dev/null 2>&1 & - dns2socks 127.0.0.1:10802 $dnsserver:$dnsport 127.0.0.1:5335 -q >/dev/null 2>&1 & - fi - fi -done diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules deleted file mode 100755 index 0279d926..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules +++ /dev/null @@ -1,406 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2017 openwrt-ssr -# Copyright (C) 2017 yushi studio -# -# This is free software, licensed under the GNU General Public License v3. -# See /LICENSE for more information. -# - -TAG="_SS_SPEC_RULE_" # comment tag -IPT="iptables -t nat" # alias of iptables -FWI=$(uci get firewall.shadowsocksr.path 2>/dev/null) # firewall include file - -usage() { - cat <<-EOF -Usage: ssr-rules [options] - -Valid options are: - - -s ip address of shadowsocksr remote server - -l port number of shadowsocksr local server - -S ip address of shadowsocksr remote UDP server - -L port number of shadowsocksr local UDP server - -i a file content is bypassed ip list - -a lan ip of access control, need a prefix to - define access control mode - -b wan ip of will be bypassed - -w wan ip of will be forwarded - -B lan ip of will be bypassed proxy - -p lan ip of will be global proxy - -G lan ip of will be game mode proxy - -D proxy ports - -F netflix mode - -N netflix server IP - -M netflix proxy mode - -e extra options for iptables - -o apply the rules to the OUTPUT chain - -O apply the global rules to the OUTPUT chain - -u enable udprelay mode, TPROXY is required - -U enable udprelay mode, using different IP - and ports for TCP and UDP - -f flush the rules - -g gfw list mode - -r return china mode - -h show this help message and exit - EOF - exit $1 -} - -loger() { - # 1.alert 2.crit 3.err 4.warn 5.notice 6.info 7.debug - logger -st ssr-rules[$$] -p$1 $2 -} - -flush_r() { - flush_iptables() { - local ipt="iptables -t $1" - local DAT=$(iptables-save -t $1) - eval $(echo "$DAT" | grep "$TAG" | sed -e 's/^-A/$ipt -D/' -e 's/$/;/') - for chain in $(echo "$DAT" | awk '/^:SS_SPEC/{print $1}'); do - $ipt -F ${chain:1} 2>/dev/null && $ipt -X ${chain:1} - done - } - flush_iptables nat - flush_iptables mangle - ip rule del fwmark 0x01/0x01 table 100 2>/dev/null - ip route del local 0.0.0.0/0 dev lo table 100 2>/dev/null - ipset -X ss_spec_lan_ac 2>/dev/null - ipset -X ss_spec_wan_ac 2>/dev/null - ipset -X ssr_gen_router 2>/dev/null - ipset -X fplan 2>/dev/null - ipset -X bplan 2>/dev/null - ipset -X gmlan 2>/dev/null - ipset -X oversea 2>/dev/null - ipset -X whitelist 2>/dev/null - ipset -X blacklist 2>/dev/null - ipset -X netflix 2>/dev/null - [ -n "$FWI" ] && echo '#!/bin/sh' >$FWI - return 0 -} - -ipset_r() { - ipset -N gmlan hash:net 2>/dev/null - for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done - if [ "$RUNMODE" == "router" ]; then - ipset -! -R <<-EOF || return 1 - create ss_spec_wan_ac hash:net - $(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /") - EOF - ipset -N gfwlist hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC - $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN - $IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN - $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW - elif [ "$RUNMODE" == "gfw" ]; then - ipset -N gfwlist hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC - $IPT -A SS_SPEC_WAN_AC -m set --match-set gfwlist dst -j SS_SPEC_WAN_FW - $IPT -A SS_SPEC_WAN_AC -m set --match-set gmlan src -m set ! --match-set china dst -j SS_SPEC_WAN_FW - $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j RETURN - $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN - elif [ "$RUNMODE" == "oversea" ]; then - ipset -N oversea hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_AC - ipset -N gmlan hash:net 2>/dev/null - for ip in $LAN_GM_IP; do ipset -! add gmlan $ip; done - $IPT -A SS_SPEC_WAN_AC -m set --match-set china dst -j SS_SPEC_WAN_FW - $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN - elif [ "$RUNMODE" == "all" ]; then - $IPT -N SS_SPEC_WAN_AC - $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW - $IPT -I SS_SPEC_WAN_AC -p tcp ! --dport 53 -d $server -j RETURN - fi - ipset -N fplan hash:net 2>/dev/null - for ip in $LAN_FP_IP; do ipset -! add fplan $ip; done - $IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW - ipset -N bplan hash:net 2>/dev/null - for ip in $LAN_BP_IP; do ipset -! add bplan $ip; done - $IPT -I SS_SPEC_WAN_AC -m set --match-set bplan src -j RETURN - ipset -N whitelist hash:net 2>/dev/null - ipset -N blacklist hash:net 2>/dev/null - $IPT -I SS_SPEC_WAN_AC -m set --match-set blacklist dst -j SS_SPEC_WAN_FW - $IPT -I SS_SPEC_WAN_AC -m set --match-set whitelist dst -j RETURN - for ip in $WAN_BP_IP; do ipset -! add whitelist $ip; done - for ip in $WAN_FW_IP; do ipset -! add blacklist $ip; done - - if [ "$NETFLIX" == "1" ]; then - $IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports 4321 - if [ "$NETFLIX_PROXY" == "1" ]; then - $IPT -I SS_SPEC_WAN_AC -p tcp -d $NETFLIX_IP -j REDIRECT --to-ports $local_port - else - ipset -! add whitelist $NETFLIX_IP - fi - elif [ "$NETFLIX" == "2" ]; then - $IPT -I SS_SPEC_WAN_AC -p tcp -m set --match-set netflix dst -j REDIRECT --to-ports $local_port - fi - - return $? -} - -fw_rule() { - ipset -N netflix hash:net 2>/dev/null - $IPT -N SS_SPEC_WAN_FW - $IPT -A SS_SPEC_WAN_FW -d 0.0.0.0/8 -j RETURN - $IPT -A SS_SPEC_WAN_FW -d 10.0.0.0/8 -j RETURN - $IPT -A SS_SPEC_WAN_FW -d 127.0.0.0/8 -j RETURN - $IPT -A SS_SPEC_WAN_FW -d 169.254.0.0/16 -j RETURN - $IPT -A SS_SPEC_WAN_FW -d 172.16.0.0/12 -j RETURN - $IPT -A SS_SPEC_WAN_FW -d 192.168.0.0/16 -j RETURN - $IPT -A SS_SPEC_WAN_FW -d 224.0.0.0/4 -j RETURN - $IPT -A SS_SPEC_WAN_FW -d 240.0.0.0/4 -j RETURN - $IPT -A SS_SPEC_WAN_FW -p tcp $PROXY_PORTS \ - -j REDIRECT --to-ports $local_port 2>/dev/null || { - loger 3 "Can't redirect, please check the iptables." - exit 1 - } - return $? -} - -ac_rule() { - if [ -n "$LAN_AC_IP" ]; then - case "${LAN_AC_IP:0:1}" in - w | W) - MATCH_SET="-m set --match-set ss_spec_lan_ac src" - ;; - b | B) - MATCH_SET="-m set ! --match-set ss_spec_lan_ac src" - ;; - *) - loger 3 "Bad argument \`-a $LAN_AC_IP\`." - return 2 - ;; - esac - fi - IFNAME=$(uci get -P/var/state network.lan.ifname 2>/dev/null) - ipset -! -R <<-EOF || return 1 - create ss_spec_lan_ac hash:net - $(for ip in ${LAN_AC_IP:1}; do echo "add ss_spec_lan_ac $ip"; done) - EOF - $IPT -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p tcp $EXT_ARGS $MATCH_SET \ - -m comment --comment "$TAG" -j SS_SPEC_WAN_AC - if [ "$OUTPUT" = 1 ]; then - $IPT -I OUTPUT 1 -p tcp $EXT_ARGS \ - -m comment --comment "$TAG" -j SS_SPEC_WAN_AC - elif [ "$OUTPUT" = 2 ]; then - ipset -! -R <<-EOF || return 1 - create ssr_gen_router hash:net - $(gen_spec_iplist | sed -e "s/^/add ssr_gen_router /") - EOF - $IPT -N SS_SPEC_ROUTER && \ - $IPT -A SS_SPEC_ROUTER -m set --match-set ssr_gen_router dst -j RETURN && \ - $IPT -A SS_SPEC_ROUTER -j SS_SPEC_WAN_FW - $IPT -I OUTPUT 1 -p tcp -m comment --comment "$TAG" -j SS_SPEC_ROUTER - fi - return $? -} - -tp_rule() { - [ -n "$TPROXY" ] || return 0 - ip rule add fwmark 0x01/0x01 table 100 - ip route add local 0.0.0.0/0 dev lo table 100 - local ipt="iptables -t mangle" - $ipt -N SS_SPEC_TPROXY - $ipt -A SS_SPEC_TPROXY -p udp --dport 443 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp --dport 80 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp --dport 53 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d 0.0.0.0/8 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d 10.0.0.0/8 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d 127.0.0.0/8 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d 169.254.0.0/16 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d 172.16.0.0/12 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d 192.168.0.0/16 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d 224.0.0.0/4 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -d 240.0.0.0/4 -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp ! --dport 53 -d $server -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set bplan src -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set fplan src \ - -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - if [ "$RUNMODE" == "router" ]; then - $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ - -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set ! --match-set ss_spec_wan_ac dst \ - -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - elif [ "$RUNMODE" == "gfw" ]; then - $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set china dst -j RETURN - $ipt -A SS_SPEC_TPROXY -p udp -m set --match-set gmlan src -m set ! --match-set china dst \ - -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - $ipt -A SS_SPEC_TPROXY -p udp -m set $PROXY_PORTS --match-set gfwlist dst \ - -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - elif [ "$RUNMODE" == "oversea" ]; then - $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -m set --match-set china dst \ - -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - elif [ "$RUNMODE" == "all" ]; then - $ipt -A SS_SPEC_TPROXY -p udp $PROXY_PORTS -j TPROXY --on-port "$LOCAL_PORT" --tproxy-mark 0x01/0x01 - fi - $ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET \ - -m comment --comment "$TAG" -j SS_SPEC_TPROXY - return $? -} - -get_wan_ip() { - cat <<-EOF | grep -E "^([0-9]{1,3}\.){3}[0-9]{1,3}" - $server - $SERVER - $WAN_BP_IP - EOF -} - -gen_iplist() { - cat <<-EOF - 0.0.0.0/8 - 10.0.0.0/8 - 100.64.0.0/10 - 127.0.0.0/8 - 169.254.0.0/16 - 172.16.0.0/12 - 192.0.0.0/24 - 192.0.2.0/24 - 192.88.99.0/24 - 192.168.0.0/16 - 198.18.0.0/15 - 198.51.100.0/24 - 203.0.113.0/24 - 224.0.0.0/4 - 240.0.0.0/4 - 255.255.255.255 - $(get_wan_ip) - $(cat ${IGNORE_LIST:=/dev/null} 2>/dev/null) - EOF -} - -gen_spec_iplist() { - cat <<-EOF - 0.0.0.0/8 - 10.0.0.0/8 - 100.64.0.0/10 - 127.0.0.0/8 - 169.254.0.0/16 - 172.16.0.0/12 - 192.0.0.0/24 - 192.0.2.0/24 - 192.88.99.0/24 - 192.168.0.0/16 - 198.18.0.0/15 - 198.51.100.0/24 - 203.0.113.0/24 - 224.0.0.0/4 - 240.0.0.0/4 - 255.255.255.255 - $(get_wan_ip) - EOF -} - -gen_include() { - [ -n "$FWI" ] || return 0 - extract_rules() { - echo "*$1" - iptables-save -t $1 | grep SS_SPEC_ | \ - sed -e "s/^-A \(OUTPUT\|PREROUTING\)/-I \1 1/" - echo 'COMMIT' - } - cat <<-EOF >>$FWI - iptables-save -c | grep -v "SS_SPEC" | iptables-restore -c - iptables-restore -n <<-EOT - $(extract_rules nat) - $(extract_rules mangle) - EOT - EOF - return 0 -} - -while getopts ":s:l:S:L:i:e:a:B:b:w:p:G:D:F:N:M:oOuUfgrczh" arg; do - case "$arg" in - s) - server=$OPTARG - ;; - l) - local_port=$OPTARG - ;; - S) - SERVER=$OPTARG - ;; - L) - LOCAL_PORT=$OPTARG - ;; - i) - IGNORE_LIST=$OPTARG - ;; - e) - EXT_ARGS=$OPTARG - ;; - a) - LAN_AC_IP=$OPTARG - ;; - B) - LAN_BP_IP=$OPTARG - ;; - b) - WAN_BP_IP=$(for ip in $OPTARG; do echo $ip; done) - ;; - w) - WAN_FW_IP=$OPTARG - ;; - p) - LAN_FP_IP=$OPTARG - ;; - G) - LAN_GM_IP=$OPTARG - ;; - D) - PROXY_PORTS=$OPTARG - ;; - F) - NETFLIX=$OPTARG - ;; - N) - NETFLIX_IP=$OPTARG - ;; - M) - NETFLIX_PROXY=$OPTARG - ;; - o) - OUTPUT=1 - ;; - O) - OUTPUT=2 - ;; - u) - TPROXY=1 - ;; - U) - TPROXY=2 - ;; - g) - RUNMODE=gfw - ;; - r) - RUNMODE=router - ;; - c) - RUNMODE=oversea - ;; - z) - RUNMODE=all - ;; - f) - flush_r - exit 0 - ;; - h) usage 0 ;; - esac -done -if [ -z "$server" -o -z "$local_port" ]; then - usage 2 -fi -if [ "$TPROXY" == 1 ]; then - SERVER=$server - LOCAL_PORT=$local_port -elif [ "$TPROXY" == 2 ]; then - : ${SERVER:?"You must assign an ip for the udp relay server."} - : ${LOCAL_PORT:?"You must assign a port for the udp relay server."} -fi -flush_r && fw_rule && ipset_r && ac_rule && tp_rule && gen_include -[ "$?" == 0 ] || loger 3 "Start failed!" -exit $? - diff --git a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch b/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch deleted file mode 100755 index 98d91dc9..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/bin/ssr-switch +++ /dev/null @@ -1,168 +0,0 @@ -#!/bin/sh /etc/rc.common -# -# Copyright (C) 2017 openwrt-ssr -# Copyright (C) 2017 yushi studio -# -# This is free software, licensed under the GNU General Public License v3. -# See /LICENSE for more information. -# - -cycle_time=60 -switch_time=3 -normal_flag=0 -server_locate=0 -server_count=0 -NAME=shadowsocksr -ENABLE_SERVER=nil -CONFIG_SWTICH_FILE=/var/etc/${NAME}_t.json - -[ -n "$1" ] && cycle_time=$1 -[ -n "$2" ] && switch_time=$2 - -uci_get_by_name() { - local ret=$(uci get $NAME.$1.$2 2>/dev/null) - echo ${ret:=$3} -} - -uci_get_by_type() { - local ret=$(uci get $NAME.@$1[0].$2 2>/dev/null) - echo ${ret:=$3} -} - -DEFAULT_SERVER=$(uci_get_by_type global global_server) -CURRENT_SERVER=$DEFAULT_SERVER - -#判断代理是否正常 -check_proxy() { - local result=0 - local try_count=$(uci_get_by_type global switch_try_count 3) - for i in $(seq 1 $try_count); do - /usr/bin/ssr-check www.google.com 80 $switch_time 1 - if [ "$?" == "0" ]; then - # echo "$(date "+%Y-%m-%d %H:%M:%S") Check Google Proxy Success, count=$i" >> /tmp/ssrplus.log - result=0 - break - else - # echo "$(date "+%Y-%m-%d %H:%M:%S") Check Google Proxy Fail, count=$i" >> /tmp/ssrplus.log - /usr/bin/ssr-check www.baidu.com 80 $switch_time 1 - if [ "$?" == "0" ]; then - result=1 - else - result=2 - fi - fi - sleep 1 - done - return $result -} - -test_proxy() { - local servername=$(uci_get_by_name $1 server) - local serverport=$(uci_get_by_name $1 server_port) - ret=$(ping -c 3 $servername | grep 'loss' | awk -F ',' '{ print $3 }' | awk -F "%" '{ print $1 }') - [ -z "$ret" ] && return 1 - [ "$ret" -gt "50" ] && return 1 - ipset add ss_spec_wan_ac $servername 2>/dev/null - ret=$? - /usr/bin/ssr-check $servername $serverport $switch_time - local ret2=$? - if [ "$ret" == "0" ]; then - ipset del ss_spec_wan_ac $servername 2>/dev/null - fi - if [ "$ret2" == "0" ]; then - return 0 - else - return 1 - fi -} - -search_proxy() { - let server_count=server_count+1 - [ "$normal_flag" == "1" -a "$server_count" -le "$server_locate" ] && return 0 - [ "$(uci_get_by_name $1 switch_enable)" != "1" ] && return 1 - [ $ENABLE_SERVER != nil ] && return 0 - [ "$1" == "$CURRENT_SERVER" ] && return 0 - local servername=$(uci_get_by_name $1 server) - local serverport=$(uci_get_by_name $1 server_port) - ipset add ss_spec_wan_ac $servername 2>/dev/null - ret=$? - /usr/bin/ssr-check $servername $serverport $switch_time - local ret2=$? - if [ "$ret" == "0" ]; then - ipset del ss_spec_wan_ac $servername 2>/dev/null - fi - if [ "$ret2" == "0" ]; then - server_locate=$server_count - ENABLE_SERVER=$1 - return 0 - else - return 1 - fi - -} -#选择可用的代理 -select_proxy() { - config_load $NAME - ENABLE_SERVER=nil - mkdir -p /var/run /var/etc - server_count=0 - config_foreach search_proxy servers -} - -#切换代理 -switch_proxy() { - /etc/init.d/shadowsocksr restart $1 - return 0 -} - -start() { - #不支持kcptun启用时的切换 - [ $(uci_get_by_name $DEFAULT_SERVER kcp_enable) = "1" ] && return 1 - - while [ "1" == "1" ]; do #死循环 - sleep $cycle_time - LOGTIME=$(date "+%Y-%m-%d %H:%M:%S") - #判断当前代理是否为缺省服务器 - if [ "$CURRENT_SERVER" != "$DEFAULT_SERVER" ]; then - #echo "not default proxy" - echo "$(date "+%Y-%m-%d %H:%M:%S") Current server is not default Main server, try to switch back." >>/tmp/ssrplus.log - #检查缺省服务器是否正常 - if test_proxy $DEFAULT_SERVER; then - #echo "switch to default proxy" - echo "$(date "+%Y-%m-%d %H:%M:%S") Main server is avilable." >>/tmp/ssrplus.log - #缺省服务器正常,切换回来 - CURRENT_SERVER=$DEFAULT_SERVER - switch_proxy $CURRENT_SERVER - echo "$(date "+%Y-%m-%d %H:%M:%S") switch to default ["$(uci_get_by_name $CURRENT_SERVER server)"] proxy!" >>/tmp/ssrplus.log - else - echo "$(date "+%Y-%m-%d %H:%M:%S") Main server is NOT avilable.Continue using current server." >>/tmp/ssrplus.log - fi - fi - #判断当前代理是否正常 - #echo "$(date "+%Y-%m-%d %H:%M:%S") Start checking if the current server is available." >>/tmp/ssrplus.log - check_proxy - current_ret=$? - if [ "$current_ret" == "1" ]; then - #当前代理错误,判断有无可用的服务器 - #echo "current error" - echo "$(date "+%Y-%m-%d %H:%M:%S") Current server error, try to switch another server." >>/tmp/ssrplus.log - select_proxy - if [ "$ENABLE_SERVER" != nil ]; then - #有其他服务器可用,进行切换 - #echo $(uci_get_by_name $new_proxy server) - echo "$(date "+%Y-%m-%d %H:%M:%S") Another server is avilable, now switching server." >>/tmp/ssrplus.log - CURRENT_SERVER=$ENABLE_SERVER - switch_proxy $CURRENT_SERVER - normal_flag=1 - echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR server switch OK" >>/tmp/ssrplus.log - else - switch_proxy $CURRENT_SERVER - normal_flag=1 - echo "$(date "+%Y-%m-%d %H:%M:%S") Try restart current server." >>/tmp/ssrplus.log - fi - else - normal_flag=0 - echo "$(date "+%Y-%m-%d %H:%M:%S") ShadowsocksR No Problem." >>/tmp/ssrplus.log - fi - done -} diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/rpcd/acl.d/luci-app-ssr-plus.json b/package/lean/luci-app-ssr-plus/root/usr/share/rpcd/acl.d/luci-app-ssr-plus.json deleted file mode 100644 index 4efc8fc5..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/rpcd/acl.d/luci-app-ssr-plus.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "luci-app-ssr-plus": { - "description": "Grant UCI access for luci-app-ssr-plus", - "read": { - "uci": [ "shadowsocksr" ] - }, - "write": { - "uci": [ "shadowsocksr" ] - } - } -} diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh deleted file mode 100755 index 044d524d..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/chinaipset.sh +++ /dev/null @@ -1,5 +0,0 @@ -echo "create china hash:net family inet hashsize 1024 maxelem 65536" > /tmp/china.ipset -awk '!/^$/&&!/^#/{printf("add china %s'" "'\n",$0)}' /etc/china_ssr.txt >> /tmp/china.ipset -ipset -! flush china -ipset -! restore < /tmp/china.ipset 2>/dev/null -rm -f /tmp/china.ipset diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh deleted file mode 100755 index a36f48f8..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genred2config.sh +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/sh - -cat <<-EOF >$1 -base { - log_debug = off; - log_info = off; - log = stderr; - daemon = on; - redirector = iptables; - reuseport = on; -} -EOF - -if [ "$2" == "socks5" ]; then - if [ "$3" == "tcp" ]; then - if [ "$7" == "0" ]; then - cat <<-EOF >>$1 -redsocks { - bind = "0.0.0.0:$4"; - relay = "$5:$6"; - type = socks5; - autoproxy = 0; - timeout = 10; -} -EOF - else - cat <<-EOF >>$1 -redsocks { - bind = "0.0.0.0:$4"; - relay = "$5:$6"; - type = socks5; - autoproxy = 0; - timeout = 10; - login = "$8"; - password = "$9"; -} -EOF - fi - else - if [ "$7" == "0" ]; then - cat <<-EOF >>$1 -redudp { - bind = "0.0.0.0:$4"; - relay = "$5:$6"; - type = socks5; - udp_timeout = 10; -} -EOF - else - cat <<-EOF >>$1 -redudp { - bind = "0.0.0.0:$4"; - relay = "$5:$6"; - type = socks5; - udp_timeout = 10; - login = "$8"; - password = "$9"; -} -EOF - fi - fi -else - cat <<-EOF >>$1 -redsocks { - bind = "0.0.0.0:$4"; - type = direct; - interface = $3; - autoproxy = 0; - timeout = 10; -} -EOF -fi diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua deleted file mode 100644 index 8cb979be..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gentrojanconfig.lua +++ /dev/null @@ -1,40 +0,0 @@ -local ucursor = require "luci.model.uci".cursor() -local json = require "luci.jsonc" -local server_section = arg[1] -local proto = arg[2] -local local_port = arg[3] - -local server = ucursor:get_all("shadowsocksr", server_section) - -local trojan = { - log_level = 3, - run_type = proto, - local_addr = "0.0.0.0", - local_port = tonumber(local_port), - remote_addr = server.server, - remote_port = tonumber(server.server_port), - udp_timeout = 60, - -- 传入连接 - password = {server.password}, - -- 传出连接 - ssl = { - verify = (server.insecure == "0") and true or false, - verify_hostname = (server.tls == "1") and true or false, - cert = "", - cipher = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA", - cipher_tls13 = "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384", - sni = server.tls_host, - alpn = {"h2", "http/1.1"}, - curve = "", - reuse_session = true, - session_ticket = false, - }, - tcp = { - no_delay = true, - keep_alive = true, - reuse_port = true, - fast_open = (server.fast_open == "1") and true or false, - fast_open_qlen = 20 - } -} -print(json.stringify(trojan, 1)) diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua deleted file mode 100644 index 2554ebd1..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/genv2config.lua +++ /dev/null @@ -1,107 +0,0 @@ -local ucursor = require "luci.model.uci".cursor() -local json = require "luci.jsonc" -local server_section = arg[1] -local proto = arg[2] -local local_port = arg[3] or "0" -local socks_port = arg[4] or "0" - -local server = ucursor:get_all("shadowsocksr", server_section) - -local v2ray = { -log = { - -- error = "/var/ssrplus.log", - loglevel = "warning" -}, - -- 传入连接 - inbound = (local_port ~= "0") and { - port = local_port, - protocol = "dokodemo-door", - settings = { - network = proto, - followRedirect = true - }, - sniffing = { - enabled = true, - destOverride = { "http", "tls" } - } - } or nil, - -- 开启 socks 代理 - inboundDetour = (proto == "tcp" and socks_port ~= "0") and { - { - protocol = "socks", - port = socks_port, - settings = { - auth = "noauth", - udp = true - } - } - } or nil, - -- 传出连接 - outbound = { - protocol = "vmess", - settings = { - vnext = { - { - address = server.server, - port = tonumber(server.server_port), - users = { - { - id = server.vmess_id, - alterId = tonumber(server.alter_id), - security = server.security - } - } - } - } - }, - -- 底层传输配置 - streamSettings = { - network = server.transport, - security = (server.tls == '1') and "tls" or "none", - tlsSettings = {allowInsecure = (server.insecure ~= "0") and true or false,serverName=server.tls_host,}, - kcpSettings = (server.transport == "kcp") and { - mtu = tonumber(server.mtu), - tti = tonumber(server.tti), - uplinkCapacity = tonumber(server.uplink_capacity), - downlinkCapacity = tonumber(server.downlink_capacity), - congestion = (server.congestion == "1") and true or false, - readBufferSize = tonumber(server.read_buffer_size), - writeBufferSize = tonumber(server.write_buffer_size), - header = { - type = server.kcp_guise - } - } or nil, - wsSettings = (server.transport == "ws") and (server.ws_path ~= nil or server.ws_host ~= nil) and { - path = server.ws_path, - headers = (server.ws_host ~= nil) and { - Host = server.ws_host - } or nil, - } or nil, - httpSettings = (server.transport == "h2") and { - path = server.h2_path, - host = server.h2_host, - } or nil, - quicSettings = (server.transport == "quic") and { - security = server.quic_security, - key = server.quic_key, - header = { - type = server.quic_guise - } - } or nil - }, - mux = { - enabled = (server.mux == "1") and true or false, - concurrency = tonumber(server.concurrency) - } - }, - - -- 额外传出连接 - outboundDetour = { - { - protocol = "freedom", - tag = "direct", - settings = { keep = "" } - } - } -} -print(json.stringify(v2ray, 1)) diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh deleted file mode 100755 index c5decd28..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/gfw2ipset.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh -mkdir -p /tmp/dnsmasq.ssr -awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"blacklist"'\n",$0)}' /etc/config/black.list > /tmp/dnsmasq.ssr/blacklist_forward.conf -awk '!/^$/&&!/^#/{printf("server=/.%s/'"127.0.0.1#5335"'\n",$0)}' /etc/config/black.list >> /tmp/dnsmasq.ssr/blacklist_forward.conf -awk '!/^$/&&!/^#/{printf("ipset=/.%s/'"whitelist"'\n",$0)}' /etc/config/white.list > /tmp/dnsmasq.ssr/whitelist_forward.conf diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh deleted file mode 100755 index 5db73ff8..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/ssrplusupdate.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -/usr/bin/lua /usr/share/shadowsocksr/update.lua -/usr/bin/lua /usr/share/shadowsocksr/subscribe.lua -sleep 10 -/etc/init.d/shadowsocksr restart \ No newline at end of file diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua deleted file mode 100644 index 7b05ce5c..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua +++ /dev/null @@ -1,447 +0,0 @@ -#!/usr/bin/lua ------------------------------------------------- --- This file is part of the luci-app-ssr-plus subscribe.lua --- @author William Chan ------------------------------------------------- -require 'nixio' -require 'luci.util' -require 'luci.jsonc' -require 'luci.sys' -require 'uci' --- these global functions are accessed all the time by the event handler --- so caching them is worth the effort -local luci = luci -local tinsert = table.insert -local ssub, slen, schar, sbyte, sformat, sgsub = string.sub, string.len, string.char, string.byte, string.format, string.gsub -local jsonParse, jsonStringify = luci.jsonc.parse, luci.jsonc.stringify -local b64decode = nixio.bin.b64decode -local cache = {} -local nodeResult = setmetatable({}, { __index = cache }) -- update result -local name = 'shadowsocksr' -local uciType = 'servers' -local ucic = luci.model.uci.cursor() -local proxy = ucic:get_first(name, 'server_subscribe', 'proxy', '0') -local switch = ucic:get_first(name, 'server_subscribe', 'switch', '1') -local subscribe_url = ucic:get_first(name, 'server_subscribe', 'subscribe_url', {}) -local filter_words = ucic:get_first(name, 'server_subscribe', 'filter_words', 'QQ群') - -local log = function(...) - print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({ ... }, " ")) -end --- 分割字符串 -local function split(full, sep) - full = full:gsub("%z", "") -- 这里不是很清楚 有时候结尾带个\0 - local off, result = 1, {} - while true do - local nStart, nEnd = full:find(sep, off) - if not nEnd then - local res = ssub(full, off, slen(full)) - if #res > 0 then -- 过滤掉 \0 - tinsert(result, res) - end - break - else - tinsert(result, ssub(full, off, nStart - 1)) - off = nEnd + 1 - end - end - return result -end --- urlencode -local function get_urlencode(c) - return sformat("%%%02X", sbyte(c)) -end - -local function urlEncode(szText) - local str = szText:gsub("([^0-9a-zA-Z ])", get_urlencode) - str = str:gsub(" ", "+") - return str -end - -local function get_urldecode(h) - return schar(tonumber(h, 16)) -end -local function UrlDecode(szText) - return szText:gsub("+", " "):gsub("%%(%x%x)", get_urldecode) -end - --- trim -local function trim(text) - if not text or text == "" then - return "" - end - return (sgsub(text, "^%s*(.-)%s*$", "%1")) -end --- md5 -local function md5(content) - local stdout = luci.sys.exec('echo \"' .. urlEncode(content) .. '\" | md5sum | cut -d \" \" -f1') - -- assert(nixio.errno() == 0) - return trim(stdout) -end --- base64 -local function base64Decode(text) - local raw = text - if not text then return '' end - text = text:gsub("%z", "") - text = text:gsub("_", "/") - text = text:gsub("-", "+") - local mod4 = #text % 4 - text = text .. string.sub('====', mod4 + 1) - local result = b64decode(text) - if result then - return result:gsub("%z", "") - else - return raw - end -end --- 处理数据 -local function processData(szType, content) - local result = { - type = szType, - local_port = 1234, - kcp_param = '--nocomp' - } - if szType == 'ssr' then - local dat = split(content, "/%?") - local hostInfo = split(dat[1], ':') - result.server = hostInfo[1] - result.server_port = hostInfo[2] - result.protocol = hostInfo[3] - result.encrypt_method = hostInfo[4] - result.obfs = hostInfo[5] - result.password = base64Decode(hostInfo[6]) - local params = {} - for _, v in pairs(split(dat[2], '&')) do - local t = split(v, '=') - params[t[1]] = t[2] - end - result.obfs_param = base64Decode(params.obfsparam) - result.protocol_param = base64Decode(params.protoparam) - local group = base64Decode(params.group) - if group then - result.alias = "[" .. group .. "] " - end - result.alias = result.alias .. base64Decode(params.remarks) - elseif szType == 'vmess' then - local info = jsonParse(content) - result.type = 'v2ray' - result.server = info.add - result.server_port = info.port - result.transport = info.net - result.alter_id = info.aid - result.vmess_id = info.id - result.alias = info.ps - result.insecure = 1 - -- result.mux = 1 - -- result.concurrency = 8 - if info.net == 'ws' then - result.ws_host = info.host - result.ws_path = info.path - end - if info.net == 'h2' then - result.h2_host = info.host - result.h2_path = info.path - end - if info.net == 'tcp' then - result.tcp_guise = info.type - result.http_host = info.host - result.http_path = info.path - end - if info.net == 'kcp' then - result.kcp_guise = info.type - result.mtu = 1350 - result.tti = 50 - result.uplink_capacity = 5 - result.downlink_capacity = 20 - result.read_buffer_size = 2 - result.write_buffer_size = 2 - end - if info.net == 'quic' then - result.quic_guise = info.type - result.quic_key = info.key - result.quic_security = info.securty - end - if info.security then - result.security = info.security - end - if info.tls == "tls" or info.tls == "1" then - result.tls = "1" - result.tls_host = info.host - else - result.tls = "0" - end - elseif szType == "ss" then - local idx_sp = 0 - local alias = "" - if content:find("#") then - idx_sp = content:find("#") - alias = content:sub(idx_sp + 1, -1) - end - local info = content:sub(1, idx_sp - 1) - local hostInfo = split(base64Decode(info), "@") - local host = split(hostInfo[2], ":") - local userinfo = base64Decode(hostInfo[1]) - local method = userinfo:sub(1, userinfo:find(":") - 1) - local password = userinfo:sub(userinfo:find(":") + 1, #userinfo) - result.alias = UrlDecode(alias) - result.type = "ss" - result.server = host[1] - if host[2]:find("/%?") then - local query = split(host[2], "/%?") - result.server_port = query[1] - local params = {} - for _, v in pairs(split(query[2], '&')) do - local t = split(v, '=') - params[t[1]] = t[2] - end - if params.plugin then - local plugin_info = UrlDecode(params.plugin) - local idx_pn = plugin_info:find(";") - if idx_pn then - result.plugin = plugin_info:sub(1, idx_pn - 1) - result.plugin_opts = plugin_info:sub(idx_pn + 1, #plugin_info) - else - result.plugin = plugin_info - end - end - else - result.server_port = host[2] - end - result.encrypt_method_ss = method - result.password = password - elseif szType == "ssd" then - result.type = "ss" - result.server = content.server - result.server_port = content.port - result.password = content.password - result.encrypt_method_ss = content.encryption - result.plugin = content.plugin - result.plugin_opts = content.plugin_options - result.alias = "[" .. content.airport .. "] " .. content.remarks - elseif szType == "trojan" then - local idx_sp = 0 - local alias = "" - if content:find("#") then - idx_sp = content:find("#") - alias = content:sub(idx_sp + 1, -1) - end - local info = content:sub(1, idx_sp - 1) - local hostInfo = split(info, "@") - local host = split(hostInfo[2], ":") - local userinfo = hostInfo[1] - local password = userinfo - result.alias = UrlDecode(alias) - result.type = "trojan" - result.server = host[1] - -- 按照官方的建议 默认验证ssl证书 - result.insecure = "0" - result.tls = "1" - if host[2]:find("?") then - local query = split(host[2], "?") - result.server_port = query[1] - local params = {} - for _, v in pairs(split(query[2], '&')) do - local t = split(v, '=') - params[t[1]] = t[2] - end - - if params.peer then - -- 未指定peer(sni)默认使用remote addr - result.tls_host = params.peer - end - - if params.allowInsecure == "1" then - result.insecure = "1" - else - result.insecure = "0" - end - else - result.server_port = host[2] - end - result.password = password - end - if not result.alias then - result.alias = result.server .. ':' .. result.server_port - end - -- alias 不参与 hashkey 计算 - local alias = result.alias - result.alias = nil - local switch_enable = result.switch_enable - result.switch_enable = nil - result.hashkey = md5(jsonStringify(result)) - result.alias = alias - result.switch_enable = switch_enable - return result -end --- wget -local function wget(url) - local stdout = luci.sys.exec('wget-ssl -q --user-agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36" --no-check-certificate -t 3 -T 10 -O- "' .. url .. '"') - return trim(stdout) -end - -local function check_filer(result) - do - local filter_word = split(filter_words, "/") - for i, v in pairs(filter_word) do - if result.alias:find(v) then - log('订阅节点关键字过滤:“' .. v ..'” ,该节点被丢弃') - return true - end - end - end -end - -local execute = function() - -- exec - do - if proxy == '0' then -- 不使用代理更新的话先暂停 - log('服务正在暂停') - luci.sys.init.stop(name) - end - for k, url in ipairs(subscribe_url) do - local raw = wget(url) - if #raw > 0 then - local nodes, szType - local groupHash = md5(url) - cache[groupHash] = {} - tinsert(nodeResult, {}) - local index = #nodeResult - -- SSD 似乎是这种格式 ssd:// 开头的 - if raw:find('ssd://') then - szType = 'ssd' - local nEnd = select(2, raw:find('ssd://')) - nodes = base64Decode(raw:sub(nEnd + 1, #raw)) - nodes = jsonParse(nodes) - local extra = { - airport = nodes.airport, - port = nodes.port, - encryption = nodes.encryption, - password = nodes.password - } - local servers = {} - -- SS里面包着 干脆直接这样 - for _, server in ipairs(nodes.servers) do - tinsert(servers, setmetatable(server, { __index = extra })) - end - nodes = servers - else - -- ssd 外的格式 - nodes = split(base64Decode(raw):gsub(" ", "\n"), "\n") - end - for _, v in ipairs(nodes) do - if v then - local result - if szType == 'ssd' then - result = processData(szType, v) - elseif not szType then - local node = trim(v) - local dat = split(node, "://") - if dat and dat[1] and dat[2] then - if dat[1] == 'ss' or dat[1] == 'trojan' then - result = processData(dat[1], dat[2]) - else - result = processData(dat[1], base64Decode(dat[2])) - end - end - else - log('跳过未知类型: ' .. szType) - end - -- log(result) - if result then - if - not result.server or - check_filer(result) or - result.server:match("[^0-9a-zA-Z%-%.%s]") -- 中文做地址的 也没有人拿中文域名搞,就算中文域也有Puny Code SB 机场 - then - log('丢弃无效节点: ' .. result.type ..' 节点, ' .. result.alias) - else - log('成功解析: ' .. result.type ..' 节点, ' .. result.alias) - result.grouphashkey = groupHash - tinsert(nodeResult[index], result) - cache[groupHash][result.hashkey] = nodeResult[index][#nodeResult[index]] - end - end - end - end - log('成功解析节点数量: ' ..#nodes) - else - log(url .. ': 获取内容为空') - end - end - end - -- diff - do - if next(nodeResult) == nil then - log("更新失败,没有可用的节点信息") - return - end - local add, del = 0, 0 - ucic:foreach(name, uciType, function(old) - if old.grouphashkey or old.hashkey then -- 没有 hash 的不参与删除 - if not nodeResult[old.grouphashkey] or not nodeResult[old.grouphashkey][old.hashkey] then - ucic:delete(name, old['.name']) - del = del + 1 - else - local dat = nodeResult[old.grouphashkey][old.hashkey] - ucic:tset(name, old['.name'], dat) - -- 标记一下 - setmetatable(nodeResult[old.grouphashkey][old.hashkey], { __index = { _ignore = true } }) - end - else - if not old.alias then - old.alias = old.server .. ':' .. old.server_port - end - log('忽略手动添加的节点: ' .. old.alias) - end - - end) - for k, v in ipairs(nodeResult) do - for kk, vv in ipairs(v) do - if not vv._ignore then - local section = ucic:add(name, uciType) - ucic:tset(name, section, vv) - ucic:set(name, section, "switch_enable", switch) - add = add + 1 - end - end - end - ucic:commit(name) - -- 如果原有服务器节点已经不见了就尝试换为第一个节点 - local globalServer = ucic:get_first(name, 'global', 'global_server', '') - local firstServer = ucic:get_first(name, uciType) - if firstServer then - if not ucic:get(name, globalServer) then - luci.sys.call("/etc/init.d/" .. name .. " stop > /dev/null 2>&1 &") - ucic:commit(name) - ucic:set(name, ucic:get_first(name, 'global'), 'global_server', ucic:get_first(name, uciType)) - ucic:commit(name) - log('当前主服务器节点已被删除,正在自动更换为第一个节点。') - luci.sys.call("/etc/init.d/" .. name .. " start > /dev/null 2>&1 &") - else - log('维持当前主服务器节点。') - luci.sys.call("/etc/init.d/" .. name .." restart > /dev/null 2>&1 &") - end - else - log('没有服务器节点了,停止服务') - luci.sys.call("/etc/init.d/" .. name .. " stop > /dev/null 2>&1 &") - end - log('新增节点数量: ' ..add, '删除节点数量: ' .. del) - log('订阅更新成功') - end -end - -if subscribe_url and #subscribe_url > 0 then - xpcall(execute, function(e) - log(e) - log(debug.traceback()) - log('发生错误, 正在恢复服务') - local firstServer = ucic:get_first(name, uciType) - if firstServer then - luci.sys.call("/etc/init.d/" .. name .." restart > /dev/null 2>&1 &") -- 不加&的话日志会出现的更早 - log('重启服务成功') - else - luci.sys.call("/etc/init.d/" .. name .." stop > /dev/null 2>&1 &") -- 不加&的话日志会出现的更早 - log('停止服务成功') - end - end) -end diff --git a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua b/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua deleted file mode 100644 index 17341bd8..00000000 --- a/package/lean/luci-app-ssr-plus/root/usr/share/shadowsocksr/update.lua +++ /dev/null @@ -1,125 +0,0 @@ -#!/usr/bin/lua ------------------------------------------------- --- This file is part of the luci-app-ssr-plus update.lua --- By Mattraks ------------------------------------------------- -require 'nixio' -require 'luci.util' -require 'luci.jsonc' -require 'luci.sys' -local icount = 0 -local uci = luci.model.uci.cursor() - -local log = function(...) - print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({ ... }, " ")) -end - -log('正在更新【GFW列表】数据库') -refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'gfwlist_url', 'https://cdn.jsdelivr.net/gh/gfwlist/gfwlist/gfwlist.txt') .. " > /tmp/gfw.b64" -sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") -if sret == 0 then - luci.sys.call("/usr/bin/ssr-gfw") - icount = luci.sys.exec("cat /tmp/gfwnew.txt | wc -l") - if tonumber(icount) > 1000 then - if nixio.fs.access("/etc/dnsmasq.ssr/gfw_list.conf") then - oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/gfw_list.conf | wc -l") - else - oldcount = "0" - end - if tonumber(icount) ~= tonumber(oldcount) then - luci.sys.exec("cp -f /tmp/gfwnew.txt /etc/dnsmasq.ssr/gfw_list.conf") - luci.sys.exec("cp -f /tmp/gfwnew.txt /tmp/dnsmasq.ssr/gfw_list.conf") - log('更新成功! 新的总纪录数:' .. tostring(tonumber(icount)/2)) - else - log('你已经是最新数据,无需更新!') - end - else - log('更新失败!') - end - luci.sys.exec("rm -f /tmp/gfwnew.txt") -else - log('更新失败!') -end - -log('正在更新【国内IP段】数据库') -refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'chnroute_url','https://ispip.clang.cn/all_cn.txt') .. " > /tmp/china_ssr.txt" -sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") -icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l") -if sret == 0 then - icount = luci.sys.exec("cat /tmp/china_ssr.txt | wc -l") - if tonumber(icount) > 1000 then - if nixio.fs.access("/etc/china_ssr.txt") then - oldcount = luci.sys.exec("cat /etc/china_ssr.txt | wc -l") - else - oldcount = "0" - end - if tonumber(icount) ~= tonumber(oldcount) then - luci.sys.exec("cp -f /tmp/china_ssr.txt /etc/china_ssr.txt") - log('更新成功! 新的总纪录数:' .. tostring(tonumber(icount))) - else - log('你已经是最新数据,无需更新!') - end - else - log('更新失败!') - end - luci.sys.exec("rm -f /tmp/china_ssr.txt") -else - log('更新失败!') -end - -if uci:get_first('shadowsocksr', 'global', 'adblock','0') == "1" then - log('正在更新【广告屏蔽】数据库') - refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'adblock_url','https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt') .. " > /tmp/adnew.conf" - sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") - if sret == 0 then - luci.sys.call("/usr/bin/ssr-ad") - icount = luci.sys.exec("cat /tmp/ad.conf | wc -l") - if tonumber(icount) > 100 then - if nixio.fs.access("/etc/dnsmasq.ssr/ad.conf") then - oldcount = luci.sys.exec("cat /etc/dnsmasq.ssr/ad.conf | wc -l") - else - oldcount = "0" - end - if tonumber(icount) ~= tonumber(oldcount) then - luci.sys.exec("cp -f /tmp/ad.conf /etc/dnsmasq.ssr/ad.conf") - luci.sys.exec("cp -f /tmp/ad.conf /tmp/dnsmasq.ssr/ad.conf") - log('更新成功! 新的总纪录数:' .. tostring(tonumber(icount))) - else - log('你已经是最新数据,无需更新!') - end - else - log('更新失败!') - end - luci.sys.exec("rm -f /tmp/ad.conf") - else - log('更新失败!') - end -end - ---[[ -log('正在更新【Netflix IP段】数据库') -refresh_cmd = "wget-ssl --no-check-certificate -O- " .. uci:get_first('shadowsocksr', 'global', 'nfip_url','https://raw.githubusercontent.com/QiuSimons/Netflix_IP/master/NF_only.txt') .. " > /tmp/netflixip.list" -sret = luci.sys.call(refresh_cmd .. " 2>/dev/null") -if sret == 0 then - luci.sys.call("/usr/bin/ssr-gfw") - icount = luci.sys.exec("cat /tmp/netflixip.list | wc -l") - if tonumber(icount) > 5 then - if nixio.fs.access("/etc/config/netflixip.list") then - oldcount = luci.sys.exec("cat /etc/config/netflixip.list | wc -l") - else - oldcount = "0" - end - if tonumber(icount) ~= tonumber(oldcount) then - luci.sys.exec("cp -f /tmp/netflixip.list /etc/config/netflixip.list") - log('更新成功! 新的总纪录数:' .. tostring(tonumber(icount))) - else - log('你已经是最新数据,无需更新!') - end - else - log('更新失败!') - end - luci.sys.exec("rm -f /tmp/netflixip.list") -else - log('更新失败!') -end ---]] diff --git a/package/lean/microsocks/Makefile b/package/lean/microsocks/Makefile deleted file mode 100644 index 3153b792..00000000 --- a/package/lean/microsocks/Makefile +++ /dev/null @@ -1,38 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=microsocks -PKG_VERSION=1.0 -PKG_RELEASE:=1 - -PKG_MAINTAINER:=lean -PKG_LICENSE:=MIT -PKG_LICENSE_FILES:=LICENSE - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/rofl0r/microsocks.git -PKG_SOURCE_VERSION:=be545814aeca1158ae38e2d6c66b1197679dab63 - -PKG_SOURCE_SUBDIR:=$(PKG_NAME) -PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).$(PKG_RELEASE).tar.gz -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_SUBDIR) -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/microsocks - SECTION:=net - CATEGORY:=Network - TITLE:=microsocks for OpenWRT - DEPENDS:= -endef - -define Package/microsocks/description - microsocks is a Tiny Proxy in C. -endef - -define Package/microsocks/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/microsocks $(1)/usr/bin/microsocks -endef - -$(eval $(call BuildPackage,microsocks)) diff --git a/package/lean/pdnsd-alt/Makefile b/package/lean/pdnsd-alt/Makefile deleted file mode 100644 index 1d69a96a..00000000 --- a/package/lean/pdnsd-alt/Makefile +++ /dev/null @@ -1,55 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=pdnsd -PKG_VERSION:=1.2.9b-par -PKG_RELEASE=$(PKG_SOURCE_VERSION) - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/shadowsocks/pdnsd.git -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=a8e46ccba7b0fa2230d6c42ab6dcd92926f6c21d -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz -# PKG_MIRROR_MD5SUM:= -# CMAKE_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/pdnsd-alt - SECTION:=net - CATEGORY:=Network - SUBMENU:=Web Servers/Proxies - DEPENDS:=+libpthread - TITLE:=Proxy DNS Server -endef - -define Package/pdnsd-alt/description - pdnsd, is an IPv6 capable proxy DNS server with permanent caching (the cache - contents are written to hard disk on exit) that is designed to cope with - unreachable or down DNS servers (for example in dial-in networking). - - pdnsd can be used with applications that do dns lookups, eg on startup, and - can't be configured to change that behaviour, to prevent the often - minute-long hangs (or even crashes) that result from stalled dns queries. -endef - -TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include -#TARGET_CFLAGS += -ggdb3 - -CMAKE_OPTIONS += -DDEBUG=1 - -CONFIGURE_ARGS += \ - --with-cachedir=/var/pdnsd \ - --with-target=Linux - -define Package/pdnsd-alt/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/pdnsd $(1)/usr/sbin/ - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/pdnsd-ctl/pdnsd-ctl $(1)/usr/bin/ - #$(INSTALL_DIR) $(1)/etc/init.d - #$(INSTALL_BIN) ./files/pdnsd.init $(1)/etc/init.d/pdnsd - $(INSTALL_DIR) $(1)/etc - $(INSTALL_CONF) $(PKG_BUILD_DIR)/doc/pdnsd.conf $(1)/etc/ -endef - -$(eval $(call BuildPackage,pdnsd-alt)) diff --git a/package/lean/pdnsd-alt/files/pdnsd.init b/package/lean/pdnsd-alt/files/pdnsd.init deleted file mode 100644 index e678d8d6..00000000 --- a/package/lean/pdnsd-alt/files/pdnsd.init +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=65 -NAME=pdnsd -DESC="proxy DNS server" - -DAEMON=/usr/sbin/pdnsd -PID_FILE=/var/run/$NAME.pid -CACHEDIR=/var/pdnsd -CACHE=$CACHEDIR/pdnsd.cache - -USER=nobody -GROUP=nogroup - -start() { - echo -n "Starting $DESC: $NAME" - - gen_cache - - $DAEMON --daemon -p $PID_FILE - echo " ." -} - -stop() { - echo -n "Stopping $DESC: $NAME" - kill `cat $PID_FILE` > /dev/null 2>&1 - rm -rf $PID_FILE - echo " ." -} - -restart() { - echo "Restarting $DESC: $NAME... " - stop - sleep 2 - start -} - -gen_cache() -{ - if ! test -f "$CACHE"; then - mkdir -p `dirname $CACHE` - dd if=/dev/zero of="$CACHE" bs=1 count=4 2> /dev/null - chown -R $USER.$GROUP $CACHEDIR - fi -} - diff --git a/package/lean/pdnsd-alt/patches/01-musl-compat.patch b/package/lean/pdnsd-alt/patches/01-musl-compat.patch deleted file mode 100644 index c83332bc..00000000 --- a/package/lean/pdnsd-alt/patches/01-musl-compat.patch +++ /dev/null @@ -1,37 +0,0 @@ ---- a/src/main.c -+++ b/src/main.c -@@ -219,6 +219,16 @@ static int check_ipv6() - */ - int main(int argc,char *argv[]) - { -+#if DEBUG>0 -+ { -+ int err; -+ /* Generate a key for storing our thread id's */ -+ if ((err=pthread_key_create(&thrid_key, NULL)) != 0) { -+ log_error("pthread_key_create failed: %s",strerror(err)); -+ _exit(1); -+ } -+ } -+#endif - int i,sig,pfd=-1; /* Initialized to inhibit compiler warning */ - - main_thrid=pthread_self(); -@@ -626,17 +636,6 @@ int main(int argc,char *argv[]) - pthread_sigmask(SIG_BLOCK,&sigs_msk,NULL); - #endif - --#if DEBUG>0 -- { -- int err; -- /* Generate a key for storing our thread id's */ -- if ((err=pthread_key_create(&thrid_key, NULL)) != 0) { -- log_error("pthread_key_create failed: %s",strerror(err)); -- _exit(1); -- } -- } --#endif -- - { - #if DEBUG>0 - int thrdsucc=1; diff --git a/package/lean/proxychains-ng/Makefile b/package/lean/proxychains-ng/Makefile deleted file mode 100644 index 4aab37aa..00000000 --- a/package/lean/proxychains-ng/Makefile +++ /dev/null @@ -1,66 +0,0 @@ -# -# Copyright (C) 2019 Daniel Bermond -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=proxychains-ng -PKG_VERSION:=4.14 -PKG_RELEASE:=2 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/rofl0r/proxychains-ng.git -PKG_SOURCE_VERSION:=b8fa2a7405e4e4ddeb35e9f6cf298944680fc52f - -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE:=$(PKG_SOURCE_SUBDIR)-$(PKG_VERSION).tar.gz -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_SUBDIR) -PKG_BUILD_PARALLEL:=1 -PKG_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/proxychains-ng - SECTION:=net - CATEGORY:=Network - TITLE:=Redirect TCP traffic to a HTTP or SOCKS proxy - URL:=https://github.com/rofl0r/proxychains/ -endef - -define Package/proxychains-ng/description - A hook preloader that allows to redirect TCP traffic of - existing dynamically linked programs through one or more - SOCKS or HTTP proxies. -endef - -define Build/Compile - $(call Build/Compile/Default,all) -endef - -define Build/Install - $(call Build/Install/Default,install install-config) -endef - -define Package/proxychains-ng/conffiles -/etc/proxychains.conf -endef - -define Package/proxychains-ng/install - # binary executable - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/proxychains4 $(1)/usr/bin/ - $(LN) proxychains4 $(1)/usr/bin/proxychains - - # library - $(INSTALL_DIR) $(1)/usr/lib - $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libproxychains4.so $(1)/usr/lib/ - - # config - $(INSTALL_DIR) $(1)/etc - $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/proxychains.conf $(1)/etc/ -endef - -$(eval $(call BuildPackage,proxychains-ng)) diff --git a/package/lean/redsocks2/Makefile b/package/lean/redsocks2/Makefile deleted file mode 100644 index ed9899b0..00000000 --- a/package/lean/redsocks2/Makefile +++ /dev/null @@ -1,52 +0,0 @@ -# -# Copyright (C) 2014 OpenWrt-dist -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - - -PKG_NAME:=redsocks2 -PKG_VERSION:=0.67 -PKG_RELEASE:=3 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/semigodking/redsocks.git -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=2b8fe69e4faba9b256808bc664d4c9daedd76f70 -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz -PKG_MAINTAINER:=semigodking -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) - -include $(INCLUDE_DIR)/package.mk - -define Package/redsocks2 - SECTION:=net - CATEGORY:=Network - TITLE:=Redirect any TCP connection to a SOCKS or HTTPS proxy server - URL:=https://github.com/semigodking/redsocks - DEPENDS:=+libevent2 +libopenssl -endef - -define Package/redsocks2/description -This is a modified version of original redsocks. \ -The name is changed to be REDSOCKS2 since this release to distinguish with original redsocks. \ -This variant is useful for anti-GFW (Great Fire Wall). -endef - -define Package/redsocks2/conffiles -/etc/config/redsocks2 -endef - -define Build/Compile - $(call Build/Compile/Default,DISABLE_SHADOWSOCKS=true) -endef - -define Package/redsocks2/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/redsocks2 $(1)/usr/sbin -endef - -$(eval $(call BuildPackage,redsocks2)) diff --git a/package/lean/shadowsocksr-libev/Makefile b/package/lean/shadowsocksr-libev/Makefile deleted file mode 100644 index 88564799..00000000 --- a/package/lean/shadowsocksr-libev/Makefile +++ /dev/null @@ -1,69 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=shadowsocksr-libev -PKG_VERSION:=2.5.6 -PKG_RELEASE:=5 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/shadowsocksrr/shadowsocksr-libev -PKG_SOURCE_VERSION:=d63ff863800a5645aca4309d5dd5962bd1e95543 -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION) -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz - -PKG_LICENSE:=GPLv3 -PKG_LICENSE_FILES:=LICENSE - -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION) - -PKG_INSTALL:=1 -PKG_FIXUP:=autoreconf -PKG_USE_MIPS16:=0 -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/shadowsocksr-libev - SECTION:=net - CATEGORY:=Network - SUBMENU:=Web Servers/Proxies - TITLE:=Lightweight Secured Socks5 Proxy - URL:=https://github.com/shadowsocksrr/shadowsocksr-libev - DEPENDS:=+libopenssl +libpthread +libpcre +zlib -endef - -Package/shadowsocksr-libev-server = $(Package/shadowsocksr-libev) -Package/shadowsocksr-libev-alt = $(Package/shadowsocksr-libev) -Package/shadowsocksr-libev-ssr-local = $(Package/shadowsocksr-libev) - -CONFIGURE_ARGS += --disable-documentation --disable-ssp --disable-assert - -define Package/shadowsocksr-libev/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local - $(LN) ssr-local $(1)/usr/bin/ssr-tunnel - $(INSTALL_BIN) $(PKG_BUILD_DIR)/server/ss-check $(1)/usr/bin/ssr-check - $(INSTALL_BIN) $(PKG_BUILD_DIR)/server/ss-server $(1)/usr/bin/ssr-server -endef - -define Package/shadowsocksr-libev-alt/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir - $(INSTALL_BIN) $(PKG_BUILD_DIR)/server/ss-check $(1)/usr/bin/ssr-check -endef - -define Package/shadowsocksr-libev-server/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/server/ss-server $(1)/usr/bin/ssr-server -endef - -define Package/shadowsocksr-libev-ssr-local/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local - $(LN) ssr-local $(1)/usr/bin/ssr-tunnel -endef - -$(eval $(call BuildPackage,shadowsocksr-libev)) -$(eval $(call BuildPackage,shadowsocksr-libev-alt)) -$(eval $(call BuildPackage,shadowsocksr-libev-server)) -$(eval $(call BuildPackage,shadowsocksr-libev-ssr-local)) diff --git a/package/lean/shadowsocksr-libev/patches/0001-Add-ss-server-and-ss-check.patch b/package/lean/shadowsocksr-libev/patches/0001-Add-ss-server-and-ss-check.patch deleted file mode 100644 index 50a4e6a9..00000000 --- a/package/lean/shadowsocksr-libev/patches/0001-Add-ss-server-and-ss-check.patch +++ /dev/null @@ -1,17186 +0,0 @@ -diff --git a/.gitignore b/.gitignore -index 4eab18e..64b8d9f 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -2,6 +2,7 @@ build/ - .deps/ - /Makefile - src/Makefile -+server/Makefile - libev/Makefile - libudns/Makefile - libcork/Makefile -diff --git a/Makefile.am b/Makefile.am -index 690af43..75e158e 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -1,7 +1,7 @@ - if USE_SYSTEM_SHARED_LIB --SUBDIRS = libcork libipset src -+SUBDIRS = libcork libipset src server - else --SUBDIRS = libsodium libcork libipset libudns libev src -+SUBDIRS = libsodium libcork libipset libudns libev src server - endif - - if ENABLE_DOCUMENTATION -diff --git a/Makefile.in b/Makefile.in -index 4cb3deb..e210bc0 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -195,7 +195,7 @@ am__define_uniq_tagged_files = \ - ETAGS = etags - CTAGS = ctags - CSCOPE = cscope --DIST_SUBDIRS = libsodium libcork libipset libudns libev src doc -+DIST_SUBDIRS = libsodium libcork libipset libudns libev src server doc - am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \ - $(srcdir)/shadowsocks-libev.pc.in $(top_srcdir)/auto/ar-lib \ - $(top_srcdir)/auto/compile $(top_srcdir)/auto/config.guess \ -@@ -377,8 +377,9 @@ top_build_prefix = @top_build_prefix@ - top_builddir = @top_builddir@ - top_srcdir = @top_srcdir@ - @USE_SYSTEM_SHARED_LIB_FALSE@SUBDIRS = libsodium libcork libipset \ --@USE_SYSTEM_SHARED_LIB_FALSE@ libudns libev src $(am__append_1) --@USE_SYSTEM_SHARED_LIB_TRUE@SUBDIRS = libcork libipset src \ -+@USE_SYSTEM_SHARED_LIB_FALSE@ libudns libev src server \ -+@USE_SYSTEM_SHARED_LIB_FALSE@ $(am__append_1) -+@USE_SYSTEM_SHARED_LIB_TRUE@SUBDIRS = libcork libipset src server \ - @USE_SYSTEM_SHARED_LIB_TRUE@ $(am__append_1) - ACLOCAL_AMFLAGS = -I m4 - pkgconfiglibdir = $(libdir)/pkgconfig -diff --git a/configure b/configure -index 7d854c4..01d66ab 100755 ---- a/configure -+++ b/configure -@@ -649,7 +649,6 @@ PTHREAD_CC - ax_pthread_config - INET_NTOP_LIB - MV --RM - GZIP - XMLTO - ASCIIDOC -@@ -757,6 +756,7 @@ infodir - docdir - oldincludedir - includedir -+runstatedir - localstatedir - sharedstatedir - sysconfdir -@@ -857,6 +857,7 @@ datadir='${datarootdir}' - sysconfdir='${prefix}/etc' - sharedstatedir='${prefix}/com' - localstatedir='${prefix}/var' -+runstatedir='${localstatedir}/run' - includedir='${prefix}/include' - oldincludedir='/usr/include' - docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' -@@ -1109,6 +1110,15 @@ do - | -silent | --silent | --silen | --sile | --sil) - silent=yes ;; - -+ -runstatedir | --runstatedir | --runstatedi | --runstated \ -+ | --runstate | --runstat | --runsta | --runst | --runs \ -+ | --run | --ru | --r) -+ ac_prev=runstatedir ;; -+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ -+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ -+ | --run=* | --ru=* | --r=*) -+ runstatedir=$ac_optarg ;; -+ - -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) - ac_prev=sbindir ;; - -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ -@@ -1246,7 +1256,7 @@ fi - for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ - datadir sysconfdir sharedstatedir localstatedir includedir \ - oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ -- libdir localedir mandir -+ libdir localedir mandir runstatedir - do - eval ac_val=\$$ac_var - # Remove trailing slashes. -@@ -1399,6 +1409,7 @@ Fine tuning of the installation directories: - --sysconfdir=DIR read-only single-machine data [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] - --localstatedir=DIR modifiable single-machine data [PREFIX/var] -+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] - --libdir=DIR object code libraries [EPREFIX/lib] - --includedir=DIR C header files [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc [/usr/include] -@@ -2472,8 +2483,8 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - - --# expand $ac_aux_dir to an absolute path --am_aux_dir=`cd $ac_aux_dir && pwd` -+# Expand $ac_aux_dir to an absolute path. -+am_aux_dir=`cd "$ac_aux_dir" && pwd` - - ac_ext=c - ac_cpp='$CPP $CPPFLAGS' -@@ -3783,7 +3794,7 @@ $as_echo "$ac_cv_safe_to_define___extensions__" >&6; } - - - --am__api_version='1.14' -+am__api_version='1.15' - - # Find a good install program. We prefer a C program (faster), - # so one script is as good as another. But avoid the broken or -@@ -3972,7 +3983,7 @@ else - $as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;} - fi - --if test x"${install_sh}" != xset; then -+if test x"${install_sh+set}" != xset; then - case $am_aux_dir in - *\ * | *\ *) - install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; -@@ -4363,8 +4374,8 @@ MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} - # - mkdir_p='$(MKDIR_P)' - --# We need awk for the "check" target. The system "awk" is bad on --# some platforms. -+# We need awk for the "check" target (and possibly the TAP driver). The -+# system "awk" is bad on some platforms. - # Always define AMTAR for backward compatibility. Yes, it's still used - # in the wild :-( We should find a proper way to deprecate it ... - AMTAR='$${TAR-tar}' -@@ -4549,6 +4560,7 @@ END - as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5 - fi - fi -+ - if test -n "$ac_tool_prefix"; then - for ac_prog in ar lib "link -lib" - do -@@ -12494,47 +12506,6 @@ $as_echo "no" >&6; } - fi - - -- # Extract the first word of "rm", so it can be a program name with args. --set dummy rm; ac_word=$2 --{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 --$as_echo_n "checking for $ac_word... " >&6; } --if ${ac_cv_path_RM+:} false; then : -- $as_echo_n "(cached) " >&6 --else -- case $RM in -- [\\/]* | ?:[\\/]*) -- ac_cv_path_RM="$RM" # Let the user override the test with a path. -- ;; -- *) -- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR --for as_dir in $PATH --do -- IFS=$as_save_IFS -- test -z "$as_dir" && as_dir=. -- for ac_exec_ext in '' $ac_executable_extensions; do -- if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then -- ac_cv_path_RM="$as_dir/$ac_word$ac_exec_ext" -- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 -- break 2 -- fi --done -- done --IFS=$as_save_IFS -- -- test -z "$ac_cv_path_RM" && ac_cv_path_RM="rm" -- ;; --esac --fi --RM=$ac_cv_path_RM --if test -n "$RM"; then -- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RM" >&5 --$as_echo "$RM" >&6; } --else -- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 --$as_echo "no" >&6; } --fi -- -- - # Extract the first word of "mv", so it can be a program name with args. - set dummy mv; ac_word=$2 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -@@ -16204,15 +16175,162 @@ $as_echo "#define HAVE_IPv6 1" >>confdefs.h - - - if test -z "$USE_SYSTEM_SHARED_LIB_TRUE"; then : -- else -+ -+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sodium_init in -lsodium" >&5 -+$as_echo_n "checking for sodium_init in -lsodium... " >&6; } -+if ${ac_cv_lib_sodium_sodium_init+:} false; then : -+ $as_echo_n "(cached) " >&6 -+else -+ ac_check_lib_save_LIBS=$LIBS -+LIBS="-lsodium $LIBS" -+cat confdefs.h - <<_ACEOF >conftest.$ac_ext -+/* end confdefs.h. */ -+ -+/* Override any GCC internal prototype to avoid an error. -+ Use char because int might match the return type of a GCC -+ builtin and then its argument prototype would still apply. */ -+#ifdef __cplusplus -+extern "C" -+#endif -+char sodium_init (); -+int -+main () -+{ -+return sodium_init (); -+ ; -+ return 0; -+} -+_ACEOF -+if ac_fn_c_try_link "$LINENO"; then : -+ ac_cv_lib_sodium_sodium_init=yes -+else -+ ac_cv_lib_sodium_sodium_init=no -+fi -+rm -f core conftest.err conftest.$ac_objext \ -+ conftest$ac_exeext conftest.$ac_ext -+LIBS=$ac_check_lib_save_LIBS -+fi -+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_sodium_sodium_init" >&5 -+$as_echo "$ac_cv_lib_sodium_sodium_init" >&6; } -+if test "x$ac_cv_lib_sodium_sodium_init" = xyes; then : -+ cat >>confdefs.h <<_ACEOF -+#define HAVE_LIBSODIUM 1 -+_ACEOF -+ -+ LIBS="-lsodium $LIBS" -+ -+else -+ -+ as_fn_error $? "Couldn't find libsodium. Try installing libsodium-dev[el]." "$LINENO" 5 -+ -+fi -+ -+ -+else - subdirs="$subdirs libsodium" - - fi - --ac_config_files="$ac_config_files shadowsocks-libev.pc Makefile libcork/Makefile libipset/Makefile src/Makefile" -+ac_config_files="$ac_config_files shadowsocks-libev.pc Makefile libcork/Makefile libipset/Makefile src/Makefile server/Makefile" - - if test -z "$USE_SYSTEM_SHARED_LIB_TRUE"; then : -- else -+ -+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dns_dnlen in -ludns" >&5 -+$as_echo_n "checking for dns_dnlen in -ludns... " >&6; } -+if ${ac_cv_lib_udns_dns_dnlen+:} false; then : -+ $as_echo_n "(cached) " >&6 -+else -+ ac_check_lib_save_LIBS=$LIBS -+LIBS="-ludns $LIBS" -+cat confdefs.h - <<_ACEOF >conftest.$ac_ext -+/* end confdefs.h. */ -+ -+/* Override any GCC internal prototype to avoid an error. -+ Use char because int might match the return type of a GCC -+ builtin and then its argument prototype would still apply. */ -+#ifdef __cplusplus -+extern "C" -+#endif -+char dns_dnlen (); -+int -+main () -+{ -+return dns_dnlen (); -+ ; -+ return 0; -+} -+_ACEOF -+if ac_fn_c_try_link "$LINENO"; then : -+ ac_cv_lib_udns_dns_dnlen=yes -+else -+ ac_cv_lib_udns_dns_dnlen=no -+fi -+rm -f core conftest.err conftest.$ac_objext \ -+ conftest$ac_exeext conftest.$ac_ext -+LIBS=$ac_check_lib_save_LIBS -+fi -+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_udns_dns_dnlen" >&5 -+$as_echo "$ac_cv_lib_udns_dns_dnlen" >&6; } -+if test "x$ac_cv_lib_udns_dns_dnlen" = xyes; then : -+ cat >>confdefs.h <<_ACEOF -+#define HAVE_LIBUDNS 1 -+_ACEOF -+ -+ LIBS="-ludns $LIBS" -+ -+else -+ as_fn_error $? "Couldn't find libudns. Try installing libudns-dev or udns-devel." "$LINENO" 5 -+fi -+ -+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ev_loop_destroy in -lev" >&5 -+$as_echo_n "checking for ev_loop_destroy in -lev... " >&6; } -+if ${ac_cv_lib_ev_ev_loop_destroy+:} false; then : -+ $as_echo_n "(cached) " >&6 -+else -+ ac_check_lib_save_LIBS=$LIBS -+LIBS="-lev $LIBS" -+cat confdefs.h - <<_ACEOF >conftest.$ac_ext -+/* end confdefs.h. */ -+ -+/* Override any GCC internal prototype to avoid an error. -+ Use char because int might match the return type of a GCC -+ builtin and then its argument prototype would still apply. */ -+#ifdef __cplusplus -+extern "C" -+#endif -+char ev_loop_destroy (); -+int -+main () -+{ -+return ev_loop_destroy (); -+ ; -+ return 0; -+} -+_ACEOF -+if ac_fn_c_try_link "$LINENO"; then : -+ ac_cv_lib_ev_ev_loop_destroy=yes -+else -+ ac_cv_lib_ev_ev_loop_destroy=no -+fi -+rm -f core conftest.err conftest.$ac_objext \ -+ conftest$ac_exeext conftest.$ac_ext -+LIBS=$ac_check_lib_save_LIBS -+fi -+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ev_ev_loop_destroy" >&5 -+$as_echo "$ac_cv_lib_ev_ev_loop_destroy" >&6; } -+if test "x$ac_cv_lib_ev_ev_loop_destroy" = xyes; then : -+ cat >>confdefs.h <<_ACEOF -+#define HAVE_LIBEV 1 -+_ACEOF -+ -+ LIBS="-lev $LIBS" -+ -+else -+ as_fn_error $? "Couldn't find libev. Try installing libev-dev[el]." "$LINENO" 5 -+fi -+ -+ -+else - ac_config_files="$ac_config_files libudns/Makefile libev/Makefile" - - fi -@@ -17258,6 +17376,7 @@ do - "libcork/Makefile") CONFIG_FILES="$CONFIG_FILES libcork/Makefile" ;; - "libipset/Makefile") CONFIG_FILES="$CONFIG_FILES libipset/Makefile" ;; - "src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;; -+ "server/Makefile") CONFIG_FILES="$CONFIG_FILES server/Makefile" ;; - "libudns/Makefile") CONFIG_FILES="$CONFIG_FILES libudns/Makefile" ;; - "libev/Makefile") CONFIG_FILES="$CONFIG_FILES libev/Makefile" ;; - "doc/Makefile") CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;; -@@ -17958,8 +18077,8 @@ $as_echo X"$file" | - fi - - cfgfile="${ofile}T" -- trap "$RM -f \"$cfgfile\"; exit 1" 1 2 15 -- $RM -f "$cfgfile" -+ trap "$RM \"$cfgfile\"; exit 1" 1 2 15 -+ $RM "$cfgfile" - - cat <<_LT_EOF >> "$cfgfile" - #! $SHELL -diff --git a/configure.ac b/configure.ac -index 6586f2b..f9c51ab 100755 ---- a/configure.ac -+++ b/configure.ac -@@ -315,7 +315,8 @@ AC_CONFIG_FILES([ shadowsocks-libev.pc - Makefile - libcork/Makefile - libipset/Makefile -- src/Makefile]) -+ src/Makefile -+ server/Makefile]) - AM_COND_IF([USE_SYSTEM_SHARED_LIB],[ - AC_CHECK_LIB([udns], [dns_dnlen], ,[AC_MSG_ERROR([Couldn't find libudns. Try installing libudns-dev or udns-devel.])]) - AC_CHECK_LIB([ev], [ev_loop_destroy], ,[AC_MSG_ERROR([Couldn't find libev. Try installing libev-dev@<:@el@:>@.])]) -diff --git a/server/Makefile.am b/server/Makefile.am -new file mode 100644 -index 0000000..3ae8bc2 ---- /dev/null -+++ b/server/Makefile.am -@@ -0,0 +1,55 @@ -+VERSION_INFO = 2:0:0 -+ -+AM_CFLAGS = -g -O2 -Wall -Werror -Wno-deprecated-declarations -fno-strict-aliasing -std=gnu99 -D_GNU_SOURCE -+AM_CFLAGS += $(PTHREAD_CFLAGS) -+if !USE_SYSTEM_SHARED_LIB -+AM_CFLAGS += -I$(top_srcdir)/libev -+AM_CFLAGS += -I$(top_srcdir)/libudns -+AM_CFLAGS += -I$(top_srcdir)/libsodium/src/libsodium/include -+endif -+AM_CFLAGS += -I$(top_srcdir)/libipset/include -+AM_CFLAGS += -I$(top_srcdir)/libcork/include -+AM_CFLAGS += $(LIBPCRE_CFLAGS) -+ -+SS_COMMON_LIBS = $(top_builddir)/libipset/libipset.la \ -+ $(top_builddir)/libcork/libcork.la \ -+ $(INET_NTOP_LIB) $(LIBPCRE_LIBS) -+if USE_SYSTEM_SHARED_LIB -+SS_COMMON_LIBS += -lev -lsodium -lm -+else -+SS_COMMON_LIBS += $(top_builddir)/libev/libev.la \ -+ $(top_builddir)/libsodium/src/libsodium/libsodium.la -+endif -+ -+bin_PROGRAMS = ss-server ss-check -+ -+sni_src = http.c \ -+ tls.c \ -+ rule.c -+ -+ss_check_SOURCES = check.c -+ -+ss_server_SOURCES = utils.c \ -+ netutils.c \ -+ jconf.c \ -+ json.c \ -+ encrypt.c \ -+ udprelay.c \ -+ cache.c \ -+ acl.c \ -+ resolv.c \ -+ server.c \ -+ $(sni_src) -+ -+ -+ss_check_LDADD = $(SS_COMMON_LIBS) -+ss_server_LDADD = $(SS_COMMON_LIBS) -+ -+if USE_SYSTEM_SHARED_LIB -+ss_server_LDADD += -ludns -+else -+ss_server_LDADD += $(top_builddir)/libudns/libudns.la -+endif -+ -+ss_check_CFLAGS = $(AM_CFLAGS) -+ss_server_CFLAGS = $(AM_CFLAGS) -DMODULE_REMOTE -diff --git a/server/Makefile.in b/server/Makefile.in -new file mode 100644 -index 0000000..3bfa53e ---- /dev/null -+++ b/server/Makefile.in -@@ -0,0 +1,919 @@ -+# Makefile.in generated by automake 1.15 from Makefile.am. -+# @configure_input@ -+ -+# Copyright (C) 1994-2014 Free Software Foundation, Inc. -+ -+# This Makefile.in is free software; the Free Software Foundation -+# gives unlimited permission to copy and/or distribute it, -+# with or without modifications, as long as this notice is preserved. -+ -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -+# PARTICULAR PURPOSE. -+ -+@SET_MAKE@ -+ -+VPATH = @srcdir@ -+am__is_gnu_make = { \ -+ if test -z '$(MAKELEVEL)'; then \ -+ false; \ -+ elif test -n '$(MAKE_HOST)'; then \ -+ true; \ -+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ -+ true; \ -+ else \ -+ false; \ -+ fi; \ -+} -+am__make_running_with_option = \ -+ case $${target_option-} in \ -+ ?) ;; \ -+ *) echo "am__make_running_with_option: internal error: invalid" \ -+ "target option '$${target_option-}' specified" >&2; \ -+ exit 1;; \ -+ esac; \ -+ has_opt=no; \ -+ sane_makeflags=$$MAKEFLAGS; \ -+ if $(am__is_gnu_make); then \ -+ sane_makeflags=$$MFLAGS; \ -+ else \ -+ case $$MAKEFLAGS in \ -+ *\\[\ \ ]*) \ -+ bs=\\; \ -+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ -+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ -+ esac; \ -+ fi; \ -+ skip_next=no; \ -+ strip_trailopt () \ -+ { \ -+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ -+ }; \ -+ for flg in $$sane_makeflags; do \ -+ test $$skip_next = yes && { skip_next=no; continue; }; \ -+ case $$flg in \ -+ *=*|--*) continue;; \ -+ -*I) strip_trailopt 'I'; skip_next=yes;; \ -+ -*I?*) strip_trailopt 'I';; \ -+ -*O) strip_trailopt 'O'; skip_next=yes;; \ -+ -*O?*) strip_trailopt 'O';; \ -+ -*l) strip_trailopt 'l'; skip_next=yes;; \ -+ -*l?*) strip_trailopt 'l';; \ -+ -[dEDm]) skip_next=yes;; \ -+ -[JT]) skip_next=yes;; \ -+ esac; \ -+ case $$flg in \ -+ *$$target_option*) has_opt=yes; break;; \ -+ esac; \ -+ done; \ -+ test $$has_opt = yes -+am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -+am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -+pkgdatadir = $(datadir)/@PACKAGE@ -+pkgincludedir = $(includedir)/@PACKAGE@ -+pkglibdir = $(libdir)/@PACKAGE@ -+pkglibexecdir = $(libexecdir)/@PACKAGE@ -+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -+install_sh_DATA = $(install_sh) -c -m 644 -+install_sh_PROGRAM = $(install_sh) -c -+install_sh_SCRIPT = $(install_sh) -c -+INSTALL_HEADER = $(INSTALL_DATA) -+transform = $(program_transform_name) -+NORMAL_INSTALL = : -+PRE_INSTALL = : -+POST_INSTALL = : -+NORMAL_UNINSTALL = : -+PRE_UNINSTALL = : -+POST_UNINSTALL = : -+build_triplet = @build@ -+host_triplet = @host@ -+@USE_SYSTEM_SHARED_LIB_FALSE@am__append_1 = -I$(top_srcdir)/libev \ -+@USE_SYSTEM_SHARED_LIB_FALSE@ -I$(top_srcdir)/libudns \ -+@USE_SYSTEM_SHARED_LIB_FALSE@ -I$(top_srcdir)/libsodium/src/libsodium/include -+@USE_SYSTEM_SHARED_LIB_TRUE@am__append_2 = -lev -lsodium -lm -+@USE_SYSTEM_SHARED_LIB_FALSE@am__append_3 = $(top_builddir)/libev/libev.la \ -+@USE_SYSTEM_SHARED_LIB_FALSE@ $(top_builddir)/libsodium/src/libsodium/libsodium.la -+ -+bin_PROGRAMS = ss-server$(EXEEXT) ss-check$(EXEEXT) -+@USE_SYSTEM_SHARED_LIB_TRUE@am__append_4 = -ludns -+@USE_SYSTEM_SHARED_LIB_FALSE@am__append_5 = $(top_builddir)/libudns/libudns.la -+subdir = server -+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -+am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ -+ $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/m4/inet_ntop.m4 \ -+ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ -+ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ -+ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/mbedtls.m4 \ -+ $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/pcre.m4 \ -+ $(top_srcdir)/m4/polarssl.m4 \ -+ $(top_srcdir)/m4/stack-protector.m4 $(top_srcdir)/m4/zlib.m4 \ -+ $(top_srcdir)/libev/libev.m4 $(top_srcdir)/configure.ac -+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ -+ $(ACLOCAL_M4) -+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) -+mkinstalldirs = $(install_sh) -d -+CONFIG_HEADER = $(top_builddir)/config.h -+CONFIG_CLEAN_FILES = -+CONFIG_CLEAN_VPATH_FILES = -+am__installdirs = "$(DESTDIR)$(bindir)" -+PROGRAMS = $(bin_PROGRAMS) -+am_ss_check_OBJECTS = ss_check-check.$(OBJEXT) -+ss_check_OBJECTS = $(am_ss_check_OBJECTS) -+am__DEPENDENCIES_1 = -+am__DEPENDENCIES_2 = $(top_builddir)/libipset/libipset.la \ -+ $(top_builddir)/libcork/libcork.la $(am__DEPENDENCIES_1) \ -+ $(am__DEPENDENCIES_1) $(am__append_3) -+ss_check_DEPENDENCIES = $(am__DEPENDENCIES_2) -+AM_V_lt = $(am__v_lt_@AM_V@) -+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) -+am__v_lt_0 = --silent -+am__v_lt_1 = -+ss_check_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ -+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(ss_check_CFLAGS) \ -+ $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -+am__objects_1 = ss_server-http.$(OBJEXT) ss_server-tls.$(OBJEXT) \ -+ ss_server-rule.$(OBJEXT) -+am_ss_server_OBJECTS = ss_server-utils.$(OBJEXT) \ -+ ss_server-netutils.$(OBJEXT) ss_server-jconf.$(OBJEXT) \ -+ ss_server-json.$(OBJEXT) ss_server-encrypt.$(OBJEXT) \ -+ ss_server-udprelay.$(OBJEXT) ss_server-cache.$(OBJEXT) \ -+ ss_server-acl.$(OBJEXT) ss_server-resolv.$(OBJEXT) \ -+ ss_server-server.$(OBJEXT) $(am__objects_1) -+ss_server_OBJECTS = $(am_ss_server_OBJECTS) -+ss_server_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ -+ $(am__append_5) -+ss_server_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ -+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(ss_server_CFLAGS) \ -+ $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -+AM_V_P = $(am__v_P_@AM_V@) -+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -+am__v_P_0 = false -+am__v_P_1 = : -+AM_V_GEN = $(am__v_GEN_@AM_V@) -+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -+am__v_GEN_0 = @echo " GEN " $@; -+am__v_GEN_1 = -+AM_V_at = $(am__v_at_@AM_V@) -+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -+am__v_at_0 = @ -+am__v_at_1 = -+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) -+depcomp = $(SHELL) $(top_srcdir)/auto/depcomp -+am__depfiles_maybe = depfiles -+am__mv = mv -f -+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ -+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ -+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ -+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ -+ $(AM_CFLAGS) $(CFLAGS) -+AM_V_CC = $(am__v_CC_@AM_V@) -+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -+am__v_CC_0 = @echo " CC " $@; -+am__v_CC_1 = -+CCLD = $(CC) -+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ -+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ -+ $(AM_LDFLAGS) $(LDFLAGS) -o $@ -+AM_V_CCLD = $(am__v_CCLD_@AM_V@) -+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -+am__v_CCLD_0 = @echo " CCLD " $@; -+am__v_CCLD_1 = -+SOURCES = $(ss_check_SOURCES) $(ss_server_SOURCES) -+DIST_SOURCES = $(ss_check_SOURCES) $(ss_server_SOURCES) -+am__can_run_installinfo = \ -+ case $$AM_UPDATE_INFO_DIR in \ -+ n|no|NO) false;; \ -+ *) (install-info --version) >/dev/null 2>&1;; \ -+ esac -+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -+# Read a list of newline-separated strings from the standard input, -+# and print each of them once, without duplicates. Input order is -+# *not* preserved. -+am__uniquify_input = $(AWK) '\ -+ BEGIN { nonempty = 0; } \ -+ { items[$$0] = 1; nonempty = 1; } \ -+ END { if (nonempty) { for (i in items) print i; }; } \ -+' -+# Make sure the list of sources is unique. This is necessary because, -+# e.g., the same source file might be shared among _SOURCES variables -+# for different programs/libraries. -+am__define_uniq_tagged_files = \ -+ list='$(am__tagged_files)'; \ -+ unique=`for i in $$list; do \ -+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ -+ done | $(am__uniquify_input)` -+ETAGS = etags -+CTAGS = ctags -+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/auto/depcomp -+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -+ACLOCAL = @ACLOCAL@ -+AMTAR = @AMTAR@ -+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -+AR = @AR@ -+ASCIIDOC = @ASCIIDOC@ -+AUTOCONF = @AUTOCONF@ -+AUTOHEADER = @AUTOHEADER@ -+AUTOMAKE = @AUTOMAKE@ -+AWK = @AWK@ -+CC = @CC@ -+CCDEPMODE = @CCDEPMODE@ -+CFLAGS = @CFLAGS@ -+CPP = @CPP@ -+CPPFLAGS = @CPPFLAGS@ -+CYGPATH_W = @CYGPATH_W@ -+DEFS = @DEFS@ -+DEPDIR = @DEPDIR@ -+DLLTOOL = @DLLTOOL@ -+DSYMUTIL = @DSYMUTIL@ -+DUMPBIN = @DUMPBIN@ -+ECHO_C = @ECHO_C@ -+ECHO_N = @ECHO_N@ -+ECHO_T = @ECHO_T@ -+EGREP = @EGREP@ -+EXEEXT = @EXEEXT@ -+FGREP = @FGREP@ -+GREP = @GREP@ -+GZIP = @GZIP@ -+INET_NTOP_LIB = @INET_NTOP_LIB@ -+INSTALL = @INSTALL@ -+INSTALL_DATA = @INSTALL_DATA@ -+INSTALL_PROGRAM = @INSTALL_PROGRAM@ -+INSTALL_SCRIPT = @INSTALL_SCRIPT@ -+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -+LD = @LD@ -+LDFLAGS = @LDFLAGS@ -+LIBOBJS = @LIBOBJS@ -+LIBPCRE = @LIBPCRE@ -+LIBS = @LIBS@ -+LIBTOOL = @LIBTOOL@ -+LIPO = @LIPO@ -+LN_S = @LN_S@ -+LTLIBOBJS = @LTLIBOBJS@ -+MAINT = @MAINT@ -+MAKEINFO = @MAKEINFO@ -+MANIFEST_TOOL = @MANIFEST_TOOL@ -+MKDIR_P = @MKDIR_P@ -+MV = @MV@ -+NM = @NM@ -+NMEDIT = @NMEDIT@ -+OBJDUMP = @OBJDUMP@ -+OBJEXT = @OBJEXT@ -+OTOOL = @OTOOL@ -+OTOOL64 = @OTOOL64@ -+PACKAGE = @PACKAGE@ -+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -+PACKAGE_NAME = @PACKAGE_NAME@ -+PACKAGE_STRING = @PACKAGE_STRING@ -+PACKAGE_TARNAME = @PACKAGE_TARNAME@ -+PACKAGE_URL = @PACKAGE_URL@ -+PACKAGE_VERSION = @PACKAGE_VERSION@ -+PATH_SEPARATOR = @PATH_SEPARATOR@ -+PCRE_CONFIG = @PCRE_CONFIG@ -+PTHREAD_CC = @PTHREAD_CC@ -+PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ -+PTHREAD_LIBS = @PTHREAD_LIBS@ -+RANLIB = @RANLIB@ -+SED = @SED@ -+SET_MAKE = @SET_MAKE@ -+SHELL = @SHELL@ -+STRIP = @STRIP@ -+VERSION = @VERSION@ -+XMLTO = @XMLTO@ -+abs_builddir = @abs_builddir@ -+abs_srcdir = @abs_srcdir@ -+abs_top_builddir = @abs_top_builddir@ -+abs_top_srcdir = @abs_top_srcdir@ -+ac_ct_AR = @ac_ct_AR@ -+ac_ct_CC = @ac_ct_CC@ -+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -+am__include = @am__include@ -+am__leading_dot = @am__leading_dot@ -+am__quote = @am__quote@ -+am__tar = @am__tar@ -+am__untar = @am__untar@ -+ax_pthread_config = @ax_pthread_config@ -+bindir = @bindir@ -+build = @build@ -+build_alias = @build_alias@ -+build_cpu = @build_cpu@ -+build_os = @build_os@ -+build_vendor = @build_vendor@ -+builddir = @builddir@ -+datadir = @datadir@ -+datarootdir = @datarootdir@ -+docdir = @docdir@ -+dvidir = @dvidir@ -+exec_prefix = @exec_prefix@ -+host = @host@ -+host_alias = @host_alias@ -+host_cpu = @host_cpu@ -+host_os = @host_os@ -+host_vendor = @host_vendor@ -+htmldir = @htmldir@ -+includedir = @includedir@ -+infodir = @infodir@ -+install_sh = @install_sh@ -+libdir = @libdir@ -+libexecdir = @libexecdir@ -+localedir = @localedir@ -+localstatedir = @localstatedir@ -+mandir = @mandir@ -+mkdir_p = @mkdir_p@ -+oldincludedir = @oldincludedir@ -+pcre_pcreh = @pcre_pcreh@ -+pcreh = @pcreh@ -+pdfdir = @pdfdir@ -+prefix = @prefix@ -+program_transform_name = @program_transform_name@ -+psdir = @psdir@ -+runstatedir = @runstatedir@ -+sbindir = @sbindir@ -+sharedstatedir = @sharedstatedir@ -+srcdir = @srcdir@ -+subdirs = @subdirs@ -+sysconfdir = @sysconfdir@ -+target_alias = @target_alias@ -+top_build_prefix = @top_build_prefix@ -+top_builddir = @top_builddir@ -+top_srcdir = @top_srcdir@ -+VERSION_INFO = 2:0:0 -+AM_CFLAGS = -g -O2 -Wall -Werror -Wno-deprecated-declarations \ -+ -fno-strict-aliasing -std=gnu99 -D_GNU_SOURCE \ -+ $(PTHREAD_CFLAGS) $(am__append_1) \ -+ -I$(top_srcdir)/libipset/include \ -+ -I$(top_srcdir)/libcork/include $(LIBPCRE_CFLAGS) -+SS_COMMON_LIBS = $(top_builddir)/libipset/libipset.la \ -+ $(top_builddir)/libcork/libcork.la $(INET_NTOP_LIB) \ -+ $(LIBPCRE_LIBS) $(am__append_2) $(am__append_3) -+sni_src = http.c \ -+ tls.c \ -+ rule.c -+ -+ss_check_SOURCES = check.c -+ss_server_SOURCES = utils.c \ -+ netutils.c \ -+ jconf.c \ -+ json.c \ -+ encrypt.c \ -+ udprelay.c \ -+ cache.c \ -+ acl.c \ -+ resolv.c \ -+ server.c \ -+ $(sni_src) -+ -+ss_check_LDADD = $(SS_COMMON_LIBS) -+ss_server_LDADD = $(SS_COMMON_LIBS) $(am__append_4) $(am__append_5) -+ss_check_CFLAGS = $(AM_CFLAGS) -+ss_server_CFLAGS = $(AM_CFLAGS) -DMODULE_REMOTE -+all: all-am -+ -+.SUFFIXES: -+.SUFFIXES: .c .lo .o .obj -+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) -+ @for dep in $?; do \ -+ case '$(am__configure_deps)' in \ -+ *$$dep*) \ -+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ -+ && { if test -f $@; then exit 0; else break; fi; }; \ -+ exit 1;; \ -+ esac; \ -+ done; \ -+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign server/Makefile'; \ -+ $(am__cd) $(top_srcdir) && \ -+ $(AUTOMAKE) --foreign server/Makefile -+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status -+ @case '$?' in \ -+ *config.status*) \ -+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ -+ *) \ -+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ -+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ -+ esac; -+ -+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) -+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -+ -+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) -+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) -+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -+$(am__aclocal_m4_deps): -+install-binPROGRAMS: $(bin_PROGRAMS) -+ @$(NORMAL_INSTALL) -+ @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ -+ if test -n "$$list"; then \ -+ echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \ -+ $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \ -+ fi; \ -+ for p in $$list; do echo "$$p $$p"; done | \ -+ sed 's/$(EXEEXT)$$//' | \ -+ while read p p1; do if test -f $$p \ -+ || test -f $$p1 \ -+ ; then echo "$$p"; echo "$$p"; else :; fi; \ -+ done | \ -+ sed -e 'p;s,.*/,,;n;h' \ -+ -e 's|.*|.|' \ -+ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ -+ sed 'N;N;N;s,\n, ,g' | \ -+ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ -+ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ -+ if ($$2 == $$4) files[d] = files[d] " " $$1; \ -+ else { print "f", $$3 "/" $$4, $$1; } } \ -+ END { for (d in files) print "f", d, files[d] }' | \ -+ while read type dir files; do \ -+ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ -+ test -z "$$files" || { \ -+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ -+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ -+ } \ -+ ; done -+ -+uninstall-binPROGRAMS: -+ @$(NORMAL_UNINSTALL) -+ @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ -+ files=`for p in $$list; do echo "$$p"; done | \ -+ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ -+ -e 's/$$/$(EXEEXT)/' \ -+ `; \ -+ test -n "$$list" || exit 0; \ -+ echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ -+ cd "$(DESTDIR)$(bindir)" && rm -f $$files -+ -+clean-binPROGRAMS: -+ @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ -+ echo " rm -f" $$list; \ -+ rm -f $$list || exit $$?; \ -+ test -n "$(EXEEXT)" || exit 0; \ -+ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ -+ echo " rm -f" $$list; \ -+ rm -f $$list -+ -+ss-check$(EXEEXT): $(ss_check_OBJECTS) $(ss_check_DEPENDENCIES) $(EXTRA_ss_check_DEPENDENCIES) -+ @rm -f ss-check$(EXEEXT) -+ $(AM_V_CCLD)$(ss_check_LINK) $(ss_check_OBJECTS) $(ss_check_LDADD) $(LIBS) -+ -+ss-server$(EXEEXT): $(ss_server_OBJECTS) $(ss_server_DEPENDENCIES) $(EXTRA_ss_server_DEPENDENCIES) -+ @rm -f ss-server$(EXEEXT) -+ $(AM_V_CCLD)$(ss_server_LINK) $(ss_server_OBJECTS) $(ss_server_LDADD) $(LIBS) -+ -+mostlyclean-compile: -+ -rm -f *.$(OBJEXT) -+ -+distclean-compile: -+ -rm -f *.tab.c -+ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_check-check.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-acl.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-cache.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-encrypt.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-http.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-jconf.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-json.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-netutils.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-resolv.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-rule.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-server.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-tls.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-udprelay.Po@am__quote@ -+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_server-utils.Po@am__quote@ -+ -+.c.o: -+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ -+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ -+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< -+ -+.c.obj: -+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ -+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ -+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` -+ -+.c.lo: -+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ -+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ -+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< -+ -+ss_check-check.o: check.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_check_CFLAGS) $(CFLAGS) -MT ss_check-check.o -MD -MP -MF $(DEPDIR)/ss_check-check.Tpo -c -o ss_check-check.o `test -f 'check.c' || echo '$(srcdir)/'`check.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_check-check.Tpo $(DEPDIR)/ss_check-check.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='check.c' object='ss_check-check.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_check_CFLAGS) $(CFLAGS) -c -o ss_check-check.o `test -f 'check.c' || echo '$(srcdir)/'`check.c -+ -+ss_check-check.obj: check.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_check_CFLAGS) $(CFLAGS) -MT ss_check-check.obj -MD -MP -MF $(DEPDIR)/ss_check-check.Tpo -c -o ss_check-check.obj `if test -f 'check.c'; then $(CYGPATH_W) 'check.c'; else $(CYGPATH_W) '$(srcdir)/check.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_check-check.Tpo $(DEPDIR)/ss_check-check.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='check.c' object='ss_check-check.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_check_CFLAGS) $(CFLAGS) -c -o ss_check-check.obj `if test -f 'check.c'; then $(CYGPATH_W) 'check.c'; else $(CYGPATH_W) '$(srcdir)/check.c'; fi` -+ -+ss_server-utils.o: utils.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-utils.o -MD -MP -MF $(DEPDIR)/ss_server-utils.Tpo -c -o ss_server-utils.o `test -f 'utils.c' || echo '$(srcdir)/'`utils.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-utils.Tpo $(DEPDIR)/ss_server-utils.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils.c' object='ss_server-utils.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-utils.o `test -f 'utils.c' || echo '$(srcdir)/'`utils.c -+ -+ss_server-utils.obj: utils.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-utils.obj -MD -MP -MF $(DEPDIR)/ss_server-utils.Tpo -c -o ss_server-utils.obj `if test -f 'utils.c'; then $(CYGPATH_W) 'utils.c'; else $(CYGPATH_W) '$(srcdir)/utils.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-utils.Tpo $(DEPDIR)/ss_server-utils.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils.c' object='ss_server-utils.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-utils.obj `if test -f 'utils.c'; then $(CYGPATH_W) 'utils.c'; else $(CYGPATH_W) '$(srcdir)/utils.c'; fi` -+ -+ss_server-netutils.o: netutils.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-netutils.o -MD -MP -MF $(DEPDIR)/ss_server-netutils.Tpo -c -o ss_server-netutils.o `test -f 'netutils.c' || echo '$(srcdir)/'`netutils.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-netutils.Tpo $(DEPDIR)/ss_server-netutils.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='netutils.c' object='ss_server-netutils.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-netutils.o `test -f 'netutils.c' || echo '$(srcdir)/'`netutils.c -+ -+ss_server-netutils.obj: netutils.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-netutils.obj -MD -MP -MF $(DEPDIR)/ss_server-netutils.Tpo -c -o ss_server-netutils.obj `if test -f 'netutils.c'; then $(CYGPATH_W) 'netutils.c'; else $(CYGPATH_W) '$(srcdir)/netutils.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-netutils.Tpo $(DEPDIR)/ss_server-netutils.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='netutils.c' object='ss_server-netutils.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-netutils.obj `if test -f 'netutils.c'; then $(CYGPATH_W) 'netutils.c'; else $(CYGPATH_W) '$(srcdir)/netutils.c'; fi` -+ -+ss_server-jconf.o: jconf.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-jconf.o -MD -MP -MF $(DEPDIR)/ss_server-jconf.Tpo -c -o ss_server-jconf.o `test -f 'jconf.c' || echo '$(srcdir)/'`jconf.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-jconf.Tpo $(DEPDIR)/ss_server-jconf.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='jconf.c' object='ss_server-jconf.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-jconf.o `test -f 'jconf.c' || echo '$(srcdir)/'`jconf.c -+ -+ss_server-jconf.obj: jconf.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-jconf.obj -MD -MP -MF $(DEPDIR)/ss_server-jconf.Tpo -c -o ss_server-jconf.obj `if test -f 'jconf.c'; then $(CYGPATH_W) 'jconf.c'; else $(CYGPATH_W) '$(srcdir)/jconf.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-jconf.Tpo $(DEPDIR)/ss_server-jconf.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='jconf.c' object='ss_server-jconf.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-jconf.obj `if test -f 'jconf.c'; then $(CYGPATH_W) 'jconf.c'; else $(CYGPATH_W) '$(srcdir)/jconf.c'; fi` -+ -+ss_server-json.o: json.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-json.o -MD -MP -MF $(DEPDIR)/ss_server-json.Tpo -c -o ss_server-json.o `test -f 'json.c' || echo '$(srcdir)/'`json.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-json.Tpo $(DEPDIR)/ss_server-json.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='json.c' object='ss_server-json.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-json.o `test -f 'json.c' || echo '$(srcdir)/'`json.c -+ -+ss_server-json.obj: json.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-json.obj -MD -MP -MF $(DEPDIR)/ss_server-json.Tpo -c -o ss_server-json.obj `if test -f 'json.c'; then $(CYGPATH_W) 'json.c'; else $(CYGPATH_W) '$(srcdir)/json.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-json.Tpo $(DEPDIR)/ss_server-json.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='json.c' object='ss_server-json.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-json.obj `if test -f 'json.c'; then $(CYGPATH_W) 'json.c'; else $(CYGPATH_W) '$(srcdir)/json.c'; fi` -+ -+ss_server-encrypt.o: encrypt.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-encrypt.o -MD -MP -MF $(DEPDIR)/ss_server-encrypt.Tpo -c -o ss_server-encrypt.o `test -f 'encrypt.c' || echo '$(srcdir)/'`encrypt.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-encrypt.Tpo $(DEPDIR)/ss_server-encrypt.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='encrypt.c' object='ss_server-encrypt.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-encrypt.o `test -f 'encrypt.c' || echo '$(srcdir)/'`encrypt.c -+ -+ss_server-encrypt.obj: encrypt.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-encrypt.obj -MD -MP -MF $(DEPDIR)/ss_server-encrypt.Tpo -c -o ss_server-encrypt.obj `if test -f 'encrypt.c'; then $(CYGPATH_W) 'encrypt.c'; else $(CYGPATH_W) '$(srcdir)/encrypt.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-encrypt.Tpo $(DEPDIR)/ss_server-encrypt.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='encrypt.c' object='ss_server-encrypt.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-encrypt.obj `if test -f 'encrypt.c'; then $(CYGPATH_W) 'encrypt.c'; else $(CYGPATH_W) '$(srcdir)/encrypt.c'; fi` -+ -+ss_server-udprelay.o: udprelay.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-udprelay.o -MD -MP -MF $(DEPDIR)/ss_server-udprelay.Tpo -c -o ss_server-udprelay.o `test -f 'udprelay.c' || echo '$(srcdir)/'`udprelay.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-udprelay.Tpo $(DEPDIR)/ss_server-udprelay.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='udprelay.c' object='ss_server-udprelay.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-udprelay.o `test -f 'udprelay.c' || echo '$(srcdir)/'`udprelay.c -+ -+ss_server-udprelay.obj: udprelay.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-udprelay.obj -MD -MP -MF $(DEPDIR)/ss_server-udprelay.Tpo -c -o ss_server-udprelay.obj `if test -f 'udprelay.c'; then $(CYGPATH_W) 'udprelay.c'; else $(CYGPATH_W) '$(srcdir)/udprelay.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-udprelay.Tpo $(DEPDIR)/ss_server-udprelay.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='udprelay.c' object='ss_server-udprelay.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-udprelay.obj `if test -f 'udprelay.c'; then $(CYGPATH_W) 'udprelay.c'; else $(CYGPATH_W) '$(srcdir)/udprelay.c'; fi` -+ -+ss_server-cache.o: cache.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-cache.o -MD -MP -MF $(DEPDIR)/ss_server-cache.Tpo -c -o ss_server-cache.o `test -f 'cache.c' || echo '$(srcdir)/'`cache.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-cache.Tpo $(DEPDIR)/ss_server-cache.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='cache.c' object='ss_server-cache.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-cache.o `test -f 'cache.c' || echo '$(srcdir)/'`cache.c -+ -+ss_server-cache.obj: cache.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-cache.obj -MD -MP -MF $(DEPDIR)/ss_server-cache.Tpo -c -o ss_server-cache.obj `if test -f 'cache.c'; then $(CYGPATH_W) 'cache.c'; else $(CYGPATH_W) '$(srcdir)/cache.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-cache.Tpo $(DEPDIR)/ss_server-cache.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='cache.c' object='ss_server-cache.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-cache.obj `if test -f 'cache.c'; then $(CYGPATH_W) 'cache.c'; else $(CYGPATH_W) '$(srcdir)/cache.c'; fi` -+ -+ss_server-acl.o: acl.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-acl.o -MD -MP -MF $(DEPDIR)/ss_server-acl.Tpo -c -o ss_server-acl.o `test -f 'acl.c' || echo '$(srcdir)/'`acl.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-acl.Tpo $(DEPDIR)/ss_server-acl.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='acl.c' object='ss_server-acl.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-acl.o `test -f 'acl.c' || echo '$(srcdir)/'`acl.c -+ -+ss_server-acl.obj: acl.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-acl.obj -MD -MP -MF $(DEPDIR)/ss_server-acl.Tpo -c -o ss_server-acl.obj `if test -f 'acl.c'; then $(CYGPATH_W) 'acl.c'; else $(CYGPATH_W) '$(srcdir)/acl.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-acl.Tpo $(DEPDIR)/ss_server-acl.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='acl.c' object='ss_server-acl.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-acl.obj `if test -f 'acl.c'; then $(CYGPATH_W) 'acl.c'; else $(CYGPATH_W) '$(srcdir)/acl.c'; fi` -+ -+ss_server-resolv.o: resolv.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-resolv.o -MD -MP -MF $(DEPDIR)/ss_server-resolv.Tpo -c -o ss_server-resolv.o `test -f 'resolv.c' || echo '$(srcdir)/'`resolv.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-resolv.Tpo $(DEPDIR)/ss_server-resolv.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='resolv.c' object='ss_server-resolv.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-resolv.o `test -f 'resolv.c' || echo '$(srcdir)/'`resolv.c -+ -+ss_server-resolv.obj: resolv.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-resolv.obj -MD -MP -MF $(DEPDIR)/ss_server-resolv.Tpo -c -o ss_server-resolv.obj `if test -f 'resolv.c'; then $(CYGPATH_W) 'resolv.c'; else $(CYGPATH_W) '$(srcdir)/resolv.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-resolv.Tpo $(DEPDIR)/ss_server-resolv.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='resolv.c' object='ss_server-resolv.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-resolv.obj `if test -f 'resolv.c'; then $(CYGPATH_W) 'resolv.c'; else $(CYGPATH_W) '$(srcdir)/resolv.c'; fi` -+ -+ss_server-server.o: server.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-server.o -MD -MP -MF $(DEPDIR)/ss_server-server.Tpo -c -o ss_server-server.o `test -f 'server.c' || echo '$(srcdir)/'`server.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-server.Tpo $(DEPDIR)/ss_server-server.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='server.c' object='ss_server-server.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-server.o `test -f 'server.c' || echo '$(srcdir)/'`server.c -+ -+ss_server-server.obj: server.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-server.obj -MD -MP -MF $(DEPDIR)/ss_server-server.Tpo -c -o ss_server-server.obj `if test -f 'server.c'; then $(CYGPATH_W) 'server.c'; else $(CYGPATH_W) '$(srcdir)/server.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-server.Tpo $(DEPDIR)/ss_server-server.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='server.c' object='ss_server-server.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-server.obj `if test -f 'server.c'; then $(CYGPATH_W) 'server.c'; else $(CYGPATH_W) '$(srcdir)/server.c'; fi` -+ -+ss_server-http.o: http.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-http.o -MD -MP -MF $(DEPDIR)/ss_server-http.Tpo -c -o ss_server-http.o `test -f 'http.c' || echo '$(srcdir)/'`http.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-http.Tpo $(DEPDIR)/ss_server-http.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http.c' object='ss_server-http.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-http.o `test -f 'http.c' || echo '$(srcdir)/'`http.c -+ -+ss_server-http.obj: http.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-http.obj -MD -MP -MF $(DEPDIR)/ss_server-http.Tpo -c -o ss_server-http.obj `if test -f 'http.c'; then $(CYGPATH_W) 'http.c'; else $(CYGPATH_W) '$(srcdir)/http.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-http.Tpo $(DEPDIR)/ss_server-http.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http.c' object='ss_server-http.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-http.obj `if test -f 'http.c'; then $(CYGPATH_W) 'http.c'; else $(CYGPATH_W) '$(srcdir)/http.c'; fi` -+ -+ss_server-tls.o: tls.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-tls.o -MD -MP -MF $(DEPDIR)/ss_server-tls.Tpo -c -o ss_server-tls.o `test -f 'tls.c' || echo '$(srcdir)/'`tls.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-tls.Tpo $(DEPDIR)/ss_server-tls.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tls.c' object='ss_server-tls.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-tls.o `test -f 'tls.c' || echo '$(srcdir)/'`tls.c -+ -+ss_server-tls.obj: tls.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-tls.obj -MD -MP -MF $(DEPDIR)/ss_server-tls.Tpo -c -o ss_server-tls.obj `if test -f 'tls.c'; then $(CYGPATH_W) 'tls.c'; else $(CYGPATH_W) '$(srcdir)/tls.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-tls.Tpo $(DEPDIR)/ss_server-tls.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tls.c' object='ss_server-tls.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-tls.obj `if test -f 'tls.c'; then $(CYGPATH_W) 'tls.c'; else $(CYGPATH_W) '$(srcdir)/tls.c'; fi` -+ -+ss_server-rule.o: rule.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-rule.o -MD -MP -MF $(DEPDIR)/ss_server-rule.Tpo -c -o ss_server-rule.o `test -f 'rule.c' || echo '$(srcdir)/'`rule.c -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-rule.Tpo $(DEPDIR)/ss_server-rule.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='rule.c' object='ss_server-rule.o' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-rule.o `test -f 'rule.c' || echo '$(srcdir)/'`rule.c -+ -+ss_server-rule.obj: rule.c -+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -MT ss_server-rule.obj -MD -MP -MF $(DEPDIR)/ss_server-rule.Tpo -c -o ss_server-rule.obj `if test -f 'rule.c'; then $(CYGPATH_W) 'rule.c'; else $(CYGPATH_W) '$(srcdir)/rule.c'; fi` -+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_server-rule.Tpo $(DEPDIR)/ss_server-rule.Po -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='rule.c' object='ss_server-rule.obj' libtool=no @AMDEPBACKSLASH@ -+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_server_CFLAGS) $(CFLAGS) -c -o ss_server-rule.obj `if test -f 'rule.c'; then $(CYGPATH_W) 'rule.c'; else $(CYGPATH_W) '$(srcdir)/rule.c'; fi` -+ -+mostlyclean-libtool: -+ -rm -f *.lo -+ -+clean-libtool: -+ -rm -rf .libs _libs -+ -+ID: $(am__tagged_files) -+ $(am__define_uniq_tagged_files); mkid -fID $$unique -+tags: tags-am -+TAGS: tags -+ -+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) -+ set x; \ -+ here=`pwd`; \ -+ $(am__define_uniq_tagged_files); \ -+ shift; \ -+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ -+ test -n "$$unique" || unique=$$empty_fix; \ -+ if test $$# -gt 0; then \ -+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ -+ "$$@" $$unique; \ -+ else \ -+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ -+ $$unique; \ -+ fi; \ -+ fi -+ctags: ctags-am -+ -+CTAGS: ctags -+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) -+ $(am__define_uniq_tagged_files); \ -+ test -z "$(CTAGS_ARGS)$$unique" \ -+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ -+ $$unique -+ -+GTAGS: -+ here=`$(am__cd) $(top_builddir) && pwd` \ -+ && $(am__cd) $(top_srcdir) \ -+ && gtags -i $(GTAGS_ARGS) "$$here" -+cscopelist: cscopelist-am -+ -+cscopelist-am: $(am__tagged_files) -+ list='$(am__tagged_files)'; \ -+ case "$(srcdir)" in \ -+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ -+ *) sdir=$(subdir)/$(srcdir) ;; \ -+ esac; \ -+ for i in $$list; do \ -+ if test -f "$$i"; then \ -+ echo "$(subdir)/$$i"; \ -+ else \ -+ echo "$$sdir/$$i"; \ -+ fi; \ -+ done >> $(top_builddir)/cscope.files -+ -+distclean-tags: -+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags -+ -+distdir: $(DISTFILES) -+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ -+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ -+ list='$(DISTFILES)'; \ -+ dist_files=`for file in $$list; do echo $$file; done | \ -+ sed -e "s|^$$srcdirstrip/||;t" \ -+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ -+ case $$dist_files in \ -+ */*) $(MKDIR_P) `echo "$$dist_files" | \ -+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ -+ sort -u` ;; \ -+ esac; \ -+ for file in $$dist_files; do \ -+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ -+ if test -d $$d/$$file; then \ -+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ -+ if test -d "$(distdir)/$$file"; then \ -+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ -+ fi; \ -+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ -+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ -+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ -+ fi; \ -+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ -+ else \ -+ test -f "$(distdir)/$$file" \ -+ || cp -p $$d/$$file "$(distdir)/$$file" \ -+ || exit 1; \ -+ fi; \ -+ done -+check-am: all-am -+check: check-am -+all-am: Makefile $(PROGRAMS) -+installdirs: -+ for dir in "$(DESTDIR)$(bindir)"; do \ -+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ -+ done -+install: install-am -+install-exec: install-exec-am -+install-data: install-data-am -+uninstall: uninstall-am -+ -+install-am: all-am -+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am -+ -+installcheck: installcheck-am -+install-strip: -+ if test -z '$(STRIP)'; then \ -+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ -+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ -+ install; \ -+ else \ -+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ -+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ -+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ -+ fi -+mostlyclean-generic: -+ -+clean-generic: -+ -+distclean-generic: -+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) -+ -+maintainer-clean-generic: -+ @echo "This command is intended for maintainers to use" -+ @echo "it deletes files that may require special tools to rebuild." -+clean: clean-am -+ -+clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am -+ -+distclean: distclean-am -+ -rm -rf ./$(DEPDIR) -+ -rm -f Makefile -+distclean-am: clean-am distclean-compile distclean-generic \ -+ distclean-tags -+ -+dvi: dvi-am -+ -+dvi-am: -+ -+html: html-am -+ -+html-am: -+ -+info: info-am -+ -+info-am: -+ -+install-data-am: -+ -+install-dvi: install-dvi-am -+ -+install-dvi-am: -+ -+install-exec-am: install-binPROGRAMS -+ -+install-html: install-html-am -+ -+install-html-am: -+ -+install-info: install-info-am -+ -+install-info-am: -+ -+install-man: -+ -+install-pdf: install-pdf-am -+ -+install-pdf-am: -+ -+install-ps: install-ps-am -+ -+install-ps-am: -+ -+installcheck-am: -+ -+maintainer-clean: maintainer-clean-am -+ -rm -rf ./$(DEPDIR) -+ -rm -f Makefile -+maintainer-clean-am: distclean-am maintainer-clean-generic -+ -+mostlyclean: mostlyclean-am -+ -+mostlyclean-am: mostlyclean-compile mostlyclean-generic \ -+ mostlyclean-libtool -+ -+pdf: pdf-am -+ -+pdf-am: -+ -+ps: ps-am -+ -+ps-am: -+ -+uninstall-am: uninstall-binPROGRAMS -+ -+.MAKE: install-am install-strip -+ -+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean \ -+ clean-binPROGRAMS clean-generic clean-libtool cscopelist-am \ -+ ctags ctags-am distclean distclean-compile distclean-generic \ -+ distclean-libtool distclean-tags distdir dvi dvi-am html \ -+ html-am info info-am install install-am install-binPROGRAMS \ -+ install-data install-data-am install-dvi install-dvi-am \ -+ install-exec install-exec-am install-html install-html-am \ -+ install-info install-info-am install-man install-pdf \ -+ install-pdf-am install-ps install-ps-am install-strip \ -+ installcheck installcheck-am installdirs maintainer-clean \ -+ maintainer-clean-generic mostlyclean mostlyclean-compile \ -+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ -+ tags tags-am uninstall uninstall-am uninstall-binPROGRAMS -+ -+.PRECIOUS: Makefile -+ -+ -+# Tell versions [3.59,3.63) of GNU make to not export all variables. -+# Otherwise a system limit (for SysV at least) may be exceeded. -+.NOEXPORT: -diff --git a/server/README.md b/server/README.md -new file mode 100644 -index 0000000..ef6a20e ---- /dev/null -+++ b/server/README.md -@@ -0,0 +1,3 @@ -+# server -+ -+`ss-server` and `ss-check` from https://github.com/ywb94/shadowsocks-libev -diff --git a/server/acl.c b/server/acl.c -new file mode 100644 -index 0000000..60d4b72 ---- /dev/null -+++ b/server/acl.c -@@ -0,0 +1,597 @@ -+/* -+ * acl.c - Manage the ACL (Access Control List) -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#include -+#include -+ -+#include "rule.h" -+#include "utils.h" -+#include "cache.h" -+#include "acl.h" -+ -+static struct ip_set white_list_ipv4; -+static struct ip_set white_list_ipv6; -+ -+static struct ip_set black_list_ipv4; -+static struct ip_set black_list_ipv6; -+ -+static struct cork_dllist black_list_rules; -+static struct cork_dllist white_list_rules; -+ -+static int acl_mode = BLACK_LIST; -+ -+static struct cache *block_list; -+ -+static struct ip_set outbound_block_list_ipv4; -+static struct ip_set outbound_block_list_ipv6; -+static struct cork_dllist outbound_block_list_rules; -+ -+#ifdef __linux__ -+ -+#include -+#include -+ -+#define NO_FIREWALL_MODE 0 -+#define IPTABLES_MODE 1 -+#define FIREWALLD_MODE 2 -+ -+static FILE *shell_stdin; -+static int mode = NO_FIREWALL_MODE; -+ -+static char chain_name[64]; -+static char *iptables_init_chain = -+ "iptables -N %s; iptables -F %s; iptables -A OUTPUT -p tcp --tcp-flags RST RST -j %s"; -+static char *iptables_remove_chain = -+ "iptables -D OUTPUT -p tcp --tcp-flags RST RST -j %s; iptables -F %s; iptables -X %s"; -+static char *iptables_add_rule = "iptables -A %s -d %s -j DROP"; -+static char *iptables_remove_rule = "iptables -D %s -d %s -j DROP"; -+ -+static char *ip6tables_init_chain = -+ "ip6tables -N %s; ip6tables -F %s; ip6tables -A OUTPUT -p tcp --tcp-flags RST RST -j %s"; -+static char *ip6tables_remove_chain = -+ "ip6tables -D OUTPUT -p tcp --tcp-flags RST RST -j %s; ip6tables -F %s; ip6tables -X %s"; -+static char *ip6tables_add_rule = "ip6tables -A %s -d %s -j DROP"; -+static char *ip6tables_remove_rule = "ip6tables -D %s -d %s -j DROP"; -+ -+static char *firewalld_init_chain = -+ "firewall-cmd --direct --add-chain ipv4 filter %s; \ -+ firewall-cmd --direct --passthrough ipv4 -F %s; \ -+ firewall-cmd --direct --passthrough ipv4 -A OUTPUT -p tcp --tcp-flags RST RST -j %s"; -+static char *firewalld_remove_chain = -+ "firewall-cmd --direct --passthrough ipv4 -D OUTPUT -p tcp --tcp-flags RST RST -j %s; \ -+ firewall-cmd --direct --passthrough ipv4 -F %s; \ -+ firewall-cmd --direct --remove-chain ipv4 filter %s"; -+static char *firewalld_add_rule = "firewall-cmd --direct --passthrough ipv4 -A %s -d %s -j DROP"; -+static char *firewalld_remove_rule = "firewall-cmd --direct --passthrough ipv4 -D %s -d %s -j DROP"; -+ -+static char *firewalld6_init_chain = -+ "firewall-cmd --direct --add-chain ipv6 filter %s; \ -+ firewall-cmd --direct --passthrough ipv6 -F %s; \ -+ firewall-cmd --direct --passthrough ipv6 -A OUTPUT -p tcp --tcp-flags RST RST -j %s"; -+static char *firewalld6_remove_chain = -+ "firewall-cmd --direct --passthrough ipv6 -D OUTPUT -p tcp --tcp-flags RST RST -j %s; \ -+ firewall-cmd --direct --passthrough ipv6 -F %s; \ -+ firewall-cmd --direct --remove-chain ipv6 filter %s"; -+static char *firewalld6_add_rule = "firewall-cmd --direct --passthrough ipv6 -A %s -d %s -j DROP"; -+static char *firewalld6_remove_rule = "firewall-cmd --direct --passthrough ipv6 -D %s -d %s -j DROP"; -+ -+static int -+run_cmd(const char *cmd) -+{ -+ int ret = 0; -+ char cmdstring[256]; -+ -+ sprintf(cmdstring, "%s\n", cmd); -+ size_t len = strlen(cmdstring); -+ -+ if (shell_stdin != NULL) { -+ ret = fwrite(cmdstring, 1, len, shell_stdin); -+ fflush(shell_stdin); -+ } -+ -+ return ret == len; -+} -+ -+static int -+init_firewall() -+{ -+ int ret = 0; -+ char cli[256]; -+ FILE *fp; -+ -+ if (getuid() != 0) -+ return -1; -+ -+ sprintf(cli, "firewall-cmd --version 2>&1"); -+ fp = popen(cli, "r"); -+ -+ if (fp == NULL) -+ return -1; -+ -+ if (pclose(fp) == 0) { -+ mode = FIREWALLD_MODE; -+ } else { -+ /* Check whether we have permission to operate iptables. -+ * Note that checking `iptables --version` is insufficient: -+ * eg, running within a child user namespace. -+ */ -+ sprintf(cli, "iptables -L 2>&1"); -+ fp = popen(cli, "r"); -+ if (fp == NULL) -+ return -1; -+ if (pclose(fp) == 0) -+ mode = IPTABLES_MODE; -+ } -+ -+ sprintf(chain_name, "SHADOWSOCKS_LIBEV_%d", getpid()); -+ -+ if (mode == FIREWALLD_MODE) { -+ sprintf(cli, firewalld6_init_chain, chain_name, chain_name, chain_name); -+ ret |= system(cli); -+ sprintf(cli, firewalld_init_chain, chain_name, chain_name, chain_name); -+ ret |= system(cli); -+ } else if (mode == IPTABLES_MODE) { -+ sprintf(cli, ip6tables_init_chain, chain_name, chain_name, chain_name); -+ ret |= system(cli); -+ sprintf(cli, iptables_init_chain, chain_name, chain_name, chain_name); -+ ret |= system(cli); -+ } -+ -+ shell_stdin = popen("/bin/sh", "w"); -+ -+ return ret; -+} -+ -+static int -+reset_firewall() -+{ -+ int ret = 0; -+ char cli[256]; -+ -+ if (getuid() != 0) -+ return -1; -+ -+ if (mode == IPTABLES_MODE) { -+ sprintf(cli, ip6tables_remove_chain, chain_name, chain_name, chain_name); -+ ret |= system(cli); -+ sprintf(cli, iptables_remove_chain, chain_name, chain_name, chain_name); -+ ret |= system(cli); -+ } else if (mode == FIREWALLD_MODE) { -+ sprintf(cli, firewalld6_remove_chain, chain_name, chain_name, chain_name); -+ ret |= system(cli); -+ sprintf(cli, firewalld_remove_chain, chain_name, chain_name, chain_name); -+ ret |= system(cli); -+ } -+ -+ if (shell_stdin != NULL) { -+ run_cmd("exit 0"); -+ pclose(shell_stdin); -+ } -+ -+ return ret; -+} -+ -+static int -+set_firewall_rule(char *addr, int add) -+{ -+ char cli[256]; -+ struct cork_ip ip; -+ -+ if (getuid() != 0) -+ return -1; -+ -+ if (cork_ip_init(&ip, addr)) -+ return -1; -+ -+ if (add) { -+ if (mode == IPTABLES_MODE) -+ sprintf(cli, ip.version == 4 ? iptables_add_rule : ip6tables_add_rule, -+ chain_name, addr); -+ else if (mode == FIREWALLD_MODE) -+ sprintf(cli, ip.version == 4 ? firewalld_add_rule : firewalld6_add_rule, -+ chain_name, addr); -+ return run_cmd(cli); -+ } else { -+ if (mode == IPTABLES_MODE) -+ sprintf(cli, ip.version == 4 ? iptables_remove_rule : ip6tables_remove_rule, -+ chain_name, addr); -+ else if (mode == FIREWALLD_MODE) -+ sprintf(cli, ip.version == 4 ? firewalld_remove_rule : firewalld6_remove_rule, -+ chain_name, addr); -+ return run_cmd(cli); -+ } -+ -+ return 0; -+} -+ -+static void -+free_firewall_rule(void *key, void *element) -+{ -+ if (key == NULL) -+ return; -+ char *addr = (char *)key; -+ set_firewall_rule(addr, 0); -+ ss_free(element); -+} -+ -+#endif -+ -+void -+init_block_list(int firewall) -+{ -+ // Initialize cache -+#ifdef __linux__ -+ if (firewall) -+ init_firewall(); -+ else -+ mode = NO_FIREWALL_MODE; -+ cache_create(&block_list, 256, free_firewall_rule); -+#else -+ cache_create(&block_list, 256, NULL); -+#endif -+} -+ -+void -+free_block_list() -+{ -+#ifdef __linux__ -+ if (mode != NO_FIREWALL_MODE) -+ reset_firewall(); -+#endif -+ cache_clear(block_list, 0); // Remove all items -+} -+ -+int -+remove_from_block_list(char *addr) -+{ -+ size_t addr_len = strlen(addr); -+ return cache_remove(block_list, addr, addr_len); -+} -+ -+void -+clear_block_list() -+{ -+ cache_clear(block_list, 3600); // Clear items older than 1 hour -+} -+ -+int -+check_block_list(char *addr) -+{ -+ size_t addr_len = strlen(addr); -+ -+ if (cache_key_exist(block_list, addr, addr_len)) { -+ int *count = NULL; -+ cache_lookup(block_list, addr, addr_len, &count); -+ -+ if (count != NULL && *count > MAX_TRIES) -+ return 1; -+ } -+ -+ return 0; -+} -+ -+int -+update_block_list(char *addr, int err_level) -+{ -+ size_t addr_len = strlen(addr); -+ -+ if (cache_key_exist(block_list, addr, addr_len)) { -+ int *count = NULL; -+ cache_lookup(block_list, addr, addr_len, &count); -+ if (count != NULL) { -+ if (*count > MAX_TRIES) -+ return 1; -+ (*count) += err_level; -+ } -+ } else if (err_level > 0) { -+ int *count = (int *)ss_malloc(sizeof(int)); -+ *count = 1; -+ cache_insert(block_list, addr, addr_len, count); -+#ifdef __linux__ -+ if (mode != NO_FIREWALL_MODE) -+ set_firewall_rule(addr, 1); -+#endif -+ } -+ -+ return 0; -+} -+ -+static void -+parse_addr_cidr(const char *str, char *host, int *cidr) -+{ -+ int ret = -1, n = 0; -+ char *pch; -+ -+ pch = strchr(str, '/'); -+ while (pch != NULL) { -+ n++; -+ ret = pch - str; -+ pch = strchr(pch + 1, '/'); -+ } -+ if (ret == -1) { -+ strcpy(host, str); -+ *cidr = -1; -+ } else { -+ memcpy(host, str, ret); -+ host[ret] = '\0'; -+ *cidr = atoi(str + ret + 1); -+ } -+} -+ -+char * -+trimwhitespace(char *str) -+{ -+ char *end; -+ -+ // Trim leading space -+ while (isspace(*str)) -+ str++; -+ -+ if (*str == 0) // All spaces? -+ return str; -+ -+ // Trim trailing space -+ end = str + strlen(str) - 1; -+ while (end > str && isspace(*end)) -+ end--; -+ -+ // Write new null terminator -+ *(end + 1) = 0; -+ -+ return str; -+} -+ -+int -+init_acl(const char *path) -+{ -+ // initialize ipset -+ ipset_init_library(); -+ -+ ipset_init(&white_list_ipv4); -+ ipset_init(&white_list_ipv6); -+ ipset_init(&black_list_ipv4); -+ ipset_init(&black_list_ipv6); -+ ipset_init(&outbound_block_list_ipv4); -+ ipset_init(&outbound_block_list_ipv6); -+ -+ cork_dllist_init(&black_list_rules); -+ cork_dllist_init(&white_list_rules); -+ cork_dllist_init(&outbound_block_list_rules); -+ -+ struct ip_set *list_ipv4 = &black_list_ipv4; -+ struct ip_set *list_ipv6 = &black_list_ipv6; -+ struct cork_dllist *rules = &black_list_rules; -+ -+ FILE *f = fopen(path, "r"); -+ if (f == NULL) { -+ LOGE("Invalid acl path."); -+ return -1; -+ } -+ -+ char buf[257]; -+ while (!feof(f)) -+ if (fgets(buf, 256, f)) { -+ // Trim the newline -+ int len = strlen(buf); -+ if (len > 0 && buf[len - 1] == '\n') { -+ buf[len - 1] = '\0'; -+ } -+ -+ char *line = trimwhitespace(buf); -+ -+ // Skip comments -+ if (line[0] == '#') { -+ continue; -+ } -+ -+ if (strlen(line) == 0) { -+ continue; -+ } -+ -+ if (strcmp(line, "[outbound_block_list]") == 0) { -+ list_ipv4 = &outbound_block_list_ipv4; -+ list_ipv6 = &outbound_block_list_ipv6; -+ rules = &outbound_block_list_rules; -+ continue; -+ } else if (strcmp(line, "[black_list]") == 0 -+ || strcmp(line, "[bypass_list]") == 0) { -+ list_ipv4 = &black_list_ipv4; -+ list_ipv6 = &black_list_ipv6; -+ rules = &black_list_rules; -+ continue; -+ } else if (strcmp(line, "[white_list]") == 0 -+ || strcmp(line, "[proxy_list]") == 0) { -+ list_ipv4 = &white_list_ipv4; -+ list_ipv6 = &white_list_ipv6; -+ rules = &white_list_rules; -+ continue; -+ } else if (strcmp(line, "[reject_all]") == 0 -+ || strcmp(line, "[bypass_all]") == 0) { -+ acl_mode = WHITE_LIST; -+ continue; -+ } else if (strcmp(line, "[accept_all]") == 0 -+ || strcmp(line, "[proxy_all]") == 0) { -+ acl_mode = BLACK_LIST; -+ continue; -+ } -+ -+ char host[257]; -+ int cidr; -+ parse_addr_cidr(line, host, &cidr); -+ -+ struct cork_ip addr; -+ int err = cork_ip_init(&addr, host); -+ if (!err) { -+ if (addr.version == 4) { -+ if (cidr >= 0) { -+ ipset_ipv4_add_network(list_ipv4, &(addr.ip.v4), cidr); -+ } else { -+ ipset_ipv4_add(list_ipv4, &(addr.ip.v4)); -+ } -+ } else if (addr.version == 6) { -+ if (cidr >= 0) { -+ ipset_ipv6_add_network(list_ipv6, &(addr.ip.v6), cidr); -+ } else { -+ ipset_ipv6_add(list_ipv6, &(addr.ip.v6)); -+ } -+ } -+ } else { -+ rule_t *rule = new_rule(); -+ accept_rule_arg(rule, line); -+ init_rule(rule); -+ add_rule(rules, rule); -+ } -+ } -+ -+ fclose(f); -+ -+ return 0; -+} -+ -+void -+free_rules(struct cork_dllist *rules) -+{ -+ struct cork_dllist_item *iter; -+ while ((iter = cork_dllist_head(rules)) != NULL) { -+ rule_t *rule = cork_container_of(iter, rule_t, entries); -+ remove_rule(rule); -+ } -+} -+ -+void -+free_acl(void) -+{ -+ ipset_done(&black_list_ipv4); -+ ipset_done(&black_list_ipv6); -+ ipset_done(&white_list_ipv4); -+ ipset_done(&white_list_ipv6); -+ -+ free_rules(&black_list_rules); -+ free_rules(&white_list_rules); -+} -+ -+int -+get_acl_mode(void) -+{ -+ return acl_mode; -+} -+ -+/* -+ * Return 0, if not match. -+ * Return 1, if match black list. -+ * Return -1, if match white list. -+ */ -+int -+acl_match_host(const char *host) -+{ -+ struct cork_ip addr; -+ int ret = 0; -+ int err = cork_ip_init(&addr, host); -+ -+ if (err) { -+ int host_len = strlen(host); -+ if (lookup_rule(&black_list_rules, host, host_len) != NULL) -+ ret = 1; -+ else if (lookup_rule(&white_list_rules, host, host_len) != NULL) -+ ret = -1; -+ return ret; -+ } -+ -+ if (addr.version == 4) { -+ if (ipset_contains_ipv4(&black_list_ipv4, &(addr.ip.v4))) -+ ret = 1; -+ else if (ipset_contains_ipv4(&white_list_ipv4, &(addr.ip.v4))) -+ ret = -1; -+ } else if (addr.version == 6) { -+ if (ipset_contains_ipv6(&black_list_ipv6, &(addr.ip.v6))) -+ ret = 1; -+ else if (ipset_contains_ipv6(&white_list_ipv6, &(addr.ip.v6))) -+ ret = -1; -+ } -+ -+ return ret; -+} -+ -+int -+acl_add_ip(const char *ip) -+{ -+ struct cork_ip addr; -+ int err = cork_ip_init(&addr, ip); -+ if (err) { -+ return -1; -+ } -+ -+ if (addr.version == 4) { -+ ipset_ipv4_add(&black_list_ipv4, &(addr.ip.v4)); -+ } else if (addr.version == 6) { -+ ipset_ipv6_add(&black_list_ipv6, &(addr.ip.v6)); -+ } -+ -+ return 0; -+} -+ -+int -+acl_remove_ip(const char *ip) -+{ -+ struct cork_ip addr; -+ int err = cork_ip_init(&addr, ip); -+ if (err) { -+ return -1; -+ } -+ -+ if (addr.version == 4) { -+ ipset_ipv4_remove(&black_list_ipv4, &(addr.ip.v4)); -+ } else if (addr.version == 6) { -+ ipset_ipv6_remove(&black_list_ipv6, &(addr.ip.v6)); -+ } -+ -+ return 0; -+} -+ -+/* -+ * Return 0, if not match. -+ * Return 1, if match black list. -+ */ -+int -+outbound_block_match_host(const char *host) -+{ -+ struct cork_ip addr; -+ int ret = 0; -+ int err = cork_ip_init(&addr, host); -+ -+ if (err) { -+ int host_len = strlen(host); -+ if (lookup_rule(&outbound_block_list_rules, host, host_len) != NULL) -+ ret = 1; -+ return ret; -+ } -+ -+ if (addr.version == 4) { -+ if (ipset_contains_ipv4(&outbound_block_list_ipv4, &(addr.ip.v4))) -+ ret = 1; -+ } else if (addr.version == 6) { -+ if (ipset_contains_ipv6(&outbound_block_list_ipv6, &(addr.ip.v6))) -+ ret = 1; -+ } -+ -+ return ret; -+} -diff --git a/server/acl.h b/server/acl.h -new file mode 100644 -index 0000000..d6f18b8 ---- /dev/null -+++ b/server/acl.h -@@ -0,0 +1,53 @@ -+/* -+ * acl.h - Define the ACL interface -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifndef _ACL_H -+#define _ACL_H -+ -+#define BLACK_LIST 0 -+#define WHITE_LIST 1 -+ -+#define MAX_TRIES 64 -+#define MALICIOUS 8 -+#define SUSPICIOUS 4 -+#define BAD 2 -+#define MALFORMED 1 -+ -+int init_acl(const char *path); -+void free_acl(void); -+void clear_block_list(void); -+ -+int acl_match_host(const char *ip); -+int acl_add_ip(const char *ip); -+int acl_remove_ip(const char *ip); -+ -+int get_acl_mode(void); -+ -+void init_block_list(int firewall); -+void free_block_list(); -+int check_block_list(char *addr); -+int update_block_list(char *addr, int err_level); -+int remove_from_block_list(char *addr); -+ -+int outbound_block_match_host(const char *host); -+ -+#endif // _ACL_H -diff --git a/server/auth.c b/server/auth.c -new file mode 100644 -index 0000000..a36257a ---- /dev/null -+++ b/server/auth.c -@@ -0,0 +1,993 @@ -+ -+#include "auth.h" -+ -+static int auth_simple_pack_unit_size = 2000; -+typedef int (*hmac_with_key_func)(char *auth, char *msg, int msg_len, uint8_t *auth_key, int key_len); -+typedef int (*hash_func)(char *auth, char *msg, int msg_len); -+ -+typedef struct auth_simple_global_data { -+ uint8_t local_client_id[8]; -+ uint32_t connection_id; -+}auth_simple_global_data; -+ -+typedef struct auth_simple_local_data { -+ int has_sent_header; -+ char * recv_buffer; -+ int recv_buffer_size; -+ uint32_t recv_id; -+ uint32_t pack_id; -+ char * salt; -+ uint8_t * user_key; -+ char uid[4]; -+ int user_key_len; -+ hmac_with_key_func hmac; -+ hash_func hash; -+ int hash_len; -+}auth_simple_local_data; -+ -+void auth_simple_local_data_init(auth_simple_local_data* local) { -+ local->has_sent_header = 0; -+ local->recv_buffer = (char*)malloc(16384); -+ local->recv_buffer_size = 0; -+ local->recv_id = 1; -+ local->pack_id = 1; -+ local->salt = ""; -+ local->user_key = 0; -+ local->user_key_len = 0; -+ local->hmac = 0; -+ local->hash = 0; -+ local->hash_len = 0; -+ local->salt = ""; -+} -+ -+void * auth_simple_init_data() { -+ auth_simple_global_data *global = (auth_simple_global_data*)malloc(sizeof(auth_simple_global_data)); -+ rand_bytes(global->local_client_id, 8); -+ rand_bytes((uint8_t*)&global->connection_id, 4); -+ global->connection_id &= 0xFFFFFF; -+ return global; -+} -+ -+obfs * auth_simple_new_obfs() { -+ obfs * self = new_obfs(); -+ self->l_data = malloc(sizeof(auth_simple_local_data)); -+ auth_simple_local_data_init((auth_simple_local_data*)self->l_data); -+ return self; -+} -+ -+obfs * auth_aes128_md5_new_obfs() { -+ obfs * self = new_obfs(); -+ self->l_data = malloc(sizeof(auth_simple_local_data)); -+ auth_simple_local_data_init((auth_simple_local_data*)self->l_data); -+ ((auth_simple_local_data*)self->l_data)->hmac = ss_md5_hmac_with_key; -+ ((auth_simple_local_data*)self->l_data)->hash = ss_md5_hash_func; -+ ((auth_simple_local_data*)self->l_data)->hash_len = 16; -+ ((auth_simple_local_data*)self->l_data)->salt = "auth_aes128_md5"; -+ return self; -+} -+ -+obfs * auth_aes128_sha1_new_obfs() { -+ obfs * self = new_obfs(); -+ self->l_data = malloc(sizeof(auth_simple_local_data)); -+ auth_simple_local_data_init((auth_simple_local_data*)self->l_data); -+ ((auth_simple_local_data*)self->l_data)->hmac = ss_sha1_hmac_with_key; -+ ((auth_simple_local_data*)self->l_data)->hash = ss_sha1_hash_func; -+ ((auth_simple_local_data*)self->l_data)->hash_len = 20; -+ ((auth_simple_local_data*)self->l_data)->salt = "auth_aes128_sha1"; -+ return self; -+} -+ -+void auth_simple_dispose(obfs *self) { -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ if (local->recv_buffer != NULL) { -+ free(local->recv_buffer); -+ local->recv_buffer = NULL; -+ } -+ if (local->user_key != NULL) { -+ free(local->user_key); -+ local->user_key = NULL; -+ } -+ free(local); -+ self->l_data = NULL; -+ dispose_obfs(self); -+} -+ -+int auth_simple_pack_data(char *data, int datalength, char *outdata) { -+ unsigned char rand_len = (xorshift128plus() & 0xF) + 1; -+ int out_size = rand_len + datalength + 6; -+ outdata[0] = out_size >> 8; -+ outdata[1] = out_size; -+ outdata[2] = rand_len; -+ memmove(outdata + rand_len + 2, data, datalength); -+ fillcrc32((unsigned char *)outdata, out_size); -+ return out_size; -+} -+ -+void memintcopy_lt(void *mem, uint32_t val) { -+ ((uint8_t *)mem)[0] = val; -+ ((uint8_t *)mem)[1] = val >> 8; -+ ((uint8_t *)mem)[2] = val >> 16; -+ ((uint8_t *)mem)[3] = val >> 24; -+} -+ -+int auth_simple_pack_auth_data(auth_simple_global_data *global, char *data, int datalength, char *outdata) { -+ unsigned char rand_len = (xorshift128plus() & 0xF) + 1; -+ int out_size = rand_len + datalength + 6 + 12; -+ outdata[0] = out_size >> 8; -+ outdata[1] = out_size; -+ outdata[2] = rand_len; -+ ++global->connection_id; -+ if (global->connection_id > 0xFF000000) { -+ rand_bytes(global->local_client_id, 8); -+ rand_bytes((uint8_t*)&global->connection_id, 4); -+ global->connection_id &= 0xFFFFFF; -+ } -+ time_t t = time(NULL); -+ memintcopy_lt(outdata + rand_len + 2, t); -+ memmove(outdata + rand_len + 2 + 4, global->local_client_id, 4); -+ memintcopy_lt(outdata + rand_len + 2 + 8, global->connection_id); -+ memmove(outdata + rand_len + 2 + 12, data, datalength); -+ fillcrc32((unsigned char *)outdata, out_size); -+ return out_size; -+} -+ -+int auth_simple_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ char * out_buffer = (char*)malloc(datalength * 2 + 64); -+ char * buffer = out_buffer; -+ char * data = plaindata; -+ int len = datalength; -+ int pack_len; -+ if (len > 0 && local->has_sent_header == 0) { -+ int head_size = get_head_size(plaindata, datalength, 30); -+ if (head_size > datalength) -+ head_size = datalength; -+ pack_len = auth_simple_pack_auth_data((auth_simple_global_data *)self->server.g_data, data, head_size, buffer); -+ buffer += pack_len; -+ data += head_size; -+ len -= head_size; -+ local->has_sent_header = 1; -+ } -+ while ( len > auth_simple_pack_unit_size ) { -+ pack_len = auth_simple_pack_data(data, auth_simple_pack_unit_size, buffer); -+ buffer += pack_len; -+ data += auth_simple_pack_unit_size; -+ len -= auth_simple_pack_unit_size; -+ } -+ if (len > 0) { -+ pack_len = auth_simple_pack_data(data, len, buffer); -+ buffer += pack_len; -+ } -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int auth_simple_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ uint8_t * recv_buffer = (uint8_t *)local->recv_buffer; -+ if (local->recv_buffer_size + datalength > 16384) -+ return -1; -+ memmove(recv_buffer + local->recv_buffer_size, plaindata, datalength); -+ local->recv_buffer_size += datalength; -+ -+ char * out_buffer = (char*)malloc(local->recv_buffer_size); -+ char * buffer = out_buffer; -+ while (local->recv_buffer_size > 2) { -+ int length = ((int)recv_buffer[0] << 8) | recv_buffer[1]; -+ if (length >= 8192 || length < 7) { -+ free(out_buffer); -+ local->recv_buffer_size = 0; -+ return -1; -+ } -+ if (length > local->recv_buffer_size) -+ break; -+ -+ int crc = crc32((unsigned char*)recv_buffer, length); -+ if (crc != -1) { -+ free(out_buffer); -+ local->recv_buffer_size = 0; -+ return -1; -+ } -+ int data_size = length - recv_buffer[2] - 6; -+ memmove(buffer, recv_buffer + 2 + recv_buffer[2], data_size); -+ buffer += data_size; -+ memmove(recv_buffer, recv_buffer + length, local->recv_buffer_size -= length); -+ } -+ int len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+ -+int auth_sha1_pack_data(char *data, int datalength, char *outdata) { -+ unsigned char rand_len = (xorshift128plus() & 0xF) + 1; -+ int out_size = rand_len + datalength + 6; -+ outdata[0] = out_size >> 8; -+ outdata[1] = out_size; -+ outdata[2] = rand_len; -+ memmove(outdata + rand_len + 2, data, datalength); -+ filladler32((unsigned char *)outdata, out_size); -+ return out_size; -+} -+ -+int auth_sha1_pack_auth_data(auth_simple_global_data *global, server_info *server, char *data, int datalength, char *outdata) { -+ unsigned char rand_len = (xorshift128plus() & 0x7F) + 1; -+ int data_offset = rand_len + 4 + 2; -+ int out_size = data_offset + datalength + 12 + OBFS_HMAC_SHA1_LEN; -+ fillcrc32to((unsigned char *)server->key, server->key_len, (unsigned char *)outdata); -+ outdata[4] = out_size >> 8; -+ outdata[5] = out_size; -+ outdata[6] = rand_len; -+ ++global->connection_id; -+ if (global->connection_id > 0xFF000000) { -+ rand_bytes(global->local_client_id, 8); -+ rand_bytes((uint8_t*)&global->connection_id, 4); -+ global->connection_id &= 0xFFFFFF; -+ } -+ time_t t = time(NULL); -+ memintcopy_lt(outdata + data_offset, t); -+ memmove(outdata + data_offset + 4, global->local_client_id, 4); -+ memintcopy_lt(outdata + data_offset + 8, global->connection_id); -+ memmove(outdata + data_offset + 12, data, datalength); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ ss_sha1_hmac(hash, outdata, out_size - OBFS_HMAC_SHA1_LEN, server->iv); -+ memcpy(outdata + out_size - OBFS_HMAC_SHA1_LEN, hash, OBFS_HMAC_SHA1_LEN); -+ return out_size; -+} -+ -+int auth_sha1_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ char * out_buffer = (char*)malloc(datalength * 2 + 256); -+ char * buffer = out_buffer; -+ char * data = plaindata; -+ int len = datalength; -+ int pack_len; -+ if (len > 0 && local->has_sent_header == 0) { -+ int head_size = get_head_size(plaindata, datalength, 30); -+ if (head_size > datalength) -+ head_size = datalength; -+ pack_len = auth_sha1_pack_auth_data((auth_simple_global_data *)self->server.g_data, &self->server, data, head_size, buffer); -+ buffer += pack_len; -+ data += head_size; -+ len -= head_size; -+ local->has_sent_header = 1; -+ } -+ while ( len > auth_simple_pack_unit_size ) { -+ pack_len = auth_sha1_pack_data(data, auth_simple_pack_unit_size, buffer); -+ buffer += pack_len; -+ data += auth_simple_pack_unit_size; -+ len -= auth_simple_pack_unit_size; -+ } -+ if (len > 0) { -+ pack_len = auth_sha1_pack_data(data, len, buffer); -+ buffer += pack_len; -+ } -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int auth_sha1_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ uint8_t * recv_buffer = (uint8_t *)local->recv_buffer; -+ if (local->recv_buffer_size + datalength > 16384) -+ return -1; -+ memmove(recv_buffer + local->recv_buffer_size, plaindata, datalength); -+ local->recv_buffer_size += datalength; -+ -+ char * out_buffer = (char*)malloc(local->recv_buffer_size); -+ char * buffer = out_buffer; -+ while (local->recv_buffer_size > 2) { -+ int length = ((int)recv_buffer[0] << 8) | recv_buffer[1]; -+ if (length >= 8192 || length < 7) { -+ free(out_buffer); -+ local->recv_buffer_size = 0; -+ return -1; -+ } -+ if (length > local->recv_buffer_size) -+ break; -+ -+ if (checkadler32((unsigned char*)recv_buffer, length) == 0) { -+ free(out_buffer); -+ local->recv_buffer_size = 0; -+ return -1; -+ } -+ int pos = recv_buffer[2] + 2; -+ int data_size = length - pos - 4; -+ memmove(buffer, recv_buffer + pos, data_size); -+ buffer += data_size; -+ memmove(recv_buffer, recv_buffer + length, local->recv_buffer_size -= length); -+ } -+ int len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int auth_sha1_v2_pack_data(char *data, int datalength, char *outdata) { -+ unsigned int rand_len = (datalength > 1300 ? 0 : datalength > 400 ? (xorshift128plus() & 0x7F) : (xorshift128plus() & 0x3FF)) + 1; -+ int out_size = rand_len + datalength + 6; -+ outdata[0] = out_size >> 8; -+ outdata[1] = out_size; -+ if (rand_len < 128) -+ { -+ outdata[2] = rand_len; -+ } -+ else -+ { -+ outdata[2] = 0xFF; -+ outdata[3] = rand_len >> 8; -+ outdata[4] = rand_len; -+ } -+ memmove(outdata + rand_len + 2, data, datalength); -+ filladler32((unsigned char *)outdata, out_size); -+ return out_size; -+} -+ -+int auth_sha1_v2_pack_auth_data(auth_simple_global_data *global, server_info *server, char *data, int datalength, char *outdata) { -+ unsigned int rand_len = (datalength > 1300 ? 0 : datalength > 400 ? (xorshift128plus() & 0x7F) : (xorshift128plus() & 0x3FF)) + 1; -+ int data_offset = rand_len + 4 + 2; -+ int out_size = data_offset + datalength + 12 + OBFS_HMAC_SHA1_LEN; -+ const char* salt = "auth_sha1_v2"; -+ int salt_len = strlen(salt); -+ unsigned char *crc_salt = (unsigned char*)malloc(salt_len + server->key_len); -+ memcpy(crc_salt, salt, salt_len); -+ memcpy(crc_salt + salt_len, server->key, server->key_len); -+ fillcrc32to(crc_salt, salt_len + server->key_len, (unsigned char *)outdata); -+ free(crc_salt); -+ outdata[4] = out_size >> 8; -+ outdata[5] = out_size; -+ if (rand_len < 128) -+ { -+ outdata[6] = rand_len; -+ } -+ else -+ { -+ outdata[6] = 0xFF; -+ outdata[7] = rand_len >> 8; -+ outdata[8] = rand_len; -+ } -+ ++global->connection_id; -+ if (global->connection_id > 0xFF000000) { -+ rand_bytes(global->local_client_id, 8); -+ rand_bytes((uint8_t*)&global->connection_id, 4); -+ global->connection_id &= 0xFFFFFF; -+ } -+ memmove(outdata + data_offset, global->local_client_id, 8); -+ memintcopy_lt(outdata + data_offset + 8, global->connection_id); -+ memmove(outdata + data_offset + 12, data, datalength); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ ss_sha1_hmac(hash, outdata, out_size - OBFS_HMAC_SHA1_LEN, server->iv); -+ memcpy(outdata + out_size - OBFS_HMAC_SHA1_LEN, hash, OBFS_HMAC_SHA1_LEN); -+ return out_size; -+} -+ -+int auth_sha1_v2_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ char * out_buffer = (char*)malloc(datalength * 2 + 4096); -+ char * buffer = out_buffer; -+ char * data = plaindata; -+ int len = datalength; -+ int pack_len; -+ if (len > 0 && local->has_sent_header == 0) { -+ int head_size = get_head_size(plaindata, datalength, 30); -+ if (head_size > datalength) -+ head_size = datalength; -+ pack_len = auth_sha1_v2_pack_auth_data((auth_simple_global_data *)self->server.g_data, &self->server, data, head_size, buffer); -+ buffer += pack_len; -+ data += head_size; -+ len -= head_size; -+ local->has_sent_header = 1; -+ } -+ while ( len > auth_simple_pack_unit_size ) { -+ pack_len = auth_sha1_v2_pack_data(data, auth_simple_pack_unit_size, buffer); -+ buffer += pack_len; -+ data += auth_simple_pack_unit_size; -+ len -= auth_simple_pack_unit_size; -+ } -+ if (len > 0) { -+ pack_len = auth_sha1_v2_pack_data(data, len, buffer); -+ buffer += pack_len; -+ } -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int auth_sha1_v2_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ uint8_t * recv_buffer = (uint8_t *)local->recv_buffer; -+ if (local->recv_buffer_size + datalength > 16384) -+ return -1; -+ memmove(recv_buffer + local->recv_buffer_size, plaindata, datalength); -+ local->recv_buffer_size += datalength; -+ -+ char * out_buffer = (char*)malloc(local->recv_buffer_size); -+ char * buffer = out_buffer; -+ char error = 0; -+ while (local->recv_buffer_size > 2) { -+ int length = ((int)recv_buffer[0] << 8) | recv_buffer[1]; -+ if (length >= 8192 || length < 7) { -+ local->recv_buffer_size = 0; -+ error = 1; -+ break; -+ } -+ if (length > local->recv_buffer_size) -+ break; -+ -+ if (checkadler32((unsigned char*)recv_buffer, length) == 0) { -+ local->recv_buffer_size = 0; -+ error = 1; -+ break; -+ } -+ int pos = recv_buffer[2]; -+ if (pos < 255) -+ { -+ pos += 2; -+ } -+ else -+ { -+ pos = ((recv_buffer[3] << 8) | recv_buffer[4]) + 2; -+ } -+ int data_size = length - pos - 4; -+ memmove(buffer, recv_buffer + pos, data_size); -+ buffer += data_size; -+ memmove(recv_buffer, recv_buffer + length, local->recv_buffer_size -= length); -+ } -+ int len; -+ if (error == 0) { -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ } else { -+ len = -1; -+ } -+ free(out_buffer); -+ return len; -+} -+ -+int auth_sha1_v4_pack_data(char *data, int datalength, char *outdata) { -+ unsigned int rand_len = (datalength > 1300 ? 0 : datalength > 400 ? (xorshift128plus() & 0x7F) : (xorshift128plus() & 0x3FF)) + 1; -+ int out_size = rand_len + datalength + 8; -+ outdata[0] = out_size >> 8; -+ outdata[1] = out_size; -+ uint32_t crc_val = crc32((unsigned char*)outdata, 2); -+ outdata[2] = crc_val; -+ outdata[3] = crc_val >> 8; -+ if (rand_len < 128) -+ { -+ outdata[4] = rand_len; -+ } -+ else -+ { -+ outdata[4] = 0xFF; -+ outdata[5] = rand_len >> 8; -+ outdata[6] = rand_len; -+ } -+ memmove(outdata + rand_len + 4, data, datalength); -+ filladler32((unsigned char *)outdata, out_size); -+ return out_size; -+} -+ -+int auth_sha1_v4_pack_auth_data(auth_simple_global_data *global, server_info *server, char *data, int datalength, char *outdata) { -+ unsigned int rand_len = (datalength > 1300 ? 0 : datalength > 400 ? (xorshift128plus() & 0x7F) : (xorshift128plus() & 0x3FF)) + 1; -+ int data_offset = rand_len + 4 + 2; -+ int out_size = data_offset + datalength + 12 + OBFS_HMAC_SHA1_LEN; -+ const char* salt = "auth_sha1_v4"; -+ int salt_len = strlen(salt); -+ unsigned char *crc_salt = (unsigned char*)malloc(salt_len + server->key_len + 2); -+ crc_salt[0] = outdata[0] = out_size >> 8; -+ crc_salt[1] = outdata[1] = out_size; -+ -+ memcpy(crc_salt + 2, salt, salt_len); -+ memcpy(crc_salt + salt_len + 2, server->key, server->key_len); -+ fillcrc32to(crc_salt, salt_len + server->key_len + 2, (unsigned char *)outdata + 2); -+ free(crc_salt); -+ if (rand_len < 128) -+ { -+ outdata[6] = rand_len; -+ } -+ else -+ { -+ outdata[6] = 0xFF; -+ outdata[7] = rand_len >> 8; -+ outdata[8] = rand_len; -+ } -+ ++global->connection_id; -+ if (global->connection_id > 0xFF000000) { -+ rand_bytes(global->local_client_id, 8); -+ rand_bytes((uint8_t*)&global->connection_id, 4); -+ global->connection_id &= 0xFFFFFF; -+ } -+ time_t t = time(NULL); -+ memintcopy_lt(outdata + data_offset, t); -+ memmove(outdata + data_offset + 4, global->local_client_id, 4); -+ memintcopy_lt(outdata + data_offset + 8, global->connection_id); -+ memmove(outdata + data_offset + 12, data, datalength); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ ss_sha1_hmac(hash, outdata, out_size - OBFS_HMAC_SHA1_LEN, server->iv); -+ memcpy(outdata + out_size - OBFS_HMAC_SHA1_LEN, hash, OBFS_HMAC_SHA1_LEN); -+ return out_size; -+} -+ -+int auth_sha1_v4_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ char * out_buffer = (char*)malloc(datalength * 2 + 4096); -+ char * buffer = out_buffer; -+ char * data = plaindata; -+ int len = datalength; -+ int pack_len; -+ if (len > 0 && local->has_sent_header == 0) { -+ int head_size = get_head_size(plaindata, datalength, 30); -+ if (head_size > datalength) -+ head_size = datalength; -+ pack_len = auth_sha1_v4_pack_auth_data((auth_simple_global_data *)self->server.g_data, &self->server, data, head_size, buffer); -+ buffer += pack_len; -+ data += head_size; -+ len -= head_size; -+ local->has_sent_header = 1; -+ } -+ while ( len > auth_simple_pack_unit_size ) { -+ pack_len = auth_sha1_v4_pack_data(data, auth_simple_pack_unit_size, buffer); -+ buffer += pack_len; -+ data += auth_simple_pack_unit_size; -+ len -= auth_simple_pack_unit_size; -+ } -+ if (len > 0) { -+ pack_len = auth_sha1_v4_pack_data(data, len, buffer); -+ buffer += pack_len; -+ } -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int auth_sha1_v4_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ uint8_t * recv_buffer = (uint8_t *)local->recv_buffer; -+ if (local->recv_buffer_size + datalength > 16384) -+ return -1; -+ memmove(recv_buffer + local->recv_buffer_size, plaindata, datalength); -+ local->recv_buffer_size += datalength; -+ -+ char * out_buffer = (char*)malloc(local->recv_buffer_size); -+ char * buffer = out_buffer; -+ char error = 0; -+ while (local->recv_buffer_size > 4) { -+ uint32_t crc_val = crc32((unsigned char*)recv_buffer, 2); -+ if ((((uint32_t)recv_buffer[3] << 8) | recv_buffer[2]) != (crc_val & 0xffff)) { -+ local->recv_buffer_size = 0; -+ error = 1; -+ break; -+ } -+ int length = ((int)recv_buffer[0] << 8) | recv_buffer[1]; -+ if (length >= 8192 || length < 7) { -+ local->recv_buffer_size = 0; -+ error = 1; -+ break; -+ } -+ if (length > local->recv_buffer_size) -+ break; -+ -+ if (checkadler32((unsigned char*)recv_buffer, length) == 0) { -+ local->recv_buffer_size = 0; -+ error = 1; -+ break; -+ } -+ int pos = recv_buffer[4]; -+ if (pos < 255) -+ { -+ pos += 4; -+ } -+ else -+ { -+ pos = (((int)recv_buffer[5] << 8) | recv_buffer[6]) + 4; -+ } -+ int data_size = length - pos - 4; -+ memmove(buffer, recv_buffer + pos, data_size); -+ buffer += data_size; -+ memmove(recv_buffer, recv_buffer + length, local->recv_buffer_size -= length); -+ } -+ int len; -+ if (error == 0) { -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ } else { -+ len = -1; -+ } -+ free(out_buffer); -+ return len; -+} -+ -+ -+int auth_aes128_sha1_pack_data(char *data, int datalength, char *outdata, auth_simple_local_data *local, server_info *server) { -+ unsigned int rand_len = (datalength > 1200 ? 0 : local->pack_id > 4 ? (xorshift128plus() & 0x20) : datalength > 900 ? (xorshift128plus() & 0x80) : (xorshift128plus() & 0x200)) + 1; -+ int out_size = rand_len + datalength + 8; -+ memcpy(outdata + rand_len + 4, data, datalength); -+ outdata[0] = out_size; -+ outdata[1] = out_size >> 8; -+ uint8_t key_len = local->user_key_len + 4; -+ uint8_t *key = (uint8_t*)malloc(key_len); -+ memcpy(key, local->user_key, local->user_key_len); -+ memintcopy_lt(key + key_len - 4, local->pack_id); -+ -+ { -+ uint8_t rnd_data[rand_len]; -+ rand_bytes(rnd_data, rand_len); -+ memcpy(outdata + 4, rnd_data, rand_len); -+ } -+ -+ { -+ char hash[20]; -+ local->hmac(hash, outdata, 2, key, key_len); -+ memcpy(outdata + 2, hash, 2); -+ } -+ -+ if (rand_len < 128) -+ { -+ outdata[4] = rand_len; -+ } -+ else -+ { -+ outdata[4] = 0xFF; -+ outdata[5] = rand_len; -+ outdata[6] = rand_len >> 8; -+ } -+ ++local->pack_id; -+ -+ { -+ char hash[20]; -+ local->hmac(hash, outdata, out_size - 4, key, key_len); -+ memcpy(outdata + out_size - 4, hash, 4); -+ } -+ free(key); -+ -+ return out_size; -+} -+ -+int auth_aes128_sha1_pack_auth_data(auth_simple_global_data *global, server_info *server, auth_simple_local_data *local, char *data, int datalength, char *outdata) { -+ unsigned int rand_len = (datalength > 400 ? (xorshift128plus() & 0x200) : (xorshift128plus() & 0x400)); -+ int data_offset = rand_len + 16 + 4 + 4 + 7; -+ int out_size = data_offset + datalength + 4; -+ -+ char encrypt[24]; -+ char encrypt_data[16]; -+ -+ uint8_t *key = (uint8_t*)malloc(server->iv_len + server->key_len); -+ uint8_t key_len = server->iv_len + server->key_len; -+ memcpy(key, server->iv, server->iv_len); -+ memcpy(key + server->iv_len, server->key, server->key_len); -+ -+ { -+ uint8_t rnd_data[rand_len]; -+ rand_bytes(rnd_data, rand_len); -+ memcpy(outdata + data_offset - rand_len, rnd_data, rand_len); -+ } -+ -+ ++global->connection_id; -+ if (global->connection_id > 0xFF000000) { -+ rand_bytes(global->local_client_id, 8); -+ rand_bytes((uint8_t*)&global->connection_id, 4); -+ global->connection_id &= 0xFFFFFF; -+ } -+ time_t t = time(NULL); -+ memintcopy_lt(encrypt, t); -+ memcpy(encrypt + 4, global->local_client_id, 4); -+ memintcopy_lt(encrypt + 8, global->connection_id); -+ encrypt[12] = out_size; -+ encrypt[13] = out_size >> 8; -+ encrypt[14] = rand_len; -+ encrypt[15] = rand_len >> 8; -+ -+ { -+ -+ if (local->user_key == NULL) { -+ if(server->param != NULL && server->param[0] != 0) { -+ char *param = server->param; -+ char *delim = strchr(param, ':'); -+ if(delim != NULL) { -+ char uid_str[16] = {}; -+ strncpy(uid_str, param, delim - param); -+ char key_str[128]; -+ strcpy(key_str, delim + 1); -+ long uid_long = strtol(uid_str, NULL, 10); -+ memintcopy_lt(local->uid, uid_long); -+ -+ char hash[21] = {0}; -+ local->hash(hash, key_str, strlen(key_str)); -+ -+ local->user_key_len = local->hash_len; -+ local->user_key = (uint8_t*)malloc(local->user_key_len); -+ memcpy(local->user_key, hash, local->hash_len); -+ } -+ } -+ if (local->user_key == NULL) { -+ rand_bytes((uint8_t *)local->uid, 4); -+ -+ local->user_key_len = server->key_len; -+ local->user_key = (uint8_t*)malloc(local->user_key_len); -+ memcpy(local->user_key, server->key, local->user_key_len); -+ } -+ } -+ -+ char encrypt_key_base64[256] = {0}; -+ unsigned char encrypt_key[local->user_key_len]; -+ memcpy(encrypt_key, local->user_key, local->user_key_len); -+ base64_encode(encrypt_key, local->user_key_len, encrypt_key_base64); -+ -+ int base64_len; -+ base64_len = (local->user_key_len + 2) / 3 * 4; -+ memcpy(encrypt_key_base64 + base64_len, local->salt, strlen(local->salt)); -+ -+ char enc_key[16]; -+ int enc_key_len = base64_len + strlen(local->salt); -+ bytes_to_key_with_size(encrypt_key_base64, enc_key_len, (uint8_t*)enc_key, 16); -+ ss_aes_128_cbc(encrypt, encrypt_data, enc_key); -+ memcpy(encrypt + 4, encrypt_data, 16); -+ memcpy(encrypt, local->uid, 4); -+ } -+ -+ { -+ char hash[20]; -+ local->hmac(hash, encrypt, 20, key, key_len); -+ memcpy(encrypt + 20, hash, 4); -+ } -+ -+ { -+ uint8_t rnd[1]; -+ rand_bytes(rnd, 1); -+ memcpy(outdata, rnd, 1); -+ char hash[20]; -+ local->hmac(hash, (char *)rnd, 1, key, key_len); -+ memcpy(outdata + 1, hash, 6); -+ } -+ -+ memcpy(outdata + 7, encrypt, 24); -+ memcpy(outdata + data_offset, data, datalength); -+ -+ { -+ char hash[20]; -+ local->hmac(hash, outdata, out_size - 4, local->user_key, local->user_key_len); -+ memmove(outdata + out_size - 4, hash, 4); -+ } -+ free(key); -+ -+ return out_size; -+} -+ -+int auth_aes128_sha1_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ char * out_buffer = (char*)malloc(datalength * 2 + 4096); -+ char * buffer = out_buffer; -+ char * data = plaindata; -+ int len = datalength; -+ int pack_len; -+ if (len > 0 && local->has_sent_header == 0) { -+ int head_size = 1200; -+ if (head_size > datalength) -+ head_size = datalength; -+ pack_len = auth_aes128_sha1_pack_auth_data((auth_simple_global_data *)self->server.g_data, &self->server, local, data, head_size, buffer); -+ buffer += pack_len; -+ data += head_size; -+ len -= head_size; -+ local->has_sent_header = 1; -+ } -+ while ( len > auth_simple_pack_unit_size ) { -+ pack_len = auth_aes128_sha1_pack_data(data, auth_simple_pack_unit_size, buffer, local, &self->server); -+ buffer += pack_len; -+ data += auth_simple_pack_unit_size; -+ len -= auth_simple_pack_unit_size; -+ } -+ if (len > 0) { -+ pack_len = auth_aes128_sha1_pack_data(data, len, buffer, local, &self->server); -+ buffer += pack_len; -+ } -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int auth_aes128_sha1_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ //server_info *server = (server_info*)&self->server; -+ uint8_t * recv_buffer = (uint8_t *)local->recv_buffer; -+ if (local->recv_buffer_size + datalength > 16384) -+ return -1; -+ memmove(recv_buffer + local->recv_buffer_size, plaindata, datalength); -+ local->recv_buffer_size += datalength; -+ -+ int key_len = local->user_key_len + 4; -+ uint8_t *key = (uint8_t*)malloc(key_len); -+ memcpy(key, local->user_key, local->user_key_len); -+ -+ char * out_buffer = (char*)malloc(local->recv_buffer_size); -+ char * buffer = out_buffer; -+ char error = 0; -+ while (local->recv_buffer_size > 4) { -+ memintcopy_lt(key + key_len - 4, local->recv_id); -+ -+ { -+ char hash[20]; -+ local->hmac(hash, (char*)recv_buffer, 2, key, key_len); -+ -+ if (memcmp(hash, recv_buffer + 2, 2)) { -+ local->recv_buffer_size = 0; -+ error = 1; -+ break; -+ } -+ } -+ -+ int length = ((int)recv_buffer[1] << 8) + recv_buffer[0]; -+ if (length >= 8192 || length < 8) { -+ local->recv_buffer_size = 0; -+ error = 1; -+ break; -+ } -+ if (length > local->recv_buffer_size) -+ break; -+ -+ { -+ char hash[20]; -+ local->hmac(hash, (char *)recv_buffer, length - 4, key, key_len); -+ if (memcmp(hash, recv_buffer + length - 4, 4)) -+ { -+ local->recv_buffer_size = 0; -+ error = 1; -+ break; -+ } -+ } -+ -+ ++local->recv_id; -+ int pos = recv_buffer[4]; -+ if (pos < 255) -+ { -+ pos += 4; -+ } -+ else -+ { -+ pos = (((int)recv_buffer[6] << 8) | recv_buffer[5]) + 4; -+ } -+ int data_size = length - pos - 4; -+ memmove(buffer, recv_buffer + pos, data_size); -+ buffer += data_size; -+ memmove(recv_buffer, recv_buffer + length, local->recv_buffer_size -= length); -+ } -+ int len; -+ if (error == 0) { -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ } else { -+ len = -1; -+ } -+ free(out_buffer); -+ free(key); -+ return len; -+} -+ -+int auth_aes128_sha1_client_udp_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ char * out_buffer = (char*)malloc(datalength + 8); -+ -+ if (local->user_key == NULL) { -+ if(self->server.param != NULL && self->server.param[0] != 0) { -+ char *param = self->server.param; -+ char *delim = strchr(param, ':'); -+ if(delim != NULL) { -+ char uid_str[16] = {}; -+ strncpy(uid_str, param, delim - param); -+ char key_str[128]; -+ strcpy(key_str, delim + 1); -+ long uid_long = strtol(uid_str, NULL, 10); -+ memintcopy_lt(local->uid, uid_long); -+ -+ char hash[21] = {0}; -+ local->hash(hash, key_str, strlen(key_str)); -+ -+ local->user_key_len = local->hash_len; -+ local->user_key = (uint8_t*)malloc(local->user_key_len); -+ memcpy(local->user_key, hash, local->hash_len); -+ } -+ } -+ if (local->user_key == NULL) { -+ rand_bytes((uint8_t *)local->uid, 4); -+ -+ local->user_key_len = self->server.key_len; -+ local->user_key = (uint8_t*)malloc(local->user_key_len); -+ memcpy(local->user_key, self->server.key, local->user_key_len); -+ } -+ } -+ -+ int outlength = datalength + 8; -+ memmove(out_buffer, plaindata, datalength); -+ memmove(out_buffer + datalength, local->uid, 4); -+ -+ { -+ char hash[20]; -+ local->hmac(hash, out_buffer, outlength - 4, local->user_key, local->user_key_len); -+ memmove(out_buffer + outlength - 4, hash, 4); -+ } -+ -+ if (*capacity < outlength) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = outlength * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, outlength); -+ -+ free(out_buffer); -+ return outlength; -+} -+ -+int auth_aes128_sha1_client_udp_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity) { -+ if (datalength <= 4) -+ return 0; -+ -+ char *plaindata = *pplaindata; -+ auth_simple_local_data *local = (auth_simple_local_data*)self->l_data; -+ -+ char hash[20]; -+ local->hmac(hash, plaindata, datalength - 4, self->server.key, self->server.key_len); -+ -+ if (memcmp(hash, plaindata + datalength - 4, 4)) -+ { -+ return 0; -+ } -+ -+ return datalength - 4; -+} -diff --git a/server/auth.h b/server/auth.h -new file mode 100644 -index 0000000..f7730df ---- /dev/null -+++ b/server/auth.h -@@ -0,0 +1,30 @@ -+/* -+ * auth.h - Define shadowsocksR server's buffers and callbacks -+ * -+ * Copyright (C) 2015 - 2016, Break Wa11 -+ */ -+ -+#ifndef _AUTH_H -+#define _AUTH_H -+ -+void * auth_simple_init_data(); -+obfs * auth_simple_new_obfs(); -+void auth_simple_dispose(obfs *self); -+ -+int auth_simple_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+int auth_simple_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+ -+ -+int auth_sha1_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+int auth_sha1_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+ -+int auth_sha1_v2_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+int auth_sha1_v2_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+ -+int auth_sha1_v4_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+int auth_sha1_v4_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+ -+int auth_aes128_sha1_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+int auth_aes128_sha1_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+ -+#endif // _AUTH_H -diff --git a/server/base64.c b/server/base64.c -new file mode 100644 -index 0000000..7cf9552 ---- /dev/null -+++ b/server/base64.c -@@ -0,0 +1,119 @@ -+#include "base64.h" -+ -+/* BASE 64 encode table */ -+static const char base64en[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; -+ -+#define BASE64_PAD '=' -+ -+#define BASE64DE_FIRST '+' -+#define BASE64DE_LAST 'z' -+ -+/* ASCII order for BASE 64 decode, -1 in unused character */ -+static const signed char base64de[] = { -+ -1, -1, -1, -1, -1, -1, -1, -1, -+ -1, -1, -1, -1, -1, -1, -1, -1, -+ -1, -1, -1, -1, -1, -1, -1, -1, -+ -1, -1, -1, -1, -1, -1, -1, -1, -+ -1, -1, -1, -1, -1, -1, -1, -1, -+ /* '+', ',', '-', '.', '/', */ -+ -1, -1, -1, 62, -1, -1, -1, 63, -+ /* '0', '1', '2', '3', '4', '5', '6', '7', */ -+ 52, 53, 54, 55, 56, 57, 58, 59, -+ /* '8', '9', ':', ';', '<', '=', '>', '?', */ -+ 60, 61, -1, -1, -1, -1, -1, -1, -+ /* '@', 'A', 'B', 'C', 'D', 'E', 'F', 'G', */ -+ -1, 0, 1, 2, 3, 4, 5, 6, -+ /* 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', */ -+ 7, 8, 9, 10, 11, 12, 13, 14, -+ /* 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', */ -+ 15, 16, 17, 18, 19, 20, 21, 22, -+ /* 'X', 'Y', 'Z', '[', '\', ']', '^', '_', */ -+ 23, 24, 25, -1, -1, -1, -1, -1, -+ /* '`', 'a', 'b', 'c', 'd', 'e', 'f', 'g', */ -+ -1, 26, 27, 28, 29, 30, 31, 32, -+ /* 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', */ -+ 33, 34, 35, 36, 37, 38, 39, 40, -+ /* 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', */ -+ 41, 42, 43, 44, 45, 46, 47, 48, -+ /* 'x', 'y', 'z', */ -+ 49, 50, 51, -+}; -+ -+int -+base64_encode(const unsigned char *in, unsigned int inlen, char *out) -+{ -+ unsigned int i, j; -+ -+ for (i = j = 0; i < inlen; i++) { -+ int s = i % 3; /* from 6/gcd(6, 8) */ -+ -+ switch (s) { -+ case 0: -+ out[j++] = base64en[(in[i] >> 2) & 0x3F]; -+ continue; -+ case 1: -+ out[j++] = base64en[((in[i-1] & 0x3) << 4) + ((in[i] >> 4) & 0xF)]; -+ continue; -+ case 2: -+ out[j++] = base64en[((in[i-1] & 0xF) << 2) + ((in[i] >> 6) & 0x3)]; -+ out[j++] = base64en[in[i] & 0x3F]; -+ } -+ } -+ -+ /* move back */ -+ i -= 1; -+ -+ /* check the last and add padding */ -+ if ((i % 3) == 0) { -+ out[j++] = base64en[(in[i] & 0x3) << 4]; -+ out[j++] = BASE64_PAD; -+ out[j++] = BASE64_PAD; -+ } else if ((i % 3) == 1) { -+ out[j++] = base64en[(in[i] & 0xF) << 2]; -+ out[j++] = BASE64_PAD; -+ } -+ -+ return BASE64_OK; -+} -+ -+int -+base64_decode(const char *in, unsigned int inlen, unsigned char *out) -+{ -+ unsigned int i, j; -+ -+ for (i = j = 0; i < inlen; i++) { -+ int c; -+ int s = i % 4; /* from 8/gcd(6, 8) */ -+ -+ if (in[i] == '=') -+ return BASE64_OK; -+ -+ if (in[i] < BASE64DE_FIRST || in[i] > BASE64DE_LAST || -+ (c = base64de[(int)in[i]]) == -1) -+ return BASE64_INVALID; -+ -+ switch (s) { -+ case 0: -+ out[j] = ((unsigned int)c << 2) & 0xFF; -+ continue; -+ case 1: -+ out[j++] += ((unsigned int)c >> 4) & 0x3; -+ -+ /* if not last char with padding */ -+ if (i < (inlen - 3) || in[inlen - 2] != '=') -+ out[j] = ((unsigned int)c & 0xF) << 4; -+ continue; -+ case 2: -+ out[j++] += ((unsigned int)c >> 2) & 0xF; -+ -+ /* if not last char with padding */ -+ if (i < (inlen - 2) || in[inlen - 1] != '=') -+ out[j] = ((unsigned int)c & 0x3) << 6; -+ continue; -+ case 3: -+ out[j++] += (unsigned char)c; -+ } -+ } -+ -+ return BASE64_OK; -+} -diff --git a/server/base64.h b/server/base64.h -new file mode 100644 -index 0000000..6432ba3 ---- /dev/null -+++ b/server/base64.h -@@ -0,0 +1,16 @@ -+#ifndef __BASE64_H__ -+#define __BASE64_H__ -+ -+enum {BASE64_OK = 0, BASE64_INVALID}; -+ -+#define BASE64_ENCODE_OUT_SIZE(s) (((s) + 2) / 3 * 4) -+#define BASE64_DECODE_OUT_SIZE(s) (((s)) / 4 * 3) -+ -+int -+base64_encode(const unsigned char *in, unsigned int inlen, char *out); -+ -+int -+base64_decode(const char *in, unsigned int inlen, unsigned char *out); -+ -+ -+#endif /* __BASE64_H__ */ -diff --git a/server/cache.c b/server/cache.c -new file mode 100644 -index 0000000..c1a2995 ---- /dev/null -+++ b/server/cache.c -@@ -0,0 +1,308 @@ -+/* -+ * cache.c - Manage the connection cache for UDPRELAY -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+/* -+ * Original Author: Oliver Lorenz (ol), olli@olorenz.org, https://olorenz.org -+ * License: This is licensed under the same terms as uthash itself -+ */ -+ -+#include -+#include -+ -+#include "cache.h" -+#include "utils.h" -+ -+#ifdef __MINGW32__ -+#include "win32.h" -+#endif -+ -+/** Creates a new cache object -+ * -+ * @param dst -+ * Where the newly allocated cache object will be stored in -+ * -+ * @param capacity -+ * The maximum number of elements this cache object can hold -+ * -+ * @return EINVAL if dst is NULL, ENOMEM if malloc fails, 0 otherwise -+ */ -+int -+cache_create(struct cache **dst, const size_t capacity, -+ void (*free_cb)(void *key, void *element)) -+{ -+ struct cache *new = NULL; -+ -+ if (!dst) { -+ return EINVAL; -+ } -+ -+ if ((new = malloc(sizeof(*new))) == NULL) { -+ return ENOMEM; -+ } -+ -+ new->max_entries = capacity; -+ new->entries = NULL; -+ new->free_cb = free_cb; -+ *dst = new; -+ return 0; -+} -+ -+/** Frees an allocated cache object -+ * -+ * @param cache -+ * The cache object to free -+ * -+ * @param keep_data -+ * Whether to free contained data or just delete references to it -+ * -+ * @return EINVAL if cache is NULL, 0 otherwise -+ */ -+int -+cache_delete(struct cache *cache, int keep_data) -+{ -+ struct cache_entry *entry, *tmp; -+ -+ if (!cache) { -+ return EINVAL; -+ } -+ -+ if (keep_data) { -+ HASH_CLEAR(hh, cache->entries); -+ } else { -+ HASH_ITER(hh, cache->entries, entry, tmp){ -+ HASH_DEL(cache->entries, entry); -+ if (entry->data != NULL) { -+ if (cache->free_cb) { -+ cache->free_cb(entry->key, entry->data); -+ } else { -+ ss_free(entry->data); -+ } -+ } -+ ss_free(entry->key); -+ ss_free(entry); -+ } -+ } -+ -+ ss_free(cache); -+ return 0; -+} -+ -+/** Clear old cache object -+ * -+ * @param cache -+ * The cache object to clear -+ * -+ * @param age -+ * Clear only objects older than the age (sec) -+ * -+ * @return EINVAL if cache is NULL, 0 otherwise -+ */ -+int -+cache_clear(struct cache *cache, ev_tstamp age) -+{ -+ struct cache_entry *entry, *tmp; -+ -+ if (!cache) { -+ return EINVAL; -+ } -+ -+ ev_tstamp now = ev_time(); -+ -+ HASH_ITER(hh, cache->entries, entry, tmp){ -+ if (now - entry->ts > age) { -+ HASH_DEL(cache->entries, entry); -+ if (entry->data != NULL) { -+ if (cache->free_cb) { -+ cache->free_cb(entry->key, entry->data); -+ } else { -+ ss_free(entry->data); -+ } -+ } -+ ss_free(entry->key); -+ ss_free(entry); -+ } -+ } -+ -+ return 0; -+} -+ -+/** Removes a cache entry -+ * -+ * @param cache -+ * The cache object -+ * -+ * @param key -+ * The key of the entry to remove -+ * -+ * @param key_len -+ * The length of key -+ * -+ * @return EINVAL if cache is NULL, 0 otherwise -+ */ -+int -+cache_remove(struct cache *cache, char *key, size_t key_len) -+{ -+ struct cache_entry *tmp; -+ -+ if (!cache || !key) { -+ return EINVAL; -+ } -+ -+ HASH_FIND(hh, cache->entries, key, key_len, tmp); -+ -+ if (tmp) { -+ HASH_DEL(cache->entries, tmp); -+ if (tmp->data != NULL) { -+ if (cache->free_cb) { -+ cache->free_cb(tmp->key, tmp->data); -+ } else { -+ ss_free(tmp->data); -+ } -+ } -+ ss_free(tmp->key); -+ ss_free(tmp); -+ } -+ -+ return 0; -+} -+ -+/** Checks if a given key is in the cache -+ * -+ * @param cache -+ * The cache object -+ * -+ * @param key -+ * The key to look-up -+ * -+ * @param key_len -+ * The length of key -+ * -+ * @param result -+ * Where to store the result if key is found. -+ * -+ * A warning: Even though result is just a pointer, -+ * you have to call this function with a **ptr, -+ * otherwise this will blow up in your face. -+ * -+ * @return EINVAL if cache is NULL, 0 otherwise -+ */ -+int -+cache_lookup(struct cache *cache, char *key, size_t key_len, void *result) -+{ -+ struct cache_entry *tmp = NULL; -+ char **dirty_hack = result; -+ -+ if (!cache || !key || !result) { -+ return EINVAL; -+ } -+ -+ HASH_FIND(hh, cache->entries, key, key_len, tmp); -+ if (tmp) { -+ HASH_DELETE(hh, cache->entries, tmp); -+ tmp->ts = ev_time(); -+ HASH_ADD_KEYPTR(hh, cache->entries, tmp->key, key_len, tmp); -+ *dirty_hack = tmp->data; -+ } else { -+ *dirty_hack = result = NULL; -+ } -+ -+ return 0; -+} -+ -+int -+cache_key_exist(struct cache *cache, char *key, size_t key_len) -+{ -+ struct cache_entry *tmp = NULL; -+ -+ if (!cache || !key) { -+ return 0; -+ } -+ -+ HASH_FIND(hh, cache->entries, key, key_len, tmp); -+ if (tmp) { -+ HASH_DELETE(hh, cache->entries, tmp); -+ tmp->ts = ev_time(); -+ HASH_ADD_KEYPTR(hh, cache->entries, tmp->key, key_len, tmp); -+ return 1; -+ } else { -+ return 0; -+ } -+ -+ return 0; -+} -+ -+/** Inserts a given pair into the cache -+ * -+ * @param cache -+ * The cache object -+ * -+ * @param key -+ * The key that identifies -+ * -+ * @param key_len -+ * The length of key -+ * -+ * @param data -+ * Data associated with -+ * -+ * @return EINVAL if cache is NULL, ENOMEM if malloc fails, 0 otherwise -+ */ -+int -+cache_insert(struct cache *cache, char *key, size_t key_len, void *data) -+{ -+ struct cache_entry *entry = NULL; -+ struct cache_entry *tmp_entry = NULL; -+ -+ if (!cache) { -+ return EINVAL; -+ } -+ -+ if ((entry = malloc(sizeof(*entry))) == NULL) { -+ return ENOMEM; -+ } -+ -+ entry->key = ss_malloc(key_len + 1); -+ memcpy(entry->key, key, key_len); -+ entry->key[key_len] = 0; -+ -+ entry->data = data; -+ entry->ts = ev_time(); -+ HASH_ADD_KEYPTR(hh, cache->entries, entry->key, key_len, entry); -+ -+ if (HASH_COUNT(cache->entries) >= cache->max_entries) { -+ HASH_ITER(hh, cache->entries, entry, tmp_entry){ -+ HASH_DELETE(hh, cache->entries, entry); -+ if (entry->data != NULL) { -+ if (cache->free_cb) { -+ cache->free_cb(entry->key, entry->data); -+ } else { -+ ss_free(entry->data); -+ } -+ } -+ ss_free(entry->key); -+ ss_free(entry); -+ break; -+ } -+ } -+ -+ return 0; -+} -diff --git a/server/cache.h b/server/cache.h -new file mode 100644 -index 0000000..0ec98f5 ---- /dev/null -+++ b/server/cache.h -@@ -0,0 +1,62 @@ -+/* -+ * cache.h - Define the cache manager interface -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+/* -+ * Original Author: Oliver Lorenz (ol), olli@olorenz.org, https://olorenz.org -+ * License: This is licensed under the same terms as uthash itself -+ */ -+ -+#ifndef _CACHE_ -+#define _CACHE_ -+ -+#include "uthash.h" -+#include "ev.h" -+ -+/** -+ * A cache entry -+ */ -+struct cache_entry { -+ char *key; /** -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+//#define __DEBUG__ -+#ifdef __DEBUG__ -+#define DEBUG(format,...) printf("File: "__FILE__", Line: %05d: "format"/n", __LINE__, ##__VA_ARGS__) -+#else -+#define DEBUG(format,...) -+#endif -+ -+static sigjmp_buf jmpbuf; -+static void alarm_func() -+{ -+ siglongjmp(jmpbuf, 1); -+} -+ -+static struct hostent *timeGethostbyname(const char *domain, int timeout) -+{ -+ struct hostent *ipHostent = NULL; -+ signal(SIGALRM, alarm_func); -+ if(sigsetjmp(jmpbuf, 1) != 0) -+ { -+ alarm(0);//timout -+ signal(SIGALRM, SIG_IGN); -+ return NULL; -+ } -+ alarm(timeout);//setting alarm -+ ipHostent = gethostbyname(domain); -+ signal(SIGALRM, SIG_IGN); -+ return ipHostent; -+} -+ -+ -+#define MY_HTTP_DEFAULT_PORT 80 -+#define BUFFER_SIZE 1024 -+#define HTTP_POST "POST /%s HTTP/1.1\r\nHOST: %s:%d\r\nAccept: */*\r\n"\ -+ "Content-Type:application/x-www-form-urlencoded\r\nContent-Length: %d\r\n\r\n%s" -+#define HTTP_GET "GET /%s HTTP/1.1\r\nHOST: %s:%d\r\nAccept: */*\r\n\r\n" -+ -+static int http_parse_url(const char *url,char *host,char *file,int *port) -+{ -+ char *ptr1,*ptr2; -+ int len = 0; -+ if(!url || !host || !file || !port){ -+ return 1; -+ } -+ -+ ptr1 = (char *)url; -+ -+ if(!strncmp(ptr1,"http://",strlen("http://"))){ -+ ptr1 += strlen("http://"); -+ }else{ -+ return 1; -+ } -+ -+ ptr2 = strchr(ptr1,'/'); -+ if(ptr2){ -+ len = strlen(ptr1) - strlen(ptr2); -+ memcpy(host,ptr1,len); -+ host[len] = '\0'; -+ if(*(ptr2 + 1)){ -+ memcpy(file,ptr2 + 1,strlen(ptr2) - 1 ); -+ file[strlen(ptr2) - 1] = '\0'; -+ } -+ }else{ -+ memcpy(host,ptr1,strlen(ptr1)); -+ host[strlen(ptr1)] = '\0'; -+ } -+ //get host and ip -+ ptr1 = strchr(host,':'); -+ if(ptr1){ -+ *ptr1++ = '\0'; -+ *port = atoi(ptr1); -+ }else{ -+ *port = MY_HTTP_DEFAULT_PORT; -+ } -+ -+ return 0; -+} -+ -+ -+static int http_tcpclient_recv(int socket,char *lpbuff){ -+ int recvnum = 0; -+ -+ recvnum = recv(socket, lpbuff,BUFFER_SIZE*4,0); -+ -+ return recvnum; -+} -+ -+static int http_tcpclient_send(int socket,char *buff,int size){ -+ int sent=0,tmpres=0; -+ -+ while(sent < size){ -+ tmpres = send(socket,buff+sent,size-sent,0); -+ if(tmpres == -1){ -+ return 1; -+ } -+ sent += tmpres; -+ } -+ return sent; -+} -+ -+ -+ -+ -+ -+int http_get(const char *url,int socket_fd) -+{ -+ char lpbuf[BUFFER_SIZE*4] = {'\0'}; -+ -+ char host_addr[BUFFER_SIZE] = {'\0'}; -+ char file[BUFFER_SIZE] = {'\0'}; -+ int port = 0; -+ -+ -+ if(!url){ -+ DEBUG(" failed!\n"); -+ return 1; -+ } -+ -+ if(http_parse_url(url,host_addr,file,&port)){ -+ DEBUG("http_parse_url failed!\n"); -+ return 1; -+ } -+ DEBUG("url: %s\thost_addr : %s\tfile:%s\t,%d\n",url,host_addr,file,port); -+ -+ -+ if(socket_fd < 0){ -+ DEBUG("http_tcpclient_create failed\n"); -+ return 1; -+ } -+ -+ sprintf(lpbuf,HTTP_GET,file,host_addr,port); -+ -+ if(http_tcpclient_send(socket_fd,lpbuf,strlen(lpbuf)) < 0){ -+ DEBUG("http_tcpclient_send failed..\n"); -+ return 1; -+ } -+ DEBUG("request:\n%s\n",lpbuf); -+ -+ if(http_tcpclient_recv(socket_fd,lpbuf) <= 0){ -+ DEBUG("http_tcpclient_recv failed\n"); -+ close(socket_fd); -+ return 1; -+ } -+ DEBUG("rec:\n%s\n",lpbuf); -+ close(socket_fd); -+ -+ //return http_parse_result(lpbuf); -+return 0; -+} -+ -+ -+ -+int main(int argc, char *argv[]) -+{ -+ int fd,http_flag=0,http_ret=1; -+ struct sockaddr_in addr; -+ struct hostent *host; -+ struct timeval timeo = {3, 0}; -+ socklen_t len = sizeof(timeo); -+ -+ char http_url[100]="http://"; -+ -+ -+ -+ fd = socket(AF_INET, SOCK_STREAM, 0); -+ if (argc >= 4) -+ timeo.tv_sec = atoi(argv[3]); -+ if (argc>=5) -+ http_flag=1; -+ -+ if((host=timeGethostbyname(argv[1],timeo.tv_sec)) == NULL) { -+ DEBUG("gethostbyname err\n"); -+ return 1; -+ } -+ if (setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &timeo, len) == -1) -+ { -+ -+ DEBUG("setsockopt send err\n"); -+ return 1; -+ } -+ -+ if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &timeo, len) == -1) -+ { -+ -+ DEBUG("setsockopt recv err\n"); -+ return 1; -+ } -+ -+ addr.sin_family = AF_INET; -+ addr.sin_addr = *((struct in_addr *)host->h_addr); -+ //addr.sin_addr.s_addr = inet_addr(argv[1]); -+ addr.sin_port = htons(atoi(argv[2])); -+if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1) -+ { -+ if (errno == EINPROGRESS) -+ { -+ DEBUG("timeout err\n"); -+ return 1; -+ } -+ DEBUG("connect err\n"); -+ return 1; -+ } -+if(http_flag==0) -+{ -+ close(fd); -+ return 0; -+} -+strcat(http_url,argv[1]); -+http_ret=http_get(http_url,fd); -+if(http_ret==1) -+{ -+DEBUG("recv err"); -+ return 1; -+} -+else -+{ -+DEBUG("recv ok"); -+ -+ return 0; -+} -+ -+} -\ No newline at end of file -diff --git a/server/common.h b/server/common.h -new file mode 100644 -index 0000000..000f084 ---- /dev/null -+++ b/server/common.h -@@ -0,0 +1,58 @@ -+/* -+ * common.h - Provide global definitions -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifndef _COMMON_H -+#define _COMMON_H -+ -+#define DEFAULT_CONF_PATH "/etc/shadowsocks-libev/config.json" -+ -+#ifndef SOL_TCP -+#define SOL_TCP IPPROTO_TCP -+#endif -+ -+#if defined(MODULE_TUNNEL) || defined(MODULE_REDIR) -+#define MODULE_LOCAL -+#endif -+ -+int init_udprelay(const char *server_host, const char *server_port, -+#ifdef MODULE_LOCAL -+ const struct sockaddr *remote_addr, const int remote_addr_len, -+#ifdef MODULE_TUNNEL -+ const ss_addr_t tunnel_addr, -+#endif -+#endif -+ int mtu, int method, int auth, int timeout, const char *iface, const char *protocol, const char *protocol_param); -+ -+void free_udprelay(void); -+ -+#ifdef ANDROID -+int protect_socket(int fd); -+int send_traffic_stat(uint64_t tx, uint64_t rx); -+#endif -+ -+#define STAGE_ERROR -1 /* Error detected */ -+#define STAGE_INIT 0 /* Initial stage */ -+#define STAGE_HANDSHAKE 1 /* Handshake with client */ -+#define STAGE_PARSE 2 /* Parse the header */ -+#define STAGE_RESOLVE 4 /* Resolve the hostname */ -+#define STAGE_STREAM 5 /* Stream between client and server */ -+ -+#endif // _COMMON_H -diff --git a/server/crc32.c b/server/crc32.c -new file mode 100644 -index 0000000..6d328d2 ---- /dev/null -+++ b/server/crc32.c -@@ -0,0 +1,97 @@ -+static uint32_t crc32_table[256] = {0}; -+ -+void init_crc32_table(void) { -+ uint32_t c, i, j; -+ if (crc32_table[0] == 0) { -+ for (i = 0; i < 256; i++) { -+ c = i; -+ for (j = 0; j < 8; j++) { -+ if (c & 1) -+ c = 0xedb88320L ^ (c >> 1); -+ else -+ c = c >> 1; -+ } -+ crc32_table[i] = c; -+ } -+ } -+} -+ -+uint32_t crc32(unsigned char *buffer, unsigned int size) { -+ uint32_t crc = 0xFFFFFFFF; -+ unsigned int i; -+ for (i = 0; i < size; i++) { -+ crc = crc32_table[(crc ^ buffer[i]) & 0xFF] ^ (crc >> 8); -+ } -+ return crc ^ 0xFFFFFFFF; -+} -+ -+void fillcrc32to(unsigned char *buffer, unsigned int size, unsigned char *outbuffer) { -+ uint32_t crc = 0xFFFFFFFF; -+ unsigned int i; -+ for (i = 0; i < size; i++) { -+ crc = crc32_table[(crc ^ buffer[i]) & 0xff] ^ (crc >> 8); -+ } -+ crc ^= 0xFFFFFFFF; -+ outbuffer[0] = crc; -+ outbuffer[1] = crc >> 8; -+ outbuffer[2] = crc >> 16; -+ outbuffer[3] = crc >> 24; -+} -+ -+void fillcrc32(unsigned char *buffer, unsigned int size) { -+ uint32_t crc = 0xFFFFFFFF; -+ unsigned int i; -+ size -= 4; -+ for (i = 0; i < size; i++) { -+ crc = crc32_table[(crc ^ buffer[i]) & 0xff] ^ (crc >> 8); -+ } -+ buffer += size; -+ buffer[0] = crc; -+ buffer[1] = crc >> 8; -+ buffer[2] = crc >> 16; -+ buffer[3] = crc >> 24; -+} -+ -+void adler32_short(unsigned char *buffer, unsigned int size, uint32_t *a, uint32_t *b) { -+ for (int i = 0; i < size; i++) { -+ *a += buffer[i]; -+ *b += *a; -+ } -+ *a %= 65521; -+ *b %= 65521; -+} -+ -+#define NMAX 5552 -+uint32_t adler32(unsigned char *buffer, unsigned int size) { -+ uint32_t a = 1; -+ uint32_t b = 0; -+ while ( size >= NMAX ) { -+ adler32_short(buffer, NMAX, &a, &b); -+ buffer += NMAX; -+ size -= NMAX; -+ } -+ adler32_short(buffer, size, &a, &b); -+ return (b << 16) + a; -+} -+#undef NMAX -+ -+void filladler32(unsigned char *buffer, unsigned int size) { -+ size -= 4; -+ uint32_t checksum = adler32(buffer, size); -+ buffer += size; -+ buffer[0] = checksum; -+ buffer[1] = checksum >> 8; -+ buffer[2] = checksum >> 16; -+ buffer[3] = checksum >> 24; -+} -+ -+int checkadler32(unsigned char *buffer, unsigned int size) { -+ size -= 4; -+ uint32_t checksum = adler32(buffer, size); -+ buffer += size; -+ return checksum == (((uint32_t)buffer[3] << 24) -+ | ((uint32_t)buffer[2] << 16) -+ | ((uint32_t)buffer[1] << 8) -+ | (uint32_t)buffer[0]); -+} -+ -diff --git a/server/encrypt.c b/server/encrypt.c -new file mode 100644 -index 0000000..37dd5cd ---- /dev/null -+++ b/server/encrypt.c -@@ -0,0 +1,1645 @@ -+/* -+ * encrypt.c - Manage the global encryptor -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#include -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ -+#include -+#include -+#include -+#include -+ -+#elif defined(USE_CRYPTO_POLARSSL) -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#define CIPHER_UNSUPPORTED "unsupported" -+ -+#include -+#ifdef _WIN32 -+#include -+#include -+#else -+#include -+#endif -+ -+#elif defined(USE_CRYPTO_MBEDTLS) -+ -+#include -+#include -+#include -+#include -+#include -+#define CIPHER_UNSUPPORTED "unsupported" -+ -+#include -+#ifdef _WIN32 -+#include -+#include -+#else -+#include -+#endif -+ -+#endif -+ -+#include -+ -+#ifndef __MINGW32__ -+#include -+#endif -+ -+#include "cache.h" -+#include "encrypt.h" -+#include "utils.h" -+ -+#define OFFSET_ROL(p, o) ((uint64_t)(*(p + o)) << (8 * o)) -+ -+static uint8_t *enc_table; -+static uint8_t *dec_table; -+static uint8_t enc_key[MAX_KEY_LENGTH]; -+static int enc_key_len; -+static int enc_iv_len; -+static int enc_method; -+ -+static struct cache *iv_cache; -+ -+#ifdef DEBUG -+static void -+dump(char *tag, char *text, int len) -+{ -+ int i; -+ printf("%s: ", tag); -+ for (i = 0; i < len; i++) -+ printf("0x%02x ", (uint8_t)text[i]); -+ printf("\n"); -+} -+ -+#endif -+ -+static const char *supported_ciphers[CIPHER_NUM] = { -+ "table", -+ "rc4", -+ "rc4-md5-6", -+ "rc4-md5", -+ "aes-128-cfb", -+ "aes-192-cfb", -+ "aes-256-cfb", -+ "aes-128-ctr", -+ "aes-192-ctr", -+ "aes-256-ctr", -+ "bf-cfb", -+ "camellia-128-cfb", -+ "camellia-192-cfb", -+ "camellia-256-cfb", -+ "cast5-cfb", -+ "des-cfb", -+ "idea-cfb", -+ "rc2-cfb", -+ "seed-cfb", -+ "salsa20", -+ "chacha20", -+ "chacha20-ietf" -+}; -+ -+#ifdef USE_CRYPTO_POLARSSL -+static const char *supported_ciphers_polarssl[CIPHER_NUM] = { -+ "table", -+ "ARC4-128", -+ "ARC4-128", -+ "ARC4-128", -+ "AES-128-CFB128", -+ "AES-192-CFB128", -+ "AES-256-CFB128", -+ "AES-128-CTR", -+ "AES-192-CTR", -+ "AES-256-CTR", -+ "BLOWFISH-CFB64", -+ "CAMELLIA-128-CFB128", -+ "CAMELLIA-192-CFB128", -+ "CAMELLIA-256-CFB128", -+ CIPHER_UNSUPPORTED, -+ CIPHER_UNSUPPORTED, -+ CIPHER_UNSUPPORTED, -+ CIPHER_UNSUPPORTED, -+ CIPHER_UNSUPPORTED, -+ "salsa20", -+ "chacha20", -+ "chacha20-ietf" -+}; -+#endif -+ -+#ifdef USE_CRYPTO_MBEDTLS -+static const char *supported_ciphers_mbedtls[CIPHER_NUM] = { -+ "table", -+ "ARC4-128", -+ "ARC4-128", -+ "ARC4-128", -+ "AES-128-CFB128", -+ "AES-192-CFB128", -+ "AES-256-CFB128", -+ "AES-128-CTR", -+ "AES-192-CTR", -+ "AES-256-CTR", -+ "BLOWFISH-CFB64", -+ "CAMELLIA-128-CFB128", -+ "CAMELLIA-192-CFB128", -+ "CAMELLIA-256-CFB128", -+ CIPHER_UNSUPPORTED, -+ CIPHER_UNSUPPORTED, -+ CIPHER_UNSUPPORTED, -+ CIPHER_UNSUPPORTED, -+ CIPHER_UNSUPPORTED, -+ "salsa20", -+ "chacha20", -+ "chacha20-ietf" -+}; -+#endif -+ -+#ifdef USE_CRYPTO_APPLECC -+static const CCAlgorithm supported_ciphers_applecc[CIPHER_NUM] = { -+ kCCAlgorithmInvalid, -+ kCCAlgorithmRC4, -+ kCCAlgorithmRC4, -+ kCCAlgorithmRC4, -+ kCCAlgorithmAES, -+ kCCAlgorithmAES, -+ kCCAlgorithmAES, -+ kCCAlgorithmAES, -+ kCCAlgorithmAES, -+ kCCAlgorithmAES, -+ kCCAlgorithmBlowfish, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmCAST, -+ kCCAlgorithmDES, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmRC2, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid -+}; -+ -+static const CCMode supported_modes_applecc[CIPHER_NUM] = { -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCModeRC4, -+ kCCModeRC4, -+ kCCModeCFB, -+ kCCModeCFB, -+ kCCModeCFB, -+ kCCModeCTR, -+ kCCModeCTR, -+ kCCModeCTR, -+ kCCModeCFB, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCModeCFB, -+ kCCModeCFB, -+ kCCModeCFB, -+ kCCModeCFB, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid, -+ kCCAlgorithmInvalid -+}; -+#endif -+ -+static const int supported_ciphers_iv_size[CIPHER_NUM] = { -+ 0, 0, 6, 16, 16, 16, 16, 16, 16, 16, 8, 16, 16, 16, 8, 8, 8, 8, 16, 8, 8, 12 -+}; -+ -+static const int supported_ciphers_key_size[CIPHER_NUM] = { -+ 0, 16, 16, 16, 16, 24, 32, 16, 24, 32, 16, 16, 24, 32, 16, 8, 16, 16, 16, 32, 32, 32 -+}; -+ -+static int -+safe_memcmp(const void *s1, const void *s2, size_t n) -+{ -+ const unsigned char *_s1 = (const unsigned char *)s1; -+ const unsigned char *_s2 = (const unsigned char *)s2; -+ int ret = 0; -+ size_t i; -+ for (i = 0; i < n; i++) -+ ret |= _s1[i] ^ _s2[i]; -+ return !!ret; -+} -+ -+int -+balloc(buffer_t *ptr, size_t capacity) -+{ -+ sodium_memzero(ptr, sizeof(buffer_t)); -+ ptr->array = ss_malloc(capacity); -+ ptr->capacity = capacity; -+ return capacity; -+} -+ -+int -+brealloc(buffer_t *ptr, size_t len, size_t capacity) -+{ -+ if (ptr == NULL) -+ return -1; -+ size_t real_capacity = max(len, capacity); -+ if (ptr->capacity < real_capacity) { -+ ptr->array = ss_realloc(ptr->array, real_capacity); -+ ptr->capacity = real_capacity; -+ } -+ return real_capacity; -+} -+ -+void -+bfree(buffer_t *ptr) -+{ -+ if (ptr == NULL) -+ return; -+ ptr->idx = 0; -+ ptr->len = 0; -+ ptr->capacity = 0; -+ if (ptr->array != NULL) { -+ ss_free(ptr->array); -+ } -+} -+ -+static int -+crypto_stream_xor_ic(uint8_t *c, const uint8_t *m, uint64_t mlen, -+ const uint8_t *n, uint64_t ic, const uint8_t *k, -+ int method) -+{ -+ switch (method) { -+ case SALSA20: -+ return crypto_stream_salsa20_xor_ic(c, m, mlen, n, ic, k); -+ case CHACHA20: -+ return crypto_stream_chacha20_xor_ic(c, m, mlen, n, ic, k); -+ case CHACHA20IETF: -+ return crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, n, (uint32_t)ic, k); -+ } -+ // always return 0 -+ return 0; -+} -+ -+static int -+random_compare(const void *_x, const void *_y, uint32_t i, -+ uint64_t a) -+{ -+ uint8_t x = *((uint8_t *)_x); -+ uint8_t y = *((uint8_t *)_y); -+ return a % (x + i) - a % (y + i); -+} -+ -+static void -+merge(uint8_t *left, int llength, uint8_t *right, -+ int rlength, uint32_t salt, uint64_t key) -+{ -+ uint8_t *ltmp = (uint8_t *)malloc(llength * sizeof(uint8_t)); -+ uint8_t *rtmp = (uint8_t *)malloc(rlength * sizeof(uint8_t)); -+ -+ uint8_t *ll = ltmp; -+ uint8_t *rr = rtmp; -+ -+ uint8_t *result = left; -+ -+ memcpy(ltmp, left, llength * sizeof(uint8_t)); -+ memcpy(rtmp, right, rlength * sizeof(uint8_t)); -+ -+ while (llength > 0 && rlength > 0) { -+ if (random_compare(ll, rr, salt, key) <= 0) { -+ *result = *ll; -+ ++ll; -+ --llength; -+ } else { -+ *result = *rr; -+ ++rr; -+ --rlength; -+ } -+ ++result; -+ } -+ -+ if (llength > 0) { -+ while (llength > 0) { -+ *result = *ll; -+ ++result; -+ ++ll; -+ --llength; -+ } -+ } else { -+ while (rlength > 0) { -+ *result = *rr; -+ ++result; -+ ++rr; -+ --rlength; -+ } -+ } -+ -+ ss_free(ltmp); -+ ss_free(rtmp); -+} -+ -+static void -+merge_sort(uint8_t array[], int length, -+ uint32_t salt, uint64_t key) -+{ -+ uint8_t middle; -+ uint8_t *left, *right; -+ int llength; -+ -+ if (length <= 1) { -+ return; -+ } -+ -+ middle = length / 2; -+ -+ llength = length - middle; -+ -+ left = array; -+ right = array + llength; -+ -+ merge_sort(left, llength, salt, key); -+ merge_sort(right, middle, salt, key); -+ merge(left, llength, right, middle, salt, key); -+} -+ -+int -+enc_get_iv_len() -+{ -+ return enc_iv_len; -+} -+ -+uint8_t* enc_get_key() -+{ -+ return enc_key; -+} -+ -+int enc_get_key_len() -+{ -+ return enc_key_len; -+} -+ -+unsigned char *enc_md5(const unsigned char *d, size_t n, unsigned char *md) -+{ -+#if defined(USE_CRYPTO_OPENSSL) -+ return MD5(d, n, md); -+#elif defined(USE_CRYPTO_POLARSSL) -+ static unsigned char m[16]; -+ if (md == NULL) { -+ md = m; -+ } -+ md5(d, n, md); -+ return md; -+#elif defined(USE_CRYPTO_MBEDTLS) -+ static unsigned char m[16]; -+ if (md == NULL) { -+ md = m; -+ } -+ mbedtls_md5(d, n, md); -+ return md; -+#endif -+} -+ -+void -+enc_table_init(const char *pass) -+{ -+ uint32_t i; -+ uint64_t key = 0; -+ uint8_t *digest; -+ -+ enc_table = ss_malloc(256); -+ dec_table = ss_malloc(256); -+ -+ digest = enc_md5((const uint8_t *)pass, strlen(pass), NULL); -+ -+ for (i = 0; i < 8; i++) -+ key += OFFSET_ROL(digest, i); -+ -+ for (i = 0; i < 256; ++i) -+ enc_table[i] = i; -+ for (i = 1; i < 1024; ++i) -+ merge_sort(enc_table, 256, i, key); -+ for (i = 0; i < 256; ++i) -+ // gen decrypt table from encrypt table -+ dec_table[enc_table[i]] = i; -+} -+ -+int -+cipher_iv_size(const cipher_t *cipher) -+{ -+#if defined(USE_CRYPTO_OPENSSL) -+ if (cipher->info == NULL) -+ return cipher->iv_len; -+ else -+ return EVP_CIPHER_iv_length(cipher->info); -+#elif defined(USE_CRYPTO_POLARSSL) || defined(USE_CRYPTO_MBEDTLS) -+ if (cipher == NULL) { -+ return 0; -+ } -+ return cipher->info->iv_size; -+#endif -+} -+ -+int -+cipher_key_size(const cipher_t *cipher) -+{ -+#if defined(USE_CRYPTO_OPENSSL) -+ if (cipher->info == NULL) -+ return cipher->key_len; -+ else -+ return EVP_CIPHER_key_length(cipher->info); -+#elif defined(USE_CRYPTO_POLARSSL) -+ if (cipher == NULL) { -+ return 0; -+ } -+ /* Override PolarSSL 32 bit default key size with sane 128 bit default */ -+ if (cipher->info->base != NULL && POLARSSL_CIPHER_ID_BLOWFISH == -+ cipher->info->base->cipher) { -+ return 128 / 8; -+ } -+ return cipher->info->key_length / 8; -+#elif defined(USE_CRYPTO_MBEDTLS) -+ /* -+ * Semi-API changes (technically public, morally private) -+ * Renamed a few headers to include _internal in the name. Those headers are -+ * not supposed to be included by users. -+ * Changed md_info_t into an opaque structure (use md_get_xxx() accessors). -+ * Changed pk_info_t into an opaque structure. -+ * Changed cipher_base_t into an opaque structure. -+ */ -+ if (cipher == NULL) { -+ return 0; -+ } -+ /* From Version 1.2.7 released 2013-04-13 Default Blowfish keysize is now 128-bits */ -+ return cipher->info->key_bitlen / 8; -+#endif -+} -+ -+void -+bytes_to_key_with_size(const char *pass, size_t len, uint8_t *md, size_t md_size) -+{ -+ uint8_t result[128]; -+ enc_md5((const unsigned char *)pass, len, result); -+ memcpy(md, result, 16); -+ int i = 16; -+ for (; i < md_size; i += 16) { -+ memcpy(result + 16, pass, len); -+ enc_md5(result, 16 + len, result); -+ memcpy(md + i, result, 16); -+ } -+} -+ -+int -+bytes_to_key(const cipher_t *cipher, const digest_type_t *md, -+ const uint8_t *pass, uint8_t *key) -+{ -+ size_t datal; -+ datal = strlen((const char *)pass); -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ -+ MD5_CTX c; -+ unsigned char md_buf[MAX_MD_SIZE]; -+ int nkey; -+ int addmd; -+ unsigned int i, j, mds; -+ -+ mds = 16; -+ nkey = cipher_key_size(cipher); -+ if (pass == NULL) -+ return nkey; -+ memset(&c, 0, sizeof(MD5_CTX)); -+ -+ for (j = 0, addmd = 0; j < nkey; addmd++) { -+ MD5_Init(&c); -+ if (addmd) { -+ MD5_Update(&c, md_buf, mds); -+ } -+ MD5_Update(&c, pass, datal); -+ MD5_Final(md_buf, &c); -+ -+ for (i = 0; i < mds; i++, j++) { -+ if (j >= nkey) -+ break; -+ key[j] = md_buf[i]; -+ } -+ } -+ -+ return nkey; -+ -+#elif defined(USE_CRYPTO_POLARSSL) -+ md_context_t c; -+ unsigned char md_buf[MAX_MD_SIZE]; -+ int nkey; -+ int addmd; -+ unsigned int i, j, mds; -+ -+ nkey = cipher_key_size(cipher); -+ mds = md_get_size(md); -+ memset(&c, 0, sizeof(md_context_t)); -+ -+ if (pass == NULL) -+ return nkey; -+ if (md_init_ctx(&c, md)) -+ return 0; -+ -+ for (j = 0, addmd = 0; j < nkey; addmd++) { -+ md_starts(&c); -+ if (addmd) { -+ md_update(&c, md_buf, mds); -+ } -+ md_update(&c, pass, datal); -+ md_finish(&c, md_buf); -+ -+ for (i = 0; i < mds; i++, j++) { -+ if (j >= nkey) -+ break; -+ key[j] = md_buf[i]; -+ } -+ } -+ -+ md_free_ctx(&c); -+ return nkey; -+ -+#elif defined(USE_CRYPTO_MBEDTLS) -+ -+ mbedtls_md_context_t c; -+ unsigned char md_buf[MAX_MD_SIZE]; -+ int nkey; -+ int addmd; -+ unsigned int i, j, mds; -+ -+ nkey = cipher_key_size(cipher); -+ mds = mbedtls_md_get_size(md); -+ memset(&c, 0, sizeof(mbedtls_md_context_t)); -+ -+ if (pass == NULL) -+ return nkey; -+ if (mbedtls_md_setup(&c, md, 1)) -+ return 0; -+ -+ for (j = 0, addmd = 0; j < nkey; addmd++) { -+ mbedtls_md_starts(&c); -+ if (addmd) { -+ mbedtls_md_update(&c, md_buf, mds); -+ } -+ mbedtls_md_update(&c, pass, datal); -+ mbedtls_md_finish(&c, &(md_buf[0])); -+ -+ for (i = 0; i < mds; i++, j++) { -+ if (j >= nkey) -+ break; -+ key[j] = md_buf[i]; -+ } -+ } -+ -+ mbedtls_md_free(&c); -+ return nkey; -+#endif -+} -+ -+int -+rand_bytes(uint8_t *output, int len) -+{ -+ randombytes_buf(output, len); -+ // always return success -+ return 0; -+} -+ -+const cipher_kt_t * -+get_cipher_type(int method) -+{ -+ if (method <= TABLE || method >= CIPHER_NUM) { -+ LOGE("get_cipher_type(): Illegal method"); -+ return NULL; -+ } -+ -+ if (method == RC4_MD5 || method == RC4_MD5_6) { -+ method = RC4; -+ } -+ -+ if (method >= SALSA20) { -+ return NULL; -+ } -+ -+ const char *ciphername = supported_ciphers[method]; -+#if defined(USE_CRYPTO_OPENSSL) -+ return EVP_get_cipherbyname(ciphername); -+#elif defined(USE_CRYPTO_POLARSSL) -+ const char *polarname = supported_ciphers_polarssl[method]; -+ if (strcmp(polarname, CIPHER_UNSUPPORTED) == 0) { -+ LOGE("Cipher %s currently is not supported by PolarSSL library", -+ ciphername); -+ return NULL; -+ } -+ return cipher_info_from_string(polarname); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ const char *mbedtlsname = supported_ciphers_mbedtls[method]; -+ if (strcmp(mbedtlsname, CIPHER_UNSUPPORTED) == 0) { -+ LOGE("Cipher %s currently is not supported by mbed TLS library", -+ ciphername); -+ return NULL; -+ } -+ return mbedtls_cipher_info_from_string(mbedtlsname); -+#endif -+} -+ -+const digest_type_t * -+get_digest_type(const char *digest) -+{ -+ if (digest == NULL) { -+ LOGE("get_digest_type(): Digest name is null"); -+ return NULL; -+ } -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ return EVP_get_digestbyname(digest); -+#elif defined(USE_CRYPTO_POLARSSL) -+ return md_info_from_string(digest); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ return mbedtls_md_info_from_string(digest); -+#endif -+} -+ -+void -+cipher_context_init(cipher_ctx_t *ctx, int method, int enc) -+{ -+ if (method <= TABLE || method >= CIPHER_NUM) { -+ LOGE("cipher_context_init(): Illegal method"); -+ return; -+ } -+ -+ if (method >= SALSA20) { -+ enc_iv_len = supported_ciphers_iv_size[method]; -+ return; -+ } -+ -+ const char *ciphername = supported_ciphers[method]; -+#if defined(USE_CRYPTO_APPLECC) -+ cipher_cc_t *cc = &ctx->cc; -+ cc->cryptor = NULL; -+ cc->cipher = supported_ciphers_applecc[method]; -+ if (cc->cipher == kCCAlgorithmInvalid) { -+ cc->valid = kCCContextInvalid; -+ } else { -+ cc->valid = kCCContextValid; -+ if (cc->cipher == kCCAlgorithmRC4) { -+ cc->mode = supported_modes_applecc[method]; -+ cc->padding = ccNoPadding; -+ } else { -+ cc->mode = supported_modes_applecc[method]; -+ if (cc->mode == kCCModeCTR) { -+ cc->padding = ccNoPadding; -+ } else { -+ cc->padding = ccPKCS7Padding; -+ } -+ } -+ return; -+ } -+#endif -+ -+ const cipher_kt_t *cipher = get_cipher_type(method); -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ ctx->evp = EVP_CIPHER_CTX_new(); -+ cipher_evp_t *evp = ctx->evp; -+ -+ if (cipher == NULL) { -+ LOGE("Cipher %s not found in OpenSSL library", ciphername); -+ FATAL("Cannot initialize cipher"); -+ } -+ if (!EVP_CipherInit_ex(evp, cipher, NULL, NULL, NULL, enc)) { -+ LOGE("Cannot initialize cipher %s", ciphername); -+ exit(EXIT_FAILURE); -+ } -+ if (!EVP_CIPHER_CTX_set_key_length(evp, enc_key_len)) { -+ EVP_CIPHER_CTX_cleanup(evp); -+ LOGE("Invalid key length: %d", enc_key_len); -+ exit(EXIT_FAILURE); -+ } -+ if (method > RC4_MD5) { -+ EVP_CIPHER_CTX_set_padding(evp, 1); -+ } -+#elif defined(USE_CRYPTO_POLARSSL) -+ ctx->evp = (cipher_evp_t *)ss_malloc(sizeof(cipher_evp_t)); -+ cipher_evp_t *evp = ctx->evp; -+ -+ if (cipher == NULL) { -+ LOGE("Cipher %s not found in PolarSSL library", ciphername); -+ FATAL("Cannot initialize PolarSSL cipher"); -+ } -+ if (cipher_init_ctx(evp, cipher) != 0) { -+ FATAL("Cannot initialize PolarSSL cipher context"); -+ } -+#elif defined(USE_CRYPTO_MBEDTLS) -+ ctx->evp = (cipher_evp_t *)ss_malloc(sizeof(cipher_evp_t)); -+ cipher_evp_t *evp = ctx->evp; -+ -+ if (cipher == NULL) { -+ LOGE("Cipher %s not found in mbed TLS library", ciphername); -+ FATAL("Cannot initialize mbed TLS cipher"); -+ } -+ mbedtls_cipher_init(evp); -+ if (mbedtls_cipher_setup(evp, cipher) != 0) { -+ FATAL("Cannot initialize mbed TLS cipher context"); -+ } -+#endif -+} -+ -+void -+cipher_context_set_iv(cipher_ctx_t *ctx, uint8_t *iv, size_t iv_len, -+ int enc) -+{ -+ const unsigned char *true_key; -+ -+ if (iv == NULL) { -+ LOGE("cipher_context_set_iv(): IV is null"); -+ return; -+ } -+ -+ if (!enc) { -+ memcpy(ctx->iv, iv, iv_len); -+ } -+ -+ if (enc_method >= SALSA20) { -+ return; -+ } -+ -+ if (enc_method == RC4_MD5 || enc_method == RC4_MD5_6) { -+ unsigned char key_iv[32]; -+ memcpy(key_iv, enc_key, 16); -+ memcpy(key_iv + 16, iv, iv_len); -+ true_key = enc_md5(key_iv, 16 + iv_len, NULL); -+ iv_len = 0; -+ } else { -+ true_key = enc_key; -+ } -+ -+#ifdef USE_CRYPTO_APPLECC -+ cipher_cc_t *cc = &ctx->cc; -+ if (cc->valid == kCCContextValid) { -+ memcpy(cc->iv, iv, iv_len); -+ memcpy(cc->key, true_key, enc_key_len); -+ cc->iv_len = iv_len; -+ cc->key_len = enc_key_len; -+ cc->encrypt = enc ? kCCEncrypt : kCCDecrypt; -+ if (cc->cryptor != NULL) { -+ CCCryptorRelease(cc->cryptor); -+ cc->cryptor = NULL; -+ } -+ -+ CCCryptorStatus ret; -+ ret = CCCryptorCreateWithMode( -+ cc->encrypt, -+ cc->mode, -+ cc->cipher, -+ cc->padding, -+ cc->iv, cc->key, cc->key_len, -+ NULL, 0, 0, kCCModeOptionCTR_BE, -+ &cc->cryptor); -+ if (ret != kCCSuccess) { -+ if (cc->cryptor != NULL) { -+ CCCryptorRelease(cc->cryptor); -+ cc->cryptor = NULL; -+ } -+ FATAL("Cannot set CommonCrypto key and IV"); -+ } -+ return; -+ } -+#endif -+ -+ cipher_evp_t *evp = ctx->evp; -+ if (evp == NULL) { -+ LOGE("cipher_context_set_iv(): Cipher context is null"); -+ return; -+ } -+#if defined(USE_CRYPTO_OPENSSL) -+ if (!EVP_CipherInit_ex(evp, NULL, NULL, true_key, iv, enc)) { -+ EVP_CIPHER_CTX_cleanup(evp); -+ FATAL("Cannot set key and IV"); -+ } -+#elif defined(USE_CRYPTO_POLARSSL) -+ // XXX: PolarSSL 1.3.11: cipher_free_ctx deprecated, Use cipher_free() instead. -+ if (cipher_setkey(evp, true_key, enc_key_len * 8, enc) != 0) { -+ cipher_free_ctx(evp); -+ FATAL("Cannot set PolarSSL cipher key"); -+ } -+#if POLARSSL_VERSION_NUMBER >= 0x01030000 -+ if (cipher_set_iv(evp, iv, iv_len) != 0) { -+ cipher_free_ctx(evp); -+ FATAL("Cannot set PolarSSL cipher IV"); -+ } -+ if (cipher_reset(evp) != 0) { -+ cipher_free_ctx(evp); -+ FATAL("Cannot finalize PolarSSL cipher context"); -+ } -+#else -+ if (cipher_reset(evp, iv) != 0) { -+ cipher_free_ctx(evp); -+ FATAL("Cannot set PolarSSL cipher IV"); -+ } -+#endif -+#elif defined(USE_CRYPTO_MBEDTLS) -+ if (mbedtls_cipher_setkey(evp, true_key, enc_key_len * 8, enc) != 0) { -+ mbedtls_cipher_free(evp); -+ FATAL("Cannot set mbed TLS cipher key"); -+ } -+ -+ if (mbedtls_cipher_set_iv(evp, iv, iv_len) != 0) { -+ mbedtls_cipher_free(evp); -+ FATAL("Cannot set mbed TLS cipher IV"); -+ } -+ if (mbedtls_cipher_reset(evp) != 0) { -+ mbedtls_cipher_free(evp); -+ FATAL("Cannot finalize mbed TLS cipher context"); -+ } -+#endif -+ -+#ifdef DEBUG -+ dump("IV", (char *)iv, iv_len); -+#endif -+} -+ -+void -+cipher_context_release(cipher_ctx_t *ctx) -+{ -+ if (enc_method >= SALSA20) { -+ return; -+ } -+ -+#ifdef USE_CRYPTO_APPLECC -+ cipher_cc_t *cc = &ctx->cc; -+ if (cc->cryptor != NULL) { -+ CCCryptorRelease(cc->cryptor); -+ cc->cryptor = NULL; -+ } -+ if (cc->valid == kCCContextValid) { -+ return; -+ } -+#endif -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ EVP_CIPHER_CTX_free(ctx->evp); -+#elif defined(USE_CRYPTO_POLARSSL) -+// NOTE: cipher_free_ctx deprecated in PolarSSL 1.3.11 -+ cipher_free_ctx(ctx->evp); -+ ss_free(ctx->evp); -+#elif defined(USE_CRYPTO_MBEDTLS) -+// NOTE: cipher_free_ctx deprecated -+ mbedtls_cipher_free(ctx->evp); -+ ss_free(ctx->evp); -+#endif -+} -+ -+static int -+cipher_context_update(cipher_ctx_t *ctx, uint8_t *output, size_t *olen, -+ const uint8_t *input, size_t ilen) -+{ -+#ifdef USE_CRYPTO_APPLECC -+ cipher_cc_t *cc = &ctx->cc; -+ if (cc->valid == kCCContextValid) { -+ CCCryptorStatus ret; -+ ret = CCCryptorUpdate(cc->cryptor, input, ilen, output, -+ ilen, olen); -+ return (ret == kCCSuccess) ? 1 : 0; -+ } -+#endif -+ cipher_evp_t *evp = ctx->evp; -+#if defined(USE_CRYPTO_OPENSSL) -+ int err = 0, tlen = *olen; -+ err = EVP_CipherUpdate(evp, (uint8_t *)output, &tlen, -+ (const uint8_t *)input, ilen); -+ *olen = tlen; -+ return err; -+#elif defined(USE_CRYPTO_POLARSSL) -+ return !cipher_update(evp, (const uint8_t *)input, ilen, -+ (uint8_t *)output, olen); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ return !mbedtls_cipher_update(evp, (const uint8_t *)input, ilen, -+ (uint8_t *)output, olen); -+#endif -+} -+int ss_md5_hmac(char *auth, char *msg, int msg_len, uint8_t *iv) -+{ -+ uint8_t hash[MD5_BYTES]; -+ uint8_t auth_key[MAX_IV_LENGTH + MAX_KEY_LENGTH]; -+ memcpy(auth_key, iv, enc_iv_len); -+ memcpy(auth_key + enc_iv_len, enc_key, enc_key_len); -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ HMAC(EVP_md5(), auth_key, enc_iv_len + enc_key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash, NULL); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_MD5), auth_key, enc_iv_len + enc_key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#else -+ md5_hmac(auth_key, enc_iv_len + enc_key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#endif -+ -+ memcpy(auth, hash, MD5_BYTES); -+ -+ return 0; -+} -+ -+int ss_md5_hmac_with_key(char *auth, char *msg, int msg_len, uint8_t *auth_key, int key_len) -+{ -+ uint8_t hash[MD5_BYTES]; -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ HMAC(EVP_md5(), auth_key, key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash, NULL); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_MD5), auth_key, key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#else -+ md5_hmac(auth_key, key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#endif -+ -+ memcpy(auth, hash, MD5_BYTES); -+ -+ return 0; -+} -+ -+int ss_md5_hash_func(char *auth, char *msg, int msg_len) -+{ -+ uint8_t hash[MD5_BYTES]; -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ MD5((uint8_t *)msg, msg_len, (uint8_t *)hash); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_MD5), (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#else -+ md5((uint8_t *)msg, msg_len, (uint8_t *)hash); -+#endif -+ -+ memcpy(auth, hash, MD5_BYTES); -+ -+ return 0; -+} -+ -+int ss_sha1_hmac(char *auth, char *msg, int msg_len, uint8_t *iv) -+{ -+ uint8_t hash[SHA1_BYTES]; -+ uint8_t auth_key[MAX_IV_LENGTH + MAX_KEY_LENGTH]; -+ memcpy(auth_key, iv, enc_iv_len); -+ memcpy(auth_key + enc_iv_len, enc_key, enc_key_len); -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ HMAC(EVP_sha1(), auth_key, enc_iv_len + enc_key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash, NULL); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), auth_key, enc_iv_len + enc_key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#else -+ sha1_hmac(auth_key, enc_iv_len + enc_key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#endif -+ -+ memcpy(auth, hash, SHA1_BYTES); -+ -+ return 0; -+} -+ -+int ss_sha1_hmac_with_key(char *auth, char *msg, int msg_len, uint8_t *auth_key, int key_len) -+{ -+ uint8_t hash[SHA1_BYTES]; -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ HMAC(EVP_sha1(), auth_key, key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash, NULL); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), auth_key, key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#else -+ sha1_hmac(auth_key, key_len, (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#endif -+ -+ memcpy(auth, hash, SHA1_BYTES); -+ -+ return 0; -+} -+ -+int ss_sha1_hash_func(char *auth, char *msg, int msg_len) -+{ -+ uint8_t hash[SHA1_BYTES]; -+#if defined(USE_CRYPTO_OPENSSL) -+ SHA1((uint8_t *)msg, msg_len, (uint8_t *)hash); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), (uint8_t *)msg, msg_len, (uint8_t *)hash); -+#else -+ sha1((uint8_t *)msg, msg_len, (uint8_t *)hash); -+#endif -+ -+ memcpy(auth, hash, SHA1_BYTES); -+ -+ return 0; -+} -+ -+int ss_aes_128_cbc(char *encrypt, char *out_data, char *key) -+{ -+ unsigned char iv[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ AES_KEY aes; -+ AES_set_encrypt_key((unsigned char*)key, 128, &aes); -+ AES_cbc_encrypt((const unsigned char *)encrypt, (unsigned char *)out_data, 16, &aes, iv, AES_ENCRYPT); -+ -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_aes_context aes; -+ -+ unsigned char output[16]; -+ -+ mbedtls_aes_setkey_enc( &aes, (unsigned char *)key, 128 ); -+ mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, 16, iv, (unsigned char *)encrypt, output ); -+ -+ memcpy(out_data, output, 16); -+#else -+ -+ aes_context aes; -+ -+ unsigned char output[16]; -+ -+ aes_setkey_enc( &aes, (unsigned char *)key, 128 ); -+ aes_crypt_cbc( &aes, AES_ENCRYPT, 16, iv, (unsigned char *)encrypt, output ); -+ -+ memcpy(out_data, output, 16); -+#endif -+ -+ return 0; -+} -+ -+int ss_onetimeauth(buffer_t *buf, uint8_t *iv, size_t capacity) -+{ -+ uint8_t hash[ONETIMEAUTH_BYTES * 2]; -+ uint8_t auth_key[MAX_IV_LENGTH + MAX_KEY_LENGTH]; -+ memcpy(auth_key, iv, enc_iv_len); -+ memcpy(auth_key + enc_iv_len, enc_key, enc_key_len); -+ -+ brealloc(buf, ONETIMEAUTH_BYTES + buf->len, capacity); -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ HMAC(EVP_sha1(), auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, buf->len, (uint8_t *)hash, NULL); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md_hmac(mbedtls_md_info_from_type( -+ MBEDTLS_MD_SHA1), auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, buf->len, -+ (uint8_t *)hash); -+#else -+ sha1_hmac(auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, buf->len, (uint8_t *)hash); -+#endif -+ -+ memcpy(buf->array + buf->len, hash, ONETIMEAUTH_BYTES); -+ buf->len += ONETIMEAUTH_BYTES; -+ -+ return 0; -+} -+ -+int -+ss_onetimeauth_verify(buffer_t *buf, uint8_t *iv) -+{ -+ uint8_t hash[ONETIMEAUTH_BYTES * 2]; -+ uint8_t auth_key[MAX_IV_LENGTH + MAX_KEY_LENGTH]; -+ memcpy(auth_key, iv, enc_iv_len); -+ memcpy(auth_key + enc_iv_len, enc_key, enc_key_len); -+ size_t len = buf->len - ONETIMEAUTH_BYTES; -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ HMAC(EVP_sha1(), auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, len, hash, NULL); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md_hmac(mbedtls_md_info_from_type( -+ MBEDTLS_MD_SHA1), auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, len, hash); -+#else -+ sha1_hmac(auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, len, hash); -+#endif -+ -+ return safe_memcmp(buf->array + len, hash, ONETIMEAUTH_BYTES); -+} -+ -+int -+ss_encrypt_all(buffer_t *plain, int method, int auth, size_t capacity) -+{ -+ if (method > TABLE) { -+ cipher_ctx_t evp; -+ cipher_context_init(&evp, method, 1); -+ -+ size_t iv_len = enc_iv_len; -+ int err = 1; -+ -+ static buffer_t tmp = { 0, 0, 0, NULL }; -+ brealloc(&tmp, iv_len + plain->len, capacity); -+ buffer_t *cipher = &tmp; -+ cipher->len = plain->len; -+ -+ uint8_t iv[MAX_IV_LENGTH]; -+ -+ rand_bytes(iv, iv_len); -+ cipher_context_set_iv(&evp, iv, iv_len, 1); -+ memcpy(cipher->array, iv, iv_len); -+ -+ if (auth) { -+ ss_onetimeauth(plain, iv, capacity); -+ cipher->len = plain->len; -+ } -+ -+ if (method >= SALSA20) { -+ crypto_stream_xor_ic((uint8_t *)(cipher->array + iv_len), -+ (const uint8_t *)plain->array, (uint64_t)(plain->len), -+ (const uint8_t *)iv, -+ 0, enc_key, method); -+ } else { -+ err = cipher_context_update(&evp, (uint8_t *)(cipher->array + iv_len), -+ &cipher->len, (const uint8_t *)plain->array, -+ plain->len); -+ } -+ -+ if (!err) { -+ bfree(plain); -+ cipher_context_release(&evp); -+ return -1; -+ } -+ -+#ifdef DEBUG -+ dump("PLAIN", plain->array, plain->len); -+ dump("CIPHER", cipher->array + iv_len, cipher->len); -+#endif -+ -+ cipher_context_release(&evp); -+ -+ brealloc(plain, iv_len + cipher->len, capacity); -+ memcpy(plain->array, cipher->array, iv_len + cipher->len); -+ plain->len = iv_len + cipher->len; -+ -+ return 0; -+ } else { -+ char *begin = plain->array; -+ char *ptr = plain->array; -+ while (ptr < begin + plain->len) { -+ *ptr = (char)enc_table[(uint8_t)*ptr]; -+ ptr++; -+ } -+ return 0; -+ } -+} -+ -+int -+ss_encrypt(buffer_t *plain, enc_ctx_t *ctx, size_t capacity) -+{ -+ if (ctx != NULL) { -+ static buffer_t tmp = { 0, 0, 0, NULL }; -+ -+ int err = 1; -+ size_t iv_len = 0; -+ if (!ctx->init) { -+ iv_len = enc_iv_len; -+ } -+ -+ brealloc(&tmp, iv_len + plain->len, capacity); -+ buffer_t *cipher = &tmp; -+ cipher->len = plain->len; -+ -+ if (!ctx->init) { -+ cipher_context_set_iv(&ctx->evp, ctx->evp.iv, iv_len, 1); -+ memcpy(cipher->array, ctx->evp.iv, iv_len); -+ ctx->counter = 0; -+ ctx->init = 1; -+ } -+ -+ if (enc_method >= SALSA20) { -+ int padding = ctx->counter % SODIUM_BLOCK_SIZE; -+ brealloc(cipher, iv_len + (padding + cipher->len) * 2, capacity); -+ if (padding) { -+ brealloc(plain, plain->len + padding, capacity); -+ memmove(plain->array + padding, plain->array, plain->len); -+ sodium_memzero(plain->array, padding); -+ } -+ crypto_stream_xor_ic((uint8_t *)(cipher->array + iv_len), -+ (const uint8_t *)plain->array, -+ (uint64_t)(plain->len + padding), -+ (const uint8_t *)ctx->evp.iv, -+ ctx->counter / SODIUM_BLOCK_SIZE, enc_key, -+ enc_method); -+ ctx->counter += plain->len; -+ if (padding) { -+ memmove(cipher->array + iv_len, -+ cipher->array + iv_len + padding, cipher->len); -+ } -+ } else { -+ err = -+ cipher_context_update(&ctx->evp, -+ (uint8_t *)(cipher->array + iv_len), -+ &cipher->len, (const uint8_t *)plain->array, -+ plain->len); -+ if (!err) { -+ return -1; -+ } -+ } -+ -+#ifdef DEBUG -+ dump("PLAIN", plain->array, plain->len); -+ dump("CIPHER", cipher->array + iv_len, cipher->len); -+#endif -+ -+ brealloc(plain, iv_len + cipher->len, capacity); -+ memcpy(plain->array, cipher->array, iv_len + cipher->len); -+ plain->len = iv_len + cipher->len; -+ -+ return 0; -+ } else { -+ char *begin = plain->array; -+ char *ptr = plain->array; -+ while (ptr < begin + plain->len) { -+ *ptr = (char)enc_table[(uint8_t)*ptr]; -+ ptr++; -+ } -+ return 0; -+ } -+} -+ -+int -+ss_decrypt_all(buffer_t *cipher, int method, int auth, size_t capacity) -+{ -+ if (method > TABLE) { -+ size_t iv_len = enc_iv_len; -+ int ret = 1; -+ -+ if (cipher->len <= iv_len) { -+ return -1; -+ } -+ -+ cipher_ctx_t evp; -+ cipher_context_init(&evp, method, 0); -+ -+ static buffer_t tmp = { 0, 0, 0, NULL }; -+ brealloc(&tmp, cipher->len, capacity); -+ buffer_t *plain = &tmp; -+ plain->len = cipher->len - iv_len; -+ -+ uint8_t iv[MAX_IV_LENGTH]; -+ memcpy(iv, cipher->array, iv_len); -+ cipher_context_set_iv(&evp, iv, iv_len, 0); -+ -+ if (method >= SALSA20) { -+ crypto_stream_xor_ic((uint8_t *)plain->array, -+ (const uint8_t *)(cipher->array + iv_len), -+ (uint64_t)(cipher->len - iv_len), -+ (const uint8_t *)iv, 0, enc_key, method); -+ } else { -+ ret = cipher_context_update(&evp, (uint8_t *)plain->array, &plain->len, -+ (const uint8_t *)(cipher->array + iv_len), -+ cipher->len - iv_len); -+ } -+ -+ if (auth || (plain->array[0] & ONETIMEAUTH_FLAG)) { -+ if (plain->len > ONETIMEAUTH_BYTES) { -+ ret = !ss_onetimeauth_verify(plain, iv); -+ if (ret) { -+ plain->len -= ONETIMEAUTH_BYTES; -+ } -+ } else { -+ ret = 0; -+ } -+ } -+ -+ if (!ret) { -+ bfree(cipher); -+ cipher_context_release(&evp); -+ return -1; -+ } -+ -+#ifdef DEBUG -+ dump("PLAIN", plain->array, plain->len); -+ dump("CIPHER", cipher->array + iv_len, cipher->len - iv_len); -+#endif -+ -+ cipher_context_release(&evp); -+ -+ brealloc(cipher, plain->len, capacity); -+ memcpy(cipher->array, plain->array, plain->len); -+ cipher->len = plain->len; -+ -+ return 0; -+ } else { -+ char *begin = cipher->array; -+ char *ptr = cipher->array; -+ while (ptr < begin + cipher->len) { -+ *ptr = (char)dec_table[(uint8_t)*ptr]; -+ ptr++; -+ } -+ return 0; -+ } -+} -+ -+int -+ss_decrypt(buffer_t *cipher, enc_ctx_t *ctx, size_t capacity) -+{ -+ if (ctx != NULL) { -+ static buffer_t tmp = { 0, 0, 0, NULL }; -+ -+ size_t iv_len = 0; -+ int err = 1; -+ -+ brealloc(&tmp, cipher->len, capacity); -+ buffer_t *plain = &tmp; -+ plain->len = cipher->len; -+ -+ if (!ctx->init) { -+ uint8_t iv[MAX_IV_LENGTH]; -+ iv_len = enc_iv_len; -+ plain->len -= iv_len; -+ -+ memcpy(iv, cipher->array, iv_len); -+ cipher_context_set_iv(&ctx->evp, iv, iv_len, 0); -+ ctx->counter = 0; -+ ctx->init = 1; -+ -+ if (enc_method > RC4) { -+ if (cache_key_exist(iv_cache, (char *)iv, iv_len)) { -+ bfree(cipher); -+ return -1; -+ } else { -+ cache_insert(iv_cache, (char *)iv, iv_len, NULL); -+ } -+ } -+ } -+ -+ if (enc_method >= SALSA20) { -+ int padding = ctx->counter % SODIUM_BLOCK_SIZE; -+ brealloc(plain, (plain->len + padding) * 2, capacity); -+ -+ if (padding) { -+ brealloc(cipher, cipher->len + padding, capacity); -+ memmove(cipher->array + iv_len + padding, cipher->array + iv_len, -+ cipher->len - iv_len); -+ sodium_memzero(cipher->array + iv_len, padding); -+ } -+ crypto_stream_xor_ic((uint8_t *)plain->array, -+ (const uint8_t *)(cipher->array + iv_len), -+ (uint64_t)(cipher->len - iv_len + padding), -+ (const uint8_t *)ctx->evp.iv, -+ ctx->counter / SODIUM_BLOCK_SIZE, enc_key, -+ enc_method); -+ ctx->counter += cipher->len - iv_len; -+ if (padding) { -+ memmove(plain->array, plain->array + padding, plain->len); -+ } -+ } else { -+ err = cipher_context_update(&ctx->evp, (uint8_t *)plain->array, &plain->len, -+ (const uint8_t *)(cipher->array + iv_len), -+ cipher->len - iv_len); -+ } -+ -+ if (!err) { -+ bfree(cipher); -+ return -1; -+ } -+ -+#ifdef DEBUG -+ dump("PLAIN", plain->array, plain->len); -+ dump("CIPHER", cipher->array + iv_len, cipher->len - iv_len); -+#endif -+ -+ brealloc(cipher, plain->len, capacity); -+ memcpy(cipher->array, plain->array, plain->len); -+ cipher->len = plain->len; -+ -+ return 0; -+ } else { -+ char *begin = cipher->array; -+ char *ptr = cipher->array; -+ while (ptr < begin + cipher->len) { -+ *ptr = (char)dec_table[(uint8_t)*ptr]; -+ ptr++; -+ } -+ return 0; -+ } -+} -+ -+void -+enc_ctx_init(int method, enc_ctx_t *ctx, int enc) -+{ -+ sodium_memzero(ctx, sizeof(enc_ctx_t)); -+ cipher_context_init(&ctx->evp, method, enc); -+ -+ if (enc) { -+ rand_bytes(ctx->evp.iv, enc_iv_len); -+ } -+} -+ -+void -+enc_key_init(int method, const char *pass) -+{ -+ if (method <= TABLE || method >= CIPHER_NUM) { -+ LOGE("enc_key_init(): Illegal method"); -+ return; -+ } -+ -+ // Initialize cache -+ cache_create(&iv_cache, 256, NULL); -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ OpenSSL_add_all_algorithms(); -+#else -+ cipher_kt_t cipher_info; -+#endif -+ -+ cipher_t cipher; -+ memset(&cipher, 0, sizeof(cipher_t)); -+ -+ // Initialize sodium for random generator -+ if (sodium_init() == -1) { -+ FATAL("Failed to initialize sodium"); -+ } -+ -+ if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) { -+#if defined(USE_CRYPTO_OPENSSL) -+ cipher.info = NULL; -+ cipher.key_len = supported_ciphers_key_size[method]; -+ cipher.iv_len = supported_ciphers_iv_size[method]; -+#endif -+#if defined(USE_CRYPTO_POLARSSL) -+ cipher.info = &cipher_info; -+ cipher.info->base = NULL; -+ cipher.info->key_length = supported_ciphers_key_size[method] * 8; -+ cipher.info->iv_size = supported_ciphers_iv_size[method]; -+#endif -+#if defined(USE_CRYPTO_MBEDTLS) -+ // XXX: key_length changed to key_bitlen in mbed TLS 2.0.0 -+ cipher.info = &cipher_info; -+ cipher.info->base = NULL; -+ cipher.info->key_bitlen = supported_ciphers_key_size[method] * 8; -+ cipher.info->iv_size = supported_ciphers_iv_size[method]; -+#endif -+ } else { -+ cipher.info = (cipher_kt_t *)get_cipher_type(method); -+ } -+ -+ if (cipher.info == NULL && cipher.key_len == 0) { -+ do { -+#if defined(USE_CRYPTO_POLARSSL) && defined(USE_CRYPTO_APPLECC) -+ if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) { -+ cipher_info.base = NULL; -+ cipher_info.key_length = supported_ciphers_key_size[method] * 8; -+ cipher_info.iv_size = supported_ciphers_iv_size[method]; -+ cipher.info = (cipher_kt_t *)&cipher_info; -+ break; -+ } -+#endif -+#if defined(USE_CRYPTO_MBEDTLS) && defined(USE_CRYPTO_APPLECC) -+ // XXX: key_length changed to key_bitlen in mbed TLS 2.0.0 -+ if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) { -+ cipher_info.base = NULL; -+ cipher_info.key_bitlen = supported_ciphers_key_size[method] * 8; -+ cipher_info.iv_size = supported_ciphers_iv_size[method]; -+ cipher.info = (cipher_kt_t *)&cipher_info; -+ break; -+ } -+#endif -+ LOGE("Cipher %s not found in crypto library", supported_ciphers[method]); -+ FATAL("Cannot initialize cipher"); -+ } while (0); -+ } -+ -+ const digest_type_t *md = get_digest_type("MD5"); -+ if (md == NULL) { -+ FATAL("MD5 Digest not found in crypto library"); -+ } -+ -+ enc_key_len = bytes_to_key(&cipher, md, (const uint8_t *)pass, enc_key); -+ -+ if (enc_key_len == 0) { -+ FATAL("Cannot generate key and IV"); -+ } -+ if (method == RC4_MD5 || method == RC4_MD5_6) { -+ enc_iv_len = supported_ciphers_iv_size[method]; -+ } else { -+ enc_iv_len = cipher_iv_size(&cipher); -+ } -+ enc_method = method; -+} -+ -+int -+enc_init(const char *pass, const char *method) -+{ -+ int m = TABLE; -+ if (method != NULL) { -+ for (m = TABLE; m < CIPHER_NUM; m++) -+ if (strcmp(method, supported_ciphers[m]) == 0) { -+ break; -+ } -+ if (m >= CIPHER_NUM) { -+ LOGE("Invalid cipher name: %s, use rc4-md5 instead", method); -+ m = RC4_MD5; -+ } -+ } -+ if (m == TABLE) { -+ enc_table_init(pass); -+ } else { -+ enc_key_init(m, pass); -+ } -+ return m; -+} -+ -+int -+ss_check_hash(buffer_t *buf, chunk_t *chunk, enc_ctx_t *ctx, size_t capacity) -+{ -+ int i, j, k; -+ ssize_t blen = buf->len; -+ uint32_t cidx = chunk->idx; -+ -+ brealloc(chunk->buf, chunk->len + blen, capacity); -+ brealloc(buf, chunk->len + blen, capacity); -+ -+ for (i = 0, j = 0, k = 0; i < blen; i++) { -+ chunk->buf->array[cidx++] = buf->array[k++]; -+ -+ if (cidx == CLEN_BYTES) { -+ uint16_t clen = ntohs(*((uint16_t *)chunk->buf->array)); -+ brealloc(chunk->buf, clen + AUTH_BYTES, capacity); -+ chunk->len = clen; -+ } -+ -+ if (cidx == chunk->len + AUTH_BYTES) { -+ // Compare hash -+ uint8_t hash[ONETIMEAUTH_BYTES * 2]; -+ uint8_t key[MAX_IV_LENGTH + sizeof(uint32_t)]; -+ -+ uint32_t c = htonl(chunk->counter); -+ memcpy(key, ctx->evp.iv, enc_iv_len); -+ memcpy(key + enc_iv_len, &c, sizeof(uint32_t)); -+#if defined(USE_CRYPTO_OPENSSL) -+ HMAC(EVP_sha1(), key, enc_iv_len + sizeof(uint32_t), -+ (uint8_t *)chunk->buf->array + AUTH_BYTES, chunk->len, hash, NULL); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), key, enc_iv_len + sizeof(uint32_t), -+ (uint8_t *)chunk->buf->array + AUTH_BYTES, chunk->len, hash); -+#else -+ sha1_hmac(key, enc_iv_len + sizeof(uint32_t), -+ (uint8_t *)chunk->buf->array + AUTH_BYTES, chunk->len, hash); -+#endif -+ -+ if (safe_memcmp(hash, chunk->buf->array + CLEN_BYTES, ONETIMEAUTH_BYTES) != 0) { -+ return 0; -+ } -+ -+ // Copy chunk back to buffer -+ memmove(buf->array + j + chunk->len, buf->array + k, blen - i - 1); -+ memcpy(buf->array + j, chunk->buf->array + AUTH_BYTES, chunk->len); -+ -+ // Reset the base offset -+ j += chunk->len; -+ k = j; -+ cidx = 0; -+ chunk->counter++; -+ } -+ } -+ -+ buf->len = j; -+ chunk->idx = cidx; -+ return 1; -+} -+ -+int -+ss_gen_hash(buffer_t *buf, uint32_t *counter, enc_ctx_t *ctx, size_t capacity) -+{ -+ ssize_t blen = buf->len; -+ uint16_t chunk_len = htons((uint16_t)blen); -+ uint8_t hash[ONETIMEAUTH_BYTES * 2]; -+ uint8_t key[MAX_IV_LENGTH + sizeof(uint32_t)]; -+ uint32_t c = htonl(*counter); -+ -+ brealloc(buf, AUTH_BYTES + blen, capacity); -+ memcpy(key, ctx->evp.iv, enc_iv_len); -+ memcpy(key + enc_iv_len, &c, sizeof(uint32_t)); -+#if defined(USE_CRYPTO_OPENSSL) -+ HMAC(EVP_sha1(), key, enc_iv_len + sizeof(uint32_t), (uint8_t *)buf->array, blen, hash, NULL); -+#elif defined(USE_CRYPTO_MBEDTLS) -+ mbedtls_md_hmac(mbedtls_md_info_from_type( -+ MBEDTLS_MD_SHA1), key, enc_iv_len + sizeof(uint32_t), (uint8_t *)buf->array, blen, hash); -+#else -+ sha1_hmac(key, enc_iv_len + sizeof(uint32_t), (uint8_t *)buf->array, blen, hash); -+#endif -+ -+ memmove(buf->array + AUTH_BYTES, buf->array, blen); -+ memcpy(buf->array + CLEN_BYTES, hash, ONETIMEAUTH_BYTES); -+ memcpy(buf->array, &chunk_len, CLEN_BYTES); -+ -+ *counter = *counter + 1; -+ buf->len = blen + AUTH_BYTES; -+ -+ return 0; -+} -diff --git a/server/encrypt.h b/server/encrypt.h -new file mode 100644 -index 0000000..3bb7940 ---- /dev/null -+++ b/server/encrypt.h -@@ -0,0 +1,222 @@ -+/* -+ * encrypt.h - Define the enryptor's interface -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifndef _ENCRYPT_H -+#define _ENCRYPT_H -+ -+#ifndef __MINGW32__ -+#include -+#else -+ -+#ifdef max -+#undef max -+#endif -+ -+#ifdef min -+#undef min -+#endif -+ -+#endif -+ -+#include -+#include -+#include -+#include -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ -+#include -+#include -+#include -+typedef EVP_CIPHER cipher_kt_t; -+typedef EVP_CIPHER_CTX cipher_evp_t; -+typedef EVP_MD digest_type_t; -+#define MAX_KEY_LENGTH EVP_MAX_KEY_LENGTH -+#define MAX_IV_LENGTH EVP_MAX_IV_LENGTH -+#define MAX_MD_SIZE EVP_MAX_MD_SIZE -+ -+#elif defined(USE_CRYPTO_POLARSSL) -+ -+#include -+#include -+typedef cipher_info_t cipher_kt_t; -+typedef cipher_context_t cipher_evp_t; -+typedef md_info_t digest_type_t; -+#define MAX_KEY_LENGTH 64 -+#define MAX_IV_LENGTH POLARSSL_MAX_IV_LENGTH -+#define MAX_MD_SIZE POLARSSL_MD_MAX_SIZE -+ -+#elif defined(USE_CRYPTO_MBEDTLS) -+ -+#include -+#include -+typedef mbedtls_cipher_info_t cipher_kt_t; -+typedef mbedtls_cipher_context_t cipher_evp_t; -+typedef mbedtls_md_info_t digest_type_t; -+#define MAX_KEY_LENGTH 64 -+#define MAX_IV_LENGTH MBEDTLS_MAX_IV_LENGTH -+#define MAX_MD_SIZE MBEDTLS_MD_MAX_SIZE -+ -+/* we must have MBEDTLS_CIPHER_MODE_CFB defined */ -+#if !defined(MBEDTLS_CIPHER_MODE_CFB) -+#error Cipher Feedback mode a.k.a CFB not supported by your mbed TLS. -+#endif -+ -+#endif -+ -+#ifdef USE_CRYPTO_APPLECC -+ -+#include -+ -+#define kCCAlgorithmInvalid UINT32_MAX -+#define kCCContextValid 0 -+#define kCCContextInvalid -1 -+ -+typedef struct { -+ CCCryptorRef cryptor; -+ int valid; -+ CCOperation encrypt; -+ CCAlgorithm cipher; -+ CCMode mode; -+ CCPadding padding; -+ uint8_t iv[MAX_IV_LENGTH]; -+ uint8_t key[MAX_KEY_LENGTH]; -+ size_t iv_len; -+ size_t key_len; -+} cipher_cc_t; -+ -+#endif -+ -+typedef struct { -+ cipher_evp_t *evp; -+#ifdef USE_CRYPTO_APPLECC -+ cipher_cc_t cc; -+#endif -+ uint8_t iv[MAX_IV_LENGTH]; -+} cipher_ctx_t; -+ -+typedef struct { -+ cipher_kt_t *info; -+ size_t iv_len; -+ size_t key_len; -+} cipher_t; -+ -+#ifdef HAVE_STDINT_H -+#include -+#elif HAVE_INTTYPES_H -+#include -+#endif -+ -+#define SODIUM_BLOCK_SIZE 64 -+ -+enum crpher_index { -+ NONE = -1, -+ TABLE = 0, -+ RC4, -+ RC4_MD5_6, -+ RC4_MD5, -+ AES_128_CFB, -+ AES_192_CFB, -+ AES_256_CFB, -+ AES_128_CTR, -+ AES_192_CTR, -+ AES_256_CTR, -+ BF_CFB, -+ CAMELLIA_128_CFB, -+ CAMELLIA_192_CFB, -+ CAMELLIA_256_CFB, -+ CAST5_CFB, -+ DES_CFB, -+ IDEA_CFB, -+ RC2_CFB, -+ SEED_CFB, -+ SALSA20, -+ CHACHA20, -+ CHACHA20IETF, -+ CIPHER_NUM, -+}; -+ -+#define ONETIMEAUTH_FLAG 0x10 -+#define ADDRTYPE_MASK 0xEF -+ -+#define ONETIMEAUTH_BYTES 10U -+#define MD5_BYTES 16U -+#define SHA1_BYTES 20U -+#define CLEN_BYTES 2U -+#define AUTH_BYTES (ONETIMEAUTH_BYTES + CLEN_BYTES) -+ -+#define min(a, b) (((a) < (b)) ? (a) : (b)) -+#define max(a, b) (((a) > (b)) ? (a) : (b)) -+ -+typedef struct buffer { -+ size_t idx; -+ size_t len; -+ size_t capacity; -+ char *array; -+} buffer_t; -+ -+typedef struct chunk { -+ uint32_t idx; -+ uint32_t len; -+ uint32_t counter; -+ buffer_t *buf; -+} chunk_t; -+ -+typedef struct enc_ctx { -+ uint8_t init; -+ uint64_t counter; -+ cipher_ctx_t evp; -+} enc_ctx_t; -+ -+void bytes_to_key_with_size(const char *pass, size_t len, uint8_t *md, size_t md_size); -+ -+int ss_encrypt_all(buffer_t *plaintext, int method, int auth, size_t capacity); -+int ss_decrypt_all(buffer_t *ciphertext, int method, int auth, size_t capacity); -+int ss_encrypt(buffer_t *plaintext, enc_ctx_t *ctx, size_t capacity); -+int ss_decrypt(buffer_t *ciphertext, enc_ctx_t *ctx, size_t capacity); -+ -+void enc_ctx_init(int method, enc_ctx_t *ctx, int enc); -+int enc_init(const char *pass, const char *method); -+int enc_get_iv_len(void); -+uint8_t* enc_get_key(void); -+int enc_get_key_len(void); -+void cipher_context_release(cipher_ctx_t *evp); -+unsigned char *enc_md5(const unsigned char *d, size_t n, unsigned char *md); -+ -+int ss_md5_hmac(char *auth, char *msg, int msg_len, uint8_t *iv); -+int ss_md5_hmac_with_key(char *auth, char *msg, int msg_len, uint8_t *auth_key, int key_len); -+int ss_md5_hash_func(char *auth, char *msg, int msg_len); -+int ss_sha1_hmac(char *auth, char *msg, int msg_len, uint8_t *iv); -+int ss_sha1_hmac_with_key(char *auth, char *msg, int msg_len, uint8_t *auth_key, int key_len); -+int ss_sha1_hash_func(char *auth, char *msg, int msg_len); -+int ss_aes_128_cbc(char *encrypt, char *out_data, char *key); -+int ss_onetimeauth(buffer_t *buf, uint8_t *iv, size_t capacity); -+int ss_onetimeauth_verify(buffer_t *buf, uint8_t *iv); -+ -+int ss_check_hash(buffer_t *buf, chunk_t *chunk, enc_ctx_t *ctx, size_t capacity); -+int ss_gen_hash(buffer_t *buf, uint32_t *counter, enc_ctx_t *ctx, size_t capacity); -+ -+int balloc(buffer_t *ptr, size_t capacity); -+int brealloc(buffer_t *ptr, size_t len, size_t capacity); -+void bfree(buffer_t *ptr); -+ -+#endif // _ENCRYPT_H -diff --git a/server/http.c b/server/http.c -new file mode 100644 -index 0000000..3bd4a32 ---- /dev/null -+++ b/server/http.c -@@ -0,0 +1,152 @@ -+/* -+ * Copyright (c) 2011 and 2012, Dustin Lundquist -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+#include /* malloc() */ -+#include /* strncpy() */ -+#include /* strncasecmp() */ -+#include /* isblank() */ -+ -+#include "http.h" -+#include "protocol.h" -+ -+#define SERVER_NAME_LEN 256 -+ -+static int parse_http_header(const char *, size_t, char **); -+static int get_header(const char *, const char *, int, char **); -+static int next_header(const char **, int *); -+ -+static const protocol_t http_protocol_st = { -+ .default_port = 80, -+ .parse_packet = &parse_http_header, -+}; -+const protocol_t *const http_protocol = &http_protocol_st; -+ -+/* -+ * Parses a HTTP request for the Host: header -+ * -+ * Returns: -+ * >=0 - length of the hostname and updates *hostname -+ * caller is responsible for freeing *hostname -+ * -1 - Incomplete request -+ * -2 - No Host header included in this request -+ * -3 - Invalid hostname pointer -+ * -4 - malloc failure -+ * < -4 - Invalid HTTP request -+ * -+ */ -+static int -+parse_http_header(const char *data, size_t data_len, char **hostname) -+{ -+ int result, i; -+ -+ if (hostname == NULL) -+ return -3; -+ -+ if (data_len == 0) -+ return -1; -+ -+ result = get_header("Host:", data, data_len, hostname); -+ if (result < 0) -+ return result; -+ -+ /* -+ * if the user specifies the port in the request, it is included here. -+ * Host: example.com:80 -+ * so we trim off port portion -+ */ -+ for (i = result - 1; i >= 0; i--) -+ if ((*hostname)[i] == ':') { -+ (*hostname)[i] = '\0'; -+ result = i; -+ break; -+ } -+ -+ return result; -+} -+ -+static int -+get_header(const char *header, const char *data, int data_len, char **value) -+{ -+ int len, header_len; -+ -+ header_len = strlen(header); -+ -+ /* loop through headers stopping at first blank line */ -+ while ((len = next_header(&data, &data_len)) != 0) -+ if (len > header_len && strncasecmp(header, data, header_len) == 0) { -+ /* Eat leading whitespace */ -+ while (header_len < len && isblank(data[header_len])) -+ header_len++; -+ -+ *value = malloc(len - header_len + 1); -+ if (*value == NULL) -+ return -4; -+ -+ strncpy(*value, data + header_len, len - header_len); -+ (*value)[len - header_len] = '\0'; -+ -+ return len - header_len; -+ } -+ -+ /* If there is no data left after reading all the headers then we do not -+ * have a complete HTTP request, there must be a blank line */ -+ if (data_len == 0) -+ return -1; -+ -+ return -2; -+} -+ -+static int -+next_header(const char **data, int *len) -+{ -+ int header_len; -+ -+ /* perhaps we can optimize this to reuse the value of header_len, rather -+ * than scanning twice. -+ * Walk our data stream until the end of the header */ -+ while (*len > 2 && (*data)[0] != '\r' && (*data)[1] != '\n') { -+ (*len)--; -+ (*data)++; -+ } -+ -+ /* advanced past the pair */ -+ *data += 2; -+ *len -= 2; -+ -+ /* Find the length of the next header */ -+ header_len = 0; -+ while (*len > header_len + 1 -+ && (*data)[header_len] != '\r' -+ && (*data)[header_len + 1] != '\n') -+ header_len++; -+ -+ return header_len; -+} -diff --git a/server/http.h b/server/http.h -new file mode 100644 -index 0000000..914815a ---- /dev/null -+++ b/server/http.h -@@ -0,0 +1,34 @@ -+/* -+ * Copyright (c) 2011 and 2012, Dustin Lundquist -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+#ifndef HTTP_H -+#define HTTP_H -+ -+#include -+#include "protocol.h" -+ -+const protocol_t *const http_protocol; -+ -+#endif -diff --git a/server/http_simple.c b/server/http_simple.c -new file mode 100644 -index 0000000..c1e34ee ---- /dev/null -+++ b/server/http_simple.c -@@ -0,0 +1,625 @@ -+ -+#include "http_simple.h" -+ -+static char* g_useragent[] = { -+ "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0", -+ "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:40.0) Gecko/20100101 Firefox/44.0", -+ "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36", -+ "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.11 (KHTML, like Gecko) Ubuntu/11.10 Chromium/27.0.1453.93 Chrome/27.0.1453.93 Safari/537.36", -+ "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0", -+ "Mozilla/5.0 (compatible; WOW64; MSIE 10.0; Windows NT 6.2)", -+ "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27", -+ "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Trident/7.0; .NET4.0E; .NET4.0C)", -+ "Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko", -+ "Mozilla/5.0 (Linux; Android 4.4; Nexus 5 Build/BuildID) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.0.0 Mobile Safari/537.36", -+ "Mozilla/5.0 (iPad; CPU OS 5_0 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A334 Safari/7534.48.3", -+ "Mozilla/5.0 (iPhone; CPU iPhone OS 5_0 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A334 Safari/7534.48.3", -+}; -+ -+static int g_useragent_index = -1; -+ -+typedef struct http_simple_local_data { -+ int has_sent_header; -+ int has_recv_header; -+ char *encode_buffer; -+ int host_matched; -+ char *recv_buffer; -+ int recv_buffer_size; -+}http_simple_local_data; -+ -+void http_simple_local_data_init(http_simple_local_data* local) { -+ local->has_sent_header = 0; -+ local->has_recv_header = 0; -+ local->encode_buffer = NULL; -+ -+ local->recv_buffer = malloc(0); -+ local->recv_buffer_size = 0; -+ -+ local->host_matched = 0; -+ -+ if (g_useragent_index == -1) { -+ g_useragent_index = xorshift128plus() % (sizeof(g_useragent) / sizeof(*g_useragent)); -+ } -+} -+ -+obfs * http_simple_new_obfs() { -+ obfs * self = new_obfs(); -+ self->l_data = malloc(sizeof(http_simple_local_data)); -+ http_simple_local_data_init((http_simple_local_data*)self->l_data); -+ return self; -+} -+ -+void http_simple_dispose(obfs *self) { -+ http_simple_local_data *local = (http_simple_local_data*)self->l_data; -+ if (local->encode_buffer != NULL) { -+ free(local->encode_buffer); -+ local->encode_buffer = NULL; -+ } -+ free(local); -+ dispose_obfs(self); -+} -+ -+char http_simple_hex(char c) { -+ if (c < 10) return c + '0'; -+ return c - 10 + 'a'; -+} -+ -+int get_data_from_http_header(char *data, char **outdata) { -+ char *delim = "\r\n"; -+ char *delim_hex = "%"; -+ int outlength = 0; -+ -+ char *buf = *outdata; -+ char *p_line; -+ p_line = strtok(data, delim); -+ -+ //while(p_line) -+ { -+ char *p_hex; -+ -+ p_hex = strtok(p_line, delim_hex); -+ -+ while((p_hex = strtok(NULL, delim_hex))) -+ { -+ char hex = 0; -+ -+ if(strlen(p_hex) <= 0) -+ { -+ continue; -+ } -+ -+ if(strlen(p_hex) > 2) -+ { -+ char *c_hex = (char*)malloc(2); -+ memcpy(c_hex, p_hex, 2); -+ hex = (char)strtol(c_hex, NULL, 16); -+ free(c_hex); -+ } -+ else -+ { -+ hex = (char)strtol(p_hex, NULL, 16); -+ } -+ -+ outlength += 1; -+ buf = (char*)realloc(buf, outlength); -+ buf[outlength - 1] = hex; -+ } -+ -+ //p_line = strtok(p_line, delim); -+ } -+ return outlength; -+} -+ -+void get_host_from_http_header(char *data, char **host) { -+ char* data_begin = strstr(data, "Host: "); -+ -+ if(data_begin == NULL) -+ { -+ return; -+ } -+ -+ data_begin += 6; -+ char* data_end = strstr(data_begin, "\r\n"); -+ char* data_end_port = strstr(data_begin, ":"); -+ -+ int host_length = 0; -+ -+ if(data_end_port != NULL) -+ { -+ host_length = data_end_port - data_begin; -+ } -+ else -+ { -+ host_length = data_end - data_begin; -+ } -+ -+ if(host_length <= 0) -+ { -+ return; -+ } -+ -+ memset(*host, 0x00, 1024); -+ memcpy(*host, data_begin, host_length); -+} -+ -+void http_simple_encode_head(http_simple_local_data *local, char *data, int datalength) { -+ if (local->encode_buffer == NULL) { -+ local->encode_buffer = (char*)malloc(datalength * 3 + 1); -+ } -+ int pos = 0; -+ for (; pos < datalength; ++pos) { -+ local->encode_buffer[pos * 3] = '%'; -+ local->encode_buffer[pos * 3 + 1] = http_simple_hex(((unsigned char)data[pos] >> 4)); -+ local->encode_buffer[pos * 3 + 2] = http_simple_hex(data[pos] & 0xF); -+ } -+ local->encode_buffer[pos * 3] = 0; -+} -+ -+int http_simple_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity) { -+ char *encryptdata = *pencryptdata; -+ http_simple_local_data *local = (http_simple_local_data*)self->l_data; -+ if (local->has_sent_header) { -+ return datalength; -+ } -+ char hosts[1024]; -+ char * phost[128]; -+ int host_num = 0; -+ int pos; -+ char hostport[128]; -+ int head_size = self->server.head_len + (xorshift128plus() & 0x3F); -+ int outlength; -+ char * out_buffer = (char*)malloc(datalength + 2048); -+ char * body_buffer = NULL; -+ if (head_size > datalength) -+ head_size = datalength; -+ http_simple_encode_head(local, encryptdata, head_size); -+ if (self->server.param && strlen(self->server.param) == 0) -+ self->server.param = NULL; -+ strncpy(hosts, self->server.param ? self->server.param : self->server.host, sizeof hosts); -+ phost[host_num++] = hosts; -+ for (pos = 0; hosts[pos]; ++pos) { -+ if (hosts[pos] == ',') { -+ phost[host_num++] = &hosts[pos + 1]; -+ hosts[pos] = 0; -+ } else if (hosts[pos] == '#') { -+ char * body_pointer = &hosts[pos + 1]; -+ char * p; -+ int trans_char = 0; -+ p = body_buffer = (char*)malloc(2048); -+ for ( ; *body_pointer; ++body_pointer) { -+ if (*body_pointer == '\\') { -+ trans_char = 1; -+ continue; -+ } else if (*body_pointer == '\n') { -+ *p = '\r'; -+ *++p = '\n'; -+ continue; -+ } -+ if (trans_char) { -+ if (*body_pointer == '\\' ) { -+ *p = '\\'; -+ } else if (*body_pointer == 'n' ) { -+ *p = '\r'; -+ *++p = '\n'; -+ } else { -+ *p = '\\'; -+ *p = *body_pointer; -+ } -+ trans_char = 0; -+ } else { -+ *p = *body_pointer; -+ } -+ ++p; -+ } -+ *p = 0; -+ hosts[pos] = 0; -+ break; -+ } -+ } -+ host_num = xorshift128plus() % host_num; -+ if (self->server.port == 80) -+ sprintf(hostport, "%s", phost[host_num]); -+ else -+ sprintf(hostport, "%s:%d", phost[host_num], self->server.port); -+ if (body_buffer) { -+ sprintf(out_buffer, -+ "GET /%s HTTP/1.1\r\n" -+ "Host: %s\r\n" -+ "%s\r\n\r\n", -+ local->encode_buffer, -+ hostport, -+ body_buffer); -+ } else { -+ sprintf(out_buffer, -+ "GET /%s HTTP/1.1\r\n" -+ "Host: %s\r\n" -+ "User-Agent: %s\r\n" -+ "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n" -+ "Accept-Language: en-US,en;q=0.8\r\n" -+ "Accept-Encoding: gzip, deflate\r\n" -+ "DNT: 1\r\n" -+ "Connection: keep-alive\r\n" -+ "\r\n", -+ local->encode_buffer, -+ hostport, -+ g_useragent[g_useragent_index] -+ ); -+ } -+ //LOGI("http header: %s", out_buffer); -+ outlength = strlen(out_buffer); -+ memmove(out_buffer + outlength, encryptdata + head_size, datalength - head_size); -+ outlength += datalength - head_size; -+ local->has_sent_header = 1; -+ if (*capacity < outlength) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = outlength * 2); -+ encryptdata = *pencryptdata; -+ } -+ memmove(encryptdata, out_buffer, outlength); -+ free(out_buffer); -+ if (body_buffer != NULL) -+ free(body_buffer); -+ if (local->encode_buffer != NULL) { -+ free(local->encode_buffer); -+ local->encode_buffer = NULL; -+ } -+ return outlength; -+} -+ -+int http_simple_server_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity) { -+ char *encryptdata = *pencryptdata; -+ http_simple_local_data *local = (http_simple_local_data*)self->l_data; -+ if (local->has_sent_header) { -+ return datalength; -+ } -+ int outlength; -+ char * out_buffer = (char*)malloc(datalength + 2048); -+ -+ time_t now; -+ struct tm *tm_now; -+ char datetime[200]; -+ -+ time(&now); -+ tm_now = localtime(&now); -+ strftime(datetime, 200, "%a, %d %b %Y %H:%M:%S GMT", tm_now); -+ -+ sprintf(out_buffer, -+ "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nContent-Type: text/html\r\nDate: " -+ "%s" -+ "\r\nServer: nginx\r\nVary: Accept-Encoding\r\n\r\n", -+ datetime); -+ -+ outlength = strlen(out_buffer); -+ memmove(out_buffer + outlength, encryptdata, datalength); -+ outlength += datalength; -+ -+ local->has_sent_header = 1; -+ if (*capacity < outlength) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = outlength * 2); -+ encryptdata = *pencryptdata; -+ } -+ memmove(encryptdata, out_buffer, outlength); -+ free(out_buffer); -+ return outlength; -+} -+ -+int http_simple_client_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback) { -+ char *encryptdata = *pencryptdata; -+ http_simple_local_data *local = (http_simple_local_data*)self->l_data; -+ *needsendback = 0; -+ if (local->has_recv_header) { -+ return datalength; -+ } -+ char* data_begin = strstr(encryptdata, "\r\n\r\n"); -+ if (data_begin) { -+ int outlength; -+ data_begin += 4; -+ local->has_recv_header = 1; -+ outlength = datalength - (data_begin - encryptdata); -+ memmove(encryptdata, data_begin, outlength); -+ return outlength; -+ } else { -+ return 0; -+ } -+} -+ -+int http_simple_server_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback) { -+ char *encryptdata = *pencryptdata; -+ http_simple_local_data *local = (http_simple_local_data*)self->l_data; -+ *needsendback = 0; -+ if (local->has_recv_header) { -+ return datalength; -+ } -+ -+ if(datalength != 0) -+ { -+ local->recv_buffer = (char*)realloc(local->recv_buffer, local->recv_buffer_size + datalength); -+ memmove(local->recv_buffer + local->recv_buffer_size, encryptdata, datalength); -+ local->recv_buffer_size += datalength; -+ -+ int outlength = local->recv_buffer_size; -+ if (*capacity < outlength) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = outlength * 2); -+ encryptdata = *pencryptdata; -+ } -+ memcpy(encryptdata, local->recv_buffer, local->recv_buffer_size); -+ } -+ -+ if(local->recv_buffer_size > 10) -+ { -+ if(strstr(local->recv_buffer, "GET /") == local->recv_buffer || strstr(local->recv_buffer, "POST /") == local->recv_buffer) -+ { -+ if(local->recv_buffer_size > 65536) -+ { -+ free(local->recv_buffer); -+ local->recv_buffer = malloc(0); -+ local->recv_buffer_size = 0; -+ local->has_sent_header = 1; -+ local->has_recv_header = 1; -+ LOGE("http_simple: over size"); -+ return -1; -+ } -+ } -+ else -+ { -+ free(local->recv_buffer); -+ local->recv_buffer = malloc(0); -+ local->recv_buffer_size = 0; -+ local->has_sent_header = 1; -+ local->has_recv_header = 1; -+ LOGE("http_simple: not match begin"); -+ return -1; -+ } -+ } -+ else -+ { -+ LOGE("http_simple: too short"); -+ local->has_sent_header = 1; -+ local->has_recv_header = 1; -+ return -1; -+ } -+ -+ char* data_begin = strstr(encryptdata, "\r\n\r\n"); -+ if (data_begin) { -+ int outlength; -+ char *ret_buf = (char*)malloc(*capacity); -+ memset(ret_buf, 0x00, *capacity); -+ int ret_buf_len = 0; -+ ret_buf_len = get_data_from_http_header(encryptdata, &ret_buf); -+ -+ if (self->server.param && strlen(self->server.param) == 0) -+ { -+ self->server.param = NULL; -+ } -+ else -+ { -+ if(local->host_matched == 0) -+ { -+ char *host = (char*)malloc(1024); -+ get_host_from_http_header(local->recv_buffer, &host); -+ char hosts[1024]; -+ char * phost[128]; -+ int host_num = 0; -+ int pos = 0; -+ int is_match = 0; -+ char * body_buffer = NULL; -+ strncpy(hosts, self->server.param, sizeof hosts); -+ phost[host_num++] = hosts; -+ -+ for (pos = 0; hosts[pos]; ++pos) { -+ if (hosts[pos] == ',') { -+ phost[host_num++] = &hosts[pos + 1]; -+ hosts[pos] = 0; -+ } else if (hosts[pos] == '#') { -+ char * body_pointer = &hosts[pos + 1]; -+ char * p; -+ int trans_char = 0; -+ p = body_buffer = (char*)malloc(2048); -+ for ( ; *body_pointer; ++body_pointer) { -+ if (*body_pointer == '\\') { -+ trans_char = 1; -+ continue; -+ } else if (*body_pointer == '\n') { -+ *p = '\r'; -+ *++p = '\n'; -+ continue; -+ } -+ if (trans_char) { -+ if (*body_pointer == '\\' ) { -+ *p = '\\'; -+ } else if (*body_pointer == 'n' ) { -+ *p = '\r'; -+ *++p = '\n'; -+ } else { -+ *p = '\\'; -+ *p = *body_pointer; -+ } -+ trans_char = 0; -+ } else { -+ *p = *body_pointer; -+ } -+ ++p; -+ } -+ *p = 0; -+ hosts[pos] = 0; -+ break; -+ } -+ } -+ -+ -+ for(pos = 0; pos < host_num; pos++) -+ { -+ if(strcmp(phost[pos], host) == 0) -+ { -+ is_match = 1; -+ local->host_matched = 1; -+ } -+ } -+ -+ if(is_match == 0) -+ { -+ free(local->recv_buffer); -+ local->recv_buffer = malloc(0); -+ local->recv_buffer_size = 0; -+ local->has_sent_header = 1; -+ local->has_recv_header = 1; -+ LOGE("http_simple: not match host, host: %s", host); -+ return -1; -+ } -+ -+ free(host); -+ } -+ } -+ -+ if(ret_buf_len <= 0) -+ { -+ return -1; -+ } -+ -+ data_begin += 4; -+ local->has_recv_header = 1; -+ -+ ret_buf = (char*)realloc(ret_buf, ret_buf_len + datalength - (data_begin - encryptdata)); -+ outlength = ret_buf_len + datalength - (data_begin - encryptdata); -+ -+ memcpy(ret_buf + ret_buf_len, data_begin, datalength - (data_begin - encryptdata)); -+ -+ if (*capacity < outlength) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = outlength * 2); -+ encryptdata = *pencryptdata; -+ } -+ -+ memcpy(encryptdata, ret_buf, outlength); -+ free(ret_buf); -+ return outlength; -+ } else { -+ return 0; -+ } -+} -+ -+void boundary(char result[]) -+{ -+ char *str = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; -+ int i,lstr; -+ char ss[3] = {0}; -+ lstr = strlen(str); -+ srand((unsigned int)time((time_t *)NULL)); -+ for(i = 0; i < 32; ++i) -+ { -+ sprintf(ss, "%c", str[(rand()%lstr)]); -+ strcat(result, ss); -+ } -+} -+ -+int http_post_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity) { -+ char *encryptdata = *pencryptdata; -+ http_simple_local_data *local = (http_simple_local_data*)self->l_data; -+ if (local->has_sent_header) { -+ return datalength; -+ } -+ char hosts[1024]; -+ char * phost[128]; -+ int host_num = 0; -+ int pos; -+ char hostport[128]; -+ int head_size = self->server.head_len + (xorshift128plus() & 0x3F); -+ int outlength; -+ char * out_buffer = (char*)malloc(datalength + 2048); -+ char * body_buffer = NULL; -+ if (head_size > datalength) -+ head_size = datalength; -+ http_simple_encode_head(local, encryptdata, head_size); -+ if (self->server.param && strlen(self->server.param) == 0) -+ self->server.param = NULL; -+ strncpy(hosts, self->server.param ? self->server.param : self->server.host, sizeof hosts); -+ phost[host_num++] = hosts; -+ for (pos = 0; hosts[pos]; ++pos) { -+ if (hosts[pos] == ',') { -+ phost[host_num++] = &hosts[pos + 1]; -+ hosts[pos] = 0; -+ } else if (hosts[pos] == '#') { -+ char * body_pointer = &hosts[pos + 1]; -+ char * p; -+ int trans_char = 0; -+ p = body_buffer = (char*)malloc(2048); -+ for ( ; *body_pointer; ++body_pointer) { -+ if (*body_pointer == '\\') { -+ trans_char = 1; -+ continue; -+ } else if (*body_pointer == '\n') { -+ *p = '\r'; -+ *++p = '\n'; -+ continue; -+ } -+ if (trans_char) { -+ if (*body_pointer == '\\' ) { -+ *p = '\\'; -+ } else if (*body_pointer == 'n' ) { -+ *p = '\r'; -+ *++p = '\n'; -+ } else { -+ *p = '\\'; -+ *p = *body_pointer; -+ } -+ trans_char = 0; -+ } else { -+ *p = *body_pointer; -+ } -+ ++p; -+ } -+ *p = 0; -+ hosts[pos] = 0; -+ break; -+ } -+ } -+ host_num = xorshift128plus() % host_num; -+ if (self->server.port == 80) -+ sprintf(hostport, "%s", phost[host_num]); -+ else -+ sprintf(hostport, "%s:%d", phost[host_num], self->server.port); -+ if (body_buffer) { -+ sprintf(out_buffer, -+ "POST /%s HTTP/1.1\r\n" -+ "Host: %s\r\n" -+ "%s\r\n\r\n", -+ local->encode_buffer, -+ hostport, -+ body_buffer); -+ } else { -+ char result[33] = {0}; -+ boundary(result); -+ sprintf(out_buffer, -+ "POST /%s HTTP/1.1\r\n" -+ "Host: %s\r\n" -+ "User-Agent: %s\r\n" -+ "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n" -+ "Accept-Language: en-US,en;q=0.8\r\n" -+ "Accept-Encoding: gzip, deflate\r\n" -+ "Content-Type: multipart/form-data; boundary=%s\r\n" -+ "DNT: 1\r\n" -+ "Connection: keep-alive\r\n" -+ "\r\n", -+ local->encode_buffer, -+ hostport, -+ g_useragent[g_useragent_index], -+ result -+ ); -+ } -+ //LOGI("http header: %s", out_buffer); -+ outlength = strlen(out_buffer); -+ memmove(out_buffer + outlength, encryptdata + head_size, datalength - head_size); -+ outlength += datalength - head_size; -+ local->has_sent_header = 1; -+ if (*capacity < outlength) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = outlength * 2); -+ encryptdata = *pencryptdata; -+ } -+ memmove(encryptdata, out_buffer, outlength); -+ free(out_buffer); -+ if (body_buffer != NULL) -+ free(body_buffer); -+ if (local->encode_buffer != NULL) { -+ free(local->encode_buffer); -+ local->encode_buffer = NULL; -+ } -+ return outlength; -+} -diff --git a/server/http_simple.h b/server/http_simple.h -new file mode 100644 -index 0000000..cce24cc ---- /dev/null -+++ b/server/http_simple.h -@@ -0,0 +1,21 @@ -+/* -+ * http_simple.h - Define shadowsocksR server's buffers and callbacks -+ * -+ * Copyright (C) 2015 - 2016, Break Wa11 -+ */ -+ -+#ifndef _HTTP_SIMPLE_H -+#define _HTTP_SIMPLE_H -+ -+obfs * http_simple_new_obfs(); -+void http_simple_dispose(obfs *self); -+ -+int http_simple_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); -+int http_simple_client_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback); -+ -+int http_post_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); -+ -+int http_simple_server_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); -+int http_simple_server_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback); -+ -+#endif // _HTTP_SIMPLE_H -diff --git a/server/jconf.c b/server/jconf.c -new file mode 100644 -index 0000000..494aa5f ---- /dev/null -+++ b/server/jconf.c -@@ -0,0 +1,260 @@ -+/* -+ * jconf.c - Parse the JSON format config file -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+ -+#include "utils.h" -+#include "jconf.h" -+#include "json.h" -+#include "string.h" -+ -+#include -+ -+#define check_json_value_type(value, expected_type, message) \ -+ do { \ -+ if ((value)->type != (expected_type)) \ -+ FATAL((message)); \ -+ } while(0) -+ -+static char * -+to_string(const json_value *value) -+{ -+ if (value->type == json_string) { -+ return ss_strndup(value->u.string.ptr, value->u.string.length); -+ } else if (value->type == json_integer) { -+ return strdup(ss_itoa(value->u.integer)); -+ } else if (value->type == json_null) { -+ return "null"; -+ } else { -+ LOGE("%d", value->type); -+ FATAL("Invalid config format."); -+ } -+ return 0; -+} -+ -+void -+free_addr(ss_addr_t *addr) -+{ -+ ss_free(addr->host); -+ ss_free(addr->port); -+} -+ -+void -+parse_addr(const char *str, ss_addr_t *addr) -+{ -+ int ipv6 = 0, ret = -1, n = 0; -+ char *pch; -+ -+ struct cork_ip ip; -+ if (cork_ip_init(&ip, str) != -1) { -+ addr->host = strdup(str); -+ addr->port = NULL; -+ return; -+ } -+ -+ pch = strchr(str, ':'); -+ while (pch != NULL) { -+ n++; -+ ret = pch - str; -+ pch = strchr(pch + 1, ':'); -+ } -+ if (n > 1) { -+ ipv6 = 1; -+ if (str[ret - 1] != ']') { -+ ret = -1; -+ } -+ } -+ -+ if (ret == -1) { -+ if (ipv6) { -+ addr->host = ss_strndup(str + 1, strlen(str) - 2); -+ } else { -+ addr->host = strdup(str); -+ } -+ addr->port = NULL; -+ } else { -+ if (ipv6) { -+ addr->host = ss_strndup(str + 1, ret - 2); -+ } else { -+ addr->host = ss_strndup(str, ret); -+ } -+ addr->port = strdup(str + ret + 1); -+ } -+} -+ -+jconf_t * -+read_jconf(const char *file) -+{ -+ static jconf_t conf; -+ -+ memset(&conf, 0, sizeof(jconf_t)); -+ -+ char *buf; -+ json_value *obj; -+ -+ FILE *f = fopen(file, "rb"); -+ if (f == NULL) { -+ FATAL("Invalid config path."); -+ } -+ -+ fseek(f, 0, SEEK_END); -+ long pos = ftell(f); -+ fseek(f, 0, SEEK_SET); -+ -+ if (pos >= MAX_CONF_SIZE) { -+ FATAL("Too large config file."); -+ } -+ -+ buf = ss_malloc(pos + 1); -+ if (buf == NULL) { -+ FATAL("No enough memory."); -+ } -+ -+ int nread = fread(buf, pos, 1, f); -+ if (!nread) { -+ FATAL("Failed to read the config file."); -+ } -+ fclose(f); -+ -+ buf[pos] = '\0'; // end of string -+ -+ json_settings settings = { 0UL, 0, NULL, NULL, NULL }; -+ char error_buf[512]; -+ obj = json_parse_ex(&settings, buf, pos, error_buf); -+ -+ if (obj == NULL) { -+ FATAL(error_buf); -+ } -+ -+ if (obj->type == json_object) { -+ unsigned int i, j; -+ for (i = 0; i < obj->u.object.length; i++) { -+ char *name = obj->u.object.values[i].name; -+ json_value *value = obj->u.object.values[i].value; -+ if (strcmp(name, "server") == 0) { -+ if (value->type == json_array) { -+ for (j = 0; j < value->u.array.length; j++) { -+ if (j >= MAX_REMOTE_NUM) { -+ break; -+ } -+ json_value *v = value->u.array.values[j]; -+ char *addr_str = to_string(v); -+ parse_addr(addr_str, conf.remote_addr + j); -+ ss_free(addr_str); -+ conf.remote_num = j + 1; -+ } -+ } else if (value->type == json_string) { -+ conf.remote_addr[0].host = to_string(value); -+ conf.remote_addr[0].port = NULL; -+ conf.remote_num = 1; -+ } -+ } else if (strcmp(name, "port_password") == 0) { -+ if (value->type == json_object) { -+ for (j = 0; j < value->u.object.length; j++) { -+ if (j >= MAX_PORT_NUM) { -+ break; -+ } -+ json_value *v = value->u.object.values[j].value; -+ if (v->type == json_string) { -+ conf.port_password[j].port = ss_strndup(value->u.object.values[j].name, -+ value->u.object.values[j].name_length); -+ conf.port_password[j].password = to_string(v); -+ conf.port_password_num = j + 1; -+ } -+ } -+ } -+ } else if (strcmp(name, "server_port") == 0) { -+ conf.remote_port = to_string(value); -+ } else if (strcmp(name, "local_address") == 0) { -+ conf.local_addr = to_string(value); -+ } else if (strcmp(name, "local_port") == 0) { -+ conf.local_port = to_string(value); -+ } else if (strcmp(name, "password") == 0) { -+ conf.password = to_string(value); -+ } else if (strcmp(name, "protocol") == 0) { // SSR -+ conf.protocol = to_string(value); -+ } else if (strcmp(name, "protocol_param") == 0) { // SSR -+ conf.protocol_param = to_string(value); -+ } else if (strcmp(name, "method") == 0) { -+ conf.method = to_string(value); -+ } else if (strcmp(name, "obfs") == 0) { // SSR -+ conf.obfs = to_string(value); -+ } else if (strcmp(name, "obfs_param") == 0) { // SSR -+ conf.obfs_param = to_string(value); -+ } else if (strcmp(name, "timeout") == 0) { -+ conf.timeout = to_string(value); -+ } else if (strcmp(name, "user") == 0) { -+ conf.user = to_string(value); -+ } else if (strcmp(name, "fast_open") == 0) { -+ check_json_value_type(value, json_boolean, -+ "invalid config file: option 'fast_open' must be a boolean"); -+ conf.fast_open = value->u.boolean; -+ } else if (strcmp(name, "auth") == 0) { -+ check_json_value_type(value, json_boolean, -+ "invalid config file: option 'auth' must be a boolean"); -+ conf.auth = value->u.boolean; -+ } else if (strcmp(name, "nofile") == 0) { -+ check_json_value_type(value, json_integer, -+ "invalid config file: option 'nofile' must be an integer"); -+ conf.nofile = value->u.integer; -+ } else if (strcmp(name, "nameserver") == 0) { -+ conf.nameserver = to_string(value); -+ } else if (strcmp(name, "tunnel_address") == 0) { -+ conf.tunnel_address = to_string(value); -+ } else if (strcmp(name, "mode") == 0) { -+ char *mode_str = to_string(value); -+ -+ if (strcmp(mode_str, "tcp_only") == 0) -+ conf.mode = TCP_ONLY; -+ else if (strcmp(mode_str, "tcp_and_udp") == 0) -+ conf.mode = TCP_AND_UDP; -+ else if (strcmp(mode_str, "udp_only") == 0) -+ conf.mode = UDP_ONLY; -+ else -+ LOGI("ignore unknown mode: %s, use tcp_only as fallback", -+ mode_str); -+ ss_free(mode_str); -+ } else if (strcmp(name, "mtu") == 0) { -+ check_json_value_type(value, json_integer, -+ "invalid config file: option 'mtu' must be an integer"); -+ conf.mtu = value->u.integer; -+ } else if (strcmp(name, "mptcp") == 0) { -+ check_json_value_type(value, json_boolean, -+ "invalid config file: option 'mptcp' must be a boolean"); -+ conf.mptcp = value->u.boolean; -+ } else if (strcmp(name, "ipv6_first") == 0) { -+ check_json_value_type(value, json_boolean, -+ "invalid config file: option 'ipv6_first' must be a boolean"); -+ conf.ipv6_first = value->u.boolean; -+ } -+ } -+ } else { -+ FATAL("Invalid config file"); -+ } -+ -+ ss_free(buf); -+ json_value_free(obj); -+ return &conf; -+} -diff --git a/server/jconf.h b/server/jconf.h -new file mode 100644 -index 0000000..9a7e5e3 ---- /dev/null -+++ b/server/jconf.h -@@ -0,0 +1,78 @@ -+/* -+ * jconf.h - Define the config data structure -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifndef _JCONF_H -+#define _JCONF_H -+ -+#define MAX_PORT_NUM 1024 -+#define MAX_REMOTE_NUM 10 -+#define MAX_CONF_SIZE 128 * 1024 -+#define MAX_DNS_NUM 4 -+#define MAX_CONNECT_TIMEOUT 10 -+#define MAX_REQUEST_TIMEOUT 60 -+#define MIN_UDP_TIMEOUT 10 -+ -+#define TCP_ONLY 0 -+#define TCP_AND_UDP 1 -+#define UDP_ONLY 3 -+ -+typedef struct { -+ char *host; -+ char *port; -+} ss_addr_t; -+ -+typedef struct { -+ char *port; -+ char *password; -+} ss_port_password_t; -+ -+typedef struct { -+ int remote_num; -+ ss_addr_t remote_addr[MAX_REMOTE_NUM]; -+ int port_password_num; -+ ss_port_password_t port_password[MAX_PORT_NUM]; -+ char *remote_port; -+ char *local_addr; -+ char *local_port; -+ char *password; -+ char *protocol; // SSR -+ char *protocol_param; // SSR -+ char *method; -+ char *obfs; // SSR -+ char *obfs_param; // SSR -+ char *timeout; -+ char *user; -+ int auth; -+ int fast_open; -+ int nofile; -+ char *nameserver; -+ char *tunnel_address; -+ int mode; -+ int mtu; -+ int mptcp; -+ int ipv6_first; -+} jconf_t; -+ -+jconf_t *read_jconf(const char *file); -+void parse_addr(const char *str, ss_addr_t *addr); -+void free_addr(ss_addr_t *addr); -+ -+#endif // _JCONF_H -diff --git a/server/json.c b/server/json.c -new file mode 100644 -index 0000000..18e95ef ---- /dev/null -+++ b/server/json.c -@@ -0,0 +1,1002 @@ -+/* vim: set et ts=3 sw=3 sts=3 ft=c: -+ * -+ * Copyright (C) 2012, 2013, 2014 James McLaughlin et al. All rights reserved. -+ * https://github.com/udp/json-parser -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -+ * SUCH DAMAGE. -+ */ -+ -+#include "json.h" -+#include "utils.h" -+ -+#ifdef _MSC_VER -+#ifndef _CRT_SECURE_NO_WARNINGS -+#define _CRT_SECURE_NO_WARNINGS -+#endif -+#endif -+ -+#ifdef __cplusplus -+const struct _json_value json_value_none; /* zero-d by ctor */ -+#else -+const struct _json_value json_value_none = { NULL, 0, { 0 }, { NULL } }; -+#endif -+ -+#include -+#include -+#include -+#include -+ -+typedef unsigned short json_uchar; -+ -+static unsigned char -+hex_value(json_char c) -+{ -+ if (isdigit((uint8_t)c)) { -+ return c - '0'; -+ } -+ -+ switch (c) { -+ case 'a': -+ case 'A': -+ return 0x0A; -+ case 'b': -+ case 'B': -+ return 0x0B; -+ case 'c': -+ case 'C': -+ return 0x0C; -+ case 'd': -+ case 'D': -+ return 0x0D; -+ case 'e': -+ case 'E': -+ return 0x0E; -+ case 'f': -+ case 'F': -+ return 0x0F; -+ default: -+ return 0xFF; -+ } -+} -+ -+typedef struct { -+ unsigned long used_memory; -+ -+ unsigned int uint_max; -+ unsigned long ulong_max; -+ -+ json_settings settings; -+ int first_pass; -+} json_state; -+ -+static void * -+default_alloc(size_t size, int zero, void *user_data) -+{ -+ return zero ? calloc(1, size) : ss_malloc(size); -+} -+ -+static void -+default_free(void *ptr, void *user_data) -+{ -+ ss_free(ptr); -+} -+ -+static void * -+json_alloc(json_state *state, unsigned long size, int zero) -+{ -+ if ((state->ulong_max - state->used_memory) < size) { -+ return 0; -+ } -+ -+ if (state->settings.max_memory -+ && (state->used_memory += size) > state->settings.max_memory) { -+ return 0; -+ } -+ -+ return state->settings.mem_alloc(size, zero, state->settings.user_data); -+} -+ -+static int -+new_value(json_state *state, json_value **top, json_value **root, -+ json_value **alloc, json_type type) -+{ -+ json_value *value; -+ int values_size; -+ -+ if (!state->first_pass) { -+ value = *top = *alloc; -+ *alloc = (*alloc)->_reserved.next_alloc; -+ -+ if (!*root) { -+ *root = value; -+ } -+ -+ switch (value->type) { -+ case json_array: -+ -+ if (!(value->u.array.values = (json_value **)json_alloc -+ (state, value->u.array.length * -+ sizeof(json_value *), 0))) { -+ return 0; -+ } -+ -+ value->u.array.length = 0; -+ break; -+ -+ case json_object: -+ -+ values_size = sizeof(*value->u.object.values) * -+ value->u.object.length; -+ -+ if (!((*(void **)&value->u.object.values) = json_alloc -+ (state, -+ values_size + -+ ((size_t)value->u. -+ object.values), -+ 0))) { -+ return 0; -+ } -+ -+ value->_reserved.object_mem = (*(char **)&value->u.object.values) + -+ values_size; -+ -+ value->u.object.length = 0; -+ break; -+ -+ case json_string: -+ -+ if (!(value->u.string.ptr = (json_char *)json_alloc -+ (state, -+ (value->u.string.length + -+ 1) * sizeof(json_char), 0))) { -+ return 0; -+ } -+ -+ value->u.string.length = 0; -+ break; -+ -+ default: -+ break; -+ } -+ -+ return 1; -+ } -+ -+ value = (json_value *)json_alloc(state, sizeof(json_value), 1); -+ -+ if (!value) { -+ return 0; -+ } -+ -+ if (!*root) { -+ *root = value; -+ } -+ -+ value->type = type; -+ value->parent = *top; -+ -+ if (*alloc) { -+ (*alloc)->_reserved.next_alloc = value; -+ } -+ -+ *alloc = *top = value; -+ -+ return 1; -+} -+ -+#define e_off \ -+ ((int)(i - cur_line_begin)) -+ -+#define whitespace \ -+case '\n': \ -+ ++cur_line; cur_line_begin = i; \ -+case ' ': \ -+case '\t': \ -+case '\r' -+ -+#define string_add(b) \ -+ do { if (!state.first_pass) { string[string_length] = b; \ -+ } ++string_length; } while (0) -+ -+static const long -+ flag_next = 1 << 0, -+ flag_reproc = 1 << 1, -+ flag_need_comma = 1 << 2, -+ flag_seek_value = 1 << 3, -+ flag_escaped = 1 << 4, -+ flag_string = 1 << 5, -+ flag_need_colon = 1 << 6, -+ flag_done = 1 << 7, -+ flag_num_negative = 1 << 8, -+ flag_num_zero = 1 << 9, -+ flag_num_e = 1 << 10, -+ flag_num_e_got_sign = 1 << 11, -+ flag_num_e_negative = 1 << 12, -+ flag_line_comment = 1 << 13, -+ flag_block_comment = 1 << 14; -+ -+json_value * -+json_parse_ex(json_settings *settings, -+ const json_char *json, -+ size_t length, -+ char *error_buf) -+{ -+ json_char error[json_error_max]; -+ int cur_line; -+ const json_char *cur_line_begin, *i, *end; -+ json_value *top, *root, *alloc = 0; -+ json_state state = { 0UL, 0U, 0UL, { 0UL, 0, NULL, NULL, NULL }, 0 }; -+ long flags; -+ long num_digits = 0, num_e = 0; -+ json_int_t num_fraction = 0; -+ -+ /* Skip UTF-8 BOM -+ */ -+ if (length >= 3 && ((unsigned char)json[0]) == 0xEF -+ && ((unsigned char)json[1]) == 0xBB -+ && ((unsigned char)json[2]) == 0xBF) { -+ json += 3; -+ length -= 3; -+ } -+ -+ error[0] = '\0'; -+ end = (json + length); -+ -+ memcpy(&state.settings, settings, sizeof(json_settings)); -+ -+ if (!state.settings.mem_alloc) { -+ state.settings.mem_alloc = default_alloc; -+ } -+ -+ if (!state.settings.mem_free) { -+ state.settings.mem_free = default_free; -+ } -+ -+ memset(&state.uint_max, 0xFF, sizeof(state.uint_max)); -+ memset(&state.ulong_max, 0xFF, sizeof(state.ulong_max)); -+ -+ state.uint_max -= 8; /* limit of how much can be added before next check */ -+ state.ulong_max -= 8; -+ -+ for (state.first_pass = 1; state.first_pass >= 0; --state.first_pass) { -+ json_uchar uchar; -+ unsigned char uc_b1, uc_b2, uc_b3, uc_b4; -+ json_char *string = 0; -+ unsigned int string_length = 0; -+ -+ top = root = 0; -+ flags = flag_seek_value; -+ -+ cur_line = 1; -+ cur_line_begin = json; -+ -+ for (i = json;; ++i) { -+ json_char b = (i == end ? 0 : *i); -+ -+ if (flags & flag_string) { -+ if (!b) { -+ sprintf(error, "Unexpected EOF in string (at %d:%d)", -+ cur_line, e_off); -+ goto e_failed; -+ } -+ -+ if (string_length > state.uint_max) { -+ goto e_overflow; -+ } -+ -+ if (flags & flag_escaped) { -+ flags &= ~flag_escaped; -+ -+ switch (b) { -+ case 'b': -+ string_add('\b'); -+ break; -+ case 'f': -+ string_add('\f'); -+ break; -+ case 'n': -+ string_add('\n'); -+ break; -+ case 'r': -+ string_add('\r'); -+ break; -+ case 't': -+ string_add('\t'); -+ break; -+ case 'u': -+ -+ if (end - i < 4 || -+ (uc_b1 = hex_value(*++i)) == 0xFF || -+ (uc_b2 = hex_value(*++i)) == 0xFF -+ || (uc_b3 = hex_value(*++i)) == 0xFF || -+ (uc_b4 = hex_value(*++i)) == 0xFF) { -+ sprintf(error, -+ "Invalid character value `%c` (at %d:%d)", -+ b, cur_line, e_off); -+ goto e_failed; -+ } -+ -+ uc_b1 = uc_b1 * 16 + uc_b2; -+ uc_b2 = uc_b3 * 16 + uc_b4; -+ -+ uchar = ((json_char)uc_b1) * 256 + uc_b2; -+ -+ if (sizeof(json_char) >= sizeof(json_uchar) || -+ (uc_b1 == 0 && uc_b2 <= 0x7F)) { -+ string_add((json_char)uchar); -+ break; -+ } -+ -+ if (uchar <= 0x7FF) { -+ if (state.first_pass) { -+ string_length += 2; -+ } else { -+ string[string_length++] = 0xC0 | -+ ((uc_b2 & -+ 0xC0) >> -+ 6) | -+ ((uc_b1 & 0x7) << 2); -+ string[string_length++] = 0x80 | -+ (uc_b2 & 0x3F); -+ } -+ -+ break; -+ } -+ -+ if (state.first_pass) { -+ string_length += 3; -+ } else { -+ string[string_length++] = 0xE0 | -+ ((uc_b1 & 0xF0) >> 4); -+ string[string_length++] = 0x80 | -+ ((uc_b1 & -+ 0xF) << -+ 2) | -+ ((uc_b2 & 0xC0) >> 6); -+ string[string_length++] = 0x80 | (uc_b2 & 0x3F); -+ } -+ -+ break; -+ -+ default: -+ string_add(b); -+ } -+ -+ continue; -+ } -+ -+ if (b == '\\') { -+ flags |= flag_escaped; -+ continue; -+ } -+ -+ if (b == '"') { -+ if (!state.first_pass) { -+ string[string_length] = 0; -+ } -+ -+ flags &= ~flag_string; -+ string = 0; -+ -+ switch (top->type) { -+ case json_string: -+ -+ top->u.string.length = string_length; -+ flags |= flag_next; -+ -+ break; -+ -+ case json_object: -+ -+ if (state.first_pass) { -+ (*(json_char **)&top->u.object.values) += -+ string_length + 1; -+ } else { -+ top->u.object.values[top->u.object.length].name -+ = (json_char *)top->_reserved.object_mem; -+ -+ top->u.object.values[top->u.object.length]. -+ name_length -+ = string_length; -+ -+ (*(json_char **)&top->_reserved.object_mem) += -+ string_length + 1; -+ } -+ -+ flags |= flag_seek_value | flag_need_colon; -+ continue; -+ -+ default: -+ break; -+ } -+ } else { -+ string_add(b); -+ continue; -+ } -+ } -+ -+ if (state.settings.settings & json_enable_comments) { -+ if (flags & (flag_line_comment | flag_block_comment)) { -+ if (flags & flag_line_comment) { -+ if (b == '\r' || b == '\n' || !b) { -+ flags &= ~flag_line_comment; -+ --i; /* so null can be reproc'd */ -+ } -+ -+ continue; -+ } -+ -+ if (flags & flag_block_comment) { -+ if (!b) { -+ sprintf(error, -+ "%d:%d: Unexpected EOF in block comment", -+ cur_line, e_off); -+ goto e_failed; -+ } -+ -+ if (b == '*' && i < (end - 1) && i[1] == '/') { -+ flags &= ~flag_block_comment; -+ ++i; /* skip closing sequence */ -+ } -+ -+ continue; -+ } -+ } else if (b == '/') { -+ if (!(flags & (flag_seek_value | flag_done)) && top->type != -+ json_object) { -+ sprintf(error, "%d:%d: Comment not allowed here", -+ cur_line, e_off); -+ goto e_failed; -+ } -+ -+ if (++i == end) { -+ sprintf(error, "%d:%d: EOF unexpected", cur_line, -+ e_off); -+ goto e_failed; -+ } -+ -+ switch (b = *i) { -+ case '/': -+ flags |= flag_line_comment; -+ continue; -+ -+ case '*': -+ flags |= flag_block_comment; -+ continue; -+ -+ default: -+ sprintf(error, -+ "%d:%d: Unexpected `%c` in comment opening sequence", cur_line, e_off, -+ b); -+ goto e_failed; -+ } -+ } -+ } -+ -+ if (flags & flag_done) { -+ if (!b) { -+ break; -+ } -+ -+ switch (b) { -+whitespace: -+ continue; -+ -+ default: -+ sprintf(error, "%d:%d: Trailing garbage: `%c`", cur_line, -+ e_off, b); -+ goto e_failed; -+ } -+ } -+ -+ if (flags & flag_seek_value) { -+ switch (b) { -+whitespace: -+ continue; -+ -+ case ']': -+ -+ if (top->type == json_array) { -+ flags = -+ (flags & -+ ~(flag_need_comma | flag_seek_value)) | flag_next; -+ } else { -+ sprintf(error, "%d:%d: Unexpected ]", cur_line, e_off); -+ goto e_failed; -+ } -+ -+ break; -+ -+ default: -+ -+ if (flags & flag_need_comma) { -+ if (b == ',') { -+ flags &= ~flag_need_comma; -+ continue; -+ } else { -+ sprintf(error, "%d:%d: Expected , before %c", -+ cur_line, e_off, b); -+ goto e_failed; -+ } -+ } -+ -+ if (flags & flag_need_colon) { -+ if (b == ':') { -+ flags &= ~flag_need_colon; -+ continue; -+ } else { -+ sprintf(error, "%d:%d: Expected : before %c", -+ cur_line, e_off, b); -+ goto e_failed; -+ } -+ } -+ -+ flags &= ~flag_seek_value; -+ -+ switch (b) { -+ case '{': -+ -+ if (!new_value(&state, &top, &root, &alloc, -+ json_object)) { -+ goto e_alloc_failure; -+ } -+ -+ continue; -+ -+ case '[': -+ -+ if (!new_value(&state, &top, &root, &alloc, -+ json_array)) { -+ goto e_alloc_failure; -+ } -+ -+ flags |= flag_seek_value; -+ continue; -+ -+ case '"': -+ -+ if (!new_value(&state, &top, &root, &alloc, -+ json_string)) { -+ goto e_alloc_failure; -+ } -+ -+ flags |= flag_string; -+ -+ string = top->u.string.ptr; -+ string_length = 0; -+ -+ continue; -+ -+ case 't': -+ -+ if ((end - i) < 3 || *(++i) != 'r' || *(++i) != 'u' || -+ *(++i) != 'e') { -+ goto e_unknown_value; -+ } -+ -+ if (!new_value(&state, &top, &root, &alloc, -+ json_boolean)) { -+ goto e_alloc_failure; -+ } -+ -+ top->u.boolean = 1; -+ -+ flags |= flag_next; -+ break; -+ -+ case 'f': -+ -+ if ((end - i) < 4 || *(++i) != 'a' || *(++i) != 'l' || -+ *(++i) != 's' || *(++i) != 'e') { -+ goto e_unknown_value; -+ } -+ -+ if (!new_value(&state, &top, &root, &alloc, -+ json_boolean)) { -+ goto e_alloc_failure; -+ } -+ -+ flags |= flag_next; -+ break; -+ -+ case 'n': -+ -+ if ((end - i) < 3 || *(++i) != 'u' || *(++i) != 'l' || -+ *(++i) != 'l') { -+ goto e_unknown_value; -+ } -+ -+ if (!new_value(&state, &top, &root, &alloc, -+ json_null)) { -+ goto e_alloc_failure; -+ } -+ -+ flags |= flag_next; -+ break; -+ -+ default: -+ -+ if (isdigit((uint8_t)b) || b == '-') { -+ if (!new_value(&state, &top, &root, &alloc, -+ json_integer)) { -+ goto e_alloc_failure; -+ } -+ -+ if (!state.first_pass) { -+ while (isdigit((uint8_t)b) || b == '+' || b == -+ '-' -+ || b == 'e' || b == 'E' || b == '.') { -+ if ((++i) == end) { -+ b = 0; -+ break; -+ } -+ -+ b = *i; -+ } -+ -+ flags |= flag_next | flag_reproc; -+ break; -+ } -+ -+ flags &= ~(flag_num_negative | flag_num_e | -+ flag_num_e_got_sign | -+ flag_num_e_negative | -+ flag_num_zero); -+ -+ num_digits = 0; -+ num_fraction = 0; -+ num_e = 0; -+ -+ if (b != '-') { -+ flags |= flag_reproc; -+ break; -+ } -+ -+ flags |= flag_num_negative; -+ continue; -+ } else { -+ sprintf(error, -+ "%d:%d: Unexpected %c when seeking value", -+ cur_line, e_off, b); -+ goto e_failed; -+ } -+ } -+ } -+ } else { -+ switch (top->type) { -+ case json_object: -+ -+ switch (b) { -+whitespace: -+ continue; -+ -+ case '"': -+ -+ if (flags & flag_need_comma) { -+ sprintf(error, "%d:%d: Expected , before \"", -+ cur_line, e_off); -+ goto e_failed; -+ } -+ -+ flags |= flag_string; -+ -+ string = (json_char *)top->_reserved.object_mem; -+ string_length = 0; -+ -+ break; -+ -+ case '}': -+ -+ flags = (flags & ~flag_need_comma) | flag_next; -+ break; -+ -+ case ',': -+ -+ if (flags & flag_need_comma) { -+ flags &= ~flag_need_comma; -+ break; -+ } -+ -+ default: -+ -+ sprintf(error, "%d:%d: Unexpected `%c` in object", -+ cur_line, e_off, b); -+ goto e_failed; -+ } -+ -+ break; -+ -+ case json_integer: -+ case json_double: -+ -+ if (isdigit((uint8_t)b)) { -+ ++num_digits; -+ -+ if (top->type == json_integer || flags & flag_num_e) { -+ if (!(flags & flag_num_e)) { -+ if (flags & flag_num_zero) { -+ sprintf(error, -+ "%d:%d: Unexpected `0` before `%c`", -+ cur_line, e_off, b); -+ goto e_failed; -+ } -+ -+ if (num_digits == 1 && b == '0') { -+ flags |= flag_num_zero; -+ } -+ } else { -+ flags |= flag_num_e_got_sign; -+ num_e = (num_e * 10) + (b - '0'); -+ continue; -+ } -+ -+ top->u.integer = (top->u.integer * 10) + (b - '0'); -+ continue; -+ } -+ -+ num_fraction = (num_fraction * 10) + (b - '0'); -+ continue; -+ } -+ -+ if (b == '+' || b == '-') { -+ if ((flags & flag_num_e) && -+ !(flags & flag_num_e_got_sign)) { -+ flags |= flag_num_e_got_sign; -+ -+ if (b == '-') { -+ flags |= flag_num_e_negative; -+ } -+ -+ continue; -+ } -+ } else if (b == '.' && top->type == json_integer) { -+ if (!num_digits) { -+ sprintf(error, "%d:%d: Expected digit before `.`", -+ cur_line, e_off); -+ goto e_failed; -+ } -+ -+ top->type = json_double; -+ top->u.dbl = (double)top->u.integer; -+ -+ num_digits = 0; -+ continue; -+ } -+ -+ if (!(flags & flag_num_e)) { -+ if (top->type == json_double) { -+ if (!num_digits) { -+ sprintf(error, -+ "%d:%d: Expected digit after `.`", -+ cur_line, e_off); -+ goto e_failed; -+ } -+ -+ top->u.dbl += ((double)num_fraction) / -+ (pow(10, (double)num_digits)); -+ } -+ -+ if (b == 'e' || b == 'E') { -+ flags |= flag_num_e; -+ -+ if (top->type == json_integer) { -+ top->type = json_double; -+ top->u.dbl = (double)top->u.integer; -+ } -+ -+ num_digits = 0; -+ flags &= ~flag_num_zero; -+ -+ continue; -+ } -+ } else { -+ if (!num_digits) { -+ sprintf(error, "%d:%d: Expected digit after `e`", -+ cur_line, e_off); -+ goto e_failed; -+ } -+ -+ top->u.dbl *= -+ pow(10, -+ (double)((flags & -+ flag_num_e_negative) ? -num_e : num_e)); -+ } -+ -+ if (flags & flag_num_negative) { -+ if (top->type == json_integer) { -+ top->u.integer = -top->u.integer; -+ } else { -+ top->u.dbl = -top->u.dbl; -+ } -+ } -+ -+ flags |= flag_next | flag_reproc; -+ break; -+ -+ default: -+ break; -+ } -+ } -+ -+ if (flags & flag_reproc) { -+ flags &= ~flag_reproc; -+ --i; -+ } -+ -+ if (flags & flag_next) { -+ flags = (flags & ~flag_next) | flag_need_comma; -+ -+ if (!top->parent) { -+ /* root value done */ -+ -+ flags |= flag_done; -+ continue; -+ } -+ -+ if (top->parent->type == json_array) { -+ flags |= flag_seek_value; -+ } -+ -+ if (!state.first_pass) { -+ json_value *parent = top->parent; -+ -+ switch (parent->type) { -+ case json_object: -+ -+ parent->u.object.values -+ [parent->u.object.length].value = top; -+ -+ break; -+ -+ case json_array: -+ -+ parent->u.array.values -+ [parent->u.array.length] = top; -+ -+ break; -+ -+ default: -+ break; -+ } -+ } -+ -+ if ((++top->parent->u.array.length) > state.uint_max) { -+ goto e_overflow; -+ } -+ -+ top = top->parent; -+ -+ continue; -+ } -+ } -+ -+ alloc = root; -+ } -+ -+ return root; -+ -+e_unknown_value: -+ -+ sprintf(error, "%d:%d: Unknown value", cur_line, e_off); -+ goto e_failed; -+ -+e_alloc_failure: -+ -+ strcpy(error, "Memory allocation failure"); -+ goto e_failed; -+ -+e_overflow: -+ -+ sprintf(error, "%d:%d: Too long (caught overflow)", cur_line, e_off); -+ goto e_failed; -+ -+e_failed: -+ -+ if (error_buf) { -+ if (*error) { -+ strcpy(error_buf, error); -+ } else { -+ strcpy(error_buf, "Unknown error"); -+ } -+ } -+ -+ if (state.first_pass) { -+ alloc = root; -+ } -+ -+ while (alloc) { -+ top = alloc->_reserved.next_alloc; -+ state.settings.mem_free(alloc, state.settings.user_data); -+ alloc = top; -+ } -+ -+ if (!state.first_pass) { -+ json_value_free_ex(&state.settings, root); -+ } -+ -+ return 0; -+} -+ -+json_value * -+json_parse(const json_char *json, size_t length) -+{ -+ json_settings settings = { 0UL, 0, NULL, NULL, NULL }; -+ return json_parse_ex(&settings, json, length, 0); -+} -+ -+void -+json_value_free_ex(json_settings *settings, json_value *value) -+{ -+ json_value *cur_value; -+ -+ if (!value) { -+ return; -+ } -+ -+ value->parent = 0; -+ -+ while (value) { -+ switch (value->type) { -+ case json_array: -+ -+ if (!value->u.array.length) { -+ settings->mem_free(value->u.array.values, settings->user_data); -+ break; -+ } -+ -+ value = value->u.array.values[--value->u.array.length]; -+ continue; -+ -+ case json_object: -+ -+ if (!value->u.object.length) { -+ settings->mem_free(value->u.object.values, settings->user_data); -+ break; -+ } -+ -+ value = value->u.object.values[--value->u.object.length].value; -+ continue; -+ -+ case json_string: -+ -+ settings->mem_free(value->u.string.ptr, settings->user_data); -+ break; -+ -+ default: -+ break; -+ } -+ -+ cur_value = value; -+ value = value->parent; -+ settings->mem_free(cur_value, settings->user_data); -+ } -+} -+ -+void -+json_value_free(json_value *value) -+{ -+ json_settings settings = { 0UL, 0, NULL, NULL, NULL }; -+ settings.mem_free = default_free; -+ json_value_free_ex(&settings, value); -+} -diff --git a/server/json.h b/server/json.h -new file mode 100644 -index 0000000..016fc5a ---- /dev/null -+++ b/server/json.h -@@ -0,0 +1,249 @@ -+/* vim: set et ts=3 sw=3 sts=3 ft=c: -+ * -+ * Copyright (C) 2012, 2013, 2014 James McLaughlin et al. All rights reserved. -+ * https://github.com/udp/json-parser -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -+ * SUCH DAMAGE. -+ */ -+ -+#ifndef _JSON_H -+#define _JSON_H -+ -+#ifndef json_char -+#define json_char char -+#endif -+ -+#ifndef json_int_t -+#ifndef _MSC_VER -+#include -+#define json_int_t int64_t -+#else -+#define json_int_t __int64 -+#endif -+#endif -+ -+#include -+ -+#ifdef __cplusplus -+ -+#include -+ -+extern "C" -+{ -+#endif -+ -+typedef struct { -+ unsigned long max_memory; -+ int settings; -+ -+ /* Custom allocator support (leave null to use malloc/free) -+ */ -+ -+ void * (*mem_alloc)(size_t, int zero, void *user_data); -+ void (*mem_free)(void *, void *user_data); -+ -+ void *user_data; /* will be passed to mem_alloc and mem_free */ -+} json_settings; -+ -+#define json_enable_comments 0x01 -+ -+typedef enum { -+ json_none, -+ json_object, -+ json_array, -+ json_integer, -+ json_double, -+ json_string, -+ json_boolean, -+ json_null -+} json_type; -+ -+extern const struct _json_value json_value_none; -+ -+typedef struct _json_value { -+ struct _json_value *parent; -+ -+ json_type type; -+ -+ union { -+ int boolean; -+ json_int_t integer; -+ double dbl; -+ -+ struct { -+ unsigned int length; -+ json_char *ptr; /* null terminated */ -+ } string; -+ -+ struct { -+ unsigned int length; -+ -+ struct { -+ json_char *name; -+ unsigned int name_length; -+ -+ struct _json_value *value; -+ } *values; -+ -+#if defined(__cplusplus) && __cplusplus >= 201103L -+ decltype(values) begin() const -+ { -+ return values; -+ } -+ decltype(values) end() const -+ { -+ return values + length; -+ } -+#endif -+ } object; -+ -+ struct { -+ unsigned int length; -+ struct _json_value **values; -+ -+#if defined(__cplusplus) && __cplusplus >= 201103L -+ decltype(values) begin() const -+ { -+ return values; -+ } -+ decltype(values) end() const -+ { -+ return values + length; -+ } -+#endif -+ } array; -+ } u; -+ -+ union { -+ struct _json_value *next_alloc; -+ void *object_mem; -+ } _reserved; -+ -+ /* Some C++ operator sugar */ -+ -+#ifdef __cplusplus -+ -+public: -+ -+ inline _json_value(){ -+ memset(this, 0, sizeof(_json_value)); -+ } -+ -+ inline const struct _json_value &operator [] (int index) const { -+ if (type != json_array || index < 0 -+ || ((unsigned int)index) >= u.array.length) { -+ return json_value_none; -+ } -+ -+ return *u.array.values[index]; -+ } -+ -+ inline const struct _json_value &operator [] (const char *index) const { -+ if (type != json_object) { -+ return json_value_none; -+ } -+ -+ for (unsigned int i = 0; i < u.object.length; ++i) -+ if (!strcmp(u.object.values[i].name, index)) { -+ return *u.object.values[i].value; -+ } -+ -+ return json_value_none; -+ } -+ -+ inline operator const char * () const -+ { -+ switch (type) { -+ case json_string: -+ return u.string.ptr; -+ -+ default: -+ return ""; -+ } -+ } -+ -+ inline operator -+ json_int_t() const -+ { -+ switch (type) { -+ case json_integer: -+ return u.integer; -+ -+ case json_double: -+ return (json_int_t)u.dbl; -+ -+ default: -+ return 0; -+ } -+ } -+ -+ inline operator -+ bool() const -+ { -+ if (type != json_boolean) { -+ return false; -+ } -+ -+ return u.boolean != 0; -+ } -+ -+ inline operator double () const -+ { -+ switch (type) { -+ case json_integer: -+ return (double)u.integer; -+ -+ case json_double: -+ return u.dbl; -+ -+ default: -+ return 0; -+ } -+ } -+ -+#endif -+} json_value; -+ -+json_value *json_parse(const json_char *json, -+ size_t length); -+ -+#define json_error_max 128 -+json_value *json_parse_ex(json_settings *settings, -+ const json_char *json, -+ size_t length, -+ char *error); -+ -+void json_value_free(json_value *); -+ -+/* Not usually necessary, unless you used a custom mem_alloc and now want to -+ * use a custom mem_free. -+ */ -+void json_value_free_ex(json_settings *settings, -+ json_value *); -+ -+#ifdef __cplusplus -+} /* extern "C" */ -+#endif -+ -+#endif -diff --git a/server/list.c b/server/list.c -new file mode 100644 -index 0000000..dde085d ---- /dev/null -+++ b/server/list.c -@@ -0,0 +1,370 @@ -+#include "list.h" -+ -+/// 文件:list_impl.c -+/// 功能:实现链表的基本操作 -+/// 作者:bluewind -+/// 完成时间:2011.5.29 -+/// 修改时间:2011.5.31, 2011.7.2 -+/// 修改备注:在头节点处添加一个空节点,可以优化添加、删除节点代码 -+/// 再次修改,链表增加节点数据data_size,限制数据大小,修改了 -+/// 添加复制数据代码,修正重复添加节点后释放节点的Bug,添加了前 -+/// 插、排序和遍历功能,7.3 添加tail尾指针,改进后插法性能,并改名 -+/// -------------------------------------------------------------- -+ -+void swap_data(Node n1, Node n2); -+ -+/// -------------------------------------------------------------- -+// 函数名:list_init -+// 功能: 链表初始化 -+// 参数: 无 -+// 返回值:已初始化链表指针 -+// 备注: 链表本身动态分配,由list_destroy函数管理释放 -+/// -------------------------------------------------------------- -+List list_init(unsigned int data_size) -+{ -+ List list = (List) malloc(sizeof(struct clist)); -+ if(list != NULL) //内存分配成功 -+ { -+ list->head = (Node) malloc(sizeof(node)); //为头节点分配内存 -+ if(list->head) //内存分配成功 -+ { -+ list->head->data = NULL; //初始化头节点 -+ list->head->next = NULL; -+ list->data_size = data_size; -+ list->tail = list->head; -+ list->size = 0; -+ -+ list->add_back = list_add_back; //初始化成员函数 -+ list->add_front = list_add_front; -+ list->delete_node = list_delete_node; -+ list->delete_at = list_delete_at; -+ list->modify_at = list_modify_at; -+ list->have_same = list_have_same; -+ list->have_same_cmp = list_have_same_cmp; -+ list->foreach = list_foreach; -+ list->clear = list_clear; -+ list->sort = list_sort; -+ list->destroy = list_destroy; -+ } -+ } -+ return list; -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_add_back -+// 功能: 添加链表结点 (后插法) -+// 参数: l--链表指针,data--链表数据指针,可为任意类型 -+// 返回值:int型,为1表示添加成功,为0表示添加失败 -+// 备注: 如果链表本身为空或是分配节点内存失败,将返回0 -+/// -------------------------------------------------------------- -+int list_add_back(List l, void *data) -+{ -+ Node new_node = (Node) malloc(sizeof(node)); -+ -+ if(l != NULL && new_node != NULL) //链表本身不为空,且内存申请成功 -+ { -+ new_node->data = malloc(l->data_size); -+ memcpy(new_node->data, data, l->data_size); -+ new_node->next = NULL; -+ -+ l->tail->next = new_node; //添加节点 -+ l->tail = new_node; //记录尾节点位置 -+ l->size ++; //链表元素总数加1 -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_add_front -+// 功能: 添加链表结点 (前插法) -+// 参数: l--链表指针,data--链表数据指针,可为任意类型 -+// 返回值:int型,为1表示添加成功,为0表示添加失败 -+// 备注: 如果链表本身为空或是分配节点内存失败,将返回0 -+/// -------------------------------------------------------------- -+int list_add_front(List l, void *data) -+{ -+ Node new_node = (Node) malloc(sizeof(node)); -+ -+ if(l != NULL && new_node != NULL) -+ { -+ new_node->data = malloc(l->data_size); -+ memcpy(new_node->data, data, l->data_size); -+ new_node->next = l->head->next; -+ -+ l->head->next = new_node; -+ if(!l->size) //记录尾指针位置 -+ l->tail = new_node; -+ l->size ++; -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_delete_node -+// 功能:删除链表结点 -+// 参数:l--链表指针,data--链表数据指针,可为任意类型 -+// *pfunc为指向一个数据类型比较的函数指针 -+// 返回值:int型,为1表示删除成功,为0表示没有找到匹配数据 -+// 备注:*pfunc函数接口参数ndata为节点数据,data为比较数据,返回为真表示匹配数据 -+/// -------------------------------------------------------------- -+int list_delete_node(List l, void *data, int (*pfunc)(void *ndata, void *data)) -+{ -+ if(l != NULL) -+ { -+ Node prev = l->head; //前一个节点 -+ Node curr = l->head->next; //当前节点 -+ -+ while(curr != NULL) -+ { -+ if(pfunc(curr->data, data)) //如果找到匹配数据 -+ { -+ if(curr == l->tail) //如果是删除尾节点 -+ l->tail = prev; -+ -+ prev->next = prev->next->next; //修改前节点next指针指向下下个节点 -+ -+ free(curr->data); //释放节点数据 -+ free(curr); //释放节点 -+ -+ l->size--; //链表元素总数减1 -+ return 1; //返回真值 -+ } -+ prev = prev->next; //没有找到匹配时移动前节点和当前节点 -+ curr = curr->next; -+ } -+ } -+ -+ return 0; //没有找到匹配数据 -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_delete_at -+// 功能: 修改链表节点元素值 -+// 参数: l--链表指针,index--索引值, 范围(0 -- size-1) -+// 返回值:int型,为1表示删除成功,为0表示删除失败 -+// 备注: 如果链表本身为空或是index为非法值,将返回0 -+/// -------------------------------------------------------------- -+int list_delete_at(List l, unsigned int index) -+{ -+ unsigned int cindex = 0; -+ -+ if(l != NULL && index >= 0 && index < l->size) -+ { -+ Node prev = l->head; //前一个节点 -+ Node curr = l->head->next; //当前节点 -+ -+ while(cindex != index) -+ { -+ prev = prev->next; -+ curr = curr->next; -+ cindex ++; -+ } -+ -+ if(index == (l->size) - 1) -+ l->tail = prev; -+ -+ prev->next = prev->next->next; -+ free(curr->data); -+ free(curr); -+ l->size --; -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_modify_at -+// 功能: 修改链表节点元素值 -+// 参数: l--链表指针,index--索引值, 范围(0 -- size-1) -+// data--链表数据指针 -+// 返回值:int型,为1表示修改成功,为0表示修改失败 -+// 备注: 如果链表本身为空或是index为非法值,将返回0 -+/// -------------------------------------------------------------- -+int list_modify_at(List l, unsigned int index, void *new_data) -+{ -+ unsigned int cindex = 0; -+ -+ if(l != NULL && index >= 0 && index < l->size ) //非空链表,并且index值合法 -+ { -+ Node curr = l->head->next; -+ while(cindex != index) -+ { -+ curr = curr->next; -+ cindex ++; -+ } -+ memcpy(curr->data, new_data, l->data_size); -+ return 1; -+ } -+ -+ return 0; -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_sort -+// 功能: 链表排序 -+// 参数: l--链表指针,*pfunc为指向一个数据类型比较的函数指针 -+// 返回值:无 -+// 备注: 使用简单选择排序法,相比冒泡法每次交换,效率高一点 -+/// -------------------------------------------------------------- -+void list_sort(List l, compare pfunc) -+{ -+ if(l != NULL) -+ { -+ Node min, icurr, jcurr; -+ -+ icurr = l->head->next; -+ while(icurr) -+ { -+ min = icurr; //记录最小值 -+ jcurr = icurr->next; //内循环指向下一个节点 -+ while(jcurr) -+ { -+ if(pfunc(min->data, jcurr->data)) //如果找到n+1到最后一个元素最小值 -+ min = jcurr; //记录下最小值的位置 -+ -+ jcurr = jcurr->next; -+ } -+ -+ if(min != icurr) //当最小值位置和n+1元素位置不相同时 -+ { -+ swap_data(min, icurr); //才进行交换,减少交换次数 -+ } -+ -+ icurr = icurr->next; -+ } -+ } -+} -+ -+void swap_data(Node n1, Node n2) -+{ -+ void *temp; -+ -+ temp = n2->data; -+ n2->data = n1->data; -+ n1->data = temp; -+} -+ -+ -+int list_have_same(List l, void *data, int (*pfunc)(void *ndata, void *data)) -+{ -+ if(l != NULL) -+ { -+ Node curr; -+ -+ for(curr = l->head->next; curr != NULL; curr = curr->next) -+ { -+ if(pfunc(curr->data, data)) -+ { -+ return 1; -+ } -+ } -+ } -+ -+ return 0; -+} -+ -+int list_have_same_cmp(List l, void *data) -+{ -+ if(l != NULL) -+ { -+ Node curr; -+ -+ for(curr = l->head->next; curr != NULL; curr = curr->next) -+ { -+ if(memcmp(curr->data, data, l->data_size)) -+ { -+ return 1; -+ } -+ } -+ } -+ -+ return 0; -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_foreach -+// 功能: 遍历链表元素 -+// 参数: l--链表指针,doit为指向一个处理数据的函数指针 -+// 返回值:无 -+// 备注: doit申明为void (*dofunc)(void *ndata)原型 -+/// -------------------------------------------------------------- -+void list_foreach(List l, dofunc doit) -+{ -+ if(l != NULL) -+ { -+ Node curr; -+ -+ for(curr = l->head->next; curr != NULL; curr = curr->next) -+ { -+ doit(curr->data); -+ } -+ } -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_clear -+// 功能: 清空链表元素 -+// 参数: l--链表指针 -+// 返回值:无 -+// 备注: 没有使用先Destroy再Init链表的办法,直接实现 -+/// -------------------------------------------------------------- -+void list_clear(List l) -+{ -+ if(l != NULL) -+ { -+ Node temp; -+ Node curr = l->head->next; -+ -+ while(curr != NULL) -+ { -+ temp = curr->next; -+ -+ free(curr->data); //释放节点和数据 -+ free(curr); -+ -+ curr = temp; -+ } -+ -+ l->size = 0; //重置链表数据 -+ l->head->next = NULL; -+ l->tail = l->head; -+ } -+} -+ -+/// -------------------------------------------------------------- -+// 函数名:list_destroy -+// 功能: 释放链表 -+// 参数: l--链表指针 -+// 返回值:空链表指针 -+/// -------------------------------------------------------------- -+List list_destroy(List l) -+{ -+ if(l != NULL) -+ { -+ Node temp; -+ -+ while(l->head) -+ { -+ temp = l->head->next; -+ -+ if(l->head->data != NULL) //如果是头节点就不释放数据空间 -+ free(l->head->data); //先释放节点数据(但是节点数据里也有指针?) -+ free(l->head); //再释放节点 -+ -+ l->head = temp; -+ } -+ -+ free(l); //释放链表本身占用空间 -+ l = NULL; -+ } -+ -+ return l; -+} -diff --git a/server/list.h b/server/list.h -new file mode 100644 -index 0000000..ab49720 ---- /dev/null -+++ b/server/list.h -@@ -0,0 +1,61 @@ -+#ifndef LIST_H_H -+#define LIST_H_H -+ -+#include -+#include -+#include -+ -+typedef struct clist *List; -+ -+typedef int (*compare)(void *ndata, void *data); -+typedef void (*dofunc)(void *ndata); -+ -+typedef int (*lpf0)(List l, void *data); -+typedef int (*lpf1)(List l, void *data, compare pfunc); -+typedef List (*lpf2)(List l); -+typedef void (*lpf3)(List l); -+typedef void (*lpf4)(List l, dofunc pfunc); -+typedef int (*lpf5)(List l, unsigned int index, void *new_data); -+typedef void (*lpf6)(List l, compare pfunc); -+typedef int (*lpf7)(List l, unsigned int index); -+ -+typedef struct cnode -+{ -+ void *data; -+ struct cnode *next; -+}node, *Node; -+ -+typedef struct clist -+{ -+ Node head; -+ Node tail; -+ unsigned int size; -+ unsigned int data_size; -+ lpf0 add_back; -+ lpf0 add_front; -+ lpf1 delete_node; -+ lpf1 have_same; -+ lpf0 have_same_cmp; -+ lpf4 foreach; -+ lpf3 clear; -+ lpf2 destroy; -+ lpf5 modify_at; -+ lpf6 sort; -+ lpf7 delete_at; -+}list; -+ -+//初始化链表 -+List list_init(unsigned int data_size); -+int list_add_back(List l, void *data); -+int list_add_front(List l, void *data); -+int list_delete_node(List l, void *data, compare pfunc); -+int list_delete_at(List l, unsigned int index); -+int list_modify_at(List l, unsigned int index, void *new_data); -+int list_have_same(List l, void *data, compare pfunc); -+int list_have_same_cmp(List l, void *data); -+void list_foreach(List l, dofunc doit); -+void list_sort(List l, compare pfunc); -+void list_clear(List l); -+//释放链表 -+List list_destroy(List l); -+#endif -diff --git a/server/netutils.c b/server/netutils.c -new file mode 100644 -index 0000000..3a32b4d ---- /dev/null -+++ b/server/netutils.c -@@ -0,0 +1,297 @@ -+/* -+ * netutils.c - Network utilities -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#include -+ -+#include -+#include -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#ifdef __MINGW32__ -+#include "win32.h" -+#define sleep(n) Sleep(1000 * (n)) -+#else -+#include -+#include -+#include -+#include -+#endif -+ -+#if defined(HAVE_SYS_IOCTL_H) && defined(HAVE_NET_IF_H) && defined(__linux__) -+#include -+#include -+#define SET_INTERFACE -+#endif -+ -+#include "netutils.h" -+#include "utils.h" -+ -+#ifndef SO_REUSEPORT -+#define SO_REUSEPORT 15 -+#endif -+ -+extern int verbose; -+ -+static const char valid_label_bytes[] = -+ "-0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz"; -+ -+#if defined(MODULE_LOCAL) -+extern int keep_resolving; -+#endif -+ -+int -+set_reuseport(int socket) -+{ -+ int opt = 1; -+ return setsockopt(socket, SOL_SOCKET, SO_REUSEPORT, &opt, sizeof(opt)); -+} -+ -+size_t -+get_sockaddr_len(struct sockaddr *addr) -+{ -+ if (addr->sa_family == AF_INET) { -+ return sizeof(struct sockaddr_in); -+ } else if (addr->sa_family == AF_INET6) { -+ return sizeof(struct sockaddr_in6); -+ } -+ return 0; -+} -+ -+#ifdef SET_INTERFACE -+int -+setinterface(int socket_fd, const char *interface_name) -+{ -+ struct ifreq interface; -+ memset(&interface, 0, sizeof(struct ifreq)); -+ strncpy(interface.ifr_name, interface_name, IFNAMSIZ); -+ int res = setsockopt(socket_fd, SOL_SOCKET, SO_BINDTODEVICE, &interface, -+ sizeof(struct ifreq)); -+ return res; -+} -+ -+#endif -+ -+int -+bind_to_address(int socket_fd, const char *host) -+{ -+ if (host != NULL) { -+ struct cork_ip ip; -+ struct sockaddr_storage storage; -+ memset(&storage, 0, sizeof(struct sockaddr_storage)); -+ if (cork_ip_init(&ip, host) != -1) { -+ if (ip.version == 4) { -+ struct sockaddr_in *addr = (struct sockaddr_in *)&storage; -+ dns_pton(AF_INET, host, &addr->sin_addr); -+ addr->sin_family = AF_INET; -+ return bind(socket_fd, (struct sockaddr *)addr, sizeof(struct sockaddr_in)); -+ } else if (ip.version == 6) { -+ struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage; -+ dns_pton(AF_INET6, host, &addr->sin6_addr); -+ addr->sin6_family = AF_INET6; -+ return bind(socket_fd, (struct sockaddr *)addr, sizeof(struct sockaddr_in6)); -+ } -+ } -+ } -+ return -1; -+} -+ -+ssize_t -+get_sockaddr(char *host, char *port, -+ struct sockaddr_storage *storage, int block, -+ int ipv6first) -+{ -+ struct cork_ip ip; -+ if (cork_ip_init(&ip, host) != -1) { -+ if (ip.version == 4) { -+ struct sockaddr_in *addr = (struct sockaddr_in *)storage; -+ addr->sin_family = AF_INET; -+ dns_pton(AF_INET, host, &(addr->sin_addr)); -+ if (port != NULL) { -+ addr->sin_port = htons(atoi(port)); -+ } -+ } else if (ip.version == 6) { -+ struct sockaddr_in6 *addr = (struct sockaddr_in6 *)storage; -+ addr->sin6_family = AF_INET6; -+ dns_pton(AF_INET6, host, &(addr->sin6_addr)); -+ if (port != NULL) { -+ addr->sin6_port = htons(atoi(port)); -+ } -+ } -+ return 0; -+ } else { -+ struct addrinfo hints; -+ struct addrinfo *result, *rp; -+ -+ memset(&hints, 0, sizeof(struct addrinfo)); -+ hints.ai_family = AF_UNSPEC; /* Return IPv4 and IPv6 choices */ -+ hints.ai_socktype = SOCK_STREAM; /* We want a TCP socket */ -+ -+ int err, i; -+ -+ for (i = 1; i < 8; i++) { -+ err = getaddrinfo(host, port, &hints, &result); -+#if defined(MODULE_LOCAL) -+ if (!keep_resolving) -+ break; -+#endif -+ if ((!block || !err)) { -+ break; -+ } else { -+ sleep(pow(2, i)); -+ LOGE("failed to resolve server name, wait %.0f seconds", pow(2, i)); -+ } -+ } -+ -+ if (err != 0) { -+ LOGE("getaddrinfo: %s", gai_strerror(err)); -+ return -1; -+ } -+ -+ int prefer_af = ipv6first ? AF_INET6 : AF_INET; -+ for (rp = result; rp != NULL; rp = rp->ai_next) -+ if (rp->ai_family == prefer_af) { -+ if (rp->ai_family == AF_INET) -+ memcpy(storage, rp->ai_addr, sizeof(struct sockaddr_in)); -+ else if (rp->ai_family == AF_INET6) -+ memcpy(storage, rp->ai_addr, sizeof(struct sockaddr_in6)); -+ break; -+ } -+ -+ if (rp == NULL) { -+ for (rp = result; rp != NULL; rp = rp->ai_next) { -+ if (rp->ai_family == AF_INET) -+ memcpy(storage, rp->ai_addr, sizeof(struct sockaddr_in)); -+ else if (rp->ai_family == AF_INET6) -+ memcpy(storage, rp->ai_addr, sizeof(struct sockaddr_in6)); -+ break; -+ } -+ } -+ -+ if (rp == NULL) { -+ LOGE("failed to resolve remote addr"); -+ return -1; -+ } -+ -+ freeaddrinfo(result); -+ return 0; -+ } -+ -+ return -1; -+} -+ -+int -+sockaddr_cmp(struct sockaddr_storage *addr1, -+ struct sockaddr_storage *addr2, socklen_t len) -+{ -+ struct sockaddr_in *p1_in = (struct sockaddr_in *)addr1; -+ struct sockaddr_in *p2_in = (struct sockaddr_in *)addr2; -+ struct sockaddr_in6 *p1_in6 = (struct sockaddr_in6 *)addr1; -+ struct sockaddr_in6 *p2_in6 = (struct sockaddr_in6 *)addr2; -+ if (p1_in->sin_family < p2_in->sin_family) -+ return -1; -+ if (p1_in->sin_family > p2_in->sin_family) -+ return 1; -+ /* compare ip4 */ -+ if (p1_in->sin_family == AF_INET) { -+ /* just order it, ntohs not required */ -+ if (p1_in->sin_port < p2_in->sin_port) -+ return -1; -+ if (p1_in->sin_port > p2_in->sin_port) -+ return 1; -+ return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, INET_SIZE); -+ } else if (p1_in6->sin6_family == AF_INET6) { -+ /* just order it, ntohs not required */ -+ if (p1_in6->sin6_port < p2_in6->sin6_port) -+ return -1; -+ if (p1_in6->sin6_port > p2_in6->sin6_port) -+ return 1; -+ return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, -+ INET6_SIZE); -+ } else { -+ /* eek unknown type, perform this comparison for sanity. */ -+ return memcmp(addr1, addr2, len); -+ } -+} -+ -+int -+sockaddr_cmp_addr(struct sockaddr_storage *addr1, -+ struct sockaddr_storage *addr2, socklen_t len) -+{ -+ struct sockaddr_in *p1_in = (struct sockaddr_in *)addr1; -+ struct sockaddr_in *p2_in = (struct sockaddr_in *)addr2; -+ struct sockaddr_in6 *p1_in6 = (struct sockaddr_in6 *)addr1; -+ struct sockaddr_in6 *p2_in6 = (struct sockaddr_in6 *)addr2; -+ if (p1_in->sin_family < p2_in->sin_family) -+ return -1; -+ if (p1_in->sin_family > p2_in->sin_family) -+ return 1; -+ /* compare ip4 */ -+ if (p1_in->sin_family == AF_INET) { -+ return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, INET_SIZE); -+ } else if (p1_in6->sin6_family == AF_INET6) { -+ return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, -+ INET6_SIZE); -+ } else { -+ /* eek unknown type, perform this comparison for sanity. */ -+ return memcmp(addr1, addr2, len); -+ } -+} -+ -+int -+validate_hostname(const char *hostname, const int hostname_len) -+{ -+ if (hostname == NULL) -+ return 0; -+ -+ if (hostname_len < 1 || hostname_len > 255) -+ return 0; -+ -+ if (hostname[0] == '.') -+ return 0; -+ -+ const char *label = hostname; -+ while (label < hostname + hostname_len) { -+ size_t label_len = hostname_len - (label - hostname); -+ char *next_dot = strchr(label, '.'); -+ if (next_dot != NULL) -+ label_len = next_dot - label; -+ -+ if (label + label_len > hostname + hostname_len) -+ return 0; -+ -+ if (label_len > 63 || label_len < 1) -+ return 0; -+ -+ if (label[0] == '-' || label[label_len - 1] == '-') -+ return 0; -+ -+ if (strspn(label, valid_label_bytes) < label_len) -+ return 0; -+ -+ label += label_len + 1; -+ } -+ -+ return 1; -+} -diff --git a/server/netutils.h b/server/netutils.h -new file mode 100644 -index 0000000..0725592 ---- /dev/null -+++ b/server/netutils.h -@@ -0,0 +1,98 @@ -+/* -+ * netutils.h - Network utilities -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifndef _NETUTILS_H -+#define _NETUTILS_H -+ -+#if defined(__linux__) -+#include -+#elif !defined(__MINGW32__) -+#include -+#endif -+ -+// only enable TCP_FASTOPEN on linux -+#if defined(__linux__) -+#include -+/* conditional define for TCP_FASTOPEN */ -+#ifndef TCP_FASTOPEN -+#define TCP_FASTOPEN 23 -+#endif -+/* conditional define for MSG_FASTOPEN */ -+#ifndef MSG_FASTOPEN -+#define MSG_FASTOPEN 0x20000000 -+#endif -+#elif !defined(__APPLE__) -+#ifdef TCP_FASTOPEN -+#undef TCP_FASTOPEN -+#endif -+#endif -+ -+/* Backward compatibility for MPTCP_ENABLED between kernel 3 & 4 */ -+#ifndef MPTCP_ENABLED -+#ifdef TCP_CC_INFO -+#define MPTCP_ENABLED 42 -+#else -+#define MPTCP_ENABLED 26 -+#endif -+#endif -+ -+/** byte size of ip4 address */ -+#define INET_SIZE 4 -+/** byte size of ip6 address */ -+#define INET6_SIZE 16 -+ -+size_t get_sockaddr_len(struct sockaddr *addr); -+ssize_t get_sockaddr(char *host, char *port, -+ struct sockaddr_storage *storage, int block, -+ int ipv6first); -+int set_reuseport(int socket); -+ -+#ifdef SET_INTERFACE -+int setinterface(int socket_fd, const char *interface_name); -+#endif -+ -+int bind_to_address(int socket_fd, const char *address); -+ -+/** -+ * Compare two sockaddrs. Imposes an ordering on the addresses. -+ * Compares address and port. -+ * @param addr1: address 1. -+ * @param addr2: address 2. -+ * @param len: lengths of addr. -+ * @return: 0 if addr1 == addr2. -1 if addr1 is smaller, +1 if larger. -+ */ -+int sockaddr_cmp(struct sockaddr_storage *addr1, -+ struct sockaddr_storage *addr2, socklen_t len); -+ -+/** -+ * Compare two sockaddrs. Compares address, not the port. -+ * @param addr1: address 1. -+ * @param addr2: address 2. -+ * @param len: lengths of addr. -+ * @return: 0 if addr1 == addr2. -1 if addr1 is smaller, +1 if larger. -+ */ -+int sockaddr_cmp_addr(struct sockaddr_storage *addr1, -+ struct sockaddr_storage *addr2, socklen_t len); -+ -+int validate_hostname(const char *hostname, const int hostname_len); -+ -+#endif -diff --git a/server/obfs.c b/server/obfs.c -new file mode 100644 -index 0000000..5c885bf ---- /dev/null -+++ b/server/obfs.c -@@ -0,0 +1,205 @@ -+#include -+#include -+ -+#include "utils.h" -+#include "obfs.h" -+ -+int rand_bytes(uint8_t *output, int len); -+#define OBFS_HMAC_SHA1_LEN 10 -+ -+#include "obfsutil.c" -+#include "crc32.c" -+#include "base64.c" -+#include "http_simple.c" -+#include "tls1.2_ticket.c" -+#include "verify.c" -+#include "auth.c" -+ -+void * init_data() { -+ return malloc(1); -+} -+ -+obfs * new_obfs() { -+ obfs * self = (obfs*)malloc(sizeof(obfs)); -+ self->l_data = NULL; -+ return self; -+} -+ -+void set_server_info(obfs *self, server_info *server) { -+ memmove(&self->server, server, sizeof(server_info)); -+} -+ -+void get_server_info(obfs *self, server_info *server) { -+ memmove(server, &self->server, sizeof(server_info)); -+} -+ -+void dispose_obfs(obfs *self) { -+ free(self); -+} -+ -+obfs_class * new_obfs_class(char *plugin_name) -+{ -+ if (plugin_name == NULL) -+ return NULL; -+ if (strcmp(plugin_name, "origin") == 0) -+ return NULL; -+ if (strcmp(plugin_name, "plain") == 0) -+ return NULL; -+ init_crc32_table(); -+ init_shift128plus(); -+ if (strcmp(plugin_name, "http_simple") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = init_data; -+ plugin->new_obfs = http_simple_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = http_simple_dispose; -+ -+ plugin->client_encode = http_simple_client_encode; -+ plugin->client_decode = http_simple_client_decode; -+ -+ plugin->server_encode = http_simple_server_encode; -+ plugin->server_decode = http_simple_server_decode; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "http_post") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = init_data; -+ plugin->new_obfs = http_simple_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = http_simple_dispose; -+ -+ plugin->client_encode = http_post_client_encode; -+ plugin->client_decode = http_simple_client_decode; -+ -+ plugin->server_encode = http_simple_server_encode; -+ plugin->server_decode = http_simple_server_decode; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "tls1.2_ticket_auth") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = tls12_ticket_auth_init_data; -+ plugin->new_obfs = tls12_ticket_auth_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = tls12_ticket_auth_dispose; -+ -+ plugin->client_encode = tls12_ticket_auth_client_encode; -+ plugin->client_decode = tls12_ticket_auth_client_decode; -+ -+ plugin->server_encode = tls12_ticket_auth_server_encode; -+ plugin->server_decode = tls12_ticket_auth_server_decode; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "verify_simple") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = init_data; -+ plugin->new_obfs = verify_simple_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = verify_simple_dispose; -+ -+ plugin->client_pre_encrypt = verify_simple_client_pre_encrypt; -+ plugin->client_post_decrypt = verify_simple_client_post_decrypt; -+ plugin->client_udp_pre_encrypt = NULL; -+ plugin->client_udp_post_decrypt = NULL; -+ -+ plugin->server_pre_encrypt = verify_simple_server_pre_encrypt; -+ plugin->server_post_decrypt = verify_simple_server_post_decrypt; -+ plugin->server_udp_pre_encrypt = NULL; -+ plugin->server_udp_post_decrypt = NULL; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "auth_simple") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = auth_simple_init_data; -+ plugin->new_obfs = auth_simple_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = auth_simple_dispose; -+ -+ plugin->client_pre_encrypt = auth_simple_client_pre_encrypt; -+ plugin->client_post_decrypt = auth_simple_client_post_decrypt; -+ plugin->client_udp_pre_encrypt = NULL; -+ plugin->client_udp_post_decrypt = NULL; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "auth_sha1") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = auth_simple_init_data; -+ plugin->new_obfs = auth_simple_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = auth_simple_dispose; -+ -+ plugin->client_pre_encrypt = auth_sha1_client_pre_encrypt; -+ plugin->client_post_decrypt = auth_sha1_client_post_decrypt; -+ plugin->client_udp_pre_encrypt = NULL; -+ plugin->client_udp_post_decrypt = NULL; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "auth_sha1_v2") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = auth_simple_init_data; -+ plugin->new_obfs = auth_simple_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = auth_simple_dispose; -+ -+ plugin->client_pre_encrypt = auth_sha1_v2_client_pre_encrypt; -+ plugin->client_post_decrypt = auth_sha1_v2_client_post_decrypt; -+ plugin->client_udp_pre_encrypt = NULL; -+ plugin->client_udp_post_decrypt = NULL; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "auth_sha1_v4") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = auth_simple_init_data; -+ plugin->new_obfs = auth_simple_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = auth_simple_dispose; -+ -+ plugin->client_pre_encrypt = auth_sha1_v4_client_pre_encrypt; -+ plugin->client_post_decrypt = auth_sha1_v4_client_post_decrypt; -+ plugin->client_udp_pre_encrypt = NULL; -+ plugin->client_udp_post_decrypt = NULL; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "auth_aes128_md5") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = auth_simple_init_data; -+ plugin->new_obfs = auth_aes128_md5_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = auth_simple_dispose; -+ -+ plugin->client_pre_encrypt = auth_aes128_sha1_client_pre_encrypt; -+ plugin->client_post_decrypt = auth_aes128_sha1_client_post_decrypt; -+ plugin->client_udp_pre_encrypt = auth_aes128_sha1_client_udp_pre_encrypt; -+ plugin->client_udp_post_decrypt = auth_aes128_sha1_client_udp_post_decrypt; -+ -+ return plugin; -+ } else if (strcmp(plugin_name, "auth_aes128_sha1") == 0) { -+ obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs)); -+ plugin->init_data = auth_simple_init_data; -+ plugin->new_obfs = auth_aes128_sha1_new_obfs; -+ plugin->get_server_info = get_server_info; -+ plugin->set_server_info = set_server_info; -+ plugin->dispose = auth_simple_dispose; -+ -+ plugin->client_pre_encrypt = auth_aes128_sha1_client_pre_encrypt; -+ plugin->client_post_decrypt = auth_aes128_sha1_client_post_decrypt; -+ plugin->client_udp_pre_encrypt = auth_aes128_sha1_client_udp_pre_encrypt; -+ plugin->client_udp_post_decrypt = auth_aes128_sha1_client_udp_post_decrypt; -+ -+ return plugin; -+ } -+ LOGE("Load obfs '%s' failed", plugin_name); -+ return NULL; -+} -+ -+void free_obfs_class(obfs_class *plugin) { -+ free(plugin); -+} -diff --git a/server/obfs.h b/server/obfs.h -new file mode 100644 -index 0000000..74c60c9 ---- /dev/null -+++ b/server/obfs.h -@@ -0,0 +1,100 @@ -+/* -+ * obfs.h - Define shadowsocksR server's buffers and callbacks -+ * -+ * Copyright (C) 2015 - 2016, Break Wa11 -+ */ -+ -+#ifndef _OBFS_H -+#define _OBFS_H -+ -+#include -+#include -+ -+typedef struct server_info { -+ char host[64]; -+ uint16_t port; -+ char *param; -+ void *g_data; -+ uint8_t *iv; -+ size_t iv_len; -+ uint8_t *recv_iv; -+ size_t recv_iv_len; -+ uint8_t *key; -+ size_t key_len; -+ int head_len; -+ size_t tcp_mss; -+}server_info; -+ -+typedef struct obfs { -+ server_info server; -+ void *l_data; -+}obfs; -+ -+typedef struct obfs_class { -+ void * (*init_data)(); -+ obfs * (*new_obfs)(); -+ void (*get_server_info)(obfs *self, server_info *server); -+ void (*set_server_info)(obfs *self, server_info *server); -+ void (*dispose)(obfs *self); -+ -+ int (*client_pre_encrypt)(obfs *self, -+ char **pplaindata, -+ int datalength, -+ size_t* capacity); -+ int (*client_encode)(obfs *self, -+ char **pencryptdata, -+ int datalength, -+ size_t* capacity); -+ int (*client_decode)(obfs *self, -+ char **pencryptdata, -+ int datalength, -+ size_t* capacity, -+ int *needsendback); -+ int (*client_post_decrypt)(obfs *self, -+ char **pplaindata, -+ int datalength, -+ size_t* capacity); -+ int (*client_udp_pre_encrypt)(obfs *self, -+ char **pplaindata, -+ int datalength, -+ size_t* capacity); -+ int (*client_udp_post_decrypt)(obfs *self, -+ char **pplaindata, -+ int datalength, -+ size_t* capacity); -+ int (*server_pre_encrypt)(obfs *self, -+ char **pplaindata, -+ int datalength, -+ size_t* capacity); -+ int (*server_post_decrypt)(obfs *self, -+ char **pplaindata, -+ int datalength, -+ size_t* capacity); -+ int (*server_udp_pre_encrypt)(obfs *self, -+ char **pplaindata, -+ int datalength, -+ size_t* capacity); -+ int (*server_udp_post_decrypt)(obfs *self, -+ char **pplaindata, -+ int datalength, -+ size_t* capacity); -+ int (*server_encode)(obfs *self, -+ char **pencryptdata, -+ int datalength, -+ size_t* capacity); -+ int (*server_decode)(obfs *self, -+ char **pencryptdata, -+ int datalength, -+ size_t* capacity, -+ int *needsendback); -+}obfs_class; -+ -+obfs_class * new_obfs_class(char *plugin_name); -+void free_obfs_class(obfs_class *plugin); -+ -+void set_server_info(obfs *self, server_info *server); -+void get_server_info(obfs *self, server_info *server); -+obfs * new_obfs(); -+void dispose_obfs(obfs *self); -+ -+#endif // _OBFS_H -diff --git a/server/obfsutil.c b/server/obfsutil.c -new file mode 100644 -index 0000000..d00959b ---- /dev/null -+++ b/server/obfsutil.c -@@ -0,0 +1,36 @@ -+int get_head_size(char *plaindata, int size, int def_size) { -+ if (plaindata == NULL || size < 2) -+ return def_size; -+ int head_type = plaindata[0] & 0x7; -+ if (head_type == 1) -+ return 7; -+ if (head_type == 4) -+ return 19; -+ if (head_type == 3) -+ return 4 + plaindata[1]; -+ return def_size; -+} -+ -+static int shift128plus_init_flag = 0; -+static uint64_t shift128plus_s[2] = {0x10000000, 0xFFFFFFFF}; -+ -+void init_shift128plus(void) { -+ if (shift128plus_init_flag == 0) { -+ shift128plus_init_flag = 1; -+ uint32_t seed = time(NULL); -+ shift128plus_s[0] = seed | 0x100000000L; -+ shift128plus_s[1] = ((uint64_t)seed << 32) | 0x1; -+ } -+} -+ -+uint64_t xorshift128plus(void) { -+ uint64_t x = shift128plus_s[0]; -+ uint64_t const y = shift128plus_s[1]; -+ shift128plus_s[0] = y; -+ x ^= x << 23; // a -+ x ^= x >> 17; // b -+ x ^= y ^ (y >> 26); // c -+ shift128plus_s[1] = x; -+ return x + y; -+} -+ -diff --git a/server/protocol.h b/server/protocol.h -new file mode 100644 -index 0000000..eaa866e ---- /dev/null -+++ b/server/protocol.h -@@ -0,0 +1,34 @@ -+/* -+ * Copyright (c) 2014, Dustin Lundquist -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+#ifndef PROTOCOL_H -+#define PROTOCOL_H -+ -+typedef struct protocol { -+ const int default_port; -+ int(*const parse_packet)(const char *, size_t, char **); -+} protocol_t; -+ -+#endif -diff --git a/server/resolv.c b/server/resolv.c -new file mode 100644 -index 0000000..f580d06 ---- /dev/null -+++ b/server/resolv.c -@@ -0,0 +1,444 @@ -+/* -+ * Copyright (c) 2014, Dustin Lundquist -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef __MINGW32__ -+#include "win32.h" -+#else -+#include -+#include -+#include -+#include -+#endif -+ -+#include "resolv.h" -+#include "utils.h" -+#include "netutils.h" -+ -+/* -+ * Implement DNS resolution interface using libudns -+ */ -+ -+struct ResolvQuery { -+ void (*client_cb)(struct sockaddr *, void *); -+ void (*client_free_cb)(void *); -+ void *client_cb_data; -+ struct dns_query *queries[2]; -+ size_t response_count; -+ struct sockaddr **responses; -+ uint16_t port; -+}; -+ -+extern int verbose; -+ -+static struct ev_io resolv_io_watcher; -+static struct ev_timer resolv_timeout_watcher; -+static const int MODE_IPV4_ONLY = 0; -+static const int MODE_IPV6_ONLY = 1; -+static const int MODE_IPV4_FIRST = 2; -+static const int MODE_IPV6_FIRST = 3; -+static int resolv_mode = 0; -+ -+static void resolv_sock_cb(struct ev_loop *, struct ev_io *, int); -+static void resolv_timeout_cb(struct ev_loop *, struct ev_timer *, int); -+static void dns_query_v4_cb(struct dns_ctx *, struct dns_rr_a4 *, void *); -+static void dns_query_v6_cb(struct dns_ctx *, struct dns_rr_a6 *, void *); -+static void dns_timer_setup_cb(struct dns_ctx *, int, void *); -+static void process_client_callback(struct ResolvQuery *); -+static inline int all_queries_are_null(struct ResolvQuery *); -+static struct sockaddr *choose_ipv4_first(struct ResolvQuery *); -+static struct sockaddr *choose_ipv6_first(struct ResolvQuery *); -+static struct sockaddr *choose_any(struct ResolvQuery *); -+ -+int -+resolv_init(struct ev_loop *loop, char **nameservers, int nameserver_num, int ipv6first) -+{ -+ if (ipv6first) -+ resolv_mode = MODE_IPV6_FIRST; -+ else -+ resolv_mode = MODE_IPV4_FIRST; -+ -+ struct dns_ctx *ctx = &dns_defctx; -+ if (nameservers == NULL) { -+ /* Nameservers not specified, use system resolver config */ -+ dns_init(ctx, 0); -+ } else { -+ dns_reset(ctx); -+ -+ for (int i = 0; i < nameserver_num; i++) { -+ char *server = nameservers[i]; -+ dns_add_serv(ctx, server); -+ } -+ } -+ -+ int sockfd = dns_open(ctx); -+ if (sockfd < 0) { -+ FATAL("Failed to open DNS resolver socket"); -+ } -+ -+ if (nameserver_num == 1 && nameservers != NULL) { -+ if (strncmp("127.0.0.1", nameservers[0], 9) == 0 -+ || strncmp("::1", nameservers[0], 3) == 0) { -+ if (verbose) { -+ LOGI("bind UDP resolver to %s", nameservers[0]); -+ } -+ if (bind_to_address(sockfd, nameservers[0]) == -1) -+ ERROR("bind_to_address"); -+ } -+ } -+ -+#ifdef __MINGW32__ -+ setnonblocking(sockfd); -+#else -+ int flags = fcntl(sockfd, F_GETFL, 0); -+ fcntl(sockfd, F_SETFL, flags | O_NONBLOCK); -+#endif -+ -+ ev_io_init(&resolv_io_watcher, resolv_sock_cb, sockfd, EV_READ); -+ resolv_io_watcher.data = ctx; -+ -+ ev_io_start(loop, &resolv_io_watcher); -+ -+ ev_timer_init(&resolv_timeout_watcher, resolv_timeout_cb, 0.0, 0.0); -+ resolv_timeout_watcher.data = ctx; -+ -+ dns_set_tmcbck(ctx, dns_timer_setup_cb, loop); -+ -+ return sockfd; -+} -+ -+void -+resolv_shutdown(struct ev_loop *loop) -+{ -+ struct dns_ctx *ctx = (struct dns_ctx *)resolv_io_watcher.data; -+ -+ ev_io_stop(loop, &resolv_io_watcher); -+ -+ if (ev_is_active(&resolv_timeout_watcher)) { -+ ev_timer_stop(loop, &resolv_timeout_watcher); -+ } -+ -+ dns_close(ctx); -+} -+ -+struct ResolvQuery * -+resolv_query(const char *hostname, void (*client_cb)(struct sockaddr *, void *), -+ void (*client_free_cb)(void *), void *client_cb_data, -+ uint16_t port) -+{ -+ struct dns_ctx *ctx = (struct dns_ctx *)resolv_io_watcher.data; -+ -+ /* -+ * Wrap udns's call back in our own -+ */ -+ struct ResolvQuery *cb_data = ss_malloc(sizeof(struct ResolvQuery)); -+ if (cb_data == NULL) { -+ LOGE("Failed to allocate memory for DNS query callback data."); -+ return NULL; -+ } -+ memset(cb_data, 0, sizeof(struct ResolvQuery)); -+ -+ cb_data->client_cb = client_cb; -+ cb_data->client_free_cb = client_free_cb; -+ cb_data->client_cb_data = client_cb_data; -+ memset(cb_data->queries, 0, sizeof(cb_data->queries)); -+ cb_data->response_count = 0; -+ cb_data->responses = NULL; -+ cb_data->port = port; -+ -+ /* Submit A and AAAA queries */ -+ if (resolv_mode != MODE_IPV6_ONLY) { -+ cb_data->queries[0] = dns_submit_a4(ctx, -+ hostname, 0, -+ dns_query_v4_cb, cb_data); -+ if (cb_data->queries[0] == NULL) { -+ LOGE("Failed to submit DNS query: %s", -+ dns_strerror(dns_status(ctx))); -+ } -+ } -+ -+ if (resolv_mode != MODE_IPV4_ONLY) { -+ cb_data->queries[1] = dns_submit_a6(ctx, -+ hostname, 0, -+ dns_query_v6_cb, cb_data); -+ if (cb_data->queries[1] == NULL) { -+ LOGE("Failed to submit DNS query: %s", -+ dns_strerror(dns_status(ctx))); -+ } -+ } -+ -+ if (all_queries_are_null(cb_data)) { -+ if (cb_data->client_free_cb != NULL) { -+ cb_data->client_free_cb(cb_data->client_cb_data); -+ } -+ ss_free(cb_data); -+ } -+ -+ return cb_data; -+} -+ -+void -+resolv_cancel(struct ResolvQuery *query_handle) -+{ -+ struct ResolvQuery *cb_data = (struct ResolvQuery *)query_handle; -+ struct dns_ctx *ctx = (struct dns_ctx *)resolv_io_watcher.data; -+ -+ for (int i = 0; i < sizeof(cb_data->queries) / sizeof(cb_data->queries[0]); -+ i++) -+ if (cb_data->queries[i] != NULL) { -+ dns_cancel(ctx, cb_data->queries[i]); -+ ss_free(cb_data->queries[i]); -+ } -+ -+ if (cb_data->client_free_cb != NULL) { -+ cb_data->client_free_cb(cb_data->client_cb_data); -+ } -+ -+ ss_free(cb_data); -+} -+ -+/* -+ * DNS UDP socket activity callback -+ */ -+static void -+resolv_sock_cb(struct ev_loop *loop, struct ev_io *w, int revents) -+{ -+ struct dns_ctx *ctx = (struct dns_ctx *)w->data; -+ -+ if (revents & EV_READ) { -+ dns_ioevent(ctx, ev_now(loop)); -+ } -+} -+ -+/* -+ * Wrapper for client callback we provide to udns -+ */ -+static void -+dns_query_v4_cb(struct dns_ctx *ctx, struct dns_rr_a4 *result, void *data) -+{ -+ struct ResolvQuery *cb_data = (struct ResolvQuery *)data; -+ -+ if (result == NULL) { -+ if (verbose) { -+ LOGI("IPv4 resolv: %s", dns_strerror(dns_status(ctx))); -+ } -+ } else if (result->dnsa4_nrr > 0) { -+ struct sockaddr **new_responses = ss_realloc(cb_data->responses, -+ (cb_data->response_count + -+ result->dnsa4_nrr) * -+ sizeof(struct sockaddr *)); -+ if (new_responses == NULL) { -+ LOGE("Failed to allocate memory for additional DNS responses"); -+ } else { -+ cb_data->responses = new_responses; -+ -+ for (int i = 0; i < result->dnsa4_nrr; i++) { -+ struct sockaddr_in *sa = -+ (struct sockaddr_in *)ss_malloc(sizeof(struct sockaddr_in)); -+ sa->sin_family = AF_INET; -+ sa->sin_port = cb_data->port; -+ sa->sin_addr = result->dnsa4_addr[i]; -+ -+ cb_data->responses[cb_data->response_count] = -+ (struct sockaddr *)sa; -+ if (cb_data->responses[cb_data->response_count] == NULL) { -+ LOGE( -+ "Failed to allocate memory for DNS query result address"); -+ } else { -+ cb_data->response_count++; -+ } -+ } -+ } -+ } -+ -+ ss_free(result); -+ cb_data->queries[0] = NULL; /* mark A query as being completed */ -+ -+ /* Once all queries have completed, call client callback */ -+ if (all_queries_are_null(cb_data)) { -+ return process_client_callback(cb_data); -+ } -+} -+ -+static void -+dns_query_v6_cb(struct dns_ctx *ctx, struct dns_rr_a6 *result, void *data) -+{ -+ struct ResolvQuery *cb_data = (struct ResolvQuery *)data; -+ -+ if (result == NULL) { -+ if (verbose) { -+ LOGI("IPv6 resolv: %s", dns_strerror(dns_status(ctx))); -+ } -+ } else if (result->dnsa6_nrr > 0) { -+ struct sockaddr **new_responses = ss_realloc(cb_data->responses, -+ (cb_data->response_count + -+ result->dnsa6_nrr) * -+ sizeof(struct sockaddr *)); -+ if (new_responses == NULL) { -+ LOGE("Failed to allocate memory for additional DNS responses"); -+ } else { -+ cb_data->responses = new_responses; -+ -+ for (int i = 0; i < result->dnsa6_nrr; i++) { -+ struct sockaddr_in6 *sa = -+ (struct sockaddr_in6 *)ss_malloc(sizeof(struct sockaddr_in6)); -+ sa->sin6_family = AF_INET6; -+ sa->sin6_port = cb_data->port; -+ sa->sin6_addr = result->dnsa6_addr[i]; -+ -+ cb_data->responses[cb_data->response_count] = -+ (struct sockaddr *)sa; -+ if (cb_data->responses[cb_data->response_count] == NULL) { -+ LOGE( -+ "Failed to allocate memory for DNS query result address"); -+ } else { -+ cb_data->response_count++; -+ } -+ } -+ } -+ } -+ -+ ss_free(result); -+ cb_data->queries[1] = NULL; /* mark AAAA query as being completed */ -+ -+ /* Once all queries have completed, call client callback */ -+ if (all_queries_are_null(cb_data)) { -+ return process_client_callback(cb_data); -+ } -+} -+ -+/* -+ * Called once all queries have been completed -+ */ -+static void -+process_client_callback(struct ResolvQuery *cb_data) -+{ -+ struct sockaddr *best_address = NULL; -+ -+ if (resolv_mode == MODE_IPV4_FIRST) { -+ best_address = choose_ipv4_first(cb_data); -+ } else if (resolv_mode == MODE_IPV6_FIRST) { -+ best_address = choose_ipv6_first(cb_data); -+ } else { -+ best_address = choose_any(cb_data); -+ } -+ -+ cb_data->client_cb(best_address, cb_data->client_cb_data); -+ -+ for (int i = 0; i < cb_data->response_count; i++) -+ ss_free(cb_data->responses[i]); -+ -+ ss_free(cb_data->responses); -+ if (cb_data->client_free_cb != NULL) { -+ cb_data->client_free_cb(cb_data->client_cb_data); -+ } -+ ss_free(cb_data); -+} -+ -+static struct sockaddr * -+choose_ipv4_first(struct ResolvQuery *cb_data) -+{ -+ for (int i = 0; i < cb_data->response_count; i++) -+ if (cb_data->responses[i]->sa_family == AF_INET) { -+ return cb_data->responses[i]; -+ } -+ -+ return choose_any(cb_data); -+} -+ -+static struct sockaddr * -+choose_ipv6_first(struct ResolvQuery *cb_data) -+{ -+ for (int i = 0; i < cb_data->response_count; i++) -+ if (cb_data->responses[i]->sa_family == AF_INET6) { -+ return cb_data->responses[i]; -+ } -+ -+ return choose_any(cb_data); -+} -+ -+static struct sockaddr * -+choose_any(struct ResolvQuery *cb_data) -+{ -+ if (cb_data->response_count >= 1) { -+ return cb_data->responses[0]; -+ } -+ -+ return NULL; -+} -+ -+/* -+ * DNS timeout callback -+ */ -+static void -+resolv_timeout_cb(struct ev_loop *loop, struct ev_timer *w, int revents) -+{ -+ struct dns_ctx *ctx = (struct dns_ctx *)w->data; -+ -+ if (revents & EV_TIMER) { -+ dns_timeouts(ctx, 30, ev_now(loop)); -+ } -+} -+ -+/* -+ * Callback to setup DNS timeout callback -+ */ -+static void -+dns_timer_setup_cb(struct dns_ctx *ctx, int timeout, void *data) -+{ -+ struct ev_loop *loop = (struct ev_loop *)data; -+ -+ if (ev_is_active(&resolv_timeout_watcher)) { -+ ev_timer_stop(loop, &resolv_timeout_watcher); -+ } -+ -+ if (ctx != NULL && timeout >= 0) { -+ ev_timer_set(&resolv_timeout_watcher, timeout, 0.0); -+ ev_timer_start(loop, &resolv_timeout_watcher); -+ } -+} -+ -+static inline int -+all_queries_are_null(struct ResolvQuery *cb_data) -+{ -+ int result = 1; -+ -+ for (int i = 0; i < sizeof(cb_data->queries) / sizeof(cb_data->queries[0]); -+ i++) -+ result = result && cb_data->queries[i] == NULL; -+ -+ return result; -+} -diff --git a/server/resolv.h b/server/resolv.h -new file mode 100644 -index 0000000..0552922 ---- /dev/null -+++ b/server/resolv.h -@@ -0,0 +1,50 @@ -+/* -+ * Copyright (c) 2014, Dustin Lundquist -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+#ifndef RESOLV_H -+#define RESOLV_H -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+ -+#ifdef __MINGW32__ -+#include "win32.h" -+#else -+#include -+#endif -+ -+struct ResolvQuery; -+ -+int resolv_init(struct ev_loop *, char **, int, int); -+struct ResolvQuery *resolv_query(const char *, void (*)(struct sockaddr *, -+ void *), void (*)( -+ void *), void *, uint16_t); -+void resolv_cancel(struct ResolvQuery *); -+void resolv_shutdown(struct ev_loop *); -+ -+#endif -diff --git a/server/rule.c b/server/rule.c -new file mode 100644 -index 0000000..8aae04e ---- /dev/null -+++ b/server/rule.c -@@ -0,0 +1,137 @@ -+/* -+ * Copyright (c) 2011 and 2012, Dustin Lundquist -+ * Copyright (c) 2011 Manuel Kasper -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+#include -+ -+#ifdef __MINGW32__ -+extern void ss_error(const char *s); -+#endif -+ -+#include "rule.h" -+#include "utils.h" -+ -+static void free_rule(rule_t *); -+ -+rule_t * -+new_rule() -+{ -+ rule_t *rule; -+ -+ rule = calloc(1, sizeof(rule_t)); -+ if (rule == NULL) { -+ ERROR("malloc"); -+ return NULL; -+ } -+ -+ return rule; -+} -+ -+int -+accept_rule_arg(rule_t *rule, const char *arg) -+{ -+ if (rule->pattern == NULL) { -+ rule->pattern = strdup(arg); -+ if (rule->pattern == NULL) { -+ ERROR("strdup failed"); -+ return -1; -+ } -+ } else { -+ LOGE("Unexpected table rule argument: %s", arg); -+ return -1; -+ } -+ -+ return 1; -+} -+ -+void -+add_rule(struct cork_dllist *rules, rule_t *rule) -+{ -+ cork_dllist_add(rules, &rule->entries); -+} -+ -+int -+init_rule(rule_t *rule) -+{ -+ if (rule->pattern_re == NULL) { -+ const char *reerr; -+ int reerroffset; -+ -+ rule->pattern_re = -+ pcre_compile(rule->pattern, 0, &reerr, &reerroffset, NULL); -+ if (rule->pattern_re == NULL) { -+ LOGE("Regex compilation of \"%s\" failed: %s, offset %d", -+ rule->pattern, reerr, reerroffset); -+ return 0; -+ } -+ } -+ -+ return 1; -+} -+ -+rule_t * -+lookup_rule(const struct cork_dllist *rules, const char *name, size_t name_len) -+{ -+ struct cork_dllist_item *curr, *next; -+ -+ if (name == NULL) { -+ name = ""; -+ name_len = 0; -+ } -+ -+ cork_dllist_foreach_void(rules, curr, next) { -+ rule_t *rule = cork_container_of(curr, rule_t, entries); -+ if (pcre_exec(rule->pattern_re, NULL, -+ name, name_len, 0, 0, NULL, 0) >= 0) -+ return rule; -+ } -+ -+ return NULL; -+} -+ -+void -+remove_rule(rule_t *rule) -+{ -+ cork_dllist_remove(&rule->entries); -+ free_rule(rule); -+} -+ -+static void -+free_rule(rule_t *rule) -+{ -+ if (rule == NULL) -+ return; -+ -+ ss_free(rule->pattern); -+ if (rule->pattern_re != NULL) -+ pcre_free(rule->pattern_re); -+ ss_free(rule); -+} -diff --git a/server/rule.h b/server/rule.h -new file mode 100644 -index 0000000..015bc42 ---- /dev/null -+++ b/server/rule.h -@@ -0,0 +1,58 @@ -+/* -+ * Copyright (c) 2011 and 2012, Dustin Lundquist -+ * Copyright (c) 2011 Manuel Kasper -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+#ifndef RULE_H -+#define RULE_H -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+ -+#ifdef HAVE_PCRE_H -+#include -+#elif HAVE_PCRE_PCRE_H -+#include -+#endif -+ -+typedef struct rule { -+ char *pattern; -+ -+ /* Runtime fields */ -+ pcre *pattern_re; -+ -+ struct cork_dllist_item entries; -+} rule_t; -+ -+void add_rule(struct cork_dllist *, rule_t *); -+int init_rule(rule_t *); -+rule_t *lookup_rule(const struct cork_dllist *, const char *, size_t); -+void remove_rule(rule_t *); -+rule_t *new_rule(); -+int accept_rule_arg(rule_t *, const char *); -+ -+#endif -diff --git a/server/server.c b/server/server.c -new file mode 100644 -index 0000000..65b0e42 ---- /dev/null -+++ b/server/server.c -@@ -0,0 +1,2209 @@ -+/* -+ * server.c - Provide shadowsocks service -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifndef __MINGW32__ -+#include -+#include -+#include -+#include -+#include -+#include -+#endif -+ -+#include -+#include -+ -+#ifdef __MINGW32__ -+#include "win32.h" -+#endif -+ -+#if defined(HAVE_SYS_IOCTL_H) && defined(HAVE_NET_IF_H) && defined(__linux__) -+#include -+#include -+#define SET_INTERFACE -+#endif -+ -+#include "netutils.h" -+#include "utils.h" -+#include "acl.h" -+#include "server.h" -+ -+#include "obfs.c" // I don't want to modify makefile -+ -+#ifndef EAGAIN -+#define EAGAIN EWOULDBLOCK -+#endif -+ -+#ifndef EWOULDBLOCK -+#define EWOULDBLOCK EAGAIN -+#endif -+ -+#ifndef BUF_SIZE -+#define BUF_SIZE 2048 -+#endif -+ -+#ifndef SSMAXCONN -+#define SSMAXCONN 1024 -+#endif -+ -+#ifndef UPDATE_INTERVAL -+#define UPDATE_INTERVAL 30 -+#endif -+ -+static void signal_cb(EV_P_ ev_signal *w, int revents); -+static void accept_cb(EV_P_ ev_io *w, int revents); -+static void server_send_cb(EV_P_ ev_io *w, int revents); -+static void server_recv_cb(EV_P_ ev_io *w, int revents); -+static void remote_recv_cb(EV_P_ ev_io *w, int revents); -+static void remote_send_cb(EV_P_ ev_io *w, int revents); -+static void server_timeout_cb(EV_P_ ev_timer *watcher, int revents); -+static void block_list_clear_cb(EV_P_ ev_timer *watcher, int revents); -+ -+static remote_t *new_remote(int fd); -+static server_t *new_server(int fd, listen_ctx_t *listener); -+static remote_t *connect_to_remote(EV_P_ struct addrinfo *res, -+ server_t *server); -+ -+static void free_remote(remote_t *remote); -+static void close_and_free_remote(EV_P_ remote_t *remote); -+static void free_server(server_t *server); -+static void close_and_free_server(EV_P_ server_t *server); -+static void server_resolve_cb(struct sockaddr *addr, void *data); -+static void query_free_cb(void *data); -+ -+static size_t parse_header_len(const char atyp, const char *data, size_t offset); -+static int is_header_complete(const buffer_t *buf); -+ -+int verbose = 0; -+ -+static int acl = 0; -+static int mode = TCP_ONLY; -+static int auth = 0; -+static int ipv6first = 0; -+ -+static int protocol_compatible = 0;//SSR -+static int obfs_compatible = 0;//SSR -+ -+static int fast_open = 0; -+#ifdef HAVE_SETRLIMIT -+static int nofile = 0; -+#endif -+static int remote_conn = 0; -+static int server_conn = 0; -+ -+static char *bind_address = NULL; -+static char *server_port = NULL; -+static char *manager_address = NULL; -+uint64_t tx = 0; -+uint64_t rx = 0; -+ev_timer stat_update_watcher; -+ev_timer block_list_watcher; -+ -+static struct cork_dllist connections; -+ -+static void -+stat_update_cb(EV_P_ ev_timer *watcher, int revents) -+{ -+ struct sockaddr_un svaddr, claddr; -+ int sfd = -1; -+ size_t msgLen; -+ char resp[BUF_SIZE]; -+ -+ if (verbose) { -+ LOGI("update traffic stat: tx: %" PRIu64 " rx: %" PRIu64 "", tx, rx); -+ } -+ -+ snprintf(resp, BUF_SIZE, "stat: {\"%s\":%" PRIu64 "}", server_port, tx + rx); -+ msgLen = strlen(resp) + 1; -+ -+ ss_addr_t ip_addr = { .host = NULL, .port = NULL }; -+ parse_addr(manager_address, &ip_addr); -+ -+ if (ip_addr.host == NULL || ip_addr.port == NULL) { -+ sfd = socket(AF_UNIX, SOCK_DGRAM, 0); -+ if (sfd == -1) { -+ ERROR("stat_socket"); -+ return; -+ } -+ -+ memset(&claddr, 0, sizeof(struct sockaddr_un)); -+ claddr.sun_family = AF_UNIX; -+ snprintf(claddr.sun_path, sizeof(claddr.sun_path), "/tmp/shadowsocks.%s", server_port); -+ -+ unlink(claddr.sun_path); -+ -+ if (bind(sfd, (struct sockaddr *)&claddr, sizeof(struct sockaddr_un)) == -1) { -+ ERROR("stat_bind"); -+ close(sfd); -+ return; -+ } -+ -+ memset(&svaddr, 0, sizeof(struct sockaddr_un)); -+ svaddr.sun_family = AF_UNIX; -+ strncpy(svaddr.sun_path, manager_address, sizeof(svaddr.sun_path) - 1); -+ -+ if (sendto(sfd, resp, strlen(resp) + 1, 0, (struct sockaddr *)&svaddr, -+ sizeof(struct sockaddr_un)) != msgLen) { -+ ERROR("stat_sendto"); -+ close(sfd); -+ return; -+ } -+ -+ unlink(claddr.sun_path); -+ } else { -+ struct sockaddr_storage storage; -+ memset(&storage, 0, sizeof(struct sockaddr_storage)); -+ if (get_sockaddr(ip_addr.host, ip_addr.port, &storage, 0, ipv6first) == -1) { -+ ERROR("failed to parse the manager addr"); -+ return; -+ } -+ -+ sfd = socket(storage.ss_family, SOCK_DGRAM, 0); -+ -+ if (sfd == -1) { -+ ERROR("stat_socket"); -+ return; -+ } -+ -+ size_t addr_len = get_sockaddr_len((struct sockaddr *)&storage); -+ if (sendto(sfd, resp, strlen(resp) + 1, 0, (struct sockaddr *)&storage, -+ addr_len) != msgLen) { -+ ERROR("stat_sendto"); -+ close(sfd); -+ return; -+ } -+ } -+ -+ close(sfd); -+} -+ -+static void -+free_connections(struct ev_loop *loop) -+{ -+ struct cork_dllist_item *curr, *next; -+ cork_dllist_foreach_void(&connections, curr, next) { -+ server_t *server = cork_container_of(curr, server_t, entries); -+ remote_t *remote = server->remote; -+ close_and_free_server(loop, server); -+ close_and_free_remote(loop, remote); -+ } -+} -+ -+static size_t -+parse_header_len(const char atyp, const char *data, size_t offset) -+{ -+ size_t len = 0; -+ if ((atyp & ADDRTYPE_MASK) == 1) { -+ // IP V4 -+ len += sizeof(struct in_addr); -+ } else if ((atyp & ADDRTYPE_MASK) == 3) { -+ // Domain name -+ uint8_t name_len = *(uint8_t *)(data + offset); -+ len += name_len + 1; -+ } else if ((atyp & ADDRTYPE_MASK) == 4) { -+ // IP V6 -+ len += sizeof(struct in6_addr); -+ } else { -+ return 0; -+ } -+ len += 2; -+ return len; -+} -+ -+static int -+is_header_complete(const buffer_t *buf) -+{ -+ size_t header_len = 0; -+ size_t buf_len = buf->len; -+ -+ char atyp = buf->array[header_len]; -+ -+ // 1 byte for atyp -+ header_len++; -+ -+ if ((atyp & ADDRTYPE_MASK) == 1) { -+ // IP V4 -+ header_len += sizeof(struct in_addr); -+ } else if ((atyp & ADDRTYPE_MASK) == 3) { -+ // Domain name -+ // domain len + len of domain -+ if (buf_len < header_len + 1) -+ return 0; -+ uint8_t name_len = *(uint8_t *)(buf->array + header_len); -+ header_len += name_len + 1; -+ } else if ((atyp & ADDRTYPE_MASK) == 4) { -+ // IP V6 -+ header_len += sizeof(struct in6_addr); -+ } else { -+ return -1; -+ } -+ -+ // len of port -+ header_len += 2; -+ -+ // size of ONETIMEAUTH_BYTES -+ if (auth || (atyp & ONETIMEAUTH_FLAG)) { -+ header_len += ONETIMEAUTH_BYTES; -+ } -+ -+ return buf_len >= header_len ? 1 : 0; -+} -+ -+static char * -+get_peer_name(int fd) -+{ -+ static char peer_name[INET6_ADDRSTRLEN] = { 0 }; -+ struct sockaddr_storage addr; -+ socklen_t len = sizeof(struct sockaddr_storage); -+ memset(&addr, 0, len); -+ memset(peer_name, 0, INET6_ADDRSTRLEN); -+ int err = getpeername(fd, (struct sockaddr *)&addr, &len); -+ if (err == 0) { -+ if (addr.ss_family == AF_INET) { -+ struct sockaddr_in *s = (struct sockaddr_in *)&addr; -+ dns_ntop(AF_INET, &s->sin_addr, peer_name, INET_ADDRSTRLEN); -+ } else if (addr.ss_family == AF_INET6) { -+ struct sockaddr_in6 *s = (struct sockaddr_in6 *)&addr; -+ dns_ntop(AF_INET6, &s->sin6_addr, peer_name, INET6_ADDRSTRLEN); -+ } -+ } else { -+ return NULL; -+ } -+ return peer_name; -+} -+ -+#ifdef __linux__ -+static void -+set_linger(int fd) -+{ -+ struct linger so_linger; -+ memset(&so_linger, 0, sizeof(struct linger)); -+ so_linger.l_onoff = 1; -+ so_linger.l_linger = 0; -+ setsockopt(fd, SOL_SOCKET, SO_LINGER, &so_linger, sizeof so_linger); -+} -+#endif -+ -+static void -+reset_addr(int fd) -+{ -+ char *peer_name; -+ peer_name = get_peer_name(fd); -+ if (peer_name != NULL) { -+ remove_from_block_list(peer_name); -+ } -+} -+ -+static void -+report_addr(int fd, int err_level) -+{ -+#ifdef __linux__ -+ set_linger(fd); -+#endif -+ -+ char *peer_name; -+ peer_name = get_peer_name(fd); -+ if (peer_name != NULL) { -+ LOGE("failed to handshake with %s", peer_name); -+ update_block_list(peer_name, err_level); -+ } -+} -+ -+int -+setfastopen(int fd) -+{ -+ int s = 0; -+#ifdef TCP_FASTOPEN -+ if (fast_open) { -+#ifdef __APPLE__ -+ int opt = 1; -+#else -+ int opt = 5; -+#endif -+ s = setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN, &opt, sizeof(opt)); -+ -+ if (s == -1) { -+ if (errno == EPROTONOSUPPORT || errno == ENOPROTOOPT) { -+ LOGE("fast open is not supported on this platform"); -+ fast_open = 0; -+ } else { -+ ERROR("setsockopt"); -+ } -+ } -+ } -+#endif -+ return s; -+} -+ -+#ifndef __MINGW32__ -+int -+setnonblocking(int fd) -+{ -+ int flags; -+ if (-1 == (flags = fcntl(fd, F_GETFL, 0))) { -+ flags = 0; -+ } -+ return fcntl(fd, F_SETFL, flags | O_NONBLOCK); -+} -+ -+#endif -+ -+int -+create_and_bind(const char *host, const char *port, int mptcp) -+{ -+ struct addrinfo hints; -+ struct addrinfo *result, *rp, *ipv4v6bindall; -+ int s, listen_sock; -+ -+ memset(&hints, 0, sizeof(struct addrinfo)); -+ hints.ai_family = AF_UNSPEC; /* Return IPv4 and IPv6 choices */ -+ hints.ai_socktype = SOCK_STREAM; /* We want a TCP socket */ -+ hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; /* For wildcard IP address */ -+ hints.ai_protocol = IPPROTO_TCP; -+ -+ for (int i = 1; i < 8; i++) { -+ s = getaddrinfo(host, port, &hints, &result); -+ if (s == 0) { -+ break; -+ } else { -+ sleep(pow(2, i)); -+ LOGE("failed to resolve server name, wait %.0f seconds", pow(2, i)); -+ } -+ } -+ -+ if (s != 0) { -+ LOGE("getaddrinfo: %s", gai_strerror(s)); -+ return -1; -+ } -+ -+ rp = result; -+ -+ /* -+ * On Linux, with net.ipv6.bindv6only = 0 (the default), getaddrinfo(NULL) with -+ * AI_PASSIVE returns 0.0.0.0 and :: (in this order). AI_PASSIVE was meant to -+ * return a list of addresses to listen on, but it is impossible to listen on -+ * 0.0.0.0 and :: at the same time, if :: implies dualstack mode. -+ */ -+ if (!host) { -+ ipv4v6bindall = result; -+ -+ /* Loop over all address infos found until a IPV6 address is found. */ -+ while (ipv4v6bindall) { -+ if (ipv4v6bindall->ai_family == AF_INET6) { -+ rp = ipv4v6bindall; /* Take first IPV6 address available */ -+ break; -+ } -+ ipv4v6bindall = ipv4v6bindall->ai_next; /* Get next address info, if any */ -+ } -+ } -+ -+ for (/*rp = result*/; rp != NULL; rp = rp->ai_next) { -+ listen_sock = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol); -+ if (listen_sock == -1) { -+ continue; -+ } -+ -+ if (rp->ai_family == AF_INET6) { -+ int ipv6only = host ? 1 : 0; -+ setsockopt(listen_sock, IPPROTO_IPV6, IPV6_V6ONLY, &ipv6only, sizeof(ipv6only)); -+ } -+ -+ int opt = 1; -+ setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)); -+#ifdef SO_NOSIGPIPE -+ setsockopt(listen_sock, SOL_SOCKET, SO_NOSIGPIPE, &opt, sizeof(opt)); -+#endif -+ int err = set_reuseport(listen_sock); -+ if (err == 0) { -+ LOGI("tcp port reuse enabled"); -+ } -+ -+ if (mptcp == 1) { -+ int err = setsockopt(listen_sock, SOL_TCP, MPTCP_ENABLED, &opt, sizeof(opt)); -+ if (err == -1) { -+ ERROR("failed to enable multipath TCP"); -+ } -+ } -+ -+ s = bind(listen_sock, rp->ai_addr, rp->ai_addrlen); -+ if (s == 0) { -+ /* We managed to bind successfully! */ -+ break; -+ } else { -+ ERROR("bind"); -+ } -+ -+ close(listen_sock); -+ } -+ -+ if (rp == NULL) { -+ LOGE("Could not bind"); -+ return -1; -+ } -+ -+ freeaddrinfo(result); -+ -+ return listen_sock; -+} -+ -+static remote_t * -+connect_to_remote(EV_P_ struct addrinfo *res, -+ server_t *server) -+{ -+ int sockfd; -+#ifdef SET_INTERFACE -+ const char *iface = server->listen_ctx->iface; -+#endif -+ -+ if (acl) { -+ char ipstr[INET6_ADDRSTRLEN]; -+ memset(ipstr, 0, INET6_ADDRSTRLEN); -+ -+ if (res->ai_addr->sa_family == AF_INET) { -+ struct sockaddr_in *s = (struct sockaddr_in *)res->ai_addr; -+ dns_ntop(AF_INET, &s->sin_addr, ipstr, INET_ADDRSTRLEN); -+ } else if (res->ai_addr->sa_family == AF_INET6) { -+ struct sockaddr_in6 *s = (struct sockaddr_in6 *)res->ai_addr; -+ dns_ntop(AF_INET6, &s->sin6_addr, ipstr, INET6_ADDRSTRLEN); -+ } -+ -+ if (outbound_block_match_host(ipstr) == 1) { -+ if (verbose) -+ LOGI("outbound blocked %s", ipstr); -+ return NULL; -+ } -+ } -+ -+ // initialize remote socks -+ sockfd = socket(res->ai_family, res->ai_socktype, res->ai_protocol); -+ if (sockfd == -1) { -+ ERROR("socket"); -+ close(sockfd); -+ return NULL; -+ } -+ -+ int opt = 1; -+ setsockopt(sockfd, SOL_TCP, TCP_NODELAY, &opt, sizeof(opt)); -+#ifdef SO_NOSIGPIPE -+ setsockopt(sockfd, SOL_SOCKET, SO_NOSIGPIPE, &opt, sizeof(opt)); -+#endif -+ setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)); -+ -+ // setup remote socks -+ -+ if (setnonblocking(sockfd) == -1) -+ ERROR("setnonblocking"); -+ -+ if (bind_address != NULL) -+ if (bind_to_address(sockfd, bind_address) == -1) { -+ ERROR("bind_to_address"); -+ close(sockfd); -+ return NULL; -+ } -+ -+#ifdef SET_INTERFACE -+ if (iface) { -+ if (setinterface(sockfd, iface) == -1) { -+ ERROR("setinterface"); -+ close(sockfd); -+ return NULL; -+ } -+ } -+#endif -+ -+ remote_t *remote = new_remote(sockfd); -+ -+#ifdef TCP_FASTOPEN -+ if (fast_open) { -+#ifdef __APPLE__ -+ ((struct sockaddr_in *)(res->ai_addr))->sin_len = sizeof(struct sockaddr_in); -+ sa_endpoints_t endpoints; -+ memset((char *)&endpoints, 0, sizeof(endpoints)); -+ endpoints.sae_dstaddr = res->ai_addr; -+ endpoints.sae_dstaddrlen = res->ai_addrlen; -+ -+ struct iovec iov; -+ iov.iov_base = server->buf->array + server->buf->idx; -+ iov.iov_len = server->buf->len; -+ size_t len; -+ int s = connectx(sockfd, &endpoints, SAE_ASSOCID_ANY, CONNECT_DATA_IDEMPOTENT, -+ &iov, 1, &len, NULL); -+ if (s == 0) { -+ s = len; -+ } -+#else -+ ssize_t s = sendto(sockfd, server->buf->array + server->buf->idx, -+ server->buf->len, MSG_FASTOPEN, res->ai_addr, -+ res->ai_addrlen); -+#endif -+ if (s == -1) { -+ if (errno == CONNECT_IN_PROGRESS || errno == EAGAIN -+ || errno == EWOULDBLOCK) { -+ // The remote server doesn't support tfo or it's the first connection to the server. -+ // It will automatically fall back to conventional TCP. -+ } else if (errno == EOPNOTSUPP || errno == EPROTONOSUPPORT || -+ errno == ENOPROTOOPT) { -+ // Disable fast open as it's not supported -+ fast_open = 0; -+ LOGE("fast open is not supported on this platform"); -+ } else { -+ ERROR("sendto"); -+ } -+ } else if (s <= server->buf->len) { -+ server->buf->idx += s; -+ server->buf->len -= s; -+ } else { -+ server->buf->idx = 0; -+ server->buf->len = 0; -+ } -+ } -+#endif -+ -+ if (!fast_open) { -+ int r = connect(sockfd, res->ai_addr, res->ai_addrlen); -+ -+ if (r == -1 && errno != CONNECT_IN_PROGRESS) { -+ ERROR("connect"); -+ close_and_free_remote(EV_A_ remote); -+ return NULL; -+ } -+ } -+ -+ return remote; -+} -+ -+static void -+server_recv_cb(EV_P_ ev_io *w, int revents) -+{ -+ server_ctx_t *server_recv_ctx = (server_ctx_t *)w; -+ server_t *server = server_recv_ctx->server; -+ remote_t *remote = NULL; -+ -+ int len = server->buf->len; -+ buffer_t *buf = server->buf; -+ -+ if (server->stage > STAGE_PARSE) { -+ remote = server->remote; -+ buf = remote->buf; -+ len = 0; -+ -+ ev_timer_again(EV_A_ & server->recv_ctx->watcher); -+ } -+ -+ if (len > BUF_SIZE) { -+ ERROR("out of recv buffer"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ -+ ssize_t r = recv(server->fd, buf->array + len, BUF_SIZE - len, 0); -+ -+ if (r == 0) { -+ // connection closed -+ if (verbose) { -+ LOGI("server_recv close the connection"); -+ } -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } else if (r == -1) { -+ if (errno == EAGAIN || errno == EWOULDBLOCK) { -+ // no data -+ // continue to wait for recv -+ return; -+ } else { -+ ERROR("server recv"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ } -+ -+ tx += r; -+ -+ if (server->stage == STAGE_ERROR) { -+ server->buf->len = 0; -+ server->buf->idx = 0; -+ return; -+ } -+ -+ // handle incomplete header part 1 -+ if (server->stage == STAGE_INIT) { -+ buf->len += r; -+ if (buf->len <= enc_get_iv_len() + 1) { -+ // wait for more -+ return; -+ } -+ } else { -+ buf->len = r; -+ } -+ -+ // SSR beg -+ -+ if (server->obfs_plugin) { -+ obfs_class *obfs_plugin = server->obfs_plugin; -+ if (obfs_plugin->server_decode) { -+ int needsendback = 0; -+ -+ if(obfs_compatible == 1) -+ { -+ char *back_buf = (char*)malloc(sizeof(buffer_t)); -+ memcpy(back_buf, buf, sizeof(buffer_t)); -+ buf->len = obfs_plugin->server_decode(server->obfs, &buf->array, buf->len, &buf->capacity, &needsendback); -+ -+ if ((int)buf->len < 0) -+ { -+ LOGE("obfs_compatible"); -+ memcpy(buf, back_buf, sizeof(buffer_t)); -+ free(back_buf); -+ server->obfs_compatible_state = 1; -+ } -+ } -+ else -+ { -+ buf->len = obfs_plugin->server_decode(server->obfs, &buf->array, buf->len, &buf->capacity, &needsendback); -+ if ((int)buf->len < 0) { -+ LOGE("server_decode"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ } -+ -+ if (needsendback) { -+ size_t capacity = BUF_SIZE; -+ char *sendback_buf = (char*)malloc(capacity); -+ obfs_class *obfs_plugin = server->obfs_plugin; -+ if (obfs_plugin->server_encode) { -+ int len = obfs_plugin->server_encode(server->obfs, &sendback_buf, 0, &capacity); -+ send(server->fd, sendback_buf, len, 0); -+ } -+ free(sendback_buf); -+ return; -+ } -+ } -+ } -+ -+ int err = ss_decrypt(buf, server->d_ctx, BUF_SIZE); -+ -+ if (err) { -+ report_addr(server->fd, MALICIOUS); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ -+ if (server->protocol_plugin) { -+ obfs_class *protocol_plugin = server->protocol_plugin; -+ if (protocol_plugin->server_post_decrypt) { -+ -+ if(protocol_compatible == 1) -+ { -+ char *back_buf = (char*)malloc(sizeof(buffer_t)); -+ memcpy(back_buf, buf, sizeof(buffer_t)); -+ buf->len = protocol_plugin->server_post_decrypt(server->protocol, &buf->array, buf->len, &buf->capacity); -+ -+ if ((int)buf->len < 0) { -+ LOGE("protocol_compatible"); -+ memcpy(buf, back_buf, sizeof(buffer_t)); -+ free(back_buf); -+ server->protocol_compatible_state = 1; -+ } -+ if ( buf->len == 0 ) -+ { -+ LOGE("protocol_compatible"); -+ memcpy(buf, back_buf, sizeof(buffer_t)); -+ free(back_buf); -+ server->protocol_compatible_state = 1; -+ } -+ } -+ else -+ { -+ buf->len = protocol_plugin->server_post_decrypt(server->protocol, &buf->array, buf->len, &buf->capacity); -+ if ((int)buf->len < 0) { -+ LOGE("server_post_decrypt"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ if ( buf->len == 0 ) -+ { -+ LOGE("server_post_decrypt"); -+ return; -+ } -+ } -+ } -+ } -+ // SSR end -+ -+ // handle incomplete header part 2 -+ if (server->stage == STAGE_INIT) { -+ int ret = is_header_complete(server->buf); -+ if (ret == 1) { -+ bfree(server->header_buf); -+ ss_free(server->header_buf); -+ server->stage = STAGE_PARSE; -+ } else if (ret == -1) { -+ server->stage = STAGE_ERROR; -+ report_addr(server->fd, MALFORMED); -+ server->buf->len = 0; -+ server->buf->idx = 0; -+ return; -+ } else { -+ server->stage = STAGE_HANDSHAKE; -+ } -+ } -+ -+ if (server->stage == STAGE_HANDSHAKE) { -+ size_t header_len = server->header_buf->len; -+ brealloc(server->header_buf, server->buf->len + header_len, BUF_SIZE); -+ memcpy(server->header_buf->array + header_len, -+ server->buf->array, server->buf->len); -+ server->header_buf->len = server->buf->len + header_len; -+ -+ int ret = is_header_complete(server->buf); -+ -+ if (ret == 1) { -+ brealloc(server->buf, server->header_buf->len, BUF_SIZE); -+ memcpy(server->buf->array, server->header_buf->array, server->header_buf->len); -+ server->buf->len = server->header_buf->len; -+ bfree(server->header_buf); -+ ss_free(server->header_buf); -+ server->stage = STAGE_PARSE; -+ } else { -+ if (ret == -1) -+ server->stage = STAGE_ERROR; -+ server->buf->len = 0; -+ server->buf->idx = 0; -+ return; -+ } -+ } -+ -+ // handshake and transmit data -+ if (server->stage == STAGE_STREAM) { -+ if (server->auth && !ss_check_hash(remote->buf, server->chunk, server->d_ctx, BUF_SIZE)) { -+ LOGE("hash error"); -+ report_addr(server->fd, BAD); -+ close_and_free_server(EV_A_ server); -+ close_and_free_remote(EV_A_ remote); -+ return; -+ } -+ -+ int s = send(remote->fd, remote->buf->array, remote->buf->len, 0); -+ if (s == -1) { -+ if (errno == EAGAIN || errno == EWOULDBLOCK) { -+ // no data, wait for send -+ remote->buf->idx = 0; -+ ev_io_stop(EV_A_ & server_recv_ctx->io); -+ ev_io_start(EV_A_ & remote->send_ctx->io); -+ } else { -+ ERROR("server_recv_send"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ } -+ } else if (s < remote->buf->len) { -+ remote->buf->len -= s; -+ remote->buf->idx = s; -+ ev_io_stop(EV_A_ & server_recv_ctx->io); -+ ev_io_start(EV_A_ & remote->send_ctx->io); -+ } -+ return; -+ } else if (server->stage == STAGE_PARSE) { -+ /* -+ * Shadowsocks TCP Relay Header: -+ * -+ * +------+----------+----------+----------------+ -+ * | ATYP | DST.ADDR | DST.PORT | HMAC-SHA1 | -+ * +------+----------+----------+----------------+ -+ * | 1 | Variable | 2 | 10 | -+ * +------+----------+----------+----------------+ -+ * -+ * If ATYP & ONETIMEAUTH_FLAG(0x10) != 0, Authentication (HMAC-SHA1) is enabled. -+ * -+ * The key of HMAC-SHA1 is (IV + KEY) and the input is the whole header. -+ * The output of HMAC-SHA is truncated to 10 bytes (leftmost bits). -+ */ -+ -+ /* -+ * Shadowsocks Request's Chunk Authentication for TCP Relay's payload -+ * (No chunk authentication for response's payload): -+ * -+ * +------+-----------+-------------+------+ -+ * | LEN | HMAC-SHA1 | DATA | ... -+ * +------+-----------+-------------+------+ -+ * | 2 | 10 | Variable | ... -+ * +------+-----------+-------------+------+ -+ * -+ * The key of HMAC-SHA1 is (IV + CHUNK ID) -+ * The output of HMAC-SHA is truncated to 10 bytes (leftmost bits). -+ */ -+ -+ int offset = 0; -+ int need_query = 0; -+ char atyp = server->buf->array[offset++]; -+ char host[257] = { 0 }; -+ uint16_t port = 0; -+ struct addrinfo info; -+ struct sockaddr_storage storage; -+ memset(&info, 0, sizeof(struct addrinfo)); -+ memset(&storage, 0, sizeof(struct sockaddr_storage)); -+ -+ if (auth || (atyp & ONETIMEAUTH_FLAG)) { -+ size_t header_len = parse_header_len(atyp, server->buf->array, offset); -+ size_t len = server->buf->len; -+ -+ if (header_len == 0 || len < offset + header_len + ONETIMEAUTH_BYTES) { -+ report_addr(server->fd, MALFORMED); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ -+ server->buf->len = offset + header_len + ONETIMEAUTH_BYTES; -+ if (ss_onetimeauth_verify(server->buf, server->d_ctx->evp.iv)) { -+ report_addr(server->fd, BAD); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ -+ server->buf->len = len; -+ server->auth = 1; -+ } -+ -+ // get remote addr and port -+ if ((atyp & ADDRTYPE_MASK) == 1) { -+ // IP V4 -+ struct sockaddr_in *addr = (struct sockaddr_in *)&storage; -+ size_t in_addr_len = sizeof(struct in_addr); -+ addr->sin_family = AF_INET; -+ if (server->buf->len >= in_addr_len + 3) { -+ addr->sin_addr = *(struct in_addr *)(server->buf->array + offset); -+ dns_ntop(AF_INET, (const void *)(server->buf->array + offset), -+ host, INET_ADDRSTRLEN); -+ offset += in_addr_len; -+ } else { -+ LOGE("invalid header with addr type %d", atyp); -+ report_addr(server->fd, MALFORMED); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ addr->sin_port = *(uint16_t *)(server->buf->array + offset); -+ info.ai_family = AF_INET; -+ info.ai_socktype = SOCK_STREAM; -+ info.ai_protocol = IPPROTO_TCP; -+ info.ai_addrlen = sizeof(struct sockaddr_in); -+ info.ai_addr = (struct sockaddr *)addr; -+ } else if ((atyp & ADDRTYPE_MASK) == 3) { -+ // Domain name -+ uint8_t name_len = *(uint8_t *)(server->buf->array + offset); -+ if (name_len + 4 <= server->buf->len) { -+ memcpy(host, server->buf->array + offset + 1, name_len); -+ offset += name_len + 1; -+ } else { -+ LOGE("invalid name length: %d", name_len); -+ report_addr(server->fd, MALFORMED); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ if (acl && outbound_block_match_host(host) == 1) { -+ if (verbose) -+ LOGI("outbound blocked %s", host); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ struct cork_ip ip; -+ if (cork_ip_init(&ip, host) != -1) { -+ info.ai_socktype = SOCK_STREAM; -+ info.ai_protocol = IPPROTO_TCP; -+ if (ip.version == 4) { -+ struct sockaddr_in *addr = (struct sockaddr_in *)&storage; -+ dns_pton(AF_INET, host, &(addr->sin_addr)); -+ addr->sin_port = *(uint16_t *)(server->buf->array + offset); -+ addr->sin_family = AF_INET; -+ info.ai_family = AF_INET; -+ info.ai_addrlen = sizeof(struct sockaddr_in); -+ info.ai_addr = (struct sockaddr *)addr; -+ } else if (ip.version == 6) { -+ struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage; -+ dns_pton(AF_INET6, host, &(addr->sin6_addr)); -+ addr->sin6_port = *(uint16_t *)(server->buf->array + offset); -+ addr->sin6_family = AF_INET6; -+ info.ai_family = AF_INET6; -+ info.ai_addrlen = sizeof(struct sockaddr_in6); -+ info.ai_addr = (struct sockaddr *)addr; -+ } -+ } else { -+ if (!validate_hostname(host, name_len)) { -+ LOGE("invalid host name"); -+ report_addr(server->fd, MALFORMED); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ need_query = 1; -+ } -+ } else if ((atyp & ADDRTYPE_MASK) == 4) { -+ // IP V6 -+ struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage; -+ size_t in6_addr_len = sizeof(struct in6_addr); -+ addr->sin6_family = AF_INET6; -+ if (server->buf->len >= in6_addr_len + 3) { -+ addr->sin6_addr = *(struct in6_addr *)(server->buf->array + offset); -+ dns_ntop(AF_INET6, (const void *)(server->buf->array + offset), -+ host, INET6_ADDRSTRLEN); -+ offset += in6_addr_len; -+ } else { -+ LOGE("invalid header with addr type %d", atyp); -+ report_addr(server->fd, MALFORMED); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ addr->sin6_port = *(uint16_t *)(server->buf->array + offset); -+ info.ai_family = AF_INET6; -+ info.ai_socktype = SOCK_STREAM; -+ info.ai_protocol = IPPROTO_TCP; -+ info.ai_addrlen = sizeof(struct sockaddr_in6); -+ info.ai_addr = (struct sockaddr *)addr; -+ } -+ -+ if (offset == 1) { -+ LOGE("invalid header with addr type %d", atyp); -+ report_addr(server->fd, MALFORMED); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ -+ port = (*(uint16_t *)(server->buf->array + offset)); -+ -+ offset += 2; -+ -+ if (server->auth) { -+ offset += ONETIMEAUTH_BYTES; -+ } -+ -+ if (server->buf->len < offset) { -+ report_addr(server->fd, MALFORMED); -+ close_and_free_server(EV_A_ server); -+ return; -+ } else { -+ server->buf->len -= offset; -+ memmove(server->buf->array, server->buf->array + offset, server->buf->len); -+ } -+ -+ if (verbose) { -+ if ((atyp & ADDRTYPE_MASK) == 4) -+ LOGI("connect to [%s]:%d", host, ntohs(port)); -+ else -+ LOGI("connect to %s:%d", host, ntohs(port)); -+ } -+ -+ if (server->auth && !ss_check_hash(server->buf, server->chunk, server->d_ctx, BUF_SIZE)) { -+ LOGE("hash error"); -+ report_addr(server->fd, BAD); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ -+ -+ if (!need_query) { -+ remote_t *remote = connect_to_remote(EV_A_ &info, server); -+ -+ if (remote == NULL) { -+ LOGE("connect error"); -+ close_and_free_server(EV_A_ server); -+ return; -+ } else { -+ server->remote = remote; -+ remote->server = server; -+ -+ // XXX: should handle buffer carefully -+ if (server->buf->len > 0) { -+ memcpy(remote->buf->array, server->buf->array, server->buf->len); -+ remote->buf->len = server->buf->len; -+ remote->buf->idx = 0; -+ server->buf->len = 0; -+ server->buf->idx = 0; -+ } -+ -+ // waiting on remote connected event -+ ev_io_stop(EV_A_ & server_recv_ctx->io); -+ ev_io_start(EV_A_ & remote->send_ctx->io); -+ } -+ } else { -+ query_t *query = (query_t *)ss_malloc(sizeof(query_t)); -+ query->server = server; -+ snprintf(query->hostname, 256, "%s", host); -+ -+ server->stage = STAGE_RESOLVE; -+ server->query = resolv_query(host, server_resolve_cb, -+ query_free_cb, query, port); -+ -+ ev_io_stop(EV_A_ & server_recv_ctx->io); -+ } -+ -+ return; -+ } -+ // should not reach here -+ FATAL("server context error"); -+} -+ -+static void -+server_send_cb(EV_P_ ev_io *w, int revents) -+{ -+ server_ctx_t *server_send_ctx = (server_ctx_t *)w; -+ server_t *server = server_send_ctx->server; -+ remote_t *remote = server->remote; -+ -+ if (remote == NULL) { -+ LOGE("invalid server"); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ -+ if (server->buf->len == 0) { -+ // close and free -+ if (verbose) { -+ LOGI("server_send close the connection"); -+ } -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } else { -+ // has data to send -+ ssize_t s = send(server->fd, server->buf->array + server->buf->idx, -+ server->buf->len, 0); -+ if (s == -1) { -+ if (errno != EAGAIN && errno != EWOULDBLOCK) { -+ ERROR("server_send_send"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ } -+ return; -+ } else if (s < server->buf->len) { -+ // partly sent, move memory, wait for the next time to send -+ server->buf->len -= s; -+ server->buf->idx += s; -+ return; -+ } else { -+ // all sent out, wait for reading -+ server->buf->len = 0; -+ server->buf->idx = 0; -+ ev_io_stop(EV_A_ & server_send_ctx->io); -+ if (remote != NULL) { -+ ev_io_start(EV_A_ & remote->recv_ctx->io); -+ return; -+ } else { -+ LOGE("invalid remote"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ } -+ } -+} -+ -+static void -+block_list_clear_cb(EV_P_ ev_timer *watcher, int revents) -+{ -+ clear_block_list(); -+} -+ -+static void -+server_timeout_cb(EV_P_ ev_timer *watcher, int revents) -+{ -+ server_ctx_t *server_ctx -+ = cork_container_of(watcher, server_ctx_t, watcher); -+ server_t *server = server_ctx->server; -+ remote_t *remote = server->remote; -+ -+ if (verbose) { -+ LOGI("TCP connection timeout"); -+ } -+ -+ if (server->stage < STAGE_PARSE) { -+ if (verbose) { -+ size_t len = server->stage ? -+ server->header_buf->len : server->buf->len; -+#ifdef __MINGW32__ -+ LOGI("incomplete header: %u", len); -+#else -+ LOGI("incomplete header: %zu", len); -+#endif -+ } -+ report_addr(server->fd, SUSPICIOUS); -+ } -+ -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+} -+ -+static void -+query_free_cb(void *data) -+{ -+ if (data != NULL) { -+ ss_free(data); -+ } -+} -+ -+static void -+server_resolve_cb(struct sockaddr *addr, void *data) -+{ -+ query_t *query = (query_t *)data; -+ server_t *server = query->server; -+ struct ev_loop *loop = server->listen_ctx->loop; -+ -+ server->query = NULL; -+ -+ if (addr == NULL) { -+ LOGE("unable to resolve %s", query->hostname); -+ close_and_free_server(EV_A_ server); -+ } else { -+ if (verbose) { -+ LOGI("successfully resolved %s", query->hostname); -+ } -+ -+ struct addrinfo info; -+ memset(&info, 0, sizeof(struct addrinfo)); -+ info.ai_socktype = SOCK_STREAM; -+ info.ai_protocol = IPPROTO_TCP; -+ info.ai_addr = addr; -+ -+ if (addr->sa_family == AF_INET) { -+ info.ai_family = AF_INET; -+ info.ai_addrlen = sizeof(struct sockaddr_in); -+ } else if (addr->sa_family == AF_INET6) { -+ info.ai_family = AF_INET6; -+ info.ai_addrlen = sizeof(struct sockaddr_in6); -+ } -+ -+ remote_t *remote = connect_to_remote(EV_A_ &info, server); -+ -+ if (remote == NULL) { -+ close_and_free_server(EV_A_ server); -+ } else { -+ server->remote = remote; -+ remote->server = server; -+ -+ // XXX: should handle buffer carefully -+ if (server->buf->len > 0) { -+ memcpy(remote->buf->array, server->buf->array + server->buf->idx, -+ server->buf->len); -+ remote->buf->len = server->buf->len; -+ remote->buf->idx = 0; -+ server->buf->len = 0; -+ server->buf->idx = 0; -+ } -+ -+ // listen to remote connected event -+ ev_io_start(EV_A_ & remote->send_ctx->io); -+ } -+ } -+} -+ -+static void -+remote_recv_cb(EV_P_ ev_io *w, int revents) -+{ -+ remote_ctx_t *remote_recv_ctx = (remote_ctx_t *)w; -+ remote_t *remote = remote_recv_ctx->remote; -+ server_t *server = remote->server; -+ -+ if (server == NULL) { -+ LOGE("invalid server"); -+ close_and_free_remote(EV_A_ remote); -+ return; -+ } -+ -+ ev_timer_again(EV_A_ & server->recv_ctx->watcher); -+ -+ ssize_t r = recv(remote->fd, server->buf->array, BUF_SIZE, 0); -+ -+ if (r == 0) { -+ // connection closed -+ if (verbose) { -+ LOGI("remote_recv close the connection"); -+ } -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } else if (r == -1) { -+ if (errno == EAGAIN || errno == EWOULDBLOCK) { -+ // no data -+ // continue to wait for recv -+ return; -+ } else { -+ ERROR("remote recv"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ } -+ -+ rx += r; -+ -+ server->buf->len = r; -+ -+ // SSR beg -+ server_info _server_info; -+ if (server->obfs_plugin) { -+ server->obfs_plugin->get_server_info(server->obfs, &_server_info); -+ _server_info.head_len = get_head_size(server->buf->array, server->buf->len, 30); -+ server->obfs_plugin->set_server_info(server->obfs, &_server_info); -+ } -+ -+ if (server->protocol_plugin && server->obfs_compatible_state == 0) { -+ obfs_class *protocol_plugin = server->protocol_plugin; -+ if (protocol_plugin->server_pre_encrypt) { -+ server->buf->len = protocol_plugin->server_pre_encrypt(server->protocol, &server->buf->array, server->buf->len, &server->buf->capacity); -+ } -+ } -+ -+ int err = ss_encrypt(server->buf, server->e_ctx, BUF_SIZE); -+ -+ if (err) { -+ LOGE("invalid password or cipher"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ -+ if (server->obfs_plugin && server->obfs_compatible_state == 0) { -+ obfs_class *obfs_plugin = server->obfs_plugin; -+ if (obfs_plugin->server_encode) { -+ server->buf->len = obfs_plugin->server_encode(server->obfs, &server->buf->array, server->buf->len, &server->buf->capacity); -+ } -+ } -+ // SSR end -+ -+ int s = send(server->fd, server->buf->array, server->buf->len, 0); -+ -+ if (s == -1) { -+ if (errno == EAGAIN || errno == EWOULDBLOCK) { -+ // no data, wait for send -+ server->buf->idx = 0; -+ ev_io_stop(EV_A_ & remote_recv_ctx->io); -+ ev_io_start(EV_A_ & server->send_ctx->io); -+ } else { -+ ERROR("remote_recv_send"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ } else if (s < server->buf->len) { -+ server->buf->len -= s; -+ server->buf->idx = s; -+ ev_io_stop(EV_A_ & remote_recv_ctx->io); -+ ev_io_start(EV_A_ & server->send_ctx->io); -+ } -+ -+ // Disable TCP_NODELAY after the first response are sent -+ if (!remote->recv_ctx->connected) { -+ int opt = 0; -+ setsockopt(server->fd, SOL_TCP, TCP_NODELAY, &opt, sizeof(opt)); -+ setsockopt(remote->fd, SOL_TCP, TCP_NODELAY, &opt, sizeof(opt)); -+ remote->recv_ctx->connected = 1; -+ } -+} -+ -+static void -+remote_send_cb(EV_P_ ev_io *w, int revents) -+{ -+ remote_ctx_t *remote_send_ctx = (remote_ctx_t *)w; -+ remote_t *remote = remote_send_ctx->remote; -+ server_t *server = remote->server; -+ -+ if (server == NULL) { -+ LOGE("invalid server"); -+ close_and_free_remote(EV_A_ remote); -+ return; -+ } -+ -+ if (!remote_send_ctx->connected) { -+ struct sockaddr_storage addr; -+ socklen_t len = sizeof(struct sockaddr_storage); -+ memset(&addr, 0, len); -+ int r = getpeername(remote->fd, (struct sockaddr *)&addr, &len); -+ if (r == 0) { -+ if (verbose) { -+ LOGI("remote connected"); -+ } -+ remote_send_ctx->connected = 1; -+ -+ // Clear the state of this address in the block list -+ reset_addr(server->fd); -+ -+ if (remote->buf->len == 0) { -+ server->stage = STAGE_STREAM; -+ ev_io_stop(EV_A_ & remote_send_ctx->io); -+ ev_io_start(EV_A_ & server->recv_ctx->io); -+ ev_io_start(EV_A_ & remote->recv_ctx->io); -+ return; -+ } -+ } else { -+ ERROR("getpeername"); -+ // not connected -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } -+ } -+ -+ if (remote->buf->len == 0) { -+ // close and free -+ if (verbose) { -+ LOGI("remote_send close the connection"); -+ } -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ return; -+ } else { -+ // has data to send -+ ssize_t s = send(remote->fd, remote->buf->array + remote->buf->idx, -+ remote->buf->len, 0); -+ if (s == -1) { -+ if (errno != EAGAIN && errno != EWOULDBLOCK) { -+ ERROR("remote_send_send"); -+ // close and free -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ } -+ return; -+ } else if (s < remote->buf->len) { -+ // partly sent, move memory, wait for the next time to send -+ remote->buf->len -= s; -+ remote->buf->idx += s; -+ return; -+ } else { -+ // all sent out, wait for reading -+ remote->buf->len = 0; -+ remote->buf->idx = 0; -+ ev_io_stop(EV_A_ & remote_send_ctx->io); -+ if (server != NULL) { -+ ev_io_start(EV_A_ & server->recv_ctx->io); -+ if (server->stage != STAGE_STREAM) { -+ server->stage = STAGE_STREAM; -+ ev_io_start(EV_A_ & remote->recv_ctx->io); -+ } -+ } else { -+ LOGE("invalid server"); -+ close_and_free_remote(EV_A_ remote); -+ close_and_free_server(EV_A_ server); -+ } -+ return; -+ } -+ } -+} -+ -+static remote_t * -+new_remote(int fd) -+{ -+ if (verbose) { -+ remote_conn++; -+ } -+ -+ remote_t *remote; -+ -+ remote = ss_malloc(sizeof(remote_t)); -+ remote->recv_ctx = ss_malloc(sizeof(remote_ctx_t)); -+ remote->send_ctx = ss_malloc(sizeof(remote_ctx_t)); -+ remote->buf = ss_malloc(sizeof(buffer_t)); -+ remote->fd = fd; -+ remote->recv_ctx->remote = remote; -+ remote->recv_ctx->connected = 0; -+ remote->send_ctx->remote = remote; -+ remote->send_ctx->connected = 0; -+ remote->server = NULL; -+ -+ ev_io_init(&remote->recv_ctx->io, remote_recv_cb, fd, EV_READ); -+ ev_io_init(&remote->send_ctx->io, remote_send_cb, fd, EV_WRITE); -+ -+ balloc(remote->buf, BUF_SIZE); -+ -+ return remote; -+} -+ -+static void -+free_remote(remote_t *remote) -+{ -+ if (remote->server != NULL) { -+ remote->server->remote = NULL; -+ } -+ if (remote->buf != NULL) { -+ bfree(remote->buf); -+ ss_free(remote->buf); -+ } -+ ss_free(remote->recv_ctx); -+ ss_free(remote->send_ctx); -+ ss_free(remote); -+} -+ -+static void -+close_and_free_remote(EV_P_ remote_t *remote) -+{ -+ if (remote != NULL) { -+ ev_io_stop(EV_A_ & remote->send_ctx->io); -+ ev_io_stop(EV_A_ & remote->recv_ctx->io); -+ close(remote->fd); -+ free_remote(remote); -+ if (verbose) { -+ remote_conn--; -+ LOGI("current remote connection: %d", remote_conn); -+ } -+ } -+} -+ -+static server_t * -+new_server(int fd, listen_ctx_t *listener) -+{ -+ if (verbose) { -+ server_conn++; -+ } -+ -+ server_t *server; -+ server = ss_malloc(sizeof(server_t)); -+ -+ memset(server, 0, sizeof(server_t)); -+ -+ server->recv_ctx = ss_malloc(sizeof(server_ctx_t)); -+ server->send_ctx = ss_malloc(sizeof(server_ctx_t)); -+ server->buf = ss_malloc(sizeof(buffer_t)); -+ server->header_buf = ss_malloc(sizeof(buffer_t)); -+ server->fd = fd; -+ server->recv_ctx->server = server; -+ server->recv_ctx->connected = 0; -+ server->send_ctx->server = server; -+ server->send_ctx->connected = 0; -+ server->stage = STAGE_INIT; -+ server->query = NULL; -+ server->listen_ctx = listener; -+ server->remote = NULL; -+ -+ if (listener->method) { -+ server->e_ctx = ss_malloc(sizeof(enc_ctx_t)); -+ server->d_ctx = ss_malloc(sizeof(enc_ctx_t)); -+ enc_ctx_init(listener->method, server->e_ctx, 1); -+ enc_ctx_init(listener->method, server->d_ctx, 0); -+ } else { -+ server->e_ctx = NULL; -+ server->d_ctx = NULL; -+ } -+ -+ int request_timeout = min(MAX_REQUEST_TIMEOUT, listener->timeout) -+ + rand() % MAX_REQUEST_TIMEOUT; -+ -+ ev_io_init(&server->recv_ctx->io, server_recv_cb, fd, EV_READ); -+ ev_io_init(&server->send_ctx->io, server_send_cb, fd, EV_WRITE); -+ ev_timer_init(&server->recv_ctx->watcher, server_timeout_cb, -+ request_timeout, listener->timeout); -+ -+ balloc(server->buf, BUF_SIZE); -+ balloc(server->header_buf, BUF_SIZE); -+ -+ server->chunk = (chunk_t *)malloc(sizeof(chunk_t)); -+ memset(server->chunk, 0, sizeof(chunk_t)); -+ server->chunk->buf = ss_malloc(sizeof(buffer_t)); -+ memset(server->chunk->buf, 0, sizeof(buffer_t)); -+ -+ cork_dllist_add(&connections, &server->entries); -+ -+ return server; -+} -+ -+static void -+free_server(server_t *server) -+{ -+ cork_dllist_remove(&server->entries); -+ -+ if (server->chunk != NULL) { -+ if (server->chunk->buf != NULL) { -+ bfree(server->chunk->buf); -+ ss_free(server->chunk->buf); -+ } -+ ss_free(server->chunk); -+ } -+ if (server->remote != NULL) { -+ server->remote->server = NULL; -+ } -+ if (server->e_ctx != NULL) { -+ cipher_context_release(&server->e_ctx->evp); -+ ss_free(server->e_ctx); -+ } -+ if (server->d_ctx != NULL) { -+ cipher_context_release(&server->d_ctx->evp); -+ ss_free(server->d_ctx); -+ } -+ if (server->buf != NULL) { -+ bfree(server->buf); -+ ss_free(server->buf); -+ } -+ if (server->header_buf != NULL) { -+ bfree(server->header_buf); -+ ss_free(server->header_buf); -+ } -+ -+ ss_free(server->recv_ctx); -+ ss_free(server->send_ctx); -+ ss_free(server); -+} -+ -+static void -+close_and_free_server(EV_P_ server_t *server) -+{ -+ if (server != NULL) { -+ if (server->query != NULL) { -+ resolv_cancel(server->query); -+ server->query = NULL; -+ } -+ ev_io_stop(EV_A_ & server->send_ctx->io); -+ ev_io_stop(EV_A_ & server->recv_ctx->io); -+ ev_timer_stop(EV_A_ & server->recv_ctx->watcher); -+ close(server->fd); -+ free_server(server); -+ if (verbose) { -+ server_conn--; -+ LOGI("current server connection: %d", server_conn); -+ } -+ } -+} -+ -+static void -+signal_cb(EV_P_ ev_signal *w, int revents) -+{ -+ if (revents & EV_SIGNAL) { -+ switch (w->signum) { -+ case SIGINT: -+ case SIGTERM: -+ ev_unloop(EV_A_ EVUNLOOP_ALL); -+ } -+ } -+} -+ -+static void -+accept_cb(EV_P_ ev_io *w, int revents) -+{ -+ listen_ctx_t *listener = (listen_ctx_t *)w; -+ int serverfd = accept(listener->fd, NULL, NULL); -+ if (serverfd == -1) { -+ ERROR("accept"); -+ return; -+ } -+ -+ char *peer_name = get_peer_name(serverfd); -+ if (peer_name != NULL) { -+ int in_white_list = 0; -+ if (acl) { -+ if ((get_acl_mode() == BLACK_LIST && acl_match_host(peer_name) == 1) -+ || (get_acl_mode() == WHITE_LIST && acl_match_host(peer_name) >= 0)) { -+ LOGE("Access denied from %s", peer_name); -+ close(serverfd); -+ return; -+ } else if (acl_match_host(peer_name) == -1) { -+ in_white_list = 1; -+ } -+ } -+ if (!in_white_list && check_block_list(peer_name)) { -+ LOGE("block all requests from %s", peer_name); -+#ifdef __linux__ -+ set_linger(serverfd); -+#endif -+ close(serverfd); -+ return; -+ } -+ } -+ -+ int opt = 1; -+ setsockopt(serverfd, SOL_TCP, TCP_NODELAY, &opt, sizeof(opt)); -+#ifdef SO_NOSIGPIPE -+ setsockopt(serverfd, SOL_SOCKET, SO_NOSIGPIPE, &opt, sizeof(opt)); -+#endif -+ setnonblocking(serverfd); -+ -+ if (verbose) { -+ LOGI("accept a connection"); -+ } -+ -+ server_t *server = new_server(serverfd, listener); -+ -+ // SSR beg -+ server->obfs_plugin = new_obfs_class(server->listen_ctx->obfs_name); -+ if (server->obfs_plugin) { -+ server->obfs = server->obfs_plugin->new_obfs(); -+ server->obfs_compatible_state = 0; -+ } -+ server->protocol_plugin = new_obfs_class(server->listen_ctx->protocol_name); -+ if (server->protocol_plugin) { -+ server->protocol = server->protocol_plugin->new_obfs(); -+ server->protocol_compatible_state = 0; -+ } -+ server_info _server_info; -+ memset(&_server_info, 0, sizeof(server_info)); -+ _server_info.param = server->listen_ctx->obfs_param; -+ if(server->obfs_plugin) -+ _server_info.g_data = server->obfs_plugin->init_data(); -+ _server_info.head_len = 7; -+ _server_info.iv = server->e_ctx->evp.iv; -+ _server_info.iv_len = enc_get_iv_len(); -+ _server_info.key = enc_get_key(); -+ _server_info.key_len = enc_get_key_len(); -+ _server_info.tcp_mss = 1460; -+ -+ if (server->obfs_plugin) -+ server->obfs_plugin->set_server_info(server->obfs, &_server_info); -+ -+ _server_info.param = server->listen_ctx->protocol_param; -+ if (server->protocol_plugin) -+ _server_info.g_data = server->protocol_plugin->init_data(); -+ -+ if (server->protocol_plugin) -+ server->protocol_plugin->set_server_info(server->protocol, &_server_info); -+ // SSR end -+ -+ ev_io_start(EV_A_ & server->recv_ctx->io); -+ ev_timer_start(EV_A_ & server->recv_ctx->watcher); -+} -+ -+int -+main(int argc, char **argv) -+{ -+ int i, c; -+ int pid_flags = 0; -+ int mptcp = 0; -+ int firewall = 0; -+ int mtu = 0; -+ char *user = NULL; -+ char *password = NULL; -+ char *timeout = NULL; -+ char *protocol = NULL; // SSR -+ char *protocol_param = NULL; // SSR -+ char *method = NULL; -+ char *obfs = NULL; // SSR -+ char *obfs_param = NULL; // SSR -+ char *pid_path = NULL; -+ char *conf_path = NULL; -+ char *iface = NULL; -+ -+ int server_num = 0; -+ const char *server_host[MAX_REMOTE_NUM]; -+ -+ char *nameservers[MAX_DNS_NUM + 1]; -+ int nameserver_num = 0; -+ -+ int option_index = 0; -+ static struct option long_options[] = { -+ { "fast-open", no_argument, 0, 0 }, -+ { "acl", required_argument, 0, 0 }, -+ { "manager-address", required_argument, 0, 0 }, -+ { "mtu", required_argument, 0, 0 }, -+ { "help", no_argument, 0, 0 }, -+#ifdef __linux__ -+ { "mptcp", no_argument, 0, 0 }, -+ { "firewall", no_argument, 0, 0 }, -+#endif -+ { 0, 0, 0, 0 } -+ }; -+ -+ opterr = 0; -+ -+ USE_TTY(); -+ -+ while ((c = getopt_long(argc, argv, "f:s:p:l:k:t:m:b:c:i:d:a:n:O:o:G:g:huUvA6", -+ long_options, &option_index)) != -1) { -+ switch (c) { -+ case 0: -+ if (option_index == 0) { -+ fast_open = 1; -+ } else if (option_index == 1) { -+ LOGI("initializing acl..."); -+ acl = !init_acl(optarg); -+ } else if (option_index == 2) { -+ manager_address = optarg; -+ } else if (option_index == 3) { -+ mtu = atoi(optarg); -+ LOGI("set MTU to %d", mtu); -+ } else if (option_index == 4) { -+ usage(); -+ exit(EXIT_SUCCESS); -+ } else if (option_index == 5) { -+ mptcp = 1; -+ LOGI("enable multipath TCP"); -+ } else if (option_index == 6) { -+ firewall = 1; -+ LOGI("enable firewall rules"); -+ } -+ break; -+ case 's': -+ if (server_num < MAX_REMOTE_NUM) { -+ server_host[server_num++] = optarg; -+ } -+ break; -+ case 'b': -+ bind_address = optarg; -+ break; -+ case 'p': -+ server_port = optarg; -+ break; -+ case 'k': -+ password = optarg; -+ break; -+ case 'f': -+ pid_flags = 1; -+ pid_path = optarg; -+ break; -+ case 't': -+ timeout = optarg; -+ break; -+ // SSR beg -+ case 'O': -+ protocol = optarg; -+ break; -+ case 'm': -+ method = optarg; -+ break; -+ case 'o': -+ obfs = optarg; -+ break; -+ case 'G': -+ protocol_param = optarg; -+ break; -+ case 'g': -+ obfs_param = optarg; -+ break; -+ // SSR end -+ case 'c': -+ conf_path = optarg; -+ break; -+ case 'i': -+ iface = optarg; -+ break; -+ case 'd': -+ if (nameserver_num < MAX_DNS_NUM) { -+ nameservers[nameserver_num++] = optarg; -+ } -+ break; -+ case 'a': -+ user = optarg; -+ break; -+#ifdef HAVE_SETRLIMIT -+ case 'n': -+ nofile = atoi(optarg); -+ break; -+#endif -+ case 'u': -+ mode = TCP_AND_UDP; -+ break; -+ case 'U': -+ mode = UDP_ONLY; -+ break; -+ case 'v': -+ verbose = 1; -+ break; -+ case 'h': -+ usage(); -+ exit(EXIT_SUCCESS); -+ case 'A': -+ auth = 1; -+ break; -+ case '6': -+ ipv6first = 1; -+ break; -+ case '?': -+ // The option character is not recognized. -+ LOGE("Unrecognized option: %s", optarg); -+ opterr = 1; -+ break; -+ } -+ } -+ -+ if (opterr) { -+ usage(); -+ exit(EXIT_FAILURE); -+ } -+ -+ if (argc == 1) { -+ if (conf_path == NULL) { -+ conf_path = DEFAULT_CONF_PATH; -+ } -+ } -+ -+ if (conf_path != NULL) { -+ jconf_t *conf = read_jconf(conf_path); -+ if (server_num == 0) { -+ server_num = conf->remote_num; -+ for (i = 0; i < server_num; i++) -+ server_host[i] = conf->remote_addr[i].host; -+ } -+ if (server_port == NULL) { -+ server_port = conf->remote_port; -+ } -+ if (password == NULL) { -+ password = conf->password; -+ } -+ // SSR beg -+ if (protocol == NULL) { -+ protocol = conf->protocol; -+ LOGI("protocol %s", protocol); -+ } -+ if (protocol_param == NULL) { -+ protocol_param = conf->protocol_param; -+ LOGI("protocol_param %s", obfs_param); -+ } -+ if (method == NULL) { -+ method = conf->method; -+ LOGI("method %s", method); -+ } -+ if (obfs == NULL) { -+ obfs = conf->obfs; -+ LOGI("obfs %s", obfs); -+ } -+ if (obfs_param == NULL) { -+ obfs_param = conf->obfs_param; -+ LOGI("obfs_param %s", obfs_param); -+ } -+ // SSR end -+ if (timeout == NULL) { -+ timeout = conf->timeout; -+ } -+ if (user == NULL) { -+ user = conf->user; -+ } -+ if (auth == 0) { -+ auth = conf->auth; -+ } -+ if (mode == TCP_ONLY) { -+ mode = conf->mode; -+ } -+ if (mtu == 0) { -+ mtu = conf->mtu; -+ } -+ if (mptcp == 0) { -+ mptcp = conf->mptcp; -+ } -+#ifdef TCP_FASTOPEN -+ if (fast_open == 0) { -+ fast_open = conf->fast_open; -+ } -+#endif -+#ifdef HAVE_SETRLIMIT -+ if (nofile == 0) { -+ nofile = conf->nofile; -+ } -+#endif -+ if (conf->nameserver != NULL) { -+ nameservers[nameserver_num++] = conf->nameserver; -+ } -+ if (ipv6first == 0) { -+ ipv6first = conf->ipv6_first; -+ } -+ } -+ -+ //_compatible -+ if(strlen(protocol)>11) -+ { -+ char *text; -+ text = (char*)malloc(12); -+ memcpy(text, protocol + strlen(protocol) - 11, 12); -+ -+ if(strcmp(text, "_compatible") == 0) -+ { -+ free(text); -+ text = (char*)malloc(strlen(protocol) - 11); -+ memcpy(text, protocol, strlen(protocol) - 11); -+ int length = strlen(protocol) - 11; -+ free(protocol); -+ obfs = (char*)malloc(length); -+ memset(protocol, 0x00, length); -+ memcpy(protocol, text, length); -+ LOGI("protocol compatible enable, %s", protocol); -+ free(text); -+ protocol_compatible = 1; -+ } -+ } -+ -+ if(strlen(obfs)>11) -+ { -+ char *text; -+ text = (char*)malloc(12); -+ memcpy(text, obfs + strlen(obfs) - 11, 12); -+ -+ if(strcmp(text, "_compatible") == 0) -+ { -+ free(text); -+ text = (char*)malloc(strlen(obfs) - 11); -+ memcpy(text, obfs, strlen(obfs) - 11); -+ int length = strlen(obfs) - 11; -+ free(obfs); -+ obfs = (char*)malloc(length); -+ memset(obfs, 0x00, length); -+ memcpy(obfs, text, length); -+ LOGI("obfs compatible enable, %s", obfs); -+ free(text); -+ obfs_compatible = 1; -+ } -+ } -+ -+ -+ if (server_num == 0) { -+ server_host[server_num++] = NULL; -+ } -+ -+ if (server_num == 0 || server_port == NULL || password == NULL) { -+ usage(); -+ exit(EXIT_FAILURE); -+ } -+ -+ if (protocol && strcmp(protocol, "verify_sha1") == 0) { -+ auth = 1; -+ protocol = NULL; -+ } -+ -+ if (method == NULL) { -+ method = "rc4-md5"; -+ } -+ -+ if (timeout == NULL) { -+ timeout = "60"; -+ } -+ -+#ifdef HAVE_SETRLIMIT -+ /* -+ * no need to check the return value here since we will show -+ * the user an error message if setrlimit(2) fails -+ */ -+ if (nofile > 1024) { -+ if (verbose) { -+ LOGI("setting NOFILE to %d", nofile); -+ } -+ set_nofile(nofile); -+ } -+#endif -+ -+ if (pid_flags) { -+ USE_SYSLOG(argv[0]); -+ daemonize(pid_path); -+ } -+ -+ if (ipv6first) { -+ LOGI("resolving hostname to IPv6 address first"); -+ } -+ -+ if (fast_open == 1) { -+#ifdef TCP_FASTOPEN -+ LOGI("using tcp fast open"); -+#else -+ LOGE("tcp fast open is not supported by this environment"); -+ fast_open = 0; -+#endif -+ } -+ -+ if (auth) { -+ LOGI("onetime authentication enabled"); -+ } -+ -+ if (mode != TCP_ONLY) { -+ LOGI("UDP relay enabled"); -+ } -+ -+ if (mode == UDP_ONLY) { -+ LOGI("TCP relay disabled"); -+ } -+ -+#ifdef __MINGW32__ -+ winsock_init(); -+#else -+ // ignore SIGPIPE -+ signal(SIGPIPE, SIG_IGN); -+ signal(SIGCHLD, SIG_IGN); -+ signal(SIGABRT, SIG_IGN); -+#endif -+ -+ struct ev_signal sigint_watcher; -+ struct ev_signal sigterm_watcher; -+ ev_signal_init(&sigint_watcher, signal_cb, SIGINT); -+ ev_signal_init(&sigterm_watcher, signal_cb, SIGTERM); -+ ev_signal_start(EV_DEFAULT, &sigint_watcher); -+ ev_signal_start(EV_DEFAULT, &sigterm_watcher); -+ -+ // setup keys -+ LOGI("initializing ciphers... %s", method); -+ int m = enc_init(password, method); -+ -+ // initialize ev loop -+ struct ev_loop *loop = EV_DEFAULT; -+ -+ // setup udns -+ if (nameserver_num == 0) { -+#ifdef __MINGW32__ -+ nameservers[nameserver_num++] = "8.8.8.8"; -+ resolv_init(loop, nameservers, nameserver_num, ipv6first); -+#else -+ resolv_init(loop, NULL, 0, ipv6first); -+#endif -+ } else { -+ resolv_init(loop, nameservers, nameserver_num, ipv6first); -+ } -+ -+ for (int i = 0; i < nameserver_num; i++) -+ LOGI("using nameserver: %s", nameservers[i]); -+ -+ // initialize listen context -+ listen_ctx_t listen_ctx_list[server_num]; -+ -+ // bind to each interface -+ while (server_num > 0) { -+ int index = --server_num; -+ const char *host = server_host[index]; -+ -+ if (mode != UDP_ONLY) { -+ // Bind to port -+ int listenfd; -+ listenfd = create_and_bind(host, server_port, mptcp); -+ if (listenfd == -1) { -+ FATAL("bind() error"); -+ } -+ if (listen(listenfd, SSMAXCONN) == -1) { -+ FATAL("listen() error"); -+ } -+ setfastopen(listenfd); -+ setnonblocking(listenfd); -+ listen_ctx_t *listen_ctx = &listen_ctx_list[index]; -+ -+ // Setup proxy context -+ listen_ctx->timeout = atoi(timeout); -+ listen_ctx->fd = listenfd; -+ listen_ctx->method = m; -+ listen_ctx->iface = iface; -+ -+ // SSR beg -+ listen_ctx->protocol_name = protocol; -+ listen_ctx->protocol_param = protocol_param; -+ listen_ctx->method = m; -+ listen_ctx->obfs_name = obfs; -+ listen_ctx->obfs_param = obfs_param; -+ listen_ctx->list_protocol_global = malloc(sizeof(void *)); -+ listen_ctx->list_obfs_global = malloc(sizeof(void *)); -+ memset(listen_ctx->list_protocol_global, 0, sizeof(void *)); -+ memset(listen_ctx->list_obfs_global, 0, sizeof(void *)); -+ // SSR end -+ -+ listen_ctx->loop = loop; -+ -+ ev_io_init(&listen_ctx->io, accept_cb, listenfd, EV_READ); -+ ev_io_start(loop, &listen_ctx->io); -+ } -+ -+ // Setup UDP -+ if (mode != TCP_ONLY) { -+ init_udprelay(server_host[index], server_port, mtu, m, -+ auth, atoi(timeout), iface, protocol, protocol_param); -+ } -+ -+ if (host && strcmp(host, ":") > 0) -+ LOGI("listening at [%s]:%s", host, server_port); -+ else -+ LOGI("listening at %s:%s", host ? host : "*", server_port); -+ } -+ -+ if (manager_address != NULL) { -+ ev_timer_init(&stat_update_watcher, stat_update_cb, UPDATE_INTERVAL, UPDATE_INTERVAL); -+ ev_timer_start(EV_DEFAULT, &stat_update_watcher); -+ } -+ -+ ev_timer_init(&block_list_watcher, block_list_clear_cb, UPDATE_INTERVAL, UPDATE_INTERVAL); -+ ev_timer_start(EV_DEFAULT, &block_list_watcher); -+ -+ // setuid -+ if (user != NULL && ! run_as(user)) { -+ FATAL("failed to switch user"); -+ } -+ -+#ifndef __MINGW32__ -+ if (geteuid() == 0){ -+ LOGI("running from root user"); -+ } else if (firewall) { -+ LOGE("firewall setup requires running from root user"); -+ exit(-1); -+ } -+#endif -+ -+ // init block list -+ init_block_list(firewall); -+ -+ // Init connections -+ cork_dllist_init(&connections); -+ -+ // start ev loop -+ ev_run(loop, 0); -+ -+ if (verbose) { -+ LOGI("closed gracefully"); -+ } -+ -+ // Free block list -+ free_block_list(); -+ -+ if (manager_address != NULL) { -+ ev_timer_stop(EV_DEFAULT, &stat_update_watcher); -+ } -+ ev_timer_stop(EV_DEFAULT, &block_list_watcher); -+ -+ // Clean up -+ for (int i = 0; i <= server_num; i++) { -+ listen_ctx_t *listen_ctx = &listen_ctx_list[i]; -+ if (mode != UDP_ONLY) { -+ ev_io_stop(loop, &listen_ctx->io); -+ close(listen_ctx->fd); -+ } -+ } -+ -+ if (mode != UDP_ONLY) { -+ free_connections(loop); -+ } -+ -+ if (mode != TCP_ONLY) { -+ free_udprelay(); -+ } -+ -+ resolv_shutdown(loop); -+ -+#ifdef __MINGW32__ -+ winsock_cleanup(); -+#endif -+ -+ ev_signal_stop(EV_DEFAULT, &sigint_watcher); -+ ev_signal_stop(EV_DEFAULT, &sigterm_watcher); -+ -+ return 0; -+} -diff --git a/server/server.h b/server/server.h -new file mode 100644 -index 0000000..4cd3cf6 ---- /dev/null -+++ b/server/server.h -@@ -0,0 +1,115 @@ -+/* -+ * server.h - Define shadowsocks server's buffers and callbacks -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifndef _SERVER_H -+#define _SERVER_H -+ -+#include -+#include -+#include -+ -+#include "encrypt.h" -+#include "jconf.h" -+#include "resolv.h" -+#include "obfs.h" -+#include "protocol.h" -+ -+#include "common.h" -+ -+typedef struct listen_ctx { -+ ev_io io; -+ int fd; -+ int timeout; -+ int method; -+ char *iface; -+ struct ev_loop *loop; -+ -+ // SSR -+ char *protocol_name; -+ char *protocol_param; -+ char *obfs_name; -+ char *obfs_param; -+ void **list_protocol_global; -+ void **list_obfs_global; -+} listen_ctx_t; -+ -+typedef struct server_ctx { -+ ev_io io; -+ ev_timer watcher; -+ int connected; -+ struct server *server; -+} server_ctx_t; -+ -+typedef struct server { -+ int fd; -+ int stage; -+ buffer_t *buf; -+ ssize_t buf_capacity; -+ buffer_t *header_buf; -+ -+ int auth; -+ struct chunk *chunk; -+ -+ struct enc_ctx *e_ctx; -+ struct enc_ctx *d_ctx; -+ struct server_ctx *recv_ctx; -+ struct server_ctx *send_ctx; -+ struct listen_ctx *listen_ctx; -+ struct remote *remote; -+ -+ struct ResolvQuery *query; -+ -+ struct cork_dllist_item entries; -+ -+ // SSR -+ obfs *protocol; -+ obfs *obfs; -+ obfs_class *protocol_plugin; -+ obfs_class *obfs_plugin; -+ int obfs_compatible_state; -+ int protocol_compatible_state; -+} server_t; -+ -+typedef struct query { -+ server_t *server; -+ char hostname[257]; -+} query_t; -+ -+typedef struct remote_ctx { -+ ev_io io; -+ int connected; -+ struct remote *remote; -+} remote_ctx_t; -+ -+typedef struct remote { -+ int fd; -+ buffer_t *buf; -+ ssize_t buf_capacity; -+ struct remote_ctx *recv_ctx; -+ struct remote_ctx *send_ctx; -+ struct server *server; -+ -+ // SSR -+ int remote_index; -+} remote_t; -+ -+#endif // _SERVER_H -diff --git a/server/tls.c b/server/tls.c -new file mode 100644 -index 0000000..5c42216 ---- /dev/null -+++ b/server/tls.c -@@ -0,0 +1,263 @@ -+/* -+ * Copyright (c) 2011 and 2012, Dustin Lundquist -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+/* -+ * This is a minimal TLS implementation intended only to parse the server name -+ * extension. This was created based primarily on Wireshark dissection of a -+ * TLS handshake and RFC4366. -+ */ -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+#include /* malloc() */ -+#include /* strncpy() */ -+ -+#ifndef __MINGW32__ -+#include -+#else -+#include -+#endif -+ -+#include "tls.h" -+#include "protocol.h" -+#include "utils.h" -+ -+#define SERVER_NAME_LEN 256 -+#define TLS_HEADER_LEN 5 -+#define TLS_HANDSHAKE_CONTENT_TYPE 0x16 -+#define TLS_HANDSHAKE_TYPE_CLIENT_HELLO 0x01 -+ -+#ifndef MIN -+#define MIN(X, Y) ((X) < (Y) ? (X) : (Y)) -+#endif -+ -+extern int verbose; -+ -+static int parse_tls_header(const char *, size_t, char **); -+static int parse_extensions(const char *, size_t, char **); -+static int parse_server_name_extension(const char *, size_t, char **); -+ -+static const protocol_t tls_protocol_st = { -+ .default_port = 443, -+ .parse_packet = &parse_tls_header, -+}; -+const protocol_t *const tls_protocol = &tls_protocol_st; -+ -+/* Parse a TLS packet for the Server Name Indication extension in the client -+ * hello handshake, returning the first servername found (pointer to static -+ * array) -+ * -+ * Returns: -+ * >=0 - length of the hostname and updates *hostname -+ * caller is responsible for freeing *hostname -+ * -1 - Incomplete request -+ * -2 - No Host header included in this request -+ * -3 - Invalid hostname pointer -+ * -4 - malloc failure -+ * < -4 - Invalid TLS client hello -+ */ -+static int -+parse_tls_header(const char *data, size_t data_len, char **hostname) -+{ -+ char tls_content_type; -+ char tls_version_major; -+ char tls_version_minor; -+ size_t pos = TLS_HEADER_LEN; -+ size_t len; -+ -+ if (hostname == NULL) -+ return -3; -+ -+ /* Check that our TCP payload is at least large enough for a TLS header */ -+ if (data_len < TLS_HEADER_LEN) -+ return -1; -+ -+ /* SSL 2.0 compatible Client Hello -+ * -+ * High bit of first byte (length) and content type is Client Hello -+ * -+ * See RFC5246 Appendix E.2 -+ */ -+ if (data[0] & 0x80 && data[2] == 1) { -+ if (verbose) -+ LOGI("Received SSL 2.0 Client Hello which can not support SNI."); -+ return -2; -+ } -+ -+ tls_content_type = data[0]; -+ if (tls_content_type != TLS_HANDSHAKE_CONTENT_TYPE) { -+ if (verbose) -+ LOGI("Request did not begin with TLS handshake."); -+ return -5; -+ } -+ -+ tls_version_major = data[1]; -+ tls_version_minor = data[2]; -+ if (tls_version_major < 3) { -+ if (verbose) -+ LOGI("Received SSL %d.%d handshake which can not support SNI.", -+ tls_version_major, tls_version_minor); -+ -+ return -2; -+ } -+ -+ /* TLS record length */ -+ len = ((unsigned char)data[3] << 8) + -+ (unsigned char)data[4] + TLS_HEADER_LEN; -+ data_len = MIN(data_len, len); -+ -+ /* Check we received entire TLS record length */ -+ if (data_len < len) -+ return -1; -+ -+ /* -+ * Handshake -+ */ -+ if (pos + 1 > data_len) { -+ return -5; -+ } -+ if (data[pos] != TLS_HANDSHAKE_TYPE_CLIENT_HELLO) { -+ if (verbose) -+ LOGI("Not a client hello"); -+ -+ return -5; -+ } -+ -+ /* Skip past fixed length records: -+ * 1 Handshake Type -+ * 3 Length -+ * 2 Version (again) -+ * 32 Random -+ * to Session ID Length -+ */ -+ pos += 38; -+ -+ /* Session ID */ -+ if (pos + 1 > data_len) -+ return -5; -+ len = (unsigned char)data[pos]; -+ pos += 1 + len; -+ -+ /* Cipher Suites */ -+ if (pos + 2 > data_len) -+ return -5; -+ len = ((unsigned char)data[pos] << 8) + (unsigned char)data[pos + 1]; -+ pos += 2 + len; -+ -+ /* Compression Methods */ -+ if (pos + 1 > data_len) -+ return -5; -+ len = (unsigned char)data[pos]; -+ pos += 1 + len; -+ -+ if (pos == data_len && tls_version_major == 3 && tls_version_minor == 0) { -+ if (verbose) -+ LOGI("Received SSL 3.0 handshake without extensions"); -+ return -2; -+ } -+ -+ /* Extensions */ -+ if (pos + 2 > data_len) -+ return -5; -+ len = ((unsigned char)data[pos] << 8) + (unsigned char)data[pos + 1]; -+ pos += 2; -+ -+ if (pos + len > data_len) -+ return -5; -+ return parse_extensions(data + pos, len, hostname); -+} -+ -+static int -+parse_extensions(const char *data, size_t data_len, char **hostname) -+{ -+ size_t pos = 0; -+ size_t len; -+ -+ /* Parse each 4 bytes for the extension header */ -+ while (pos + 4 <= data_len) { -+ /* Extension Length */ -+ len = ((unsigned char)data[pos + 2] << 8) + -+ (unsigned char)data[pos + 3]; -+ -+ /* Check if it's a server name extension */ -+ if (data[pos] == 0x00 && data[pos + 1] == 0x00) { -+ /* There can be only one extension of each type, so we break -+ * our state and move p to beinnging of the extension here */ -+ if (pos + 4 + len > data_len) -+ return -5; -+ return parse_server_name_extension(data + pos + 4, len, hostname); -+ } -+ pos += 4 + len; /* Advance to the next extension header */ -+ } -+ /* Check we ended where we expected to */ -+ if (pos != data_len) -+ return -5; -+ -+ return -2; -+} -+ -+static int -+parse_server_name_extension(const char *data, size_t data_len, -+ char **hostname) -+{ -+ size_t pos = 2; /* skip server name list length */ -+ size_t len; -+ -+ while (pos + 3 < data_len) { -+ len = ((unsigned char)data[pos + 1] << 8) + -+ (unsigned char)data[pos + 2]; -+ -+ if (pos + 3 + len > data_len) -+ return -5; -+ -+ switch (data[pos]) { /* name type */ -+ case 0x00: /* host_name */ -+ *hostname = malloc(len + 1); -+ if (*hostname == NULL) { -+ ERROR("malloc() failure"); -+ return -4; -+ } -+ -+ strncpy(*hostname, data + pos + 3, len); -+ -+ (*hostname)[len] = '\0'; -+ -+ return len; -+ default: -+ if (verbose) -+ LOGI("Unknown server name extension name type: %d", -+ data[pos]); -+ } -+ pos += 3 + len; -+ } -+ /* Check we ended where we expected to */ -+ if (pos != data_len) -+ return -5; -+ -+ return -2; -+} -diff --git a/server/tls.h b/server/tls.h -new file mode 100644 -index 0000000..3998913 ---- /dev/null -+++ b/server/tls.h -@@ -0,0 +1,33 @@ -+/* -+ * Copyright (c) 2011 and 2012, Dustin Lundquist -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright notice, -+ * this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -+ * POSSIBILITY OF SUCH DAMAGE. -+ */ -+#ifndef TLS_H -+#define TLS_H -+ -+#include "protocol.h" -+ -+const protocol_t *const tls_protocol; -+ -+#endif -diff --git a/server/tls1.2_ticket.c b/server/tls1.2_ticket.c -new file mode 100644 -index 0000000..88970c0 ---- /dev/null -+++ b/server/tls1.2_ticket.c -@@ -0,0 +1,609 @@ -+ -+#include "tls1.2_ticket.h" -+#include "list.c" -+ -+typedef struct tls12_ticket_auth_global_data { -+ uint8_t local_client_id[32]; -+ List client_data; -+ time_t startup_time; -+}tls12_ticket_auth_global_data; -+ -+typedef struct tls12_ticket_auth_local_data { -+ int handshake_status; -+ char *send_buffer; -+ int send_buffer_size; -+ char *recv_buffer; -+ int recv_buffer_size; -+}tls12_ticket_auth_local_data; -+ -+void tls12_ticket_auth_local_data_init(tls12_ticket_auth_local_data* local) { -+ local->handshake_status = 0; -+ local->send_buffer = malloc(0); -+ local->send_buffer_size = 0; -+ local->recv_buffer = malloc(0); -+ local->recv_buffer_size = 0; -+} -+ -+void * tls12_ticket_auth_init_data() { -+ tls12_ticket_auth_global_data *global = (tls12_ticket_auth_global_data*)malloc(sizeof(tls12_ticket_auth_global_data)); -+ rand_bytes(global->local_client_id, 32); -+ global->client_data = list_init(22); -+ global->startup_time = time(NULL); -+ return global; -+} -+ -+obfs * tls12_ticket_auth_new_obfs() { -+ obfs * self = new_obfs(); -+ self->l_data = malloc(sizeof(tls12_ticket_auth_local_data)); -+ tls12_ticket_auth_local_data_init((tls12_ticket_auth_local_data*)self->l_data); -+ return self; -+} -+ -+void tls12_ticket_auth_dispose(obfs *self) { -+ tls12_ticket_auth_local_data *local = (tls12_ticket_auth_local_data*)self->l_data; -+ if (local->send_buffer != NULL) { -+ free(local->send_buffer); -+ local->send_buffer = NULL; -+ } -+ if (local->recv_buffer != NULL) { -+ free(local->recv_buffer); -+ local->recv_buffer = NULL; -+ } -+ free(local); -+ dispose_obfs(self); -+} -+ -+int tls12_ticket_pack_auth_data(tls12_ticket_auth_global_data *global, server_info *server, char *outdata) { -+ int out_size = 32; -+ time_t t = time(NULL); -+ outdata[0] = t >> 24; -+ outdata[1] = t >> 16; -+ outdata[2] = t >> 8; -+ outdata[3] = t; -+ rand_bytes((uint8_t*)outdata + 4, 18); -+ -+ uint8_t *key = (uint8_t*)malloc(server->key_len + 32); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ memcpy(key, server->key, server->key_len); -+ memcpy(key + server->key_len, global->local_client_id, 32); -+ ss_sha1_hmac_with_key(hash, outdata, out_size - OBFS_HMAC_SHA1_LEN, key, server->key_len + 32); -+ free(key); -+ memcpy(outdata + out_size - OBFS_HMAC_SHA1_LEN, hash, OBFS_HMAC_SHA1_LEN); -+ return out_size; -+} -+ -+void tls12_ticket_auth_pack_data(char *encryptdata, int datalength, int start, int len, char *out_buffer, int outlength) { -+ out_buffer[outlength] = 0x17; -+ out_buffer[outlength + 1] = 0x3; -+ out_buffer[outlength + 2] = 0x3; -+ out_buffer[outlength + 3] = len >> 8; -+ out_buffer[outlength + 4] = len; -+ memcpy(out_buffer + outlength + 5, encryptdata + start, len); -+} -+ -+int tls12_ticket_auth_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity) { -+ char *encryptdata = *pencryptdata; -+ tls12_ticket_auth_local_data *local = (tls12_ticket_auth_local_data*)self->l_data; -+ tls12_ticket_auth_global_data *global = (tls12_ticket_auth_global_data*)self->server.g_data; -+ char * out_buffer = NULL; -+ -+ if (local->handshake_status == 8) { -+ if (datalength < 1024) { -+ if (*capacity < datalength + 5) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = (datalength + 5) * 2); -+ encryptdata = *pencryptdata; -+ } -+ memmove(encryptdata + 5, encryptdata, datalength); -+ encryptdata[0] = 0x17; -+ encryptdata[1] = 0x3; -+ encryptdata[2] = 0x3; -+ encryptdata[3] = datalength >> 8; -+ encryptdata[4] = datalength; -+ return datalength + 5; -+ } else { -+ out_buffer = (char*)malloc(datalength + 2048); -+ int start = 0; -+ int outlength = 0; -+ int len; -+ while (datalength - start > 2048) { -+ len = xorshift128plus() % 4096 + 100; -+ if (len > datalength - start) -+ len = datalength - start; -+ tls12_ticket_auth_pack_data(encryptdata, datalength, start, len, out_buffer, outlength); -+ outlength += len + 5; -+ start += len; -+ } -+ if (datalength - start > 0) { -+ len = datalength - start; -+ tls12_ticket_auth_pack_data(encryptdata, datalength, start, len, out_buffer, outlength); -+ outlength += len + 5; -+ } -+ if (*capacity < outlength) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = outlength * 2); -+ encryptdata = *pencryptdata; -+ } -+ memcpy(encryptdata, out_buffer, outlength); -+ free(out_buffer); -+ return outlength; -+ } -+ } -+ local->send_buffer = (char*)realloc(local->send_buffer, local->send_buffer_size + datalength + 5); -+ memcpy(local->send_buffer + local->send_buffer_size + 5, encryptdata, datalength); -+ local->send_buffer[local->send_buffer_size] = 0x17; -+ local->send_buffer[local->send_buffer_size + 1] = 0x3; -+ local->send_buffer[local->send_buffer_size + 2] = 0x3; -+ local->send_buffer[local->send_buffer_size + 3] = datalength >> 8; -+ local->send_buffer[local->send_buffer_size + 4] = datalength; -+ local->send_buffer_size += datalength + 5; -+ -+ if (local->handshake_status == 0) { -+#define CSTR_DECL(name, len, str) const char* name = str; const int len = sizeof(str) - 1; -+ CSTR_DECL(tls_data0, tls_data0_len, "\x00\x1c\xc0\x2b\xc0\x2f\xcc\xa9\xcc\xa8\xcc\x14\xcc\x13\xc0\x0a\xc0\x14\xc0\x09\xc0\x13\x00\x9c\x00\x35\x00\x2f\x00\x0a\x01\x00" -+ ); -+ CSTR_DECL(tls_data1, tls_data1_len, "\xff\x01\x00\x01\x00" -+ ); -+ CSTR_DECL(tls_data2, tls_data2_len, "\x00\x17\x00\x00\x00\x23\x00\xd0"); -+ CSTR_DECL(tls_data3, tls_data3_len, "\x00\x0d\x00\x16\x00\x14\x06\x01\x06\x03\x05\x01\x05\x03\x04\x01\x04\x03\x03\x01\x03\x03\x02\x01\x02\x03\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00\x12\x00\x00\x75\x50\x00\x00\x00\x0b\x00\x02\x01\x00\x00\x0a\x00\x06\x00\x04\x00\x17\x00\x18" -+ //"00150066000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" // padding -+ ); -+ uint8_t tls_data[2048]; -+ int tls_data_len = 0; -+ memcpy(tls_data, tls_data1, tls_data1_len); -+ tls_data_len += tls_data1_len; -+ -+ char hosts[1024]; -+ char * phost[128]; -+ int host_num = 0; -+ int pos; -+ -+ char sni[256] = {0}; -+ if (self->server.param && strlen(self->server.param) == 0) -+ self->server.param = NULL; -+ strncpy(hosts, self->server.param ? self->server.param : self->server.host, sizeof hosts); -+ phost[host_num++] = hosts; -+ for (pos = 0; hosts[pos]; ++pos) { -+ if (hosts[pos] == ',') { -+ phost[host_num++] = &hosts[pos + 1]; -+ } -+ } -+ host_num = xorshift128plus() % host_num; -+ -+ sprintf(sni, "%s", phost[host_num]); -+ int sni_len = strlen(sni); -+ if (sni_len > 0 && sni[sni_len - 1] >= '0' && sni[sni_len - 1] <= '9') -+ sni_len = 0; -+ tls_data[tls_data_len] = '\0'; -+ tls_data[tls_data_len + 1] = '\0'; -+ tls_data[tls_data_len + 2] = (sni_len + 5) >> 8; -+ tls_data[tls_data_len + 3] = (sni_len + 5); -+ tls_data[tls_data_len + 4] = (sni_len + 3) >> 8; -+ tls_data[tls_data_len + 5] = (sni_len + 3); -+ tls_data[tls_data_len + 6] = '\0'; -+ tls_data[tls_data_len + 7] = sni_len >> 8; -+ tls_data[tls_data_len + 8] = sni_len; -+ memcpy(tls_data + tls_data_len + 9, sni, sni_len); -+ tls_data_len += 9 + sni_len; -+ memcpy(tls_data + tls_data_len, tls_data2, tls_data2_len); -+ tls_data_len += tls_data2_len; -+ rand_bytes(tls_data + tls_data_len, 208); -+ tls_data_len += 208; -+ memcpy(tls_data + tls_data_len, tls_data3, tls_data3_len); -+ tls_data_len += tls_data3_len; -+ -+ datalength = 11 + 32 + 1 + 32 + tls_data0_len + 2 + tls_data_len; -+ out_buffer = (char*)malloc(datalength); -+ char *pdata = out_buffer + datalength - tls_data_len; -+ int len = tls_data_len; -+ memcpy(pdata, tls_data, tls_data_len); -+ pdata[-1] = tls_data_len; -+ pdata[-2] = tls_data_len >> 8; -+ pdata -= 2; len += 2; -+ memcpy(pdata - tls_data0_len, tls_data0, tls_data0_len); -+ pdata -= tls_data0_len; len += tls_data0_len; -+ memcpy(pdata - 32, global->local_client_id, 32); -+ pdata -= 32; len += 32; -+ pdata[-1] = 0x20; -+ pdata -= 1; len += 1; -+ tls12_ticket_pack_auth_data(global, &self->server, pdata - 32); -+ pdata -= 32; len += 32; -+ pdata[-1] = 0x3; -+ pdata[-2] = 0x3; // tls version -+ pdata -= 2; len += 2; -+ pdata[-1] = len; -+ pdata[-2] = len >> 8; -+ pdata[-3] = 0; -+ pdata[-4] = 1; -+ pdata -= 4; len += 4; -+ -+ pdata[-1] = len; -+ pdata[-2] = len >> 8; -+ pdata -= 2; len += 2; -+ pdata[-1] = 0x1; -+ pdata[-2] = 0x3; // tls version -+ pdata -= 2; len += 2; -+ pdata[-1] = 0x16; // tls handshake -+ pdata -= 1; len += 1; -+ -+ local->handshake_status = 1; -+ } else if (datalength == 0) { -+ datalength = local->send_buffer_size + 43; -+ out_buffer = (char*)malloc(datalength); -+ char *pdata = out_buffer; -+ memcpy(pdata, "\x14\x03\x03\x00\x01\x01", 6); -+ pdata += 6; -+ memcpy(pdata, "\x16\x03\x03\x00\x20", 5); -+ pdata += 5; -+ rand_bytes((uint8_t*)pdata, 22); -+ pdata += 22; -+ -+ uint8_t *key = (uint8_t*)malloc(self->server.key_len + 32); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ memcpy(key, self->server.key, self->server.key_len); -+ memcpy(key + self->server.key_len, global->local_client_id, 32); -+ ss_sha1_hmac_with_key(hash, out_buffer, pdata - out_buffer, key, self->server.key_len + 32); -+ free(key); -+ memcpy(pdata, hash, OBFS_HMAC_SHA1_LEN); -+ -+ pdata += OBFS_HMAC_SHA1_LEN; -+ memcpy(pdata, local->send_buffer, local->send_buffer_size); -+ free(local->send_buffer); -+ local->send_buffer = NULL; -+ -+ local->handshake_status = 8; -+ } else { -+ return 0; -+ } -+ if (*capacity < datalength) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = datalength * 2); -+ encryptdata = *pencryptdata; -+ } -+ memmove(encryptdata, out_buffer, datalength); -+ free(out_buffer); -+ return datalength; -+} -+ -+int tls12_ticket_auth_server_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity) { -+ char *encryptdata = *pencryptdata; -+ tls12_ticket_auth_local_data *local = (tls12_ticket_auth_local_data*)self->l_data; -+ tls12_ticket_auth_global_data *global = (tls12_ticket_auth_global_data*)self->server.g_data; -+ char * out_buffer = NULL; -+ -+ if (local->handshake_status == 8) { -+ if (datalength < 1024) { -+ if (*capacity < datalength + 5) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = (datalength + 5) * 2); -+ encryptdata = *pencryptdata; -+ } -+ memmove(encryptdata + 5, encryptdata, datalength); -+ encryptdata[0] = 0x17; -+ encryptdata[1] = 0x3; -+ encryptdata[2] = 0x3; -+ encryptdata[3] = datalength >> 8; -+ encryptdata[4] = datalength; -+ return datalength + 5; -+ } else { -+ out_buffer = (char*)malloc(datalength + 2048); -+ int start = 0; -+ int outlength = 0; -+ int len; -+ while (datalength - start > 2048) { -+ len = xorshift128plus() % 4096 + 100; -+ if (len > datalength - start) -+ len = datalength - start; -+ tls12_ticket_auth_pack_data(encryptdata, datalength, start, len, out_buffer, outlength); -+ outlength += len + 5; -+ start += len; -+ } -+ if (datalength - start > 0) { -+ len = datalength - start; -+ tls12_ticket_auth_pack_data(encryptdata, datalength, start, len, out_buffer, outlength); -+ outlength += len + 5; -+ } -+ if (*capacity < outlength) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = outlength * 2); -+ encryptdata = *pencryptdata; -+ } -+ memcpy(encryptdata, out_buffer, outlength); -+ free(out_buffer); -+ return outlength; -+ } -+ } -+ -+ local->handshake_status = 3; -+ -+ out_buffer = (char*)malloc(43 + 86); -+ int data_len = 0; -+ char *p_data = out_buffer + 86; -+ -+ memcpy(p_data - 10, "\xc0\x2f\x00\x00\x05\xff\x01\x00\x01\x00", 10); -+ p_data -= 10;data_len += 10; -+ -+ memcpy(p_data - 32, global->local_client_id, 32); -+ p_data -= 32;data_len += 32; -+ -+ p_data[-1] = 0x20; -+ p_data -= 1;data_len += 1; -+ -+ tls12_ticket_pack_auth_data(global, &self->server, p_data - 32); -+ p_data -= 32;data_len += 32; -+ -+ p_data[-1] = 0x3; -+ p_data[-2] = 0x3; // tls version -+ p_data -= 2;data_len += 2; -+ -+ p_data[-1] = data_len; -+ p_data[-2] = data_len >> 8; -+ p_data[-3] = 0x00; -+ p_data[-4] = 0x02; -+ p_data -= 4; data_len += 4; -+ -+ p_data[-1] = data_len; -+ p_data[-2] = data_len >> 8; -+ p_data[-3] = 0x03; -+ p_data[-4] = 0x03; -+ p_data[-5] = 0x16; -+ p_data -= 5; data_len += 5; -+ -+ memcpy(out_buffer, p_data, data_len); -+ char *pdata = out_buffer + 86; -+ -+ memcpy(pdata, "\x14\x03\x03\x00\x01\x01", 6); -+ pdata += 6; -+ memcpy(pdata, "\x16\x03\x03\x00\x20", 5); -+ pdata += 5; -+ rand_bytes((uint8_t*)pdata, 22); -+ pdata += 22; -+ -+ uint8_t *key = (uint8_t*)malloc(self->server.key_len + 32); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ memcpy(key, self->server.key, self->server.key_len); -+ memcpy(key + self->server.key_len, global->local_client_id, 32); -+ ss_sha1_hmac_with_key(hash, out_buffer, 43 + 86, key, self->server.key_len + 32); -+ free(key); -+ memcpy(pdata, hash, OBFS_HMAC_SHA1_LEN); -+ -+ memmove(encryptdata, out_buffer, 43 + 86); -+ free(out_buffer); -+ return 43 + 86; -+} -+ -+int tls12_ticket_auth_client_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback) { -+ char *encryptdata = *pencryptdata; -+ tls12_ticket_auth_local_data *local = (tls12_ticket_auth_local_data*)self->l_data; -+ tls12_ticket_auth_global_data *global = (tls12_ticket_auth_global_data*)self->server.g_data; -+ -+ *needsendback = 0; -+ -+ if (local->handshake_status == 8) { -+ local->recv_buffer_size += datalength; -+ local->recv_buffer = (char*)realloc(local->recv_buffer, local->recv_buffer_size); -+ memcpy(local->recv_buffer + local->recv_buffer_size - datalength, encryptdata, datalength); -+ datalength = 0; -+ while (local->recv_buffer_size > 5) { -+ if (local->recv_buffer[0] != 0x17) -+ return -1; -+ int size = ((int)(unsigned char)local->recv_buffer[3] << 8) + (unsigned char)local->recv_buffer[4]; -+ if (size + 5 > local->recv_buffer_size) -+ break; -+ if (*capacity < datalength + size) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = (datalength + size) * 2); -+ encryptdata = *pencryptdata; -+ } -+ memcpy(encryptdata + datalength, local->recv_buffer + 5, size); -+ datalength += size; -+ local->recv_buffer_size -= 5 + size; -+ memmove(local->recv_buffer, local->recv_buffer + 5 + size, local->recv_buffer_size); -+ } -+ return datalength; -+ } -+ if (datalength < 11 + 32 + 1 + 32) { -+ return -1; -+ } -+ -+ uint8_t *key = (uint8_t*)malloc(self->server.key_len + 32); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ memcpy(key, self->server.key, self->server.key_len); -+ memcpy(key + self->server.key_len, global->local_client_id, 32); -+ ss_sha1_hmac_with_key(hash, encryptdata + 11, 22, key, self->server.key_len + 32); -+ free(key); -+ -+ if (memcmp(encryptdata + 33, hash, OBFS_HMAC_SHA1_LEN)) { -+ return -1; -+ } -+ -+ *needsendback = 1; -+ return 0; -+} -+ -+int tls12_ticket_auth_server_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback) { -+ char *encryptdata = *pencryptdata; -+ tls12_ticket_auth_local_data *local = (tls12_ticket_auth_local_data*)self->l_data; -+ tls12_ticket_auth_global_data *global = (tls12_ticket_auth_global_data*)self->server.g_data; -+ -+ *needsendback = 0; -+ -+ if (local->handshake_status == 8) { -+ if(datalength != 0) -+ { -+ local->recv_buffer = (char*)realloc(local->recv_buffer, local->recv_buffer_size + datalength); -+ memmove(local->recv_buffer + local->recv_buffer_size, encryptdata, datalength); -+ local->recv_buffer_size += datalength; -+ } -+ datalength = 0; -+ -+ while (local->recv_buffer_size > 5) { -+ if (local->recv_buffer[0] != 0x17 || local->recv_buffer[1] != 0x03 || local->recv_buffer[2] != 0x03) -+ { -+ LOGE("server_decode data error, wrong tls version 3"); -+ return -1; -+ } -+ int size = ((int)(unsigned char)local->recv_buffer[3] << 8) + (unsigned char)local->recv_buffer[4]; -+ if (size + 5 > local->recv_buffer_size) -+ break; -+ if (*capacity < local->recv_buffer_size + size) { -+ *pencryptdata = (char*)realloc(*pencryptdata, *capacity = (local->recv_buffer_size + size) * 2); -+ encryptdata = *pencryptdata; -+ } -+ memcpy(encryptdata + datalength, local->recv_buffer + 5, size); -+ datalength += size; -+ local->recv_buffer_size -= 5 + size; -+ memmove(local->recv_buffer, local->recv_buffer + 5 + size, local->recv_buffer_size); -+ } -+ return datalength; -+ } -+ -+ if (local->handshake_status == 3) { -+ -+ char *verify = encryptdata; -+ -+ if(datalength < 43) -+ { -+ LOGE("server_decode data error, too short:%d", (int)datalength); -+ return -1; -+ } -+ -+ if(encryptdata[0] != 0x14 || encryptdata[1] != 0x03 || encryptdata[2] != 0x03 || encryptdata[3] != 0x00 || encryptdata[4] != 0x01 || encryptdata[5] != 0x01) -+ { -+ LOGE("server_decode data error, wrong tls version"); -+ return -1; -+ } -+ -+ encryptdata += 6; -+ -+ if(encryptdata[0] != 0x16 || encryptdata[1] != 0x03 || encryptdata[2] != 0x03 || encryptdata[3] != 0x00 || encryptdata[4] != 0x20) -+ { -+ LOGE("server_decode data error, wrong tls version 2"); -+ return -1; -+ } -+ -+ uint8_t *key = (uint8_t*)malloc(self->server.key_len + 32); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ memcpy(key, self->server.key, self->server.key_len); -+ memcpy(key + self->server.key_len, global->local_client_id, 32); -+ ss_sha1_hmac_with_key(hash, verify, 33, key, self->server.key_len + 32); -+ free(key); -+ -+ if (memcmp(verify + 33, hash, OBFS_HMAC_SHA1_LEN) != 0) { -+ LOGE("server_decode data error, hash Mismatch %d",(int)memcmp(verify + 33, hash, OBFS_HMAC_SHA1_LEN)); -+ return -1; -+ } -+ -+ local->recv_buffer_size = datalength - 43; -+ local->recv_buffer = (char*)realloc(local->recv_buffer, local->recv_buffer_size); -+ memmove(local->recv_buffer, encryptdata + 37, datalength - 43); -+ -+ local->handshake_status = 8; -+ return tls12_ticket_auth_server_decode(self, pencryptdata, 0, capacity, needsendback); -+ } -+ -+ local->handshake_status = 2; -+ if(encryptdata[0] != 0x16 || encryptdata[1] != 0x03 || encryptdata[2] != 0x01) -+ { -+ return -1; -+ } -+ -+ encryptdata += 3; -+ -+ { -+ int size = ((int)(unsigned char)encryptdata[0] << 8) + (unsigned char)encryptdata[1]; -+ if(size != datalength - 5) -+ { -+ LOGE("tls_auth wrong tls head size"); -+ return -1; -+ } -+ } -+ -+ encryptdata += 2; -+ -+ if(encryptdata[0] != 0x01 || encryptdata[1] != 0x00) -+ { -+ LOGE("tls_auth not client hello message"); -+ return -1; -+ } -+ -+ encryptdata += 2; -+ -+ { -+ int size = ((int)(unsigned char)encryptdata[0] << 8) + (unsigned char)encryptdata[1]; -+ if(size != datalength - 9) -+ { -+ LOGE("tls_auth wrong message size"); -+ return -1; -+ } -+ } -+ -+ encryptdata += 2; -+ -+ if(encryptdata[0] != 0x03 || encryptdata[1] != 0x03) -+ { -+ LOGE("tls_auth wrong tls version"); -+ return -1; -+ } -+ -+ encryptdata += 2; -+ -+ char *verifyid = encryptdata; -+ -+ encryptdata += 32; -+ -+ int sessionid_len = encryptdata[0]; -+ if(sessionid_len < 32) -+ { -+ LOGE("tls_auth wrong sessionid_len"); -+ return -1; -+ } -+ -+ char *sessionid = encryptdata + 1; -+ memcpy(global->local_client_id , sessionid, sessionid_len); -+ -+ uint8_t *key = (uint8_t*)malloc(self->server.key_len + sessionid_len); -+ char hash[ONETIMEAUTH_BYTES * 2]; -+ memcpy(key, self->server.key, self->server.key_len); -+ memcpy(key + self->server.key_len, global->local_client_id, sessionid_len); -+ ss_sha1_hmac_with_key(hash, verifyid, 22, key, self->server.key_len + sessionid_len); -+ free(key); -+ -+ encryptdata += (sessionid_len + 1); -+ -+ long utc_time = ((int)(unsigned char)verifyid[0] << 24) + ((int)(unsigned char)verifyid[1] << 16) + ((int)(unsigned char)verifyid[2] << 8) + (unsigned char)verifyid[3]; -+ time_t t = time(NULL); -+ -+ -+ if (self->server.param && strlen(self->server.param) == 0) -+ { -+ self->server.param = NULL; -+ } -+ -+ int max_time_dif = 0; -+ int time_dif = utc_time - t; -+ if(self->server.param) -+ { -+ max_time_dif = atoi(self->server.param); -+ } -+ -+ if(max_time_dif > 0 && (time_dif < -max_time_dif || time_dif > max_time_dif || utc_time - global->startup_time < -max_time_dif / 2)) -+ { -+ LOGE("tls_auth wrong time"); -+ return -1; -+ } -+ -+ if (memcmp(verifyid + 22, hash, OBFS_HMAC_SHA1_LEN)) { -+ LOGE("tls_auth wrong sha1"); -+ return -1; -+ } -+ -+ int search_result = global->client_data->have_same_cmp(global->client_data, verifyid); -+ if(search_result != 0) -+ { -+ LOGE("replay attack detect!"); -+ return -1; -+ } -+ -+ global->client_data->add_back(global->client_data, verifyid); -+ -+ encryptdata += 48; -+ -+ *needsendback = 1; -+ -+ return 0; -+} -diff --git a/server/tls1.2_ticket.h b/server/tls1.2_ticket.h -new file mode 100644 -index 0000000..10a57c9 ---- /dev/null -+++ b/server/tls1.2_ticket.h -@@ -0,0 +1,20 @@ -+/* -+ * http_simple.h - Define shadowsocksR server's buffers and callbacks -+ * -+ * Copyright (C) 2015 - 2016, Break Wa11 -+ */ -+ -+#ifndef _TLS1_2_TICKET_H -+#define _TLS1_2_TICKET_H -+ -+void * tls12_ticket_auth_init_data(); -+obfs * tls12_ticket_auth_new_obfs(); -+void tls12_ticket_auth_dispose(obfs *self); -+ -+int tls12_ticket_auth_client_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); -+int tls12_ticket_auth_client_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback); -+ -+int tls12_ticket_auth_server_encode(obfs *self, char **pencryptdata, int datalength, size_t* capacity); -+int tls12_ticket_auth_server_decode(obfs *self, char **pencryptdata, int datalength, size_t* capacity, int *needsendback); -+ -+#endif // _TLS1_2_TICKET_H -diff --git a/server/udprelay.c b/server/udprelay.c -new file mode 100644 -index 0000000..d9251ee ---- /dev/null -+++ b/server/udprelay.c -@@ -0,0 +1,1452 @@ -+/* -+ * udprelay.c - Setup UDP relay for both client and server -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifndef __MINGW32__ -+#include -+#include -+#include -+#include -+#include -+#endif -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#if defined(HAVE_SYS_IOCTL_H) && defined(HAVE_NET_IF_H) && defined(__linux__) -+#include -+#include -+#define SET_INTERFACE -+#endif -+ -+#ifdef __MINGW32__ -+#include "win32.h" -+#endif -+ -+#include -+#include -+ -+#include "utils.h" -+#include "netutils.h" -+#include "cache.h" -+#include "udprelay.h" -+ -+#ifdef MODULE_REMOTE -+#define MAX_UDP_CONN_NUM 512 -+#else -+#define MAX_UDP_CONN_NUM 256 -+#endif -+ -+#ifdef MODULE_REMOTE -+#ifdef MODULE_ -+#error "MODULE_REMOTE and MODULE_LOCAL should not be both defined" -+#endif -+#endif -+ -+#ifndef EAGAIN -+#define EAGAIN EWOULDBLOCK -+#endif -+ -+#ifndef EWOULDBLOCK -+#define EWOULDBLOCK EAGAIN -+#endif -+ -+static void server_recv_cb(EV_P_ ev_io *w, int revents); -+static void remote_recv_cb(EV_P_ ev_io *w, int revents); -+static void remote_timeout_cb(EV_P_ ev_timer *watcher, int revents); -+ -+static char *hash_key(const int af, const struct sockaddr_storage *addr); -+#ifdef MODULE_REMOTE -+static void query_resolve_cb(struct sockaddr *addr, void *data); -+#endif -+static void close_and_free_remote(EV_P_ remote_ctx_t *ctx); -+static remote_ctx_t *new_remote(int fd, server_ctx_t *server_ctx); -+ -+#ifdef ANDROID -+extern uint64_t tx; -+extern uint64_t rx; -+extern int vpn; -+#endif -+ -+extern int verbose; -+#ifdef MODULE_REMOTE -+extern uint64_t tx; -+extern uint64_t rx; -+#endif -+ -+static int packet_size = DEFAULT_PACKET_SIZE; -+static int buf_size = DEFAULT_PACKET_SIZE * 2; -+static int server_num = 0; -+static server_ctx_t *server_ctx_list[MAX_REMOTE_NUM] = { NULL }; -+ -+#ifndef __MINGW32__ -+static int -+setnonblocking(int fd) -+{ -+ int flags; -+ if (-1 == (flags = fcntl(fd, F_GETFL, 0))) { -+ flags = 0; -+ } -+ return fcntl(fd, F_SETFL, flags | O_NONBLOCK); -+} -+ -+#endif -+ -+#if defined(MODULE_REMOTE) && defined(SO_BROADCAST) -+static int -+set_broadcast(int socket_fd) -+{ -+ int opt = 1; -+ return setsockopt(socket_fd, SOL_SOCKET, SO_BROADCAST, &opt, sizeof(opt)); -+} -+ -+#endif -+ -+#ifdef SO_NOSIGPIPE -+static int -+set_nosigpipe(int socket_fd) -+{ -+ int opt = 1; -+ return setsockopt(socket_fd, SOL_SOCKET, SO_NOSIGPIPE, &opt, sizeof(opt)); -+} -+ -+#endif -+ -+#ifdef MODULE_REDIR -+ -+#ifndef IP_TRANSPARENT -+#define IP_TRANSPARENT 19 -+#endif -+ -+#ifndef IP_RECVORIGDSTADDR -+#define IP_RECVORIGDSTADDR 20 -+#endif -+ -+static int -+get_dstaddr(struct msghdr *msg, struct sockaddr_storage *dstaddr) -+{ -+ struct cmsghdr *cmsg; -+ -+ for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) { -+ if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_RECVORIGDSTADDR) { -+ memcpy(dstaddr, CMSG_DATA(cmsg), sizeof(struct sockaddr_in)); -+ dstaddr->ss_family = AF_INET; -+ return 0; -+ } else if (cmsg->cmsg_level == SOL_IPV6 && cmsg->cmsg_type == IP_RECVORIGDSTADDR) { -+ memcpy(dstaddr, CMSG_DATA(cmsg), sizeof(struct sockaddr_in6)); -+ dstaddr->ss_family = AF_INET6; -+ return 0; -+ } -+ } -+ -+ return 1; -+} -+ -+#endif -+ -+#define HASH_KEY_LEN sizeof(struct sockaddr_storage) + sizeof(int) -+static char * -+hash_key(const int af, const struct sockaddr_storage *addr) -+{ -+ size_t addr_len = sizeof(struct sockaddr_storage); -+ static char key[HASH_KEY_LEN]; -+ -+ memset(key, 0, HASH_KEY_LEN); -+ memcpy(key, &af, sizeof(int)); -+ memcpy(key + sizeof(int), (const uint8_t *)addr, addr_len); -+ -+ return key; -+} -+ -+#if defined(MODULE_REDIR) || defined(MODULE_REMOTE) -+static int -+construct_udprealy_header(const struct sockaddr_storage *in_addr, -+ char *addr_header) -+{ -+ int addr_header_len = 0; -+ if (in_addr->ss_family == AF_INET) { -+ struct sockaddr_in *addr = (struct sockaddr_in *)in_addr; -+ size_t addr_len = sizeof(struct in_addr); -+ addr_header[addr_header_len++] = 1; -+ memcpy(addr_header + addr_header_len, &addr->sin_addr, addr_len); -+ addr_header_len += addr_len; -+ memcpy(addr_header + addr_header_len, &addr->sin_port, 2); -+ addr_header_len += 2; -+ } else if (in_addr->ss_family == AF_INET6) { -+ struct sockaddr_in6 *addr = (struct sockaddr_in6 *)in_addr; -+ size_t addr_len = sizeof(struct in6_addr); -+ addr_header[addr_header_len++] = 4; -+ memcpy(addr_header + addr_header_len, &addr->sin6_addr, addr_len); -+ addr_header_len += addr_len; -+ memcpy(addr_header + addr_header_len, &addr->sin6_port, 2); -+ addr_header_len += 2; -+ } else { -+ return 0; -+ } -+ return addr_header_len; -+} -+ -+#endif -+ -+static int -+parse_udprealy_header(const char *buf, const size_t buf_len, -+ char *host, char *port, struct sockaddr_storage *storage) -+{ -+ const uint8_t atyp = *(uint8_t *)buf; -+ int offset = 1; -+ -+ // get remote addr and port -+ if ((atyp & ADDRTYPE_MASK) == 1) { -+ // IP V4 -+ size_t in_addr_len = sizeof(struct in_addr); -+ if (buf_len >= in_addr_len + 3) { -+ if (storage != NULL) { -+ struct sockaddr_in *addr = (struct sockaddr_in *)storage; -+ addr->sin_family = AF_INET; -+ addr->sin_addr = *(struct in_addr *)(buf + offset); -+ addr->sin_port = *(uint16_t *)(buf + offset + in_addr_len); -+ } -+ if (host != NULL) { -+ dns_ntop(AF_INET, (const void *)(buf + offset), -+ host, INET_ADDRSTRLEN); -+ } -+ offset += in_addr_len; -+ } -+ } else if ((atyp & ADDRTYPE_MASK) == 3) { -+ // Domain name -+ uint8_t name_len = *(uint8_t *)(buf + offset); -+ if (name_len + 4 <= buf_len) { -+ if (storage != NULL) { -+ char tmp[257] = { 0 }; -+ struct cork_ip ip; -+ memcpy(tmp, buf + offset + 1, name_len); -+ if (cork_ip_init(&ip, tmp) != -1) { -+ if (ip.version == 4) { -+ struct sockaddr_in *addr = (struct sockaddr_in *)storage; -+ dns_pton(AF_INET, tmp, &(addr->sin_addr)); -+ addr->sin_port = *(uint16_t *)(buf + offset + 1 + name_len); -+ addr->sin_family = AF_INET; -+ } else if (ip.version == 6) { -+ struct sockaddr_in6 *addr = (struct sockaddr_in6 *)storage; -+ dns_pton(AF_INET, tmp, &(addr->sin6_addr)); -+ addr->sin6_port = *(uint16_t *)(buf + offset + 1 + name_len); -+ addr->sin6_family = AF_INET6; -+ } -+ } -+ } -+ if (host != NULL) { -+ memcpy(host, buf + offset + 1, name_len); -+ } -+ offset += 1 + name_len; -+ } -+ } else if ((atyp & ADDRTYPE_MASK) == 4) { -+ // IP V6 -+ size_t in6_addr_len = sizeof(struct in6_addr); -+ if (buf_len >= in6_addr_len + 3) { -+ if (storage != NULL) { -+ struct sockaddr_in6 *addr = (struct sockaddr_in6 *)storage; -+ addr->sin6_family = AF_INET6; -+ addr->sin6_addr = *(struct in6_addr *)(buf + offset); -+ addr->sin6_port = *(uint16_t *)(buf + offset + in6_addr_len); -+ } -+ if (host != NULL) { -+ dns_ntop(AF_INET6, (const void *)(buf + offset), -+ host, INET6_ADDRSTRLEN); -+ } -+ offset += in6_addr_len; -+ } -+ } -+ -+ if (offset == 1) { -+ LOGE("[udp] invalid header with addr type %d", atyp); -+ return 0; -+ } -+ -+ if (port != NULL) { -+ sprintf(port, "%d", ntohs(*(uint16_t *)(buf + offset))); -+ } -+ offset += 2; -+ -+ return offset; -+} -+ -+static char * -+get_addr_str(const struct sockaddr *sa) -+{ -+ static char s[SS_ADDRSTRLEN]; -+ memset(s, 0, SS_ADDRSTRLEN); -+ char addr[INET6_ADDRSTRLEN] = { 0 }; -+ char port[PORTSTRLEN] = { 0 }; -+ uint16_t p; -+ -+ switch (sa->sa_family) { -+ case AF_INET: -+ dns_ntop(AF_INET, &(((struct sockaddr_in *)sa)->sin_addr), -+ addr, INET_ADDRSTRLEN); -+ p = ntohs(((struct sockaddr_in *)sa)->sin_port); -+ sprintf(port, "%d", p); -+ break; -+ -+ case AF_INET6: -+ dns_ntop(AF_INET6, &(((struct sockaddr_in6 *)sa)->sin6_addr), -+ addr, INET6_ADDRSTRLEN); -+ p = ntohs(((struct sockaddr_in *)sa)->sin_port); -+ sprintf(port, "%d", p); -+ break; -+ -+ default: -+ strncpy(s, "Unknown AF", SS_ADDRSTRLEN); -+ } -+ -+ int addr_len = strlen(addr); -+ int port_len = strlen(port); -+ memcpy(s, addr, addr_len); -+ memcpy(s + addr_len + 1, port, port_len); -+ s[addr_len] = ':'; -+ -+ return s; -+} -+ -+int -+create_remote_socket(int ipv6) -+{ -+ int remote_sock; -+ -+ if (ipv6) { -+ // Try to bind IPv6 first -+ struct sockaddr_in6 addr; -+ memset(&addr, 0, sizeof(struct sockaddr_in6)); -+ addr.sin6_family = AF_INET6; -+ addr.sin6_addr = in6addr_any; -+ addr.sin6_port = 0; -+ remote_sock = socket(AF_INET6, SOCK_DGRAM, 0); -+ if (remote_sock == -1) { -+ ERROR("[udp] cannot create socket"); -+ return -1; -+ } -+ if (bind(remote_sock, (struct sockaddr *)&addr, sizeof(addr)) != 0) { -+ FATAL("[udp] cannot bind remote"); -+ return -1; -+ } -+ } else { -+ // Or else bind to IPv4 -+ struct sockaddr_in addr; -+ memset(&addr, 0, sizeof(struct sockaddr_in)); -+ addr.sin_family = AF_INET; -+ addr.sin_addr.s_addr = INADDR_ANY; -+ addr.sin_port = 0; -+ remote_sock = socket(AF_INET, SOCK_DGRAM, 0); -+ if (remote_sock == -1) { -+ ERROR("[udp] cannot create socket"); -+ return -1; -+ } -+ -+ if (bind(remote_sock, (struct sockaddr *)&addr, sizeof(addr)) != 0) { -+ FATAL("[udp] cannot bind remote"); -+ return -1; -+ } -+ } -+ return remote_sock; -+} -+ -+int -+create_server_socket(const char *host, const char *port) -+{ -+ struct addrinfo hints; -+ struct addrinfo *result, *rp, *ipv4v6bindall; -+ int s, server_sock; -+ -+ memset(&hints, 0, sizeof(struct addrinfo)); -+ hints.ai_family = AF_UNSPEC; /* Return IPv4 and IPv6 choices */ -+ hints.ai_socktype = SOCK_DGRAM; /* We want a UDP socket */ -+ hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; /* For wildcard IP address */ -+ hints.ai_protocol = IPPROTO_UDP; -+ -+ s = getaddrinfo(host, port, &hints, &result); -+ if (s != 0) { -+ LOGE("[udp] getaddrinfo: %s", gai_strerror(s)); -+ return -1; -+ } -+ -+ rp = result; -+ -+ /* -+ * On Linux, with net.ipv6.bindv6only = 0 (the default), getaddrinfo(NULL) with -+ * AI_PASSIVE returns 0.0.0.0 and :: (in this order). AI_PASSIVE was meant to -+ * return a list of addresses to listen on, but it is impossible to listen on -+ * 0.0.0.0 and :: at the same time, if :: implies dualstack mode. -+ */ -+ if (!host) { -+ ipv4v6bindall = result; -+ -+ /* Loop over all address infos found until a IPV6 address is found. */ -+ while (ipv4v6bindall) { -+ if (ipv4v6bindall->ai_family == AF_INET6) { -+ rp = ipv4v6bindall; /* Take first IPV6 address available */ -+ break; -+ } -+ ipv4v6bindall = ipv4v6bindall->ai_next; /* Get next address info, if any */ -+ } -+ } -+ -+ for (/*rp = result*/; rp != NULL; rp = rp->ai_next) { -+ server_sock = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol); -+ if (server_sock == -1) { -+ continue; -+ } -+ -+ if (rp->ai_family == AF_INET6) { -+ int ipv6only = host ? 1 : 0; -+ setsockopt(server_sock, IPPROTO_IPV6, IPV6_V6ONLY, &ipv6only, sizeof(ipv6only)); -+ } -+ -+ int opt = 1; -+ setsockopt(server_sock, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)); -+#ifdef SO_NOSIGPIPE -+ set_nosigpipe(server_sock); -+#endif -+ int err = set_reuseport(server_sock); -+ if (err == 0) { -+ LOGI("udp port reuse enabled"); -+ } -+#ifdef IP_TOS -+ // Set QoS flag -+ int tos = 46; -+ setsockopt(server_sock, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); -+#endif -+ -+#ifdef MODULE_REDIR -+ if (setsockopt(server_sock, SOL_IP, IP_TRANSPARENT, &opt, sizeof(opt))) { -+ ERROR("[udp] setsockopt IP_TRANSPARENT"); -+ exit(EXIT_FAILURE); -+ } -+ if (setsockopt(server_sock, IPPROTO_IP, IP_RECVORIGDSTADDR, &opt, sizeof(opt))) { -+ FATAL("[udp] setsockopt IP_RECVORIGDSTADDR"); -+ } -+#endif -+ -+ s = bind(server_sock, rp->ai_addr, rp->ai_addrlen); -+ if (s == 0) { -+ /* We managed to bind successfully! */ -+ break; -+ } else { -+ ERROR("[udp] bind"); -+ } -+ -+ close(server_sock); -+ } -+ -+ if (rp == NULL) { -+ LOGE("[udp] cannot bind"); -+ return -1; -+ } -+ -+ freeaddrinfo(result); -+ -+ return server_sock; -+} -+ -+remote_ctx_t * -+new_remote(int fd, server_ctx_t *server_ctx) -+{ -+ remote_ctx_t *ctx = ss_malloc(sizeof(remote_ctx_t)); -+ memset(ctx, 0, sizeof(remote_ctx_t)); -+ -+ ctx->fd = fd; -+ ctx->server_ctx = server_ctx; -+ -+ ev_io_init(&ctx->io, remote_recv_cb, fd, EV_READ); -+ ev_timer_init(&ctx->watcher, remote_timeout_cb, server_ctx->timeout, -+ server_ctx->timeout); -+ -+ return ctx; -+} -+ -+server_ctx_t * -+new_server_ctx(int fd) -+{ -+ server_ctx_t *ctx = ss_malloc(sizeof(server_ctx_t)); -+ memset(ctx, 0, sizeof(server_ctx_t)); -+ -+ ctx->fd = fd; -+ -+ ev_io_init(&ctx->io, server_recv_cb, fd, EV_READ); -+ -+ return ctx; -+} -+ -+#ifdef MODULE_REMOTE -+struct query_ctx * -+new_query_ctx(char *buf, size_t len) -+{ -+ struct query_ctx *ctx = ss_malloc(sizeof(struct query_ctx)); -+ memset(ctx, 0, sizeof(struct query_ctx)); -+ ctx->buf = ss_malloc(sizeof(buffer_t)); -+ balloc(ctx->buf, len); -+ memcpy(ctx->buf->array, buf, len); -+ ctx->buf->len = len; -+ return ctx; -+} -+ -+void -+close_and_free_query(EV_P_ struct query_ctx *ctx) -+{ -+ if (ctx != NULL) { -+ if (ctx->query != NULL) { -+ resolv_cancel(ctx->query); -+ ctx->query = NULL; -+ } -+ if (ctx->buf != NULL) { -+ bfree(ctx->buf); -+ ss_free(ctx->buf); -+ } -+ ss_free(ctx); -+ } -+} -+ -+#endif -+ -+void -+close_and_free_remote(EV_P_ remote_ctx_t *ctx) -+{ -+ if (ctx != NULL) { -+ ev_timer_stop(EV_A_ & ctx->watcher); -+ ev_io_stop(EV_A_ & ctx->io); -+ close(ctx->fd); -+ ss_free(ctx); -+ } -+} -+ -+static void -+remote_timeout_cb(EV_P_ ev_timer *watcher, int revents) -+{ -+ remote_ctx_t *remote_ctx -+ = cork_container_of(watcher, remote_ctx_t, watcher); -+ -+ if (verbose) { -+ LOGI("[udp] connection timeout"); -+ } -+ -+ char *key = hash_key(remote_ctx->af, &remote_ctx->src_addr); -+ cache_remove(remote_ctx->server_ctx->conn_cache, key, HASH_KEY_LEN); -+} -+ -+#ifdef MODULE_REMOTE -+static void -+query_resolve_cb(struct sockaddr *addr, void *data) -+{ -+ struct query_ctx *query_ctx = (struct query_ctx *)data; -+ struct ev_loop *loop = query_ctx->server_ctx->loop; -+ -+ if (verbose) { -+ LOGI("[udp] udns resolved"); -+ } -+ -+ query_ctx->query = NULL; -+ -+ if (addr == NULL) { -+ LOGE("[udp] udns returned an error"); -+ } else { -+ remote_ctx_t *remote_ctx = query_ctx->remote_ctx; -+ int cache_hit = 0; -+ -+ // Lookup in the conn cache -+ if (remote_ctx == NULL) { -+ char *key = hash_key(AF_UNSPEC, &query_ctx->src_addr); -+ cache_lookup(query_ctx->server_ctx->conn_cache, key, HASH_KEY_LEN, (void *)&remote_ctx); -+ } -+ -+ if (remote_ctx == NULL) { -+ int remotefd = create_remote_socket(addr->sa_family == AF_INET6); -+ if (remotefd != -1) { -+ setnonblocking(remotefd); -+#ifdef SO_BROADCAST -+ set_broadcast(remotefd); -+#endif -+#ifdef SO_NOSIGPIPE -+ set_nosigpipe(remotefd); -+#endif -+#ifdef IP_TOS -+ // Set QoS flag -+ int tos = 46; -+ setsockopt(remotefd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); -+#endif -+#ifdef SET_INTERFACE -+ if (query_ctx->server_ctx->iface) { -+ if (setinterface(remotefd, query_ctx->server_ctx->iface) == -1) -+ ERROR("setinterface"); -+ } -+#endif -+ remote_ctx = new_remote(remotefd, query_ctx->server_ctx); -+ remote_ctx->src_addr = query_ctx->src_addr; -+ remote_ctx->server_ctx = query_ctx->server_ctx; -+ remote_ctx->addr_header_len = query_ctx->addr_header_len; -+ memcpy(remote_ctx->addr_header, query_ctx->addr_header, -+ query_ctx->addr_header_len); -+ } else { -+ ERROR("[udp] bind() error"); -+ } -+ } else { -+ cache_hit = 1; -+ } -+ -+ if (remote_ctx != NULL) { -+ memcpy(&remote_ctx->dst_addr, addr, sizeof(struct sockaddr_storage)); -+ -+ size_t addr_len = get_sockaddr_len(addr); -+ int s = sendto(remote_ctx->fd, query_ctx->buf->array, query_ctx->buf->len, -+ 0, addr, addr_len); -+ -+ if (s == -1) { -+ ERROR("[udp] sendto_remote"); -+ if (!cache_hit) { -+ close_and_free_remote(EV_A_ remote_ctx); -+ } -+ } else { -+ if (!cache_hit) { -+ // Add to conn cache -+ char *key = hash_key(AF_UNSPEC, &remote_ctx->src_addr); -+ cache_insert(query_ctx->server_ctx->conn_cache, key, HASH_KEY_LEN, (void *)remote_ctx); -+ ev_io_start(EV_A_ & remote_ctx->io); -+ ev_timer_start(EV_A_ & remote_ctx->watcher); -+ } -+ } -+ } -+ } -+ -+ // clean up -+ close_and_free_query(EV_A_ query_ctx); -+} -+ -+#endif -+ -+static void -+remote_recv_cb(EV_P_ ev_io *w, int revents) -+{ -+ ssize_t r; -+ remote_ctx_t *remote_ctx = (remote_ctx_t *)w; -+ server_ctx_t *server_ctx = remote_ctx->server_ctx; -+ -+ // server has been closed -+ if (server_ctx == NULL) { -+ LOGE("[udp] invalid server"); -+ close_and_free_remote(EV_A_ remote_ctx); -+ return; -+ } -+ -+ struct sockaddr_storage src_addr; -+ socklen_t src_addr_len = sizeof(struct sockaddr_storage); -+ memset(&src_addr, 0, src_addr_len); -+ -+ buffer_t *buf = ss_malloc(sizeof(buffer_t)); -+ balloc(buf, buf_size); -+ -+ // recv -+ r = recvfrom(remote_ctx->fd, buf->array, buf_size, 0, (struct sockaddr *)&src_addr, &src_addr_len); -+ -+ if (r == -1) { -+ // error on recv -+ // simply drop that packet -+ ERROR("[udp] remote_recv_recvfrom"); -+ goto CLEAN_UP; -+ } else if (r > packet_size) { -+ LOGE("[udp] remote_recv_recvfrom fragmentation"); -+ goto CLEAN_UP; -+ } -+ -+ buf->len = r; -+ -+#ifdef MODULE_LOCAL -+ int err = ss_decrypt_all(buf, server_ctx->method, 0, buf_size); -+ if (err) { -+ // drop the packet silently -+ goto CLEAN_UP; -+ } -+ -+ //SSR beg -+ if (server_ctx->protocol_plugin) { -+ obfs_class *protocol_plugin = server_ctx->protocol_plugin; -+ if (protocol_plugin->client_udp_post_decrypt) { -+ buf->len = protocol_plugin->client_udp_post_decrypt(server_ctx->protocol, &buf->array, buf->len, &buf->capacity); -+ if ((int)buf->len < 0) { -+ LOGE("client_udp_post_decrypt"); -+ close_and_free_remote(EV_A_ remote_ctx); -+ return; -+ } -+ if ( buf->len == 0 ) -+ return; -+ } -+ } -+ // SSR end -+ -+#ifdef MODULE_REDIR -+ struct sockaddr_storage dst_addr; -+ memset(&dst_addr, 0, sizeof(struct sockaddr_storage)); -+ int len = parse_udprealy_header(buf->array, buf->len, NULL, NULL, &dst_addr); -+ -+ if (dst_addr.ss_family != AF_INET && dst_addr.ss_family != AF_INET6) { -+ LOGI("[udp] ss-redir does not support domain name"); -+ goto CLEAN_UP; -+ } -+ -+ if (verbose) { -+ char src[SS_ADDRSTRLEN]; -+ char dst[SS_ADDRSTRLEN]; -+ strcpy(src, get_addr_str((struct sockaddr *)&src_addr)); -+ strcpy(dst, get_addr_str((struct sockaddr *)&dst_addr)); -+ LOGI("[udp] recv %s via %s", dst, src); -+ } -+#else -+ int len = parse_udprealy_header(buf->array, buf->len, NULL, NULL, NULL); -+#endif -+ -+ if (len == 0) { -+ LOGI("[udp] error in parse header"); -+ // error in parse header -+ goto CLEAN_UP; -+ } -+ -+ // server may return using a different address type other than the type we -+ // have used during sending -+#if defined(MODULE_TUNNEL) || defined(MODULE_REDIR) -+ // Construct packet -+ buf->len -= len; -+ memmove(buf->array, buf->array + len, buf->len); -+#else -+#ifdef ANDROID -+ rx += buf->len; -+#endif -+ // Construct packet -+ brealloc(buf, buf->len + 3, buf_size); -+ memmove(buf->array + 3, buf->array, buf->len); -+ memset(buf->array, 0, 3); -+ buf->len += 3; -+#endif -+ -+#endif -+ -+#ifdef MODULE_REMOTE -+ -+ rx += buf->len; -+ -+ char addr_header_buf[512]; -+ char *addr_header = remote_ctx->addr_header; -+ int addr_header_len = remote_ctx->addr_header_len; -+ -+ if (remote_ctx->af == AF_INET || remote_ctx->af == AF_INET6) { -+ addr_header_len = construct_udprealy_header(&src_addr, addr_header_buf); -+ addr_header = addr_header_buf; -+ } -+ -+ // Construct packet -+ brealloc(buf, buf->len + addr_header_len, buf_size); -+ memmove(buf->array + addr_header_len, buf->array, buf->len); -+ memcpy(buf->array, addr_header, addr_header_len); -+ buf->len += addr_header_len; -+ -+ int err = ss_encrypt_all(buf, server_ctx->method, 0, buf_size); -+ if (err) { -+ // drop the packet silently -+ goto CLEAN_UP; -+ } -+ -+#endif -+ -+ if (buf->len > packet_size) { -+ LOGE("[udp] remote_recv_sendto fragmentation"); -+ goto CLEAN_UP; -+ } -+ -+ size_t remote_src_addr_len = get_sockaddr_len((struct sockaddr *)&remote_ctx->src_addr); -+ -+#ifdef MODULE_REDIR -+ -+ size_t remote_dst_addr_len = get_sockaddr_len((struct sockaddr *)&dst_addr); -+ -+ int src_fd = socket(remote_ctx->src_addr.ss_family, SOCK_DGRAM, 0); -+ if (src_fd < 0) { -+ ERROR("[udp] remote_recv_socket"); -+ goto CLEAN_UP; -+ } -+ int opt = 1; -+ if (setsockopt(src_fd, SOL_IP, IP_TRANSPARENT, &opt, sizeof(opt))) { -+ ERROR("[udp] remote_recv_setsockopt"); -+ close(src_fd); -+ goto CLEAN_UP; -+ } -+ if (setsockopt(src_fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt))) { -+ ERROR("[udp] remote_recv_setsockopt"); -+ close(src_fd); -+ goto CLEAN_UP; -+ } -+#ifdef IP_TOS -+ // Set QoS flag -+ int tos = 46; -+ setsockopt(src_fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); -+#endif -+ if (bind(src_fd, (struct sockaddr *)&dst_addr, remote_dst_addr_len) != 0) { -+ ERROR("[udp] remote_recv_bind"); -+ close(src_fd); -+ goto CLEAN_UP; -+ } -+ -+ int s = sendto(src_fd, buf->array, buf->len, 0, -+ (struct sockaddr *)&remote_ctx->src_addr, remote_src_addr_len); -+ if (s == -1) { -+ ERROR("[udp] remote_recv_sendto"); -+ close(src_fd); -+ goto CLEAN_UP; -+ } -+ close(src_fd); -+ -+#else -+ -+ int s = sendto(server_ctx->fd, buf->array, buf->len, 0, -+ (struct sockaddr *)&remote_ctx->src_addr, remote_src_addr_len); -+ if (s == -1) { -+ ERROR("[udp] remote_recv_sendto"); -+ goto CLEAN_UP; -+ } -+ -+#endif -+ -+ // handle the UDP packet successfully, -+ // triger the timer -+ ev_timer_again(EV_A_ & remote_ctx->watcher); -+ -+CLEAN_UP: -+ -+ bfree(buf); -+ ss_free(buf); -+} -+ -+static void -+server_recv_cb(EV_P_ ev_io *w, int revents) -+{ -+ server_ctx_t *server_ctx = (server_ctx_t *)w; -+ struct sockaddr_storage src_addr; -+ memset(&src_addr, 0, sizeof(struct sockaddr_storage)); -+ -+ buffer_t *buf = ss_malloc(sizeof(buffer_t)); -+ balloc(buf, buf_size); -+ -+ socklen_t src_addr_len = sizeof(struct sockaddr_storage); -+ unsigned int offset = 0; -+ -+#ifdef MODULE_REDIR -+ char control_buffer[64] = { 0 }; -+ struct msghdr msg; -+ memset(&msg, 0, sizeof(struct msghdr)); -+ struct iovec iov[1]; -+ struct sockaddr_storage dst_addr; -+ memset(&dst_addr, 0, sizeof(struct sockaddr_storage)); -+ -+ msg.msg_name = &src_addr; -+ msg.msg_namelen = src_addr_len; -+ msg.msg_control = control_buffer; -+ msg.msg_controllen = sizeof(control_buffer); -+ -+ iov[0].iov_base = buf->array; -+ iov[0].iov_len = buf_size; -+ msg.msg_iov = iov; -+ msg.msg_iovlen = 1; -+ -+ buf->len = recvmsg(server_ctx->fd, &msg, 0); -+ if (buf->len == -1) { -+ ERROR("[udp] server_recvmsg"); -+ goto CLEAN_UP; -+ } else if (buf->len > packet_size) { -+ ERROR("[udp] UDP server_recv_recvmsg fragmentation"); -+ goto CLEAN_UP; -+ } -+ -+ if (get_dstaddr(&msg, &dst_addr)) { -+ LOGE("[udp] unable to get dest addr"); -+ goto CLEAN_UP; -+ } -+ -+ src_addr_len = msg.msg_namelen; -+#else -+ ssize_t r; -+ r = recvfrom(server_ctx->fd, buf->array, buf_size, -+ 0, (struct sockaddr *)&src_addr, &src_addr_len); -+ -+ if (r == -1) { -+ // error on recv -+ // simply drop that packet -+ ERROR("[udp] server_recv_recvfrom"); -+ goto CLEAN_UP; -+ } else if (r > packet_size) { -+ ERROR("[udp] server_recv_recvfrom fragmentation"); -+ goto CLEAN_UP; -+ } -+ -+ buf->len = r; -+#endif -+ -+#ifdef MODULE_REMOTE -+ tx += buf->len; -+ -+ int err = ss_decrypt_all(buf, server_ctx->method, server_ctx->auth, buf_size); -+ if (err) { -+ // drop the packet silently -+ goto CLEAN_UP; -+ } -+#endif -+ -+#ifdef MODULE_LOCAL -+#if !defined(MODULE_TUNNEL) && !defined(MODULE_REDIR) -+#ifdef ANDROID -+ tx += buf->len; -+#endif -+ uint8_t frag = *(uint8_t *)(buf->array + 2); -+ offset += 3; -+#endif -+#endif -+ -+ /* -+ * -+ * SOCKS5 UDP Request -+ * +----+------+------+----------+----------+----------+ -+ * |RSV | FRAG | ATYP | DST.ADDR | DST.PORT | DATA | -+ * +----+------+------+----------+----------+----------+ -+ * | 2 | 1 | 1 | Variable | 2 | Variable | -+ * +----+------+------+----------+----------+----------+ -+ * -+ * SOCKS5 UDP Response -+ * +----+------+------+----------+----------+----------+ -+ * |RSV | FRAG | ATYP | DST.ADDR | DST.PORT | DATA | -+ * +----+------+------+----------+----------+----------+ -+ * | 2 | 1 | 1 | Variable | 2 | Variable | -+ * +----+------+------+----------+----------+----------+ -+ * -+ * shadowsocks UDP Request (before encrypted) -+ * +------+----------+----------+----------+-------------+ -+ * | ATYP | DST.ADDR | DST.PORT | DATA | HMAC-SHA1 | -+ * +------+----------+----------+----------+-------------+ -+ * | 1 | Variable | 2 | Variable | 10 | -+ * +------+----------+----------+----------+-------------+ -+ * -+ * If ATYP & ONETIMEAUTH_FLAG(0x10) != 0, Authentication (HMAC-SHA1) is enabled. -+ * -+ * The key of HMAC-SHA1 is (IV + KEY) and the input is the whole packet. -+ * The output of HMAC-SHA is truncated to 10 bytes (leftmost bits). -+ * -+ * shadowsocks UDP Response (before encrypted) -+ * +------+----------+----------+----------+ -+ * | ATYP | DST.ADDR | DST.PORT | DATA | -+ * +------+----------+----------+----------+ -+ * | 1 | Variable | 2 | Variable | -+ * +------+----------+----------+----------+ -+ * -+ * shadowsocks UDP Request and Response (after encrypted) -+ * +-------+--------------+ -+ * | IV | PAYLOAD | -+ * +-------+--------------+ -+ * | Fixed | Variable | -+ * +-------+--------------+ -+ * -+ */ -+ -+#ifdef MODULE_REDIR -+ if (verbose) { -+ char src[SS_ADDRSTRLEN]; -+ char dst[SS_ADDRSTRLEN]; -+ strcpy(src, get_addr_str((struct sockaddr *)&src_addr)); -+ strcpy(dst, get_addr_str((struct sockaddr *)&dst_addr)); -+ LOGI("[udp] redir to %s from %s", dst, src); -+ } -+ -+ char addr_header[512] = { 0 }; -+ int addr_header_len = construct_udprealy_header(&dst_addr, addr_header); -+ -+ if (addr_header_len == 0) { -+ LOGE("[udp] failed to parse tproxy addr"); -+ goto CLEAN_UP; -+ } -+ -+ // reconstruct the buffer -+ brealloc(buf, buf->len + addr_header_len, buf_size); -+ memmove(buf->array + addr_header_len, buf->array, buf->len); -+ memcpy(buf->array, addr_header, addr_header_len); -+ buf->len += addr_header_len; -+ -+#elif MODULE_TUNNEL -+ -+ char addr_header[512] = { 0 }; -+ char *host = server_ctx->tunnel_addr.host; -+ char *port = server_ctx->tunnel_addr.port; -+ uint16_t port_num = (uint16_t)atoi(port); -+ uint16_t port_net_num = htons(port_num); -+ int addr_header_len = 0; -+ -+ struct cork_ip ip; -+ if (cork_ip_init(&ip, host) != -1) { -+ if (ip.version == 4) { -+ // send as IPv4 -+ struct in_addr host_addr; -+ memset(&host_addr, 0, sizeof(struct in_addr)); -+ int host_len = sizeof(struct in_addr); -+ -+ if (dns_pton(AF_INET, host, &host_addr) == -1) { -+ FATAL("IP parser error"); -+ } -+ addr_header[addr_header_len++] = 1; -+ memcpy(addr_header + addr_header_len, &host_addr, host_len); -+ addr_header_len += host_len; -+ } else if (ip.version == 6) { -+ // send as IPv6 -+ struct in6_addr host_addr; -+ memset(&host_addr, 0, sizeof(struct in6_addr)); -+ int host_len = sizeof(struct in6_addr); -+ -+ if (dns_pton(AF_INET6, host, &host_addr) == -1) { -+ FATAL("IP parser error"); -+ } -+ addr_header[addr_header_len++] = 4; -+ memcpy(addr_header + addr_header_len, &host_addr, host_len); -+ addr_header_len += host_len; -+ } else { -+ FATAL("IP parser error"); -+ } -+ } else { -+ // send as domain -+ int host_len = strlen(host); -+ -+ addr_header[addr_header_len++] = 3; -+ addr_header[addr_header_len++] = host_len; -+ memcpy(addr_header + addr_header_len, host, host_len); -+ addr_header_len += host_len; -+ } -+ memcpy(addr_header + addr_header_len, &port_net_num, 2); -+ addr_header_len += 2; -+ -+ // reconstruct the buffer -+ brealloc(buf, buf->len + addr_header_len, buf_size); -+ memmove(buf->array + addr_header_len, buf->array, buf->len); -+ memcpy(buf->array, addr_header, addr_header_len); -+ buf->len += addr_header_len; -+ -+#else -+ -+ char host[257] = { 0 }; -+ char port[64] = { 0 }; -+ struct sockaddr_storage dst_addr; -+ memset(&dst_addr, 0, sizeof(struct sockaddr_storage)); -+ -+ int addr_header_len = parse_udprealy_header(buf->array + offset, buf->len - offset, -+ host, port, &dst_addr); -+ if (addr_header_len == 0) { -+ // error in parse header -+ goto CLEAN_UP; -+ } -+ -+ char *addr_header = buf->array + offset; -+#endif -+ -+#ifdef MODULE_LOCAL -+ char *key = hash_key(server_ctx->remote_addr->sa_family, &src_addr); -+#else -+ char *key = hash_key(dst_addr.ss_family, &src_addr); -+#endif -+ -+ struct cache *conn_cache = server_ctx->conn_cache; -+ -+ remote_ctx_t *remote_ctx = NULL; -+ cache_lookup(conn_cache, key, HASH_KEY_LEN, (void *)&remote_ctx); -+ -+ if (remote_ctx != NULL) { -+ if (sockaddr_cmp(&src_addr, &remote_ctx->src_addr, sizeof(src_addr))) { -+ remote_ctx = NULL; -+ } -+ } -+ -+ // reset the timer -+ if (remote_ctx != NULL) { -+ ev_timer_again(EV_A_ & remote_ctx->watcher); -+ } -+ -+ if (remote_ctx == NULL) { -+ if (verbose) { -+#ifdef MODULE_REDIR -+ char src[SS_ADDRSTRLEN]; -+ char dst[SS_ADDRSTRLEN]; -+ strcpy(src, get_addr_str((struct sockaddr *)&src_addr)); -+ strcpy(dst, get_addr_str((struct sockaddr *)&dst_addr)); -+ LOGI("[udp] cache miss: %s <-> %s", dst, src); -+#else -+ LOGI("[udp] cache miss: %s:%s <-> %s", host, port, -+ get_addr_str((struct sockaddr *)&src_addr)); -+#endif -+ } -+ } else { -+ if (verbose) { -+#ifdef MODULE_REDIR -+ char src[SS_ADDRSTRLEN]; -+ char dst[SS_ADDRSTRLEN]; -+ strcpy(src, get_addr_str((struct sockaddr *)&src_addr)); -+ strcpy(dst, get_addr_str((struct sockaddr *)&dst_addr)); -+ LOGI("[udp] cache hit: %s <-> %s", dst, src); -+#else -+ LOGI("[udp] cache hit: %s:%s <-> %s", host, port, -+ get_addr_str((struct sockaddr *)&src_addr)); -+#endif -+ } -+ } -+ -+#ifdef MODULE_LOCAL -+ -+#if !defined(MODULE_TUNNEL) && !defined(MODULE_REDIR) -+ if (frag) { -+ LOGE("[udp] drop a message since frag is not 0, but %d", frag); -+ goto CLEAN_UP; -+ } -+#endif -+ -+ const struct sockaddr *remote_addr = server_ctx->remote_addr; -+ const int remote_addr_len = server_ctx->remote_addr_len; -+ -+ if (remote_ctx == NULL) { -+ // Bind to any port -+ int remotefd = create_remote_socket(remote_addr->sa_family == AF_INET6); -+ if (remotefd < 0) { -+ ERROR("[udp] udprelay bind() error"); -+ goto CLEAN_UP; -+ } -+ setnonblocking(remotefd); -+ -+#ifdef SO_NOSIGPIPE -+ set_nosigpipe(remotefd); -+#endif -+#ifdef IP_TOS -+ // Set QoS flag -+ int tos = 46; -+ setsockopt(remotefd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); -+#endif -+#ifdef SET_INTERFACE -+ if (server_ctx->iface) { -+ if (setinterface(remotefd, server_ctx->iface) == -1) -+ ERROR("setinterface"); -+ } -+#endif -+ -+#ifdef ANDROID -+ if (vpn) { -+ if (protect_socket(remotefd) == -1) { -+ ERROR("protect_socket"); -+ close(remotefd); -+ goto CLEAN_UP; -+ } -+ } -+#endif -+ -+ // Init remote_ctx -+ remote_ctx = new_remote(remotefd, server_ctx); -+ remote_ctx->src_addr = src_addr; -+ remote_ctx->af = remote_addr->sa_family; -+ remote_ctx->addr_header_len = addr_header_len; -+ memcpy(remote_ctx->addr_header, addr_header, addr_header_len); -+ -+ // Add to conn cache -+ cache_insert(conn_cache, key, HASH_KEY_LEN, (void *)remote_ctx); -+ -+ // Start remote io -+ ev_io_start(EV_A_ & remote_ctx->io); -+ ev_timer_start(EV_A_ & remote_ctx->watcher); -+ } -+ -+ if (offset > 0) { -+ buf->len -= offset; -+ memmove(buf->array, buf->array + offset, buf->len); -+ } -+ -+ if (server_ctx->auth) { -+ buf->array[0] |= ONETIMEAUTH_FLAG; -+ } -+ -+ // SSR beg -+ if (server_ctx->protocol_plugin) { -+ obfs_class *protocol_plugin = server_ctx->protocol_plugin; -+ if (protocol_plugin->client_udp_pre_encrypt) { -+ buf->len = protocol_plugin->client_udp_pre_encrypt(server_ctx->protocol, &buf->array, buf->len, &buf->capacity); -+ } -+ } -+ //SSR end -+ -+ int err = ss_encrypt_all(buf, server_ctx->method, server_ctx->auth, buf->len); -+ -+ if (err) { -+ // drop the packet silently -+ goto CLEAN_UP; -+ } -+ -+ if (buf->len > packet_size) { -+ LOGE("[udp] server_recv_sendto fragmentation"); -+ goto CLEAN_UP; -+ } -+ -+ int s = sendto(remote_ctx->fd, buf->array, buf->len, 0, remote_addr, remote_addr_len); -+ -+ if (s == -1) { -+ ERROR("[udp] server_recv_sendto"); -+ } -+ -+#else -+ -+ int cache_hit = 0; -+ int need_query = 0; -+ -+ if (buf->len - addr_header_len > packet_size) { -+ LOGE("[udp] server_recv_sendto fragmentation"); -+ goto CLEAN_UP; -+ } -+ -+ if (remote_ctx != NULL) { -+ cache_hit = 1; -+ // detect destination mismatch -+ if (remote_ctx->addr_header_len != addr_header_len -+ || memcmp(addr_header, remote_ctx->addr_header, addr_header_len) != 0) { -+ if (dst_addr.ss_family != AF_INET && dst_addr.ss_family != AF_INET6) { -+ need_query = 1; -+ } -+ } else { -+ memcpy(&dst_addr, &remote_ctx->dst_addr, sizeof(struct sockaddr_storage)); -+ } -+ } else { -+ if (dst_addr.ss_family == AF_INET || dst_addr.ss_family == AF_INET6) { -+ int remotefd = create_remote_socket(dst_addr.ss_family == AF_INET6); -+ if (remotefd != -1) { -+ setnonblocking(remotefd); -+#ifdef SO_BROADCAST -+ set_broadcast(remotefd); -+#endif -+#ifdef SO_NOSIGPIPE -+ set_nosigpipe(remotefd); -+#endif -+#ifdef IP_TOS -+ // Set QoS flag -+ int tos = 46; -+ setsockopt(remotefd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); -+#endif -+#ifdef SET_INTERFACE -+ if (server_ctx->iface) { -+ if (setinterface(remotefd, server_ctx->iface) == -1) -+ ERROR("setinterface"); -+ } -+#endif -+ remote_ctx = new_remote(remotefd, server_ctx); -+ remote_ctx->src_addr = src_addr; -+ remote_ctx->server_ctx = server_ctx; -+ remote_ctx->addr_header_len = addr_header_len; -+ memcpy(remote_ctx->addr_header, addr_header, addr_header_len); -+ memcpy(&remote_ctx->dst_addr, &dst_addr, sizeof(struct sockaddr_storage)); -+ } else { -+ ERROR("[udp] bind() error"); -+ goto CLEAN_UP; -+ } -+ } -+ } -+ -+ if (remote_ctx != NULL && !need_query) { -+ size_t addr_len = get_sockaddr_len((struct sockaddr *)&dst_addr); -+ int s = sendto(remote_ctx->fd, buf->array + addr_header_len, -+ buf->len - addr_header_len, 0, -+ (struct sockaddr *)&dst_addr, addr_len); -+ -+ if (s == -1) { -+ ERROR("[udp] sendto_remote"); -+ if (!cache_hit) { -+ close_and_free_remote(EV_A_ remote_ctx); -+ } -+ } else { -+ if (!cache_hit) { -+ // Add to conn cache -+ remote_ctx->af = dst_addr.ss_family; -+ char *key = hash_key(remote_ctx->af, &remote_ctx->src_addr); -+ cache_insert(server_ctx->conn_cache, key, HASH_KEY_LEN, (void *)remote_ctx); -+ -+ ev_io_start(EV_A_ & remote_ctx->io); -+ ev_timer_start(EV_A_ & remote_ctx->watcher); -+ } -+ } -+ } else { -+ struct addrinfo hints; -+ memset(&hints, 0, sizeof(struct addrinfo)); -+ hints.ai_family = AF_UNSPEC; -+ hints.ai_socktype = SOCK_DGRAM; -+ hints.ai_protocol = IPPROTO_UDP; -+ -+ struct query_ctx *query_ctx = new_query_ctx(buf->array + addr_header_len, -+ buf->len - addr_header_len); -+ query_ctx->server_ctx = server_ctx; -+ query_ctx->addr_header_len = addr_header_len; -+ query_ctx->src_addr = src_addr; -+ memcpy(query_ctx->addr_header, addr_header, addr_header_len); -+ -+ if (need_query) { -+ query_ctx->remote_ctx = remote_ctx; -+ } -+ -+ struct ResolvQuery *query = resolv_query(host, query_resolve_cb, -+ NULL, query_ctx, htons(atoi(port))); -+ if (query == NULL) { -+ ERROR("[udp] unable to create DNS query"); -+ close_and_free_query(EV_A_ query_ctx); -+ goto CLEAN_UP; -+ } -+ query_ctx->query = query; -+ } -+#endif -+ -+CLEAN_UP: -+ bfree(buf); -+ ss_free(buf); -+} -+ -+void -+free_cb(void *key, void *element) -+{ -+ remote_ctx_t *remote_ctx = (remote_ctx_t *)element; -+ -+ if (verbose) { -+ LOGI("[udp] one connection freed"); -+ } -+ -+ close_and_free_remote(EV_DEFAULT, remote_ctx); -+} -+ -+int -+init_udprelay(const char *server_host, const char *server_port, -+#ifdef MODULE_LOCAL -+ const struct sockaddr *remote_addr, const int remote_addr_len, -+#ifdef MODULE_TUNNEL -+ const ss_addr_t tunnel_addr, -+#endif -+#endif -+ int mtu, int method, int auth, int timeout, const char *iface, const char *protocol, const char *protocol_param) -+{ -+ // Initialize ev loop -+ struct ev_loop *loop = EV_DEFAULT; -+ -+ // Initialize MTU -+ if (mtu > 0) { -+ packet_size = mtu - 1 - 28 - 2 - 64; -+ buf_size = packet_size * 2; -+ } -+ -+ // Initialize cache -+ struct cache *conn_cache; -+ cache_create(&conn_cache, MAX_UDP_CONN_NUM, free_cb); -+ -+ // //////////////////////////////////////////////// -+ // Setup server context -+ -+ // Bind to port -+ int serverfd = create_server_socket(server_host, server_port); -+ if (serverfd < 0) { -+ FATAL("[udp] bind() error"); -+ } -+ setnonblocking(serverfd); -+ if (protocol != NULL && strcmp(protocol, "verify_sha1") == 0) { -+ auth = 1; -+ protocol = NULL; -+ } -+ -+ server_ctx_t *server_ctx = new_server_ctx(serverfd); -+#ifdef MODULE_REMOTE -+ server_ctx->loop = loop; -+#endif -+ server_ctx->auth = auth; -+ server_ctx->timeout = max(timeout, MIN_UDP_TIMEOUT); -+ server_ctx->method = method; -+ server_ctx->iface = iface; -+ server_ctx->conn_cache = conn_cache; -+#ifdef MODULE_LOCAL -+ server_ctx->remote_addr = remote_addr; -+ server_ctx->remote_addr_len = remote_addr_len; -+ //SSR beg -+ server_ctx->protocol_plugin = new_obfs_class((char *)protocol); -+ if (server_ctx->protocol_plugin) { -+ server_ctx->protocol = server_ctx->protocol_plugin->new_obfs(); -+ server_ctx->protocol_global = server_ctx->protocol_plugin->init_data(); -+ } -+ -+ server_info _server_info; -+ memset(&_server_info, 0, sizeof(server_info)); -+ strcpy(_server_info.host, inet_ntoa(((struct sockaddr_in*)remote_addr)->sin_addr)); -+ _server_info.port = ((struct sockaddr_in*)remote_addr)->sin_port; -+ _server_info.port = _server_info.port >> 8 | _server_info.port << 8; -+ _server_info.g_data = server_ctx->protocol_global; -+ _server_info.param = (char *)protocol_param; -+ _server_info.key = enc_get_key(); -+ _server_info.key_len = enc_get_key_len(); -+ -+ if (server_ctx->protocol_plugin) -+ server_ctx->protocol_plugin->set_server_info(server_ctx->protocol, &_server_info); -+ //SSR end -+#ifdef MODULE_TUNNEL -+ server_ctx->tunnel_addr = tunnel_addr; -+#endif -+#endif -+ -+ ev_io_start(loop, &server_ctx->io); -+ -+ server_ctx_list[server_num++] = server_ctx; -+ -+ return 0; -+} -+ -+void -+free_udprelay() -+{ -+ struct ev_loop *loop = EV_DEFAULT; -+ while (server_num-- > 0) { -+ server_ctx_t *server_ctx = server_ctx_list[server_num]; -+ -+#ifdef MODULE_LOCAL -+ //SSR beg -+ if (server_ctx->protocol_plugin) { -+ server_ctx->protocol_plugin->dispose(server_ctx->protocol); -+ server_ctx->protocol = NULL; -+ free_obfs_class(server_ctx->protocol_plugin); -+ server_ctx->protocol_plugin = NULL; -+ } -+ //SSR end -+#endif -+ -+ ev_io_stop(loop, &server_ctx->io); -+ close(server_ctx->fd); -+ cache_delete(server_ctx->conn_cache, 0); -+ ss_free(server_ctx); -+ server_ctx_list[server_num] = NULL; -+ } -+} -diff --git a/server/udprelay.h b/server/udprelay.h -new file mode 100644 -index 0000000..89876d4 ---- /dev/null -+++ b/server/udprelay.h -@@ -0,0 +1,95 @@ -+/* -+ * udprelay.h - Define UDP relay's buffers and callbacks -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifndef _UDPRELAY_H -+#define _UDPRELAY_H -+ -+#include -+#include -+ -+#include "encrypt.h" -+#include "jconf.h" -+#include "obfs.h" -+ -+#ifdef MODULE_REMOTE -+#include "resolv.h" -+#endif -+ -+#include "cache.h" -+ -+#include "common.h" -+ -+#define MAX_UDP_PACKET_SIZE (65507) -+ -+#define DEFAULT_PACKET_SIZE 1397 // 1492 - 1 - 28 - 2 - 64 = 1397, the default MTU for UDP relay -+ -+typedef struct server_ctx { -+ ev_io io; -+ int fd; -+ int method; -+ int auth; -+ int timeout; -+ const char *iface; -+ struct cache *conn_cache; -+#ifdef MODULE_LOCAL -+ const struct sockaddr *remote_addr; -+ int remote_addr_len; -+#ifdef MODULE_TUNNEL -+ ss_addr_t tunnel_addr; -+#endif -+#endif -+#ifdef MODULE_REMOTE -+ struct ev_loop *loop; -+#endif -+ // SSR -+ obfs *protocol; -+ obfs_class *protocol_plugin; -+ void *protocol_global; -+} server_ctx_t; -+ -+#ifdef MODULE_REMOTE -+typedef struct query_ctx { -+ struct ResolvQuery *query; -+ struct sockaddr_storage src_addr; -+ buffer_t *buf; -+ int addr_header_len; -+ char addr_header[384]; -+ struct server_ctx *server_ctx; -+ struct remote_ctx *remote_ctx; -+} query_ctx_t; -+#endif -+ -+typedef struct remote_ctx { -+ ev_io io; -+ ev_timer watcher; -+ int af; -+ int fd; -+ int addr_header_len; -+ char addr_header[384]; -+ struct sockaddr_storage src_addr; -+#ifdef MODULE_REMOTE -+ struct sockaddr_storage dst_addr; -+#endif -+ struct server_ctx *server_ctx; -+} remote_ctx_t; -+ -+#endif // _UDPRELAY_H -diff --git a/server/uthash.h b/server/uthash.h -new file mode 100644 -index 0000000..45d1f9f ---- /dev/null -+++ b/server/uthash.h -@@ -0,0 +1,1074 @@ -+/* -+Copyright (c) 2003-2016, Troy D. Hanson http://troydhanson.github.com/uthash/ -+All rights reserved. -+ -+Redistribution and use in source and binary forms, with or without -+modification, are permitted provided that the following conditions are met: -+ -+ * Redistributions of source code must retain the above copyright -+ notice, this list of conditions and the following disclaimer. -+ -+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS -+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER -+OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -+*/ -+ -+#ifndef UTHASH_H -+#define UTHASH_H -+ -+#define UTHASH_VERSION 2.0.1 -+ -+#include /* memcmp,strlen */ -+#include /* ptrdiff_t */ -+#include /* exit() */ -+ -+/* These macros use decltype or the earlier __typeof GNU extension. -+ As decltype is only available in newer compilers (VS2010 or gcc 4.3+ -+ when compiling c++ source) this code uses whatever method is needed -+ or, for VS2008 where neither is available, uses casting workarounds. */ -+#if defined(_MSC_VER) /* MS compiler */ -+#if _MSC_VER >= 1600 && defined(__cplusplus) /* VS2010 or newer in C++ mode */ -+#define DECLTYPE(x) (decltype(x)) -+#else /* VS2008 or older (or VS2010 in C mode) */ -+#define NO_DECLTYPE -+#define DECLTYPE(x) -+#endif -+#elif defined(__BORLANDC__) || defined(__LCC__) || defined(__WATCOMC__) -+#define NO_DECLTYPE -+#define DECLTYPE(x) -+#else /* GNU, Sun and other compilers */ -+#define DECLTYPE(x) (__typeof(x)) -+#endif -+ -+#ifdef NO_DECLTYPE -+#define DECLTYPE_ASSIGN(dst,src) \ -+do { \ -+ char **_da_dst = (char**)(&(dst)); \ -+ *_da_dst = (char*)(src); \ -+} while (0) -+#else -+#define DECLTYPE_ASSIGN(dst,src) \ -+do { \ -+ (dst) = DECLTYPE(dst)(src); \ -+} while (0) -+#endif -+ -+/* a number of the hash function use uint32_t which isn't defined on Pre VS2010 */ -+#if defined(_WIN32) -+#if defined(_MSC_VER) && _MSC_VER >= 1600 -+#include -+#elif defined(__WATCOMC__) || defined(__MINGW32__) || defined(__CYGWIN__) -+#include -+#else -+typedef unsigned int uint32_t; -+typedef unsigned char uint8_t; -+#endif -+#elif defined(__GNUC__) && !defined(__VXWORKS__) -+#include -+#else -+typedef unsigned int uint32_t; -+typedef unsigned char uint8_t; -+#endif -+ -+#ifndef uthash_fatal -+#define uthash_fatal(msg) exit(-1) /* fatal error (out of memory,etc) */ -+#endif -+#ifndef uthash_malloc -+#define uthash_malloc(sz) malloc(sz) /* malloc fcn */ -+#endif -+#ifndef uthash_free -+#define uthash_free(ptr,sz) free(ptr) /* free fcn */ -+#endif -+#ifndef uthash_strlen -+#define uthash_strlen(s) strlen(s) -+#endif -+#ifndef uthash_memcmp -+#define uthash_memcmp(a,b,n) memcmp(a,b,n) -+#endif -+ -+#ifndef uthash_noexpand_fyi -+#define uthash_noexpand_fyi(tbl) /* can be defined to log noexpand */ -+#endif -+#ifndef uthash_expand_fyi -+#define uthash_expand_fyi(tbl) /* can be defined to log expands */ -+#endif -+ -+/* initial number of buckets */ -+#define HASH_INITIAL_NUM_BUCKETS 32U /* initial number of buckets */ -+#define HASH_INITIAL_NUM_BUCKETS_LOG2 5U /* lg2 of initial number of buckets */ -+#define HASH_BKT_CAPACITY_THRESH 10U /* expand when bucket count reaches */ -+ -+/* calculate the element whose hash handle address is hhp */ -+#define ELMT_FROM_HH(tbl,hhp) ((void*)(((char*)(hhp)) - ((tbl)->hho))) -+/* calculate the hash handle from element address elp */ -+#define HH_FROM_ELMT(tbl,elp) ((UT_hash_handle *)(((char*)(elp)) + ((tbl)->hho))) -+ -+#define HASH_VALUE(keyptr,keylen,hashv) \ -+do { \ -+ HASH_FCN(keyptr, keylen, hashv); \ -+} while (0) -+ -+#define HASH_FIND_BYHASHVALUE(hh,head,keyptr,keylen,hashval,out) \ -+do { \ -+ (out) = NULL; \ -+ if (head) { \ -+ unsigned _hf_bkt; \ -+ HASH_TO_BKT(hashval, (head)->hh.tbl->num_buckets, _hf_bkt); \ -+ if (HASH_BLOOM_TEST((head)->hh.tbl, hashval) != 0) { \ -+ HASH_FIND_IN_BKT((head)->hh.tbl, hh, (head)->hh.tbl->buckets[ _hf_bkt ], keyptr, keylen, hashval, out); \ -+ } \ -+ } \ -+} while (0) -+ -+#define HASH_FIND(hh,head,keyptr,keylen,out) \ -+do { \ -+ unsigned _hf_hashv; \ -+ HASH_VALUE(keyptr, keylen, _hf_hashv); \ -+ HASH_FIND_BYHASHVALUE(hh, head, keyptr, keylen, _hf_hashv, out); \ -+} while (0) -+ -+#ifdef HASH_BLOOM -+#define HASH_BLOOM_BITLEN (1UL << HASH_BLOOM) -+#define HASH_BLOOM_BYTELEN (HASH_BLOOM_BITLEN/8UL) + (((HASH_BLOOM_BITLEN%8UL)!=0UL) ? 1UL : 0UL) -+#define HASH_BLOOM_MAKE(tbl) \ -+do { \ -+ (tbl)->bloom_nbits = HASH_BLOOM; \ -+ (tbl)->bloom_bv = (uint8_t*)uthash_malloc(HASH_BLOOM_BYTELEN); \ -+ if (!((tbl)->bloom_bv)) { uthash_fatal( "out of memory"); } \ -+ memset((tbl)->bloom_bv, 0, HASH_BLOOM_BYTELEN); \ -+ (tbl)->bloom_sig = HASH_BLOOM_SIGNATURE; \ -+} while (0) -+ -+#define HASH_BLOOM_FREE(tbl) \ -+do { \ -+ uthash_free((tbl)->bloom_bv, HASH_BLOOM_BYTELEN); \ -+} while (0) -+ -+#define HASH_BLOOM_BITSET(bv,idx) (bv[(idx)/8U] |= (1U << ((idx)%8U))) -+#define HASH_BLOOM_BITTEST(bv,idx) (bv[(idx)/8U] & (1U << ((idx)%8U))) -+ -+#define HASH_BLOOM_ADD(tbl,hashv) \ -+ HASH_BLOOM_BITSET((tbl)->bloom_bv, (hashv & (uint32_t)((1ULL << (tbl)->bloom_nbits) - 1U))) -+ -+#define HASH_BLOOM_TEST(tbl,hashv) \ -+ HASH_BLOOM_BITTEST((tbl)->bloom_bv, (hashv & (uint32_t)((1ULL << (tbl)->bloom_nbits) - 1U))) -+ -+#else -+#define HASH_BLOOM_MAKE(tbl) -+#define HASH_BLOOM_FREE(tbl) -+#define HASH_BLOOM_ADD(tbl,hashv) -+#define HASH_BLOOM_TEST(tbl,hashv) (1) -+#define HASH_BLOOM_BYTELEN 0U -+#endif -+ -+#define HASH_MAKE_TABLE(hh,head) \ -+do { \ -+ (head)->hh.tbl = (UT_hash_table*)uthash_malloc( \ -+ sizeof(UT_hash_table)); \ -+ if (!((head)->hh.tbl)) { uthash_fatal( "out of memory"); } \ -+ memset((head)->hh.tbl, 0, sizeof(UT_hash_table)); \ -+ (head)->hh.tbl->tail = &((head)->hh); \ -+ (head)->hh.tbl->num_buckets = HASH_INITIAL_NUM_BUCKETS; \ -+ (head)->hh.tbl->log2_num_buckets = HASH_INITIAL_NUM_BUCKETS_LOG2; \ -+ (head)->hh.tbl->hho = (char*)(&(head)->hh) - (char*)(head); \ -+ (head)->hh.tbl->buckets = (UT_hash_bucket*)uthash_malloc( \ -+ HASH_INITIAL_NUM_BUCKETS*sizeof(struct UT_hash_bucket)); \ -+ if (! (head)->hh.tbl->buckets) { uthash_fatal( "out of memory"); } \ -+ memset((head)->hh.tbl->buckets, 0, \ -+ HASH_INITIAL_NUM_BUCKETS*sizeof(struct UT_hash_bucket)); \ -+ HASH_BLOOM_MAKE((head)->hh.tbl); \ -+ (head)->hh.tbl->signature = HASH_SIGNATURE; \ -+} while (0) -+ -+#define HASH_REPLACE_BYHASHVALUE_INORDER(hh,head,fieldname,keylen_in,hashval,add,replaced,cmpfcn) \ -+do { \ -+ (replaced) = NULL; \ -+ HASH_FIND_BYHASHVALUE(hh, head, &((add)->fieldname), keylen_in, hashval, replaced); \ -+ if (replaced) { \ -+ HASH_DELETE(hh, head, replaced); \ -+ } \ -+ HASH_ADD_KEYPTR_BYHASHVALUE_INORDER(hh, head, &((add)->fieldname), keylen_in, hashval, add, cmpfcn); \ -+} while (0) -+ -+#define HASH_REPLACE_BYHASHVALUE(hh,head,fieldname,keylen_in,hashval,add,replaced) \ -+do { \ -+ (replaced) = NULL; \ -+ HASH_FIND_BYHASHVALUE(hh, head, &((add)->fieldname), keylen_in, hashval, replaced); \ -+ if (replaced) { \ -+ HASH_DELETE(hh, head, replaced); \ -+ } \ -+ HASH_ADD_KEYPTR_BYHASHVALUE(hh, head, &((add)->fieldname), keylen_in, hashval, add); \ -+} while (0) -+ -+#define HASH_REPLACE(hh,head,fieldname,keylen_in,add,replaced) \ -+do { \ -+ unsigned _hr_hashv; \ -+ HASH_VALUE(&((add)->fieldname), keylen_in, _hr_hashv); \ -+ HASH_REPLACE_BYHASHVALUE(hh, head, fieldname, keylen_in, _hr_hashv, add, replaced); \ -+} while (0) -+ -+#define HASH_REPLACE_INORDER(hh,head,fieldname,keylen_in,add,replaced,cmpfcn) \ -+do { \ -+ unsigned _hr_hashv; \ -+ HASH_VALUE(&((add)->fieldname), keylen_in, _hr_hashv); \ -+ HASH_REPLACE_BYHASHVALUE_INORDER(hh, head, fieldname, keylen_in, _hr_hashv, add, replaced, cmpfcn); \ -+} while (0) -+ -+#define HASH_APPEND_LIST(hh, head, add) \ -+do { \ -+ (add)->hh.next = NULL; \ -+ (add)->hh.prev = ELMT_FROM_HH((head)->hh.tbl, (head)->hh.tbl->tail); \ -+ (head)->hh.tbl->tail->next = (add); \ -+ (head)->hh.tbl->tail = &((add)->hh); \ -+} while (0) -+ -+#define HASH_ADD_KEYPTR_BYHASHVALUE_INORDER(hh,head,keyptr,keylen_in,hashval,add,cmpfcn) \ -+do { \ -+ unsigned _ha_bkt; \ -+ (add)->hh.hashv = (hashval); \ -+ (add)->hh.key = (char*) (keyptr); \ -+ (add)->hh.keylen = (unsigned) (keylen_in); \ -+ if (!(head)) { \ -+ (add)->hh.next = NULL; \ -+ (add)->hh.prev = NULL; \ -+ (head) = (add); \ -+ HASH_MAKE_TABLE(hh, head); \ -+ } else { \ -+ struct UT_hash_handle *_hs_iter = &(head)->hh; \ -+ (add)->hh.tbl = (head)->hh.tbl; \ -+ do { \ -+ if (cmpfcn(DECLTYPE(head) ELMT_FROM_HH((head)->hh.tbl, _hs_iter), add) > 0) \ -+ break; \ -+ } while ((_hs_iter = _hs_iter->next)); \ -+ if (_hs_iter) { \ -+ (add)->hh.next = _hs_iter; \ -+ if (((add)->hh.prev = _hs_iter->prev)) { \ -+ HH_FROM_ELMT((head)->hh.tbl, _hs_iter->prev)->next = (add); \ -+ } else { \ -+ (head) = (add); \ -+ } \ -+ _hs_iter->prev = (add); \ -+ } else { \ -+ HASH_APPEND_LIST(hh, head, add); \ -+ } \ -+ } \ -+ (head)->hh.tbl->num_items++; \ -+ HASH_TO_BKT(hashval, (head)->hh.tbl->num_buckets, _ha_bkt); \ -+ HASH_ADD_TO_BKT((head)->hh.tbl->buckets[_ha_bkt], &(add)->hh); \ -+ HASH_BLOOM_ADD((head)->hh.tbl, hashval); \ -+ HASH_EMIT_KEY(hh, head, keyptr, keylen_in); \ -+ HASH_FSCK(hh, head); \ -+} while (0) -+ -+#define HASH_ADD_KEYPTR_INORDER(hh,head,keyptr,keylen_in,add,cmpfcn) \ -+do { \ -+ unsigned _hs_hashv; \ -+ HASH_VALUE(keyptr, keylen_in, _hs_hashv); \ -+ HASH_ADD_KEYPTR_BYHASHVALUE_INORDER(hh, head, keyptr, keylen_in, _hs_hashv, add, cmpfcn); \ -+} while (0) -+ -+#define HASH_ADD_BYHASHVALUE_INORDER(hh,head,fieldname,keylen_in,hashval,add,cmpfcn) \ -+ HASH_ADD_KEYPTR_BYHASHVALUE_INORDER(hh, head, &((add)->fieldname), keylen_in, hashval, add, cmpfcn) -+ -+#define HASH_ADD_INORDER(hh,head,fieldname,keylen_in,add,cmpfcn) \ -+ HASH_ADD_KEYPTR_INORDER(hh, head, &((add)->fieldname), keylen_in, add, cmpfcn) -+ -+#define HASH_ADD_KEYPTR_BYHASHVALUE(hh,head,keyptr,keylen_in,hashval,add) \ -+do { \ -+ unsigned _ha_bkt; \ -+ (add)->hh.hashv = (hashval); \ -+ (add)->hh.key = (char*) (keyptr); \ -+ (add)->hh.keylen = (unsigned) (keylen_in); \ -+ if (!(head)) { \ -+ (add)->hh.next = NULL; \ -+ (add)->hh.prev = NULL; \ -+ (head) = (add); \ -+ HASH_MAKE_TABLE(hh, head); \ -+ } else { \ -+ (add)->hh.tbl = (head)->hh.tbl; \ -+ HASH_APPEND_LIST(hh, head, add); \ -+ } \ -+ (head)->hh.tbl->num_items++; \ -+ HASH_TO_BKT(hashval, (head)->hh.tbl->num_buckets, _ha_bkt); \ -+ HASH_ADD_TO_BKT((head)->hh.tbl->buckets[_ha_bkt], &(add)->hh); \ -+ HASH_BLOOM_ADD((head)->hh.tbl, hashval); \ -+ HASH_EMIT_KEY(hh, head, keyptr, keylen_in); \ -+ HASH_FSCK(hh, head); \ -+} while (0) -+ -+#define HASH_ADD_KEYPTR(hh,head,keyptr,keylen_in,add) \ -+do { \ -+ unsigned _ha_hashv; \ -+ HASH_VALUE(keyptr, keylen_in, _ha_hashv); \ -+ HASH_ADD_KEYPTR_BYHASHVALUE(hh, head, keyptr, keylen_in, _ha_hashv, add); \ -+} while (0) -+ -+#define HASH_ADD_BYHASHVALUE(hh,head,fieldname,keylen_in,hashval,add) \ -+ HASH_ADD_KEYPTR_BYHASHVALUE(hh, head, &((add)->fieldname), keylen_in, hashval, add) -+ -+#define HASH_ADD(hh,head,fieldname,keylen_in,add) \ -+ HASH_ADD_KEYPTR(hh, head, &((add)->fieldname), keylen_in, add) -+ -+#define HASH_TO_BKT(hashv,num_bkts,bkt) \ -+do { \ -+ bkt = ((hashv) & ((num_bkts) - 1U)); \ -+} while (0) -+ -+/* delete "delptr" from the hash table. -+ * "the usual" patch-up process for the app-order doubly-linked-list. -+ * The use of _hd_hh_del below deserves special explanation. -+ * These used to be expressed using (delptr) but that led to a bug -+ * if someone used the same symbol for the head and deletee, like -+ * HASH_DELETE(hh,users,users); -+ * We want that to work, but by changing the head (users) below -+ * we were forfeiting our ability to further refer to the deletee (users) -+ * in the patch-up process. Solution: use scratch space to -+ * copy the deletee pointer, then the latter references are via that -+ * scratch pointer rather than through the repointed (users) symbol. -+ */ -+#define HASH_DELETE(hh,head,delptr) \ -+do { \ -+ struct UT_hash_handle *_hd_hh_del; \ -+ if ( ((delptr)->hh.prev == NULL) && ((delptr)->hh.next == NULL) ) { \ -+ uthash_free((head)->hh.tbl->buckets, \ -+ (head)->hh.tbl->num_buckets*sizeof(struct UT_hash_bucket) ); \ -+ HASH_BLOOM_FREE((head)->hh.tbl); \ -+ uthash_free((head)->hh.tbl, sizeof(UT_hash_table)); \ -+ head = NULL; \ -+ } else { \ -+ unsigned _hd_bkt; \ -+ _hd_hh_del = &((delptr)->hh); \ -+ if ((delptr) == ELMT_FROM_HH((head)->hh.tbl,(head)->hh.tbl->tail)) { \ -+ (head)->hh.tbl->tail = \ -+ (UT_hash_handle*)((ptrdiff_t)((delptr)->hh.prev) + \ -+ (head)->hh.tbl->hho); \ -+ } \ -+ if ((delptr)->hh.prev != NULL) { \ -+ ((UT_hash_handle*)((ptrdiff_t)((delptr)->hh.prev) + \ -+ (head)->hh.tbl->hho))->next = (delptr)->hh.next; \ -+ } else { \ -+ DECLTYPE_ASSIGN(head,(delptr)->hh.next); \ -+ } \ -+ if (_hd_hh_del->next != NULL) { \ -+ ((UT_hash_handle*)((ptrdiff_t)_hd_hh_del->next + \ -+ (head)->hh.tbl->hho))->prev = \ -+ _hd_hh_del->prev; \ -+ } \ -+ HASH_TO_BKT( _hd_hh_del->hashv, (head)->hh.tbl->num_buckets, _hd_bkt); \ -+ HASH_DEL_IN_BKT(hh,(head)->hh.tbl->buckets[_hd_bkt], _hd_hh_del); \ -+ (head)->hh.tbl->num_items--; \ -+ } \ -+ HASH_FSCK(hh,head); \ -+} while (0) -+ -+ -+/* convenience forms of HASH_FIND/HASH_ADD/HASH_DEL */ -+#define HASH_FIND_STR(head,findstr,out) \ -+ HASH_FIND(hh,head,findstr,(unsigned)uthash_strlen(findstr),out) -+#define HASH_ADD_STR(head,strfield,add) \ -+ HASH_ADD(hh,head,strfield[0],(unsigned)uthash_strlen(add->strfield),add) -+#define HASH_REPLACE_STR(head,strfield,add,replaced) \ -+ HASH_REPLACE(hh,head,strfield[0],(unsigned)uthash_strlen(add->strfield),add,replaced) -+#define HASH_FIND_INT(head,findint,out) \ -+ HASH_FIND(hh,head,findint,sizeof(int),out) -+#define HASH_ADD_INT(head,intfield,add) \ -+ HASH_ADD(hh,head,intfield,sizeof(int),add) -+#define HASH_REPLACE_INT(head,intfield,add,replaced) \ -+ HASH_REPLACE(hh,head,intfield,sizeof(int),add,replaced) -+#define HASH_FIND_PTR(head,findptr,out) \ -+ HASH_FIND(hh,head,findptr,sizeof(void *),out) -+#define HASH_ADD_PTR(head,ptrfield,add) \ -+ HASH_ADD(hh,head,ptrfield,sizeof(void *),add) -+#define HASH_REPLACE_PTR(head,ptrfield,add,replaced) \ -+ HASH_REPLACE(hh,head,ptrfield,sizeof(void *),add,replaced) -+#define HASH_DEL(head,delptr) \ -+ HASH_DELETE(hh,head,delptr) -+ -+/* HASH_FSCK checks hash integrity on every add/delete when HASH_DEBUG is defined. -+ * This is for uthash developer only; it compiles away if HASH_DEBUG isn't defined. -+ */ -+#ifdef HASH_DEBUG -+#define HASH_OOPS(...) do { fprintf(stderr,__VA_ARGS__); exit(-1); } while (0) -+#define HASH_FSCK(hh,head) \ -+do { \ -+ struct UT_hash_handle *_thh; \ -+ if (head) { \ -+ unsigned _bkt_i; \ -+ unsigned _count; \ -+ char *_prev; \ -+ _count = 0; \ -+ for( _bkt_i = 0; _bkt_i < (head)->hh.tbl->num_buckets; _bkt_i++) { \ -+ unsigned _bkt_count = 0; \ -+ _thh = (head)->hh.tbl->buckets[_bkt_i].hh_head; \ -+ _prev = NULL; \ -+ while (_thh) { \ -+ if (_prev != (char*)(_thh->hh_prev)) { \ -+ HASH_OOPS("invalid hh_prev %p, actual %p\n", \ -+ _thh->hh_prev, _prev ); \ -+ } \ -+ _bkt_count++; \ -+ _prev = (char*)(_thh); \ -+ _thh = _thh->hh_next; \ -+ } \ -+ _count += _bkt_count; \ -+ if ((head)->hh.tbl->buckets[_bkt_i].count != _bkt_count) { \ -+ HASH_OOPS("invalid bucket count %u, actual %u\n", \ -+ (head)->hh.tbl->buckets[_bkt_i].count, _bkt_count); \ -+ } \ -+ } \ -+ if (_count != (head)->hh.tbl->num_items) { \ -+ HASH_OOPS("invalid hh item count %u, actual %u\n", \ -+ (head)->hh.tbl->num_items, _count ); \ -+ } \ -+ /* traverse hh in app order; check next/prev integrity, count */ \ -+ _count = 0; \ -+ _prev = NULL; \ -+ _thh = &(head)->hh; \ -+ while (_thh) { \ -+ _count++; \ -+ if (_prev !=(char*)(_thh->prev)) { \ -+ HASH_OOPS("invalid prev %p, actual %p\n", \ -+ _thh->prev, _prev ); \ -+ } \ -+ _prev = (char*)ELMT_FROM_HH((head)->hh.tbl, _thh); \ -+ _thh = ( _thh->next ? (UT_hash_handle*)((char*)(_thh->next) + \ -+ (head)->hh.tbl->hho) : NULL ); \ -+ } \ -+ if (_count != (head)->hh.tbl->num_items) { \ -+ HASH_OOPS("invalid app item count %u, actual %u\n", \ -+ (head)->hh.tbl->num_items, _count ); \ -+ } \ -+ } \ -+} while (0) -+#else -+#define HASH_FSCK(hh,head) -+#endif -+ -+/* When compiled with -DHASH_EMIT_KEYS, length-prefixed keys are emitted to -+ * the descriptor to which this macro is defined for tuning the hash function. -+ * The app can #include to get the prototype for write(2). */ -+#ifdef HASH_EMIT_KEYS -+#define HASH_EMIT_KEY(hh,head,keyptr,fieldlen) \ -+do { \ -+ unsigned _klen = fieldlen; \ -+ write(HASH_EMIT_KEYS, &_klen, sizeof(_klen)); \ -+ write(HASH_EMIT_KEYS, keyptr, (unsigned long)fieldlen); \ -+} while (0) -+#else -+#define HASH_EMIT_KEY(hh,head,keyptr,fieldlen) -+#endif -+ -+/* default to Jenkin's hash unless overridden e.g. DHASH_FUNCTION=HASH_SAX */ -+#ifdef HASH_FUNCTION -+#define HASH_FCN HASH_FUNCTION -+#else -+#define HASH_FCN HASH_JEN -+#endif -+ -+/* The Bernstein hash function, used in Perl prior to v5.6. Note (x<<5+x)=x*33. */ -+#define HASH_BER(key,keylen,hashv) \ -+do { \ -+ unsigned _hb_keylen=(unsigned)keylen; \ -+ const unsigned char *_hb_key=(const unsigned char*)(key); \ -+ (hashv) = 0; \ -+ while (_hb_keylen-- != 0U) { \ -+ (hashv) = (((hashv) << 5) + (hashv)) + *_hb_key++; \ -+ } \ -+} while (0) -+ -+ -+/* SAX/FNV/OAT/JEN hash functions are macro variants of those listed at -+ * http://eternallyconfuzzled.com/tuts/algorithms/jsw_tut_hashing.aspx */ -+#define HASH_SAX(key,keylen,hashv) \ -+do { \ -+ unsigned _sx_i; \ -+ const unsigned char *_hs_key=(const unsigned char*)(key); \ -+ hashv = 0; \ -+ for(_sx_i=0; _sx_i < keylen; _sx_i++) { \ -+ hashv ^= (hashv << 5) + (hashv >> 2) + _hs_key[_sx_i]; \ -+ } \ -+} while (0) -+/* FNV-1a variation */ -+#define HASH_FNV(key,keylen,hashv) \ -+do { \ -+ unsigned _fn_i; \ -+ const unsigned char *_hf_key=(const unsigned char*)(key); \ -+ hashv = 2166136261U; \ -+ for(_fn_i=0; _fn_i < keylen; _fn_i++) { \ -+ hashv = hashv ^ _hf_key[_fn_i]; \ -+ hashv = hashv * 16777619U; \ -+ } \ -+} while (0) -+ -+#define HASH_OAT(key,keylen,hashv) \ -+do { \ -+ unsigned _ho_i; \ -+ const unsigned char *_ho_key=(const unsigned char*)(key); \ -+ hashv = 0; \ -+ for(_ho_i=0; _ho_i < keylen; _ho_i++) { \ -+ hashv += _ho_key[_ho_i]; \ -+ hashv += (hashv << 10); \ -+ hashv ^= (hashv >> 6); \ -+ } \ -+ hashv += (hashv << 3); \ -+ hashv ^= (hashv >> 11); \ -+ hashv += (hashv << 15); \ -+} while (0) -+ -+#define HASH_JEN_MIX(a,b,c) \ -+do { \ -+ a -= b; a -= c; a ^= ( c >> 13 ); \ -+ b -= c; b -= a; b ^= ( a << 8 ); \ -+ c -= a; c -= b; c ^= ( b >> 13 ); \ -+ a -= b; a -= c; a ^= ( c >> 12 ); \ -+ b -= c; b -= a; b ^= ( a << 16 ); \ -+ c -= a; c -= b; c ^= ( b >> 5 ); \ -+ a -= b; a -= c; a ^= ( c >> 3 ); \ -+ b -= c; b -= a; b ^= ( a << 10 ); \ -+ c -= a; c -= b; c ^= ( b >> 15 ); \ -+} while (0) -+ -+#define HASH_JEN(key,keylen,hashv) \ -+do { \ -+ unsigned _hj_i,_hj_j,_hj_k; \ -+ unsigned const char *_hj_key=(unsigned const char*)(key); \ -+ hashv = 0xfeedbeefu; \ -+ _hj_i = _hj_j = 0x9e3779b9u; \ -+ _hj_k = (unsigned)(keylen); \ -+ while (_hj_k >= 12U) { \ -+ _hj_i += (_hj_key[0] + ( (unsigned)_hj_key[1] << 8 ) \ -+ + ( (unsigned)_hj_key[2] << 16 ) \ -+ + ( (unsigned)_hj_key[3] << 24 ) ); \ -+ _hj_j += (_hj_key[4] + ( (unsigned)_hj_key[5] << 8 ) \ -+ + ( (unsigned)_hj_key[6] << 16 ) \ -+ + ( (unsigned)_hj_key[7] << 24 ) ); \ -+ hashv += (_hj_key[8] + ( (unsigned)_hj_key[9] << 8 ) \ -+ + ( (unsigned)_hj_key[10] << 16 ) \ -+ + ( (unsigned)_hj_key[11] << 24 ) ); \ -+ \ -+ HASH_JEN_MIX(_hj_i, _hj_j, hashv); \ -+ \ -+ _hj_key += 12; \ -+ _hj_k -= 12U; \ -+ } \ -+ hashv += (unsigned)(keylen); \ -+ switch ( _hj_k ) { \ -+ case 11: hashv += ( (unsigned)_hj_key[10] << 24 ); /* FALLTHROUGH */ \ -+ case 10: hashv += ( (unsigned)_hj_key[9] << 16 ); /* FALLTHROUGH */ \ -+ case 9: hashv += ( (unsigned)_hj_key[8] << 8 ); /* FALLTHROUGH */ \ -+ case 8: _hj_j += ( (unsigned)_hj_key[7] << 24 ); /* FALLTHROUGH */ \ -+ case 7: _hj_j += ( (unsigned)_hj_key[6] << 16 ); /* FALLTHROUGH */ \ -+ case 6: _hj_j += ( (unsigned)_hj_key[5] << 8 ); /* FALLTHROUGH */ \ -+ case 5: _hj_j += _hj_key[4]; /* FALLTHROUGH */ \ -+ case 4: _hj_i += ( (unsigned)_hj_key[3] << 24 ); /* FALLTHROUGH */ \ -+ case 3: _hj_i += ( (unsigned)_hj_key[2] << 16 ); /* FALLTHROUGH */ \ -+ case 2: _hj_i += ( (unsigned)_hj_key[1] << 8 ); /* FALLTHROUGH */ \ -+ case 1: _hj_i += _hj_key[0]; \ -+ } \ -+ HASH_JEN_MIX(_hj_i, _hj_j, hashv); \ -+} while (0) -+ -+/* The Paul Hsieh hash function */ -+#undef get16bits -+#if (defined(__GNUC__) && defined(__i386__)) || defined(__WATCOMC__) \ -+ || defined(_MSC_VER) || defined (__BORLANDC__) || defined (__TURBOC__) -+#define get16bits(d) (*((const uint16_t *) (d))) -+#endif -+ -+#if !defined (get16bits) -+#define get16bits(d) ((((uint32_t)(((const uint8_t *)(d))[1])) << 8) \ -+ +(uint32_t)(((const uint8_t *)(d))[0]) ) -+#endif -+#define HASH_SFH(key,keylen,hashv) \ -+do { \ -+ unsigned const char *_sfh_key=(unsigned const char*)(key); \ -+ uint32_t _sfh_tmp, _sfh_len = (uint32_t)keylen; \ -+ \ -+ unsigned _sfh_rem = _sfh_len & 3U; \ -+ _sfh_len >>= 2; \ -+ hashv = 0xcafebabeu; \ -+ \ -+ /* Main loop */ \ -+ for (;_sfh_len > 0U; _sfh_len--) { \ -+ hashv += get16bits (_sfh_key); \ -+ _sfh_tmp = ((uint32_t)(get16bits (_sfh_key+2)) << 11) ^ hashv; \ -+ hashv = (hashv << 16) ^ _sfh_tmp; \ -+ _sfh_key += 2U*sizeof (uint16_t); \ -+ hashv += hashv >> 11; \ -+ } \ -+ \ -+ /* Handle end cases */ \ -+ switch (_sfh_rem) { \ -+ case 3: hashv += get16bits (_sfh_key); \ -+ hashv ^= hashv << 16; \ -+ hashv ^= (uint32_t)(_sfh_key[sizeof (uint16_t)]) << 18; \ -+ hashv += hashv >> 11; \ -+ break; \ -+ case 2: hashv += get16bits (_sfh_key); \ -+ hashv ^= hashv << 11; \ -+ hashv += hashv >> 17; \ -+ break; \ -+ case 1: hashv += *_sfh_key; \ -+ hashv ^= hashv << 10; \ -+ hashv += hashv >> 1; \ -+ } \ -+ \ -+ /* Force "avalanching" of final 127 bits */ \ -+ hashv ^= hashv << 3; \ -+ hashv += hashv >> 5; \ -+ hashv ^= hashv << 4; \ -+ hashv += hashv >> 17; \ -+ hashv ^= hashv << 25; \ -+ hashv += hashv >> 6; \ -+} while (0) -+ -+#ifdef HASH_USING_NO_STRICT_ALIASING -+/* The MurmurHash exploits some CPU's (x86,x86_64) tolerance for unaligned reads. -+ * For other types of CPU's (e.g. Sparc) an unaligned read causes a bus error. -+ * MurmurHash uses the faster approach only on CPU's where we know it's safe. -+ * -+ * Note the preprocessor built-in defines can be emitted using: -+ * -+ * gcc -m64 -dM -E - < /dev/null (on gcc) -+ * cc -## a.c (where a.c is a simple test file) (Sun Studio) -+ */ -+#if (defined(__i386__) || defined(__x86_64__) || defined(_M_IX86)) -+#define MUR_GETBLOCK(p,i) p[i] -+#else /* non intel */ -+#define MUR_PLUS0_ALIGNED(p) (((unsigned long)p & 3UL) == 0UL) -+#define MUR_PLUS1_ALIGNED(p) (((unsigned long)p & 3UL) == 1UL) -+#define MUR_PLUS2_ALIGNED(p) (((unsigned long)p & 3UL) == 2UL) -+#define MUR_PLUS3_ALIGNED(p) (((unsigned long)p & 3UL) == 3UL) -+#define WP(p) ((uint32_t*)((unsigned long)(p) & ~3UL)) -+#if (defined(__BIG_ENDIAN__) || defined(SPARC) || defined(__ppc__) || defined(__ppc64__)) -+#define MUR_THREE_ONE(p) ((((*WP(p))&0x00ffffff) << 8) | (((*(WP(p)+1))&0xff000000) >> 24)) -+#define MUR_TWO_TWO(p) ((((*WP(p))&0x0000ffff) <<16) | (((*(WP(p)+1))&0xffff0000) >> 16)) -+#define MUR_ONE_THREE(p) ((((*WP(p))&0x000000ff) <<24) | (((*(WP(p)+1))&0xffffff00) >> 8)) -+#else /* assume little endian non-intel */ -+#define MUR_THREE_ONE(p) ((((*WP(p))&0xffffff00) >> 8) | (((*(WP(p)+1))&0x000000ff) << 24)) -+#define MUR_TWO_TWO(p) ((((*WP(p))&0xffff0000) >>16) | (((*(WP(p)+1))&0x0000ffff) << 16)) -+#define MUR_ONE_THREE(p) ((((*WP(p))&0xff000000) >>24) | (((*(WP(p)+1))&0x00ffffff) << 8)) -+#endif -+#define MUR_GETBLOCK(p,i) (MUR_PLUS0_ALIGNED(p) ? ((p)[i]) : \ -+ (MUR_PLUS1_ALIGNED(p) ? MUR_THREE_ONE(p) : \ -+ (MUR_PLUS2_ALIGNED(p) ? MUR_TWO_TWO(p) : \ -+ MUR_ONE_THREE(p)))) -+#endif -+#define MUR_ROTL32(x,r) (((x) << (r)) | ((x) >> (32 - (r)))) -+#define MUR_FMIX(_h) \ -+do { \ -+ _h ^= _h >> 16; \ -+ _h *= 0x85ebca6bu; \ -+ _h ^= _h >> 13; \ -+ _h *= 0xc2b2ae35u; \ -+ _h ^= _h >> 16; \ -+} while (0) -+ -+#define HASH_MUR(key,keylen,hashv) \ -+do { \ -+ const uint8_t *_mur_data = (const uint8_t*)(key); \ -+ const int _mur_nblocks = (int)(keylen) / 4; \ -+ uint32_t _mur_h1 = 0xf88D5353u; \ -+ uint32_t _mur_c1 = 0xcc9e2d51u; \ -+ uint32_t _mur_c2 = 0x1b873593u; \ -+ uint32_t _mur_k1 = 0; \ -+ const uint8_t *_mur_tail; \ -+ const uint32_t *_mur_blocks = (const uint32_t*)(_mur_data+(_mur_nblocks*4)); \ -+ int _mur_i; \ -+ for(_mur_i = -_mur_nblocks; _mur_i!=0; _mur_i++) { \ -+ _mur_k1 = MUR_GETBLOCK(_mur_blocks,_mur_i); \ -+ _mur_k1 *= _mur_c1; \ -+ _mur_k1 = MUR_ROTL32(_mur_k1,15); \ -+ _mur_k1 *= _mur_c2; \ -+ \ -+ _mur_h1 ^= _mur_k1; \ -+ _mur_h1 = MUR_ROTL32(_mur_h1,13); \ -+ _mur_h1 = (_mur_h1*5U) + 0xe6546b64u; \ -+ } \ -+ _mur_tail = (const uint8_t*)(_mur_data + (_mur_nblocks*4)); \ -+ _mur_k1=0; \ -+ switch((keylen) & 3U) { \ -+ case 3: _mur_k1 ^= (uint32_t)_mur_tail[2] << 16; /* FALLTHROUGH */ \ -+ case 2: _mur_k1 ^= (uint32_t)_mur_tail[1] << 8; /* FALLTHROUGH */ \ -+ case 1: _mur_k1 ^= (uint32_t)_mur_tail[0]; \ -+ _mur_k1 *= _mur_c1; \ -+ _mur_k1 = MUR_ROTL32(_mur_k1,15); \ -+ _mur_k1 *= _mur_c2; \ -+ _mur_h1 ^= _mur_k1; \ -+ } \ -+ _mur_h1 ^= (uint32_t)(keylen); \ -+ MUR_FMIX(_mur_h1); \ -+ hashv = _mur_h1; \ -+} while (0) -+#endif /* HASH_USING_NO_STRICT_ALIASING */ -+ -+/* iterate over items in a known bucket to find desired item */ -+#define HASH_FIND_IN_BKT(tbl,hh,head,keyptr,keylen_in,hashval,out) \ -+do { \ -+ if ((head).hh_head != NULL) { \ -+ DECLTYPE_ASSIGN(out, ELMT_FROM_HH(tbl, (head).hh_head)); \ -+ } else { \ -+ (out) = NULL; \ -+ } \ -+ while ((out) != NULL) { \ -+ if ((out)->hh.hashv == (hashval) && (out)->hh.keylen == (keylen_in)) { \ -+ if (uthash_memcmp((out)->hh.key, keyptr, keylen_in) == 0) { \ -+ break; \ -+ } \ -+ } \ -+ if ((out)->hh.hh_next != NULL) { \ -+ DECLTYPE_ASSIGN(out, ELMT_FROM_HH(tbl, (out)->hh.hh_next)); \ -+ } else { \ -+ (out) = NULL; \ -+ } \ -+ } \ -+} while (0) -+ -+/* add an item to a bucket */ -+#define HASH_ADD_TO_BKT(head,addhh) \ -+do { \ -+ head.count++; \ -+ (addhh)->hh_next = head.hh_head; \ -+ (addhh)->hh_prev = NULL; \ -+ if (head.hh_head != NULL) { (head).hh_head->hh_prev = (addhh); } \ -+ (head).hh_head=addhh; \ -+ if ((head.count >= ((head.expand_mult+1U) * HASH_BKT_CAPACITY_THRESH)) \ -+ && ((addhh)->tbl->noexpand != 1U)) { \ -+ HASH_EXPAND_BUCKETS((addhh)->tbl); \ -+ } \ -+} while (0) -+ -+/* remove an item from a given bucket */ -+#define HASH_DEL_IN_BKT(hh,head,hh_del) \ -+ (head).count--; \ -+ if ((head).hh_head == hh_del) { \ -+ (head).hh_head = hh_del->hh_next; \ -+ } \ -+ if (hh_del->hh_prev) { \ -+ hh_del->hh_prev->hh_next = hh_del->hh_next; \ -+ } \ -+ if (hh_del->hh_next) { \ -+ hh_del->hh_next->hh_prev = hh_del->hh_prev; \ -+ } -+ -+/* Bucket expansion has the effect of doubling the number of buckets -+ * and redistributing the items into the new buckets. Ideally the -+ * items will distribute more or less evenly into the new buckets -+ * (the extent to which this is true is a measure of the quality of -+ * the hash function as it applies to the key domain). -+ * -+ * With the items distributed into more buckets, the chain length -+ * (item count) in each bucket is reduced. Thus by expanding buckets -+ * the hash keeps a bound on the chain length. This bounded chain -+ * length is the essence of how a hash provides constant time lookup. -+ * -+ * The calculation of tbl->ideal_chain_maxlen below deserves some -+ * explanation. First, keep in mind that we're calculating the ideal -+ * maximum chain length based on the *new* (doubled) bucket count. -+ * In fractions this is just n/b (n=number of items,b=new num buckets). -+ * Since the ideal chain length is an integer, we want to calculate -+ * ceil(n/b). We don't depend on floating point arithmetic in this -+ * hash, so to calculate ceil(n/b) with integers we could write -+ * -+ * ceil(n/b) = (n/b) + ((n%b)?1:0) -+ * -+ * and in fact a previous version of this hash did just that. -+ * But now we have improved things a bit by recognizing that b is -+ * always a power of two. We keep its base 2 log handy (call it lb), -+ * so now we can write this with a bit shift and logical AND: -+ * -+ * ceil(n/b) = (n>>lb) + ( (n & (b-1)) ? 1:0) -+ * -+ */ -+#define HASH_EXPAND_BUCKETS(tbl) \ -+do { \ -+ unsigned _he_bkt; \ -+ unsigned _he_bkt_i; \ -+ struct UT_hash_handle *_he_thh, *_he_hh_nxt; \ -+ UT_hash_bucket *_he_new_buckets, *_he_newbkt; \ -+ _he_new_buckets = (UT_hash_bucket*)uthash_malloc( \ -+ 2UL * tbl->num_buckets * sizeof(struct UT_hash_bucket)); \ -+ if (!_he_new_buckets) { uthash_fatal( "out of memory"); } \ -+ memset(_he_new_buckets, 0, \ -+ 2UL * tbl->num_buckets * sizeof(struct UT_hash_bucket)); \ -+ tbl->ideal_chain_maxlen = \ -+ (tbl->num_items >> (tbl->log2_num_buckets+1U)) + \ -+ (((tbl->num_items & ((tbl->num_buckets*2U)-1U)) != 0U) ? 1U : 0U); \ -+ tbl->nonideal_items = 0; \ -+ for(_he_bkt_i = 0; _he_bkt_i < tbl->num_buckets; _he_bkt_i++) \ -+ { \ -+ _he_thh = tbl->buckets[ _he_bkt_i ].hh_head; \ -+ while (_he_thh != NULL) { \ -+ _he_hh_nxt = _he_thh->hh_next; \ -+ HASH_TO_BKT( _he_thh->hashv, tbl->num_buckets*2U, _he_bkt); \ -+ _he_newbkt = &(_he_new_buckets[ _he_bkt ]); \ -+ if (++(_he_newbkt->count) > tbl->ideal_chain_maxlen) { \ -+ tbl->nonideal_items++; \ -+ _he_newbkt->expand_mult = _he_newbkt->count / \ -+ tbl->ideal_chain_maxlen; \ -+ } \ -+ _he_thh->hh_prev = NULL; \ -+ _he_thh->hh_next = _he_newbkt->hh_head; \ -+ if (_he_newbkt->hh_head != NULL) { _he_newbkt->hh_head->hh_prev = \ -+ _he_thh; } \ -+ _he_newbkt->hh_head = _he_thh; \ -+ _he_thh = _he_hh_nxt; \ -+ } \ -+ } \ -+ uthash_free( tbl->buckets, tbl->num_buckets*sizeof(struct UT_hash_bucket) ); \ -+ tbl->num_buckets *= 2U; \ -+ tbl->log2_num_buckets++; \ -+ tbl->buckets = _he_new_buckets; \ -+ tbl->ineff_expands = (tbl->nonideal_items > (tbl->num_items >> 1)) ? \ -+ (tbl->ineff_expands+1U) : 0U; \ -+ if (tbl->ineff_expands > 1U) { \ -+ tbl->noexpand=1; \ -+ uthash_noexpand_fyi(tbl); \ -+ } \ -+ uthash_expand_fyi(tbl); \ -+} while (0) -+ -+ -+/* This is an adaptation of Simon Tatham's O(n log(n)) mergesort */ -+/* Note that HASH_SORT assumes the hash handle name to be hh. -+ * HASH_SRT was added to allow the hash handle name to be passed in. */ -+#define HASH_SORT(head,cmpfcn) HASH_SRT(hh,head,cmpfcn) -+#define HASH_SRT(hh,head,cmpfcn) \ -+do { \ -+ unsigned _hs_i; \ -+ unsigned _hs_looping,_hs_nmerges,_hs_insize,_hs_psize,_hs_qsize; \ -+ struct UT_hash_handle *_hs_p, *_hs_q, *_hs_e, *_hs_list, *_hs_tail; \ -+ if (head != NULL) { \ -+ _hs_insize = 1; \ -+ _hs_looping = 1; \ -+ _hs_list = &((head)->hh); \ -+ while (_hs_looping != 0U) { \ -+ _hs_p = _hs_list; \ -+ _hs_list = NULL; \ -+ _hs_tail = NULL; \ -+ _hs_nmerges = 0; \ -+ while (_hs_p != NULL) { \ -+ _hs_nmerges++; \ -+ _hs_q = _hs_p; \ -+ _hs_psize = 0; \ -+ for ( _hs_i = 0; _hs_i < _hs_insize; _hs_i++ ) { \ -+ _hs_psize++; \ -+ _hs_q = (UT_hash_handle*)((_hs_q->next != NULL) ? \ -+ ((void*)((char*)(_hs_q->next) + \ -+ (head)->hh.tbl->hho)) : NULL); \ -+ if (! (_hs_q) ) { break; } \ -+ } \ -+ _hs_qsize = _hs_insize; \ -+ while ((_hs_psize > 0U) || ((_hs_qsize > 0U) && (_hs_q != NULL))) {\ -+ if (_hs_psize == 0U) { \ -+ _hs_e = _hs_q; \ -+ _hs_q = (UT_hash_handle*)((_hs_q->next != NULL) ? \ -+ ((void*)((char*)(_hs_q->next) + \ -+ (head)->hh.tbl->hho)) : NULL); \ -+ _hs_qsize--; \ -+ } else if ( (_hs_qsize == 0U) || (_hs_q == NULL) ) { \ -+ _hs_e = _hs_p; \ -+ if (_hs_p != NULL){ \ -+ _hs_p = (UT_hash_handle*)((_hs_p->next != NULL) ? \ -+ ((void*)((char*)(_hs_p->next) + \ -+ (head)->hh.tbl->hho)) : NULL); \ -+ } \ -+ _hs_psize--; \ -+ } else if (( \ -+ cmpfcn(DECLTYPE(head)(ELMT_FROM_HH((head)->hh.tbl,_hs_p)), \ -+ DECLTYPE(head)(ELMT_FROM_HH((head)->hh.tbl,_hs_q))) \ -+ ) <= 0) { \ -+ _hs_e = _hs_p; \ -+ if (_hs_p != NULL){ \ -+ _hs_p = (UT_hash_handle*)((_hs_p->next != NULL) ? \ -+ ((void*)((char*)(_hs_p->next) + \ -+ (head)->hh.tbl->hho)) : NULL); \ -+ } \ -+ _hs_psize--; \ -+ } else { \ -+ _hs_e = _hs_q; \ -+ _hs_q = (UT_hash_handle*)((_hs_q->next != NULL) ? \ -+ ((void*)((char*)(_hs_q->next) + \ -+ (head)->hh.tbl->hho)) : NULL); \ -+ _hs_qsize--; \ -+ } \ -+ if ( _hs_tail != NULL ) { \ -+ _hs_tail->next = ((_hs_e != NULL) ? \ -+ ELMT_FROM_HH((head)->hh.tbl,_hs_e) : NULL); \ -+ } else { \ -+ _hs_list = _hs_e; \ -+ } \ -+ if (_hs_e != NULL) { \ -+ _hs_e->prev = ((_hs_tail != NULL) ? \ -+ ELMT_FROM_HH((head)->hh.tbl,_hs_tail) : NULL); \ -+ } \ -+ _hs_tail = _hs_e; \ -+ } \ -+ _hs_p = _hs_q; \ -+ } \ -+ if (_hs_tail != NULL){ \ -+ _hs_tail->next = NULL; \ -+ } \ -+ if ( _hs_nmerges <= 1U ) { \ -+ _hs_looping=0; \ -+ (head)->hh.tbl->tail = _hs_tail; \ -+ DECLTYPE_ASSIGN(head,ELMT_FROM_HH((head)->hh.tbl, _hs_list)); \ -+ } \ -+ _hs_insize *= 2U; \ -+ } \ -+ HASH_FSCK(hh,head); \ -+ } \ -+} while (0) -+ -+/* This function selects items from one hash into another hash. -+ * The end result is that the selected items have dual presence -+ * in both hashes. There is no copy of the items made; rather -+ * they are added into the new hash through a secondary hash -+ * hash handle that must be present in the structure. */ -+#define HASH_SELECT(hh_dst, dst, hh_src, src, cond) \ -+do { \ -+ unsigned _src_bkt, _dst_bkt; \ -+ void *_last_elt=NULL, *_elt; \ -+ UT_hash_handle *_src_hh, *_dst_hh, *_last_elt_hh=NULL; \ -+ ptrdiff_t _dst_hho = ((char*)(&(dst)->hh_dst) - (char*)(dst)); \ -+ if (src != NULL) { \ -+ for(_src_bkt=0; _src_bkt < (src)->hh_src.tbl->num_buckets; _src_bkt++) { \ -+ for(_src_hh = (src)->hh_src.tbl->buckets[_src_bkt].hh_head; \ -+ _src_hh != NULL; \ -+ _src_hh = _src_hh->hh_next) { \ -+ _elt = ELMT_FROM_HH((src)->hh_src.tbl, _src_hh); \ -+ if (cond(_elt)) { \ -+ _dst_hh = (UT_hash_handle*)(((char*)_elt) + _dst_hho); \ -+ _dst_hh->key = _src_hh->key; \ -+ _dst_hh->keylen = _src_hh->keylen; \ -+ _dst_hh->hashv = _src_hh->hashv; \ -+ _dst_hh->prev = _last_elt; \ -+ _dst_hh->next = NULL; \ -+ if (_last_elt_hh != NULL) { _last_elt_hh->next = _elt; } \ -+ if (dst == NULL) { \ -+ DECLTYPE_ASSIGN(dst,_elt); \ -+ HASH_MAKE_TABLE(hh_dst,dst); \ -+ } else { \ -+ _dst_hh->tbl = (dst)->hh_dst.tbl; \ -+ } \ -+ HASH_TO_BKT(_dst_hh->hashv, _dst_hh->tbl->num_buckets, _dst_bkt); \ -+ HASH_ADD_TO_BKT(_dst_hh->tbl->buckets[_dst_bkt],_dst_hh); \ -+ (dst)->hh_dst.tbl->num_items++; \ -+ _last_elt = _elt; \ -+ _last_elt_hh = _dst_hh; \ -+ } \ -+ } \ -+ } \ -+ } \ -+ HASH_FSCK(hh_dst,dst); \ -+} while (0) -+ -+#define HASH_CLEAR(hh,head) \ -+do { \ -+ if (head != NULL) { \ -+ uthash_free((head)->hh.tbl->buckets, \ -+ (head)->hh.tbl->num_buckets*sizeof(struct UT_hash_bucket)); \ -+ HASH_BLOOM_FREE((head)->hh.tbl); \ -+ uthash_free((head)->hh.tbl, sizeof(UT_hash_table)); \ -+ (head)=NULL; \ -+ } \ -+} while (0) -+ -+#define HASH_OVERHEAD(hh,head) \ -+ ((head != NULL) ? ( \ -+ (size_t)(((head)->hh.tbl->num_items * sizeof(UT_hash_handle)) + \ -+ ((head)->hh.tbl->num_buckets * sizeof(UT_hash_bucket)) + \ -+ sizeof(UT_hash_table) + \ -+ (HASH_BLOOM_BYTELEN))) : 0U) -+ -+#ifdef NO_DECLTYPE -+#define HASH_ITER(hh,head,el,tmp) \ -+for(((el)=(head)), ((*(char**)(&(tmp)))=(char*)((head!=NULL)?(head)->hh.next:NULL)); \ -+ (el) != NULL; ((el)=(tmp)), ((*(char**)(&(tmp)))=(char*)((tmp!=NULL)?(tmp)->hh.next:NULL))) -+#else -+#define HASH_ITER(hh,head,el,tmp) \ -+for(((el)=(head)), ((tmp)=DECLTYPE(el)((head!=NULL)?(head)->hh.next:NULL)); \ -+ (el) != NULL; ((el)=(tmp)), ((tmp)=DECLTYPE(el)((tmp!=NULL)?(tmp)->hh.next:NULL))) -+#endif -+ -+/* obtain a count of items in the hash */ -+#define HASH_COUNT(head) HASH_CNT(hh,head) -+#define HASH_CNT(hh,head) ((head != NULL)?((head)->hh.tbl->num_items):0U) -+ -+typedef struct UT_hash_bucket { -+ struct UT_hash_handle *hh_head; -+ unsigned count; -+ -+ /* expand_mult is normally set to 0. In this situation, the max chain length -+ * threshold is enforced at its default value, HASH_BKT_CAPACITY_THRESH. (If -+ * the bucket's chain exceeds this length, bucket expansion is triggered). -+ * However, setting expand_mult to a non-zero value delays bucket expansion -+ * (that would be triggered by additions to this particular bucket) -+ * until its chain length reaches a *multiple* of HASH_BKT_CAPACITY_THRESH. -+ * (The multiplier is simply expand_mult+1). The whole idea of this -+ * multiplier is to reduce bucket expansions, since they are expensive, in -+ * situations where we know that a particular bucket tends to be overused. -+ * It is better to let its chain length grow to a longer yet-still-bounded -+ * value, than to do an O(n) bucket expansion too often. -+ */ -+ unsigned expand_mult; -+ -+} UT_hash_bucket; -+ -+/* random signature used only to find hash tables in external analysis */ -+#define HASH_SIGNATURE 0xa0111fe1u -+#define HASH_BLOOM_SIGNATURE 0xb12220f2u -+ -+typedef struct UT_hash_table { -+ UT_hash_bucket *buckets; -+ unsigned num_buckets, log2_num_buckets; -+ unsigned num_items; -+ struct UT_hash_handle *tail; /* tail hh in app order, for fast append */ -+ ptrdiff_t hho; /* hash handle offset (byte pos of hash handle in element */ -+ -+ /* in an ideal situation (all buckets used equally), no bucket would have -+ * more than ceil(#items/#buckets) items. that's the ideal chain length. */ -+ unsigned ideal_chain_maxlen; -+ -+ /* nonideal_items is the number of items in the hash whose chain position -+ * exceeds the ideal chain maxlen. these items pay the penalty for an uneven -+ * hash distribution; reaching them in a chain traversal takes >ideal steps */ -+ unsigned nonideal_items; -+ -+ /* ineffective expands occur when a bucket doubling was performed, but -+ * afterward, more than half the items in the hash had nonideal chain -+ * positions. If this happens on two consecutive expansions we inhibit any -+ * further expansion, as it's not helping; this happens when the hash -+ * function isn't a good fit for the key domain. When expansion is inhibited -+ * the hash will still work, albeit no longer in constant time. */ -+ unsigned ineff_expands, noexpand; -+ -+ uint32_t signature; /* used only to find hash tables in external analysis */ -+#ifdef HASH_BLOOM -+ uint32_t bloom_sig; /* used only to test bloom exists in external analysis */ -+ uint8_t *bloom_bv; -+ uint8_t bloom_nbits; -+#endif -+ -+} UT_hash_table; -+ -+typedef struct UT_hash_handle { -+ struct UT_hash_table *tbl; -+ void *prev; /* prev element in app order */ -+ void *next; /* next element in app order */ -+ struct UT_hash_handle *hh_prev; /* previous hh in bucket order */ -+ struct UT_hash_handle *hh_next; /* next hh in bucket order */ -+ void *key; /* ptr to enclosing struct's key */ -+ unsigned keylen; /* enclosing struct's key len */ -+ unsigned hashv; /* result of hash-fcn(key) */ -+} UT_hash_handle; -+ -+#endif /* UTHASH_H */ -diff --git a/server/utils.c b/server/utils.c -new file mode 100644 -index 0000000..14a60c7 ---- /dev/null -+++ b/server/utils.c -@@ -0,0 +1,448 @@ -+/* -+ * utils.c - Misc utilities -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include -+#include -+#include -+#include -+#include -+#ifndef __MINGW32__ -+#include -+#include -+#endif -+ -+#include -+#include -+ -+#include "utils.h" -+ -+#ifdef HAVE_SETRLIMIT -+#include -+#include -+#endif -+ -+#define INT_DIGITS 19 /* enough for 64 bit integer */ -+ -+#ifdef LIB_ONLY -+FILE *logfile; -+#endif -+ -+#ifdef HAS_SYSLOG -+int use_syslog = 0; -+#endif -+ -+#ifndef __MINGW32__ -+void -+ERROR(const char *s) -+{ -+ char *msg = strerror(errno); -+ LOGE("%s: %s", s, msg); -+} -+ -+#endif -+ -+int use_tty = 1; -+ -+char * -+ss_itoa(int i) -+{ -+ /* Room for INT_DIGITS digits, - and '\0' */ -+ static char buf[INT_DIGITS + 2]; -+ char *p = buf + INT_DIGITS + 1; /* points to terminating '\0' */ -+ if (i >= 0) { -+ do { -+ *--p = '0' + (i % 10); -+ i /= 10; -+ } while (i != 0); -+ return p; -+ } else { /* i < 0 */ -+ do { -+ *--p = '0' - (i % 10); -+ i /= 10; -+ } while (i != 0); -+ *--p = '-'; -+ } -+ return p; -+} -+ -+int -+ss_isnumeric(const char *s) { -+ if (!s || !*s) -+ return 0; -+ while (isdigit(*s)) -+ ++s; -+ return *s == '\0'; -+} -+ -+/* -+ * setuid() and setgid() for a specified user. -+ */ -+int -+run_as(const char *user) -+{ -+#ifndef __MINGW32__ -+ if (user[0]) { -+ /* Convert user to a long integer if it is a non-negative number. -+ * -1 means it is a user name. */ -+ long uid = -1; -+ if (ss_isnumeric(user)) { -+ errno = 0; -+ char *endptr; -+ uid = strtol(user, &endptr, 10); -+ if (errno || endptr == user) -+ uid = -1; -+ } -+ -+#ifdef HAVE_GETPWNAM_R -+ struct passwd pwdbuf, *pwd; -+ memset(&pwdbuf, 0, sizeof(struct passwd)); -+ size_t buflen; -+ int err; -+ -+ for (buflen = 128;; buflen *= 2) { -+ char buf[buflen]; /* variable length array */ -+ -+ /* Note that we use getpwnam_r() instead of getpwnam(), -+ * which returns its result in a statically allocated buffer and -+ * cannot be considered thread safe. */ -+ err = uid >= 0 ? getpwuid_r((uid_t)uid, &pwdbuf, buf, buflen, &pwd) -+ : getpwnam_r(user, &pwdbuf, buf, buflen, &pwd); -+ -+ if (err == 0 && pwd) { -+ /* setgid first, because we may not be allowed to do it anymore after setuid */ -+ if (setgid(pwd->pw_gid) != 0) { -+ LOGE( -+ "Could not change group id to that of run_as user '%s': %s", -+ pwd->pw_name, strerror(errno)); -+ return 0; -+ } -+ -+ if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { -+ LOGE("Could not change supplementary groups for user '%s'.", pwd->pw_name); -+ return 0; -+ } -+ -+ if (setuid(pwd->pw_uid) != 0) { -+ LOGE( -+ "Could not change user id to that of run_as user '%s': %s", -+ pwd->pw_name, strerror(errno)); -+ return 0; -+ } -+ break; -+ } else if (err != ERANGE) { -+ if (err) { -+ LOGE("run_as user '%s' could not be found: %s", user, -+ strerror(err)); -+ } else { -+ LOGE("run_as user '%s' could not be found.", user); -+ } -+ return 0; -+ } else if (buflen >= 16 * 1024) { -+ /* If getpwnam_r() seems defective, call it quits rather than -+ * keep on allocating ever larger buffers until we crash. */ -+ LOGE( -+ "getpwnam_r() requires more than %u bytes of buffer space.", -+ (unsigned)buflen); -+ return 0; -+ } -+ /* Else try again with larger buffer. */ -+ } -+#else -+ /* No getpwnam_r() :-( We'll use getpwnam() and hope for the best. */ -+ struct passwd *pwd; -+ -+ if (!(pwd = uid >=0 ? getpwuid((uid_t)uid) : getpwnam(user))) { -+ LOGE("run_as user %s could not be found.", user); -+ return 0; -+ } -+ /* setgid first, because we may not allowed to do it anymore after setuid */ -+ if (setgid(pwd->pw_gid) != 0) { -+ LOGE("Could not change group id to that of run_as user '%s': %s", -+ pwd->pw_name, strerror(errno)); -+ return 0; -+ } -+ if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { -+ LOGE("Could not change supplementary groups for user '%s'.", pwd->pw_name); -+ return 0; -+ } -+ if (setuid(pwd->pw_uid) != 0) { -+ LOGE("Could not change user id to that of run_as user '%s': %s", -+ pwd->pw_name, strerror(errno)); -+ return 0; -+ } -+#endif -+ } -+ -+#endif // __MINGW32__ -+ return 1; -+} -+ -+char * -+ss_strndup(const char *s, size_t n) -+{ -+ size_t len = strlen(s); -+ char *ret; -+ -+ if (len <= n) { -+ return strdup(s); -+ } -+ -+ ret = ss_malloc(n + 1); -+ strncpy(ret, s, n); -+ ret[n] = '\0'; -+ return ret; -+} -+ -+void -+FATAL(const char *msg) -+{ -+ LOGE("%s", msg); -+ exit(-1); -+} -+ -+void * -+ss_malloc(size_t size) -+{ -+ void *tmp = malloc(size); -+ if (tmp == NULL) -+ exit(EXIT_FAILURE); -+ return tmp; -+} -+ -+void * -+ss_realloc(void *ptr, size_t new_size) -+{ -+ void *new = realloc(ptr, new_size); -+ if (new == NULL) { -+ free(ptr); -+ ptr = NULL; -+ exit(EXIT_FAILURE); -+ } -+ return new; -+} -+ -+void -+usage() -+{ -+ printf("\n"); -+ printf("shadowsocks-libev %s with %s\n\n", VERSION, USING_CRYPTO); -+ printf( -+ " maintained by Max Lv and Linus Yang \n\n"); -+ printf(" usage:\n\n"); -+#ifdef MODULE_LOCAL -+ printf(" ss-local\n"); -+#elif MODULE_REMOTE -+ printf(" ss-server\n"); -+#elif MODULE_TUNNEL -+ printf(" ss-tunnel\n"); -+#elif MODULE_REDIR -+ printf(" ss-redir\n"); -+#elif MODULE_MANAGER -+ printf(" ss-manager\n"); -+#endif -+ printf("\n"); -+ printf( -+ " -s Host name or IP address of your remote server.\n"); -+ printf( -+ " -p Port number of your remote server.\n"); -+ printf( -+ " -l Port number of your local server.\n"); -+ printf( -+ " -k Password of your remote server.\n"); -+ printf( -+ " -m Encrypt method: table, rc4, rc4-md5,\n"); -+ printf( -+ " aes-128-cfb, aes-192-cfb, aes-256-cfb,\n"); -+ printf( -+ " aes-128-ctr, aes-192-ctr, aes-256-ctr,\n"); -+ printf( -+ " bf-cfb, camellia-128-cfb, camellia-192-cfb,\n"); -+ printf( -+ " camellia-256-cfb, cast5-cfb, des-cfb,\n"); -+ printf( -+ " idea-cfb, rc2-cfb, seed-cfb, salsa20,\n"); -+ printf( -+ " chacha20 and chacha20-ietf.\n"); -+ printf( -+ " The default cipher is rc4-md5.\n"); -+ printf("\n"); -+ printf( -+ " [-a ] Run as another user.\n"); -+ printf( -+ " [-f ] The file path to store pid.\n"); -+ printf( -+ " [-t ] Socket timeout in seconds.\n"); -+ printf( -+ " [-c ] The path to config file.\n"); -+#ifdef HAVE_SETRLIMIT -+ printf( -+ " [-n ] Max number of open files.\n"); -+#endif -+#ifndef MODULE_REDIR -+ printf( -+ " [-i ] Network interface to bind.\n"); -+#endif -+ printf( -+ " [-b ] Local address to bind.\n"); -+ printf("\n"); -+ printf( -+ " [-u] Enable UDP relay.\n"); -+#ifdef MODULE_REDIR -+ printf( -+ " TPROXY is required in redir mode.\n"); -+#endif -+ printf( -+ " [-U] Enable UDP relay and disable TCP relay.\n"); -+ printf( -+ " [-A] Enable onetime authentication.\n"); -+#ifdef MODULE_REMOTE -+ printf( -+ " [-6] Resovle hostname to IPv6 address first.\n"); -+#endif -+ printf("\n"); -+#ifdef MODULE_TUNNEL -+ printf( -+ " [-L :] Destination server address and port\n"); -+ printf( -+ " for local port forwarding.\n"); -+#endif -+#ifdef MODULE_REMOTE -+ printf( -+ " [-d ] Name servers for internal DNS resolver.\n"); -+#endif -+#if defined(MODULE_REMOTE) || defined(MODULE_LOCAL) -+ printf( -+ " [--fast-open] Enable TCP fast open.\n"); -+ printf( -+ " with Linux kernel > 3.7.0.\n"); -+ printf( -+ " [--acl ] Path to ACL (Access Control List).\n"); -+#endif -+#if defined(MODULE_REMOTE) || defined(MODULE_MANAGER) -+ printf( -+ " [--manager-address ] UNIX domain socket address.\n"); -+#endif -+#ifdef MODULE_MANAGER -+ printf( -+ " [--executable ] Path to the executable of ss-server.\n"); -+#endif -+ printf( -+ " [--mtu ] MTU of your network interface.\n"); -+#ifdef __linux__ -+ printf( -+ " [--mptcp] Enable Multipath TCP on MPTCP Kernel.\n"); -+#ifdef MODULE_REMOTE -+ printf( -+ " [--firewall] Setup firewall rules for auto blocking.\n"); -+#endif -+#endif -+ printf("\n"); -+ printf( -+ " [-v] Verbose mode.\n"); -+ printf( -+ " [-h, --help] Print this message.\n"); -+ printf("\n"); -+} -+ -+void -+daemonize(const char *path) -+{ -+#ifndef __MINGW32__ -+ /* Our process ID and Session ID */ -+ pid_t pid, sid; -+ -+ /* Fork off the parent process */ -+ pid = fork(); -+ if (pid < 0) { -+ exit(EXIT_FAILURE); -+ } -+ -+ /* If we got a good PID, then -+ * we can exit the parent process. */ -+ if (pid > 0) { -+ FILE *file = fopen(path, "w"); -+ if (file == NULL) { -+ FATAL("Invalid pid file\n"); -+ } -+ -+ fprintf(file, "%d", (int)pid); -+ fclose(file); -+ exit(EXIT_SUCCESS); -+ } -+ -+ /* Change the file mode mask */ -+ umask(0); -+ -+ /* Open any logs here */ -+ -+ /* Create a new SID for the child process */ -+ sid = setsid(); -+ if (sid < 0) { -+ /* Log the failure */ -+ exit(EXIT_FAILURE); -+ } -+ -+ /* Change the current working directory */ -+ if ((chdir("/")) < 0) { -+ /* Log the failure */ -+ exit(EXIT_FAILURE); -+ } -+ -+ /* Close out the standard file descriptors */ -+ close(STDIN_FILENO); -+ close(STDOUT_FILENO); -+ close(STDERR_FILENO); -+#endif -+} -+ -+#ifdef HAVE_SETRLIMIT -+int -+set_nofile(int nofile) -+{ -+ struct rlimit limit = { nofile, nofile }; /* set both soft and hard limit */ -+ -+ if (nofile <= 0) { -+ FATAL("nofile must be greater than 0\n"); -+ } -+ -+ if (setrlimit(RLIMIT_NOFILE, &limit) < 0) { -+ if (errno == EPERM) { -+ LOGE( -+ "insufficient permission to change NOFILE, not starting as root?"); -+ return -1; -+ } else if (errno == EINVAL) { -+ LOGE("invalid nofile, decrease nofile and try again"); -+ return -1; -+ } else { -+ LOGE("setrlimit failed: %s", strerror(errno)); -+ return -1; -+ } -+ } -+ -+ return 0; -+} -+ -+#endif -diff --git a/server/utils.h b/server/utils.h -new file mode 100644 -index 0000000..0fb7f5a ---- /dev/null -+++ b/server/utils.h -@@ -0,0 +1,232 @@ -+/* -+ * utils.h - Misc utilities -+ * -+ * Copyright (C) 2013 - 2016, Max Lv -+ * -+ * This file is part of the shadowsocks-libev. -+ * -+ * shadowsocks-libev is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * shadowsocks-libev is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with shadowsocks-libev; see the file COPYING. If not, see -+ * . -+ */ -+ -+#if defined(USE_CRYPTO_OPENSSL) -+ -+#include -+#define USING_CRYPTO OPENSSL_VERSION_TEXT -+ -+#elif defined(USE_CRYPTO_POLARSSL) -+#include -+#define USING_CRYPTO POLARSSL_VERSION_STRING_FULL -+ -+#elif defined(USE_CRYPTO_MBEDTLS) -+#include -+#define USING_CRYPTO MBEDTLS_VERSION_STRING_FULL -+ -+#endif -+ -+#ifndef _UTILS_H -+#define _UTILS_H -+ -+#include -+#include -+#include -+#include -+ -+#define PORTSTRLEN 16 -+#define SS_ADDRSTRLEN (INET6_ADDRSTRLEN + PORTSTRLEN + 1) -+ -+#ifdef ANDROID -+ -+#include -+ -+#define USE_TTY() -+#define USE_SYSLOG(ident) -+#define LOGI(...) \ -+ ((void)__android_log_print(ANDROID_LOG_DEBUG, "shadowsocks", \ -+ __VA_ARGS__)) -+#define LOGE(...) \ -+ ((void)__android_log_print(ANDROID_LOG_ERROR, "shadowsocks", \ -+ __VA_ARGS__)) -+ -+#else -+ -+#define STR(x) # x -+#define TOSTR(x) STR(x) -+ -+#ifdef LIB_ONLY -+ -+extern FILE *logfile; -+ -+#define TIME_FORMAT "%Y-%m-%d %H:%M:%S" -+ -+#define USE_TTY() -+ -+#define USE_SYSLOG(ident) -+ -+#define USE_LOGFILE(ident) \ -+ do { \ -+ if (ident != NULL) { logfile = fopen(ident, "w+"); } } \ -+ while (0) -+ -+#define CLOSE_LOGFILE \ -+ do { \ -+ if (logfile != NULL) { fclose(logfile); } } \ -+ while (0) -+ -+#define LOGI(format, ...) \ -+ do { \ -+ if (logfile != NULL) { \ -+ time_t now = time(NULL); \ -+ char timestr[20]; \ -+ strftime(timestr, 20, TIME_FORMAT, localtime(&now)); \ -+ fprintf(logfile, " %s INFO: " format "\n", timestr, ## __VA_ARGS__); \ -+ fflush(logfile); } \ -+ } \ -+ while (0) -+ -+#define LOGE(format, ...) \ -+ do { \ -+ if (logfile != NULL) { \ -+ time_t now = time(NULL); \ -+ char timestr[20]; \ -+ strftime(timestr, 20, TIME_FORMAT, localtime(&now)); \ -+ fprintf(logfile, " %s ERROR: " format "\n", timestr, \ -+ ## __VA_ARGS__); \ -+ fflush(logfile); } \ -+ } \ -+ while (0) -+ -+#elif defined(_WIN32) -+ -+#define TIME_FORMAT "%Y-%m-%d %H:%M:%S" -+ -+#define USE_TTY() -+ -+#define USE_SYSLOG(ident) -+ -+#define LOGI(format, ...) \ -+ do { \ -+ time_t now = time(NULL); \ -+ char timestr[20]; \ -+ strftime(timestr, 20, TIME_FORMAT, localtime(&now)); \ -+ fprintf(stderr, " %s INFO: " format "\n", timestr, ## __VA_ARGS__); \ -+ fflush(stderr); } \ -+ while (0) -+ -+#define LOGE(format, ...) \ -+ do { \ -+ time_t now = time(NULL); \ -+ char timestr[20]; \ -+ strftime(timestr, 20, TIME_FORMAT, localtime(&now)); \ -+ fprintf(stderr, " %s ERROR: " format "\n", timestr, ## __VA_ARGS__); \ -+ fflush(stderr); } \ -+ while (0) -+ -+#else -+ -+#include -+ -+extern int use_tty; -+#define USE_TTY() \ -+ do { \ -+ use_tty = isatty(STDERR_FILENO); \ -+ } while (0) \ -+ -+#define HAS_SYSLOG -+extern int use_syslog; -+ -+#define TIME_FORMAT "%F %T" -+ -+#define USE_SYSLOG(ident) \ -+ do { \ -+ use_syslog = 1; \ -+ openlog((ident), LOG_CONS | LOG_PID, 0); } \ -+ while (0) -+ -+#define LOGI(format, ...) \ -+ do { \ -+ if (use_syslog) { \ -+ syslog(LOG_INFO, format, ## __VA_ARGS__); \ -+ } else { \ -+ time_t now = time(NULL); \ -+ char timestr[20]; \ -+ strftime(timestr, 20, TIME_FORMAT, localtime(&now)); \ -+ if (use_tty) { \ -+ fprintf(stderr, "\e[01;32m %s INFO: \e[0m" format "\n", timestr, \ -+ ## __VA_ARGS__); \ -+ } else { \ -+ fprintf(stderr, " %s INFO: " format "\n", timestr, \ -+ ## __VA_ARGS__); \ -+ } \ -+ } \ -+ } \ -+ while (0) -+ -+#define LOGE(format, ...) \ -+ do { \ -+ if (use_syslog) { \ -+ syslog(LOG_ERR, format, ## __VA_ARGS__); \ -+ } else { \ -+ time_t now = time(NULL); \ -+ char timestr[20]; \ -+ strftime(timestr, 20, TIME_FORMAT, localtime(&now)); \ -+ if (use_tty) { \ -+ fprintf(stderr, "\e[01;35m %s ERROR: \e[0m" format "\n", timestr, \ -+ ## __VA_ARGS__); \ -+ } else { \ -+ fprintf(stderr, " %s ERROR: " format "\n", timestr, \ -+ ## __VA_ARGS__); \ -+ } \ -+ } } \ -+ while (0) -+ -+#endif -+/* _WIN32 */ -+ -+#endif -+ -+#ifdef __MINGW32__ -+ -+#ifdef ERROR -+#undef ERROR -+#endif -+#define ERROR(s) ss_error(s) -+ -+#else -+ -+void ERROR(const char *s); -+ -+#endif -+ -+char *ss_itoa(int i); -+int ss_isnumeric(const char *s); -+int run_as(const char *user); -+void FATAL(const char *msg); -+void usage(void); -+void daemonize(const char *path); -+char *ss_strndup(const char *s, size_t n); -+#ifdef HAVE_SETRLIMIT -+int set_nofile(int nofile); -+#endif -+ -+void *ss_malloc(size_t size); -+void *ss_realloc(void *ptr, size_t new_size); -+ -+#define ss_free(ptr) \ -+ do { \ -+ free(ptr); \ -+ ptr = NULL; \ -+ } while (0) -+ -+#endif // _UTILS_H -diff --git a/server/verify.c b/server/verify.c -new file mode 100644 -index 0000000..9e7393d ---- /dev/null -+++ b/server/verify.c -@@ -0,0 +1,188 @@ -+ -+#include "verify.h" -+ -+static int verify_simple_pack_unit_size = 2000; -+ -+typedef struct verify_simple_local_data { -+ char * recv_buffer; -+ int recv_buffer_size; -+}verify_simple_local_data; -+ -+void verify_simple_local_data_init(verify_simple_local_data* local) { -+ local->recv_buffer = (char*)malloc(16384); -+ local->recv_buffer_size = 0; -+} -+ -+obfs * verify_simple_new_obfs() { -+ obfs * self = new_obfs(); -+ self->l_data = malloc(sizeof(verify_simple_local_data)); -+ verify_simple_local_data_init((verify_simple_local_data*)self->l_data); -+ return self; -+} -+ -+void verify_simple_dispose(obfs *self) { -+ verify_simple_local_data *local = (verify_simple_local_data*)self->l_data; -+ if (local->recv_buffer != NULL) { -+ free(local->recv_buffer); -+ local->recv_buffer = NULL; -+ } -+ free(local); -+ self->l_data = NULL; -+ dispose_obfs(self); -+} -+ -+int verify_simple_pack_data(char *data, int datalength, char *outdata) { -+ unsigned char rand_len = (xorshift128plus() & 0xF) + 1; -+ int out_size = rand_len + datalength + 6; -+ outdata[0] = out_size >> 8; -+ outdata[1] = out_size; -+ outdata[2] = rand_len; -+ memmove(outdata + rand_len + 2, data, datalength); -+ fillcrc32((unsigned char *)outdata, out_size); -+ return out_size; -+} -+ -+int verify_simple_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t *capacity) { -+ char *plaindata = *pplaindata; -+ //verify_simple_local_data *local = (verify_simple_local_data*)self->l_data; -+ char * out_buffer = (char*)malloc(datalength * 2 + 32); -+ char * buffer = out_buffer; -+ char * data = plaindata; -+ int len = datalength; -+ int pack_len; -+ while ( len > verify_simple_pack_unit_size ) { -+ pack_len = verify_simple_pack_data(data, verify_simple_pack_unit_size, buffer); -+ buffer += pack_len; -+ data += verify_simple_pack_unit_size; -+ len -= verify_simple_pack_unit_size; -+ } -+ if (len > 0) { -+ pack_len = verify_simple_pack_data(data, len, buffer); -+ buffer += pack_len; -+ } -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int verify_simple_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t *capacity) { -+ char *plaindata = *pplaindata; -+ verify_simple_local_data *local = (verify_simple_local_data*)self->l_data; -+ uint8_t * recv_buffer = (uint8_t *)local->recv_buffer; -+ if (local->recv_buffer_size + datalength > 16384) -+ return -1; -+ memmove(recv_buffer + local->recv_buffer_size, plaindata, datalength); -+ local->recv_buffer_size += datalength; -+ -+ char * out_buffer = (char*)malloc(local->recv_buffer_size); -+ char * buffer = out_buffer; -+ while (local->recv_buffer_size > 2) { -+ int length = ((int)recv_buffer[0] << 8) | recv_buffer[1]; -+ if (length >= 8192 || length < 7) { -+ free(out_buffer); -+ local->recv_buffer_size = 0; -+ return -1; -+ } -+ if (length > local->recv_buffer_size) -+ break; -+ -+ int crc = crc32((unsigned char*)recv_buffer, length); -+ if (crc != -1) { -+ free(out_buffer); -+ local->recv_buffer_size = 0; -+ return -1; -+ } -+ int data_size = length - recv_buffer[2] - 6; -+ memmove(buffer, recv_buffer + 2 + recv_buffer[2], data_size); -+ buffer += data_size; -+ memmove(recv_buffer, recv_buffer + length, local->recv_buffer_size -= length); -+ } -+ int len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int verify_simple_server_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t *capacity) { -+ char *plaindata = *pplaindata; -+ //verify_simple_local_data *local = (verify_simple_local_data*)self->l_data; -+ char * out_buffer = (char*)malloc(datalength * 2 + 32); -+ char * buffer = out_buffer; -+ char * data = plaindata; -+ int len = datalength; -+ int pack_len; -+ while ( len > verify_simple_pack_unit_size ) { -+ pack_len = verify_simple_pack_data(data, verify_simple_pack_unit_size, buffer); -+ buffer += pack_len; -+ data += verify_simple_pack_unit_size; -+ len -= verify_simple_pack_unit_size; -+ } -+ if (len > 0) { -+ pack_len = verify_simple_pack_data(data, len, buffer); -+ buffer += pack_len; -+ } -+ len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -+ -+int verify_simple_server_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t *capacity) { -+ char *plaindata = *pplaindata; -+ verify_simple_local_data *local = (verify_simple_local_data*)self->l_data; -+ uint8_t * recv_buffer = (uint8_t *)local->recv_buffer; -+ if (local->recv_buffer_size + datalength > 16384) -+ { -+ LOGE("verify_simple: wrong buf length %d", local->recv_buffer_size + datalength); -+ return -1; -+ } -+ memmove(recv_buffer + local->recv_buffer_size, plaindata, datalength); -+ local->recv_buffer_size += datalength; -+ -+ char * out_buffer = (char*)malloc(local->recv_buffer_size); -+ char * buffer = out_buffer; -+ while (local->recv_buffer_size > 2) { -+ int length = ((int)recv_buffer[0] << 8) | recv_buffer[1]; -+ if (length >= 8192 || length < 7) { -+ free(out_buffer); -+ local->recv_buffer_size = 0; -+ LOGE("verify_simple: wrong length %d", length); -+ return -1; -+ } -+ if (length > local->recv_buffer_size) -+ break; -+ -+ int crc = crc32((unsigned char*)recv_buffer, length); -+ if (crc != -1) { -+ free(out_buffer); -+ local->recv_buffer_size = 0; -+ LOGE("verify_simple: wrong crc"); -+ return -1; -+ } -+ int data_size = length - recv_buffer[2] - 6; -+ memmove(buffer, recv_buffer + 2 + recv_buffer[2], data_size); -+ buffer += data_size; -+ memmove(recv_buffer, recv_buffer + length, local->recv_buffer_size -= length); -+ } -+ int len = buffer - out_buffer; -+ if (*capacity < len) { -+ *pplaindata = (char*)realloc(*pplaindata, *capacity = len * 2); -+ plaindata = *pplaindata; -+ } -+ memmove(plaindata, out_buffer, len); -+ free(out_buffer); -+ return len; -+} -diff --git a/server/verify.h b/server/verify.h -new file mode 100644 -index 0000000..57c6ff9 ---- /dev/null -+++ b/server/verify.h -@@ -0,0 +1,19 @@ -+/* -+ * verify.h - Define shadowsocksR server's buffers and callbacks -+ * -+ * Copyright (C) 2015 - 2016, Break Wa11 -+ */ -+ -+#ifndef _VERIFY_H -+#define _VERIFY_H -+ -+obfs * verify_simple_new_obfs(); -+void verify_simple_dispose(obfs *self); -+ -+int verify_simple_client_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+int verify_simple_client_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+ -+int verify_simple_server_pre_encrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+int verify_simple_server_post_decrypt(obfs *self, char **pplaindata, int datalength, size_t* capacity); -+ -+#endif // _VERIFY_H --- -2.19.1 - diff --git a/package/lean/shadowsocksr-libev/patches/0002-Revert-verify_simple-and-auth_simple.patch b/package/lean/shadowsocksr-libev/patches/0002-Revert-verify_simple-and-auth_simple.patch deleted file mode 100644 index 72ee3337..00000000 --- a/package/lean/shadowsocksr-libev/patches/0002-Revert-verify_simple-and-auth_simple.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/src/obfs/obfs.c b/src/obfs/obfs.c -index 463359f..4cd750a 100644 ---- a/src/obfs/obfs.c -+++ b/src/obfs/obfs.c -@@ -88,7 +88,7 @@ - plugin->client_decode = tls12_ticket_auth_client_decode; - - return plugin; -- /*} else if (strcmp(plugin_name, "verify_simple") == 0) { -+ } else if (strcmp(plugin_name, "verify_simple") == 0) { - obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs_class)); - plugin->init_data = init_data; - plugin->new_obfs = verify_simple_new_obfs; -@@ -115,7 +115,7 @@ - plugin->client_udp_pre_encrypt = NULL; - plugin->client_udp_post_decrypt = NULL; - -- return plugin;*/ -+ return plugin; - } else if (strcmp(plugin_name, "auth_sha1") == 0) { - obfs_class *plugin = (obfs_class *) malloc(sizeof(obfs_class)); - plugin->init_data = auth_simple_init_data; \ No newline at end of file diff --git a/package/lean/shadowsocksr-libev/patches/0003-Refine-Usage.patch b/package/lean/shadowsocksr-libev/patches/0003-Refine-Usage.patch deleted file mode 100644 index 85aa0f13..00000000 --- a/package/lean/shadowsocksr-libev/patches/0003-Refine-Usage.patch +++ /dev/null @@ -1,42 +0,0 @@ -diff --git a/src/utils.c b/src/utils.c -index 94f8a83..01bcbac 100644 ---- a/src/utils.c -+++ b/src/utils.c -@@ -258,8 +258,6 @@ usage() - { - printf("\n"); - printf("shadowsocks-libev %s with %s\n\n", VERSION, USING_CRYPTO); -- printf( -- " maintained by Max Lv and Linus Yang \n\n"); - printf(" usage:\n\n"); - #ifdef MODULE_LOCAL - printf(" ss-local\n"); -@@ -298,6 +296,25 @@ usage() - printf( - " The default cipher is rc4-md5.\n"); - printf("\n"); -+ printf( -+ " -o Obfs of your remote server: plain,\n"); -+ printf( -+ " http_simple, http_post and tls1.2_ticket_auth.\n"); -+ printf( -+ " -g Obfs-Param of your remote server.\n"); -+ printf( -+ " -O Protocol of your remote server: orgin,\n"); -+ printf( -+ " auth_sha1, auth_sha1_v2, auth_sha1_v4,\n"); -+ printf( -+ " auth_aes128_md5, auth_aes128_sha1,\n"); -+ printf( -+ " auth_chain_a, auth_chain_b, auth_chain_c,\n"); -+ printf( -+ " auth_chain_d, auth_chain_e and auth_chain_f.\n"); -+ printf( -+ " -G Protocol-Param of your remote server.\n"); -+ printf("\n"); - printf( - " [-a ] Run as another user.\n"); - printf( --- -2.19.1 - diff --git a/package/lean/shadowsocksr-libev/patches/999-Fix-Werror-sizeof-pointer-memaccess.patch b/package/lean/shadowsocksr-libev/patches/999-Fix-Werror-sizeof-pointer-memaccess.patch deleted file mode 100644 index 9da0c52b..00000000 --- a/package/lean/shadowsocksr-libev/patches/999-Fix-Werror-sizeof-pointer-memaccess.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/local.c -+++ b/src/local.c -@@ -718,7 +718,7 @@ - - ss_free(hostname); - } else { -- strncpy(host, ip, sizeof(ip)); -+ strncpy(host, ip, INET6_ADDRSTRLEN); - } - } - diff --git a/package/lean/simple-obfs/Makefile b/package/lean/simple-obfs/Makefile deleted file mode 100644 index 744f47e1..00000000 --- a/package/lean/simple-obfs/Makefile +++ /dev/null @@ -1,83 +0,0 @@ -# -# Copyright (C) 2017-2019 Jian Chang -# -# This is free software, licensed under the GNU General Public License v3. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=simple-obfs -PKG_VERSION:=0.0.5 -PKG_RELEASE:=5 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/shadowsocks/simple-obfs.git -PKG_SOURCE_VERSION:=486bebd9208539058e57e23a12f23103016e09b4 -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION) -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz - -PKG_LICENSE:=GPLv3 -PKG_LICENSE_FILES:=LICENSE -PKG_MAINTAINER:=Jian Chang - -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION) - -PKG_INSTALL:=1 -PKG_FIXUP:=autoreconf -PKG_USE_MIPS16:=0 -PKG_BUILD_PARALLEL:=1 -PKG_BUILD_DEPENDS:=libev - -PKG_CONFIG_DEPENDS:= CONFIG_SIMPLE_OBFS_STATIC_LINK - -include $(INCLUDE_DIR)/package.mk - -define Package/simple-obfs - SECTION:=net - CATEGORY:=Network - TITLE:=Simple-obfs - URL:=https://github.com/shadowsocks/simple-obfs - DEPENDS:=+libpthread +!SIMPLE_OBFS_STATIC_LINK:libev -endef - -Package/simple-obfs-server = $(Package/simple-obfs) - -define Package/simple-obfs-server/config -menu "Simple-obfs Compile Configuration" - depends on PACKAGE_simple-obfs || PACKAGE_simple-obfs-server - config SIMPLE_OBFS_STATIC_LINK - bool "enable static link libraries." - default n -endmenu -endef - -define Package/simple-obfs/description -Simple-obfs is a simple obfusacting tool, designed as plugin server of shadowsocks. -endef - -Package/simple-obfs-server/description = $(Package/simple-obfs/description) - -CONFIGURE_ARGS += \ - --disable-ssp \ - --disable-documentation \ - --disable-assert - -ifeq ($(CONFIG_SIMPLE_OBFS_STATIC_LINK),y) - CONFIGURE_ARGS += \ - --with-ev="$(STAGING_DIR)/usr" \ - LDFLAGS="-Wl,-static -static -static-libgcc" -endif - -define Package/simple-obfs/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/obfs-local $(1)/usr/bin -endef - -define Package/simple-obfs-server/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/obfs-server $(1)/usr/bin -endef - -$(eval $(call BuildPackage,simple-obfs)) -$(eval $(call BuildPackage,simple-obfs-server)) diff --git a/package/lean/tcpping/Makefile b/package/lean/tcpping/Makefile deleted file mode 100644 index 72e79e5b..00000000 --- a/package/lean/tcpping/Makefile +++ /dev/null @@ -1,38 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=tcpping -PKG_VERSION:=0.2 -PKG_RELEASE=$(PKG_SOURCE_VERSION) - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/coolsnowwolf/tcping -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=d890cc1bd8e3951390ceeff1ccb092a5d802850c -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz - -include $(INCLUDE_DIR)/package.mk - -define Package/tcpping - SECTION:=net - CATEGORY:=Network - DEPENDS:=+libnet-1.2.x - TITLE:=Ping look-alike that uses TCP SYN packets to get around firewalls and ICMP blackholes -endef - -define Package/tcpping/description -Ping look-alike that uses TCP SYN packets to get around firewalls and ICMP blackholes -endef - -define Build/Compile - $(MAKE) -C $(PKG_BUILD_DIR) \ - $(TARGET_CONFIGURE_OPTS) \ - CFLAGS="$(TARGET_CFLAGS) -I$(STAGING_DIR)/usr/lib/libnet-1.2.x/include -L$(STAGING_DIR)/usr/lib/libnet-1.2.x/lib" \ - INSTALL_PROG=":" -endef - -define Package/tcpping/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/tcpping $(1)/usr/bin/tcpping -endef - -$(eval $(call BuildPackage,tcpping)) diff --git a/package/lean/trojan/Makefile b/package/lean/trojan/Makefile deleted file mode 100644 index 432f9246..00000000 --- a/package/lean/trojan/Makefile +++ /dev/null @@ -1,69 +0,0 @@ -# -# Copyright (C) 2018-2019 wongsyrone -# -# This is free software, licensed under the GNU General Public License v3. -# See /LICENSE for more information. -# -include $(TOPDIR)/rules.mk - -PKG_NAME:=trojan -PKG_VERSION:=1.15.1 -PKG_RELEASE:=1 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/trojan-gfw/trojan.git -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=0bad2988c60200c15786baf6b9ea42d66ba2109c -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz - -CMAKE_INSTALL:=1 -PKG_BUILD_PARALLEL:=0 -PKG_BUILD_DEPENDS:=openssl - -PKG_LICENSE:=GPL-3.0 -PKG_MAINTAINER:=GreaterFire - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/cmake.mk - -TARGET_CXXFLAGS += -Wall -Wextra -TARGET_CXXFLAGS += $(FPIC) - -# LTO -TARGET_CXXFLAGS += -flto -TARGET_LDFLAGS += -flto - -# CXX standard -TARGET_CXXFLAGS += -std=c++11 -TARGET_CXXFLAGS := $(filter-out -O%,$(TARGET_CXXFLAGS)) -O3 -TARGET_CXXFLAGS += -ffunction-sections -fdata-sections -TARGET_LDFLAGS += -Wl,--gc-sections - -CMAKE_OPTIONS += \ - -DENABLE_MYSQL=OFF \ - -DENABLE_NAT=ON \ - -DENABLE_REUSE_PORT=ON \ - -DENABLE_SSL_KEYLOG=ON \ - -DENABLE_TLS13_CIPHERSUITES=ON \ - -DFORCE_TCP_FASTOPEN=OFF \ - -DSYSTEMD_SERVICE=OFF \ - -DOPENSSL_USE_STATIC_LIBS=FALSE \ - -DBoost_DEBUG=ON \ - -DBoost_NO_BOOST_CMAKE=ON - -define Package/trojan - SECTION:=net - CATEGORY:=Network - TITLE:=An unidentifiable mechanism that helps you bypass GFW - URL:=https://github.com/trojan-gfw/trojan - DEPENDS:=+libpthread +libstdcpp +libopenssl \ - +boost +boost-system +boost-program_options +boost-date_time -endef - -define Package/trojan/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/trojan $(1)/usr/sbin/trojan -endef - -$(eval $(call BuildPackage,trojan)) - diff --git a/package/lean/v2ray-plugin/Makefile b/package/lean/v2ray-plugin/Makefile deleted file mode 100644 index 5eb1dffa..00000000 --- a/package/lean/v2ray-plugin/Makefile +++ /dev/null @@ -1,59 +0,0 @@ -# -# Copyright (C) 2020 SharerMax -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=v2ray-plugin -PKG_VERSION:=1.3.0 -PKG_RELEASE:=2 -PKG_BUILD_DIR:=$(BUILD_DIR)/v2ray-plugin-$(PKG_VERSION) - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://codeload.github.com/shadowsocks/v2ray-plugin/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=dfb86cd8d9be86e665c4b86b68cd7037e4310de001656eef01ec9aeea71edd10 - -PKG_LICENSE:=MIT -PKG_LICENSE_FILES:=LICENSE -PKG_MAINTAINER:=madeye - -PKG_BUILD_DEPENDS:=golang/host -PKG_BUILD_PARALLEL:=1 -PKG_USE_MIPS16:=0 - -GO_PKG:=github.com/shadowsocks/v2ray-plugin -GO_PKG_LDFLAGS:=-s -w - -include $(INCLUDE_DIR)/package.mk -include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk - -define Package/v2ray-plugin - SECTION:=net - CATEGORY:=Network - TITLE:=SIP003 plugin for shadowsocks, based on v2ray - URL:=https://github.com/shadowsocks/v2ray-plugin - DEPENDS:=$(GO_ARCH_DEPENDS) +ca-certificates -endef - -define Package/v2ray-plugin/description - Yet another SIP003 plugin for shadowsocks, based on v2ray -endef - -define Build/Prepare - $(call Build/Prepare/Default) -endef - -define Build/Compile - $(call GoPackage/Build/Compile) - $(STAGING_DIR_HOST)/bin/upx --lzma --best $(GO_PKG_BUILD_BIN_DIR)/v2ray-plugin -endef - -define Package/v2ray-plugin/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(GO_PKG_BUILD_BIN_DIR)/v2ray-plugin $(1)/usr/bin/v2ray-plugin -endef -$(eval $(call GoBinPackage,v2ray-plugin)) -$(eval $(call BuildPackage,v2ray-plugin)) diff --git a/package/lean/v2ray/Config.in b/package/lean/v2ray/Config.in deleted file mode 100644 index 60700ede..00000000 --- a/package/lean/v2ray/Config.in +++ /dev/null @@ -1,153 +0,0 @@ -menu "V2Ray Configuration" - depends on PACKAGE_v2ray - -config V2RAY_COMPRESS_GOPROXY - bool "Compiling with GOPROXY proxy" - default n - -choice - prompt "JSON Config Support" - default V2RAY_JSON_INTERNAL - - config V2RAY_JSON_V2CTL - bool "Load JSON from V2Ctl" - - config V2RAY_JSON_INTERNAL - bool "Load JSON Internally" - - config V2RAY_JSON_NONE - bool "None" - -endchoice - -config V2RAY_EXCLUDE_V2CTL - bool "Exclude V2Ctl" - depends on V2RAY_JSON_INTERNAL || V2RAY_JSON_NONE - default y - -config V2RAY_EXCLUDE_ASSETS - bool "Exclude geoip.dat & geosite.dat" - default y - -config V2RAY_COMPRESS_UPX - bool "Compress executable files with UPX" - default y - -choice - prompt "Disable Features" - default V2RAY_DISABLE_NONE - - config V2RAY_DISABLE_NONE - bool "None" - - config V2RAY_DISABLE_CUSTOM - bool "Custom" - -endchoice - -config V2RAY_DISABLE_DNS - bool "Disable Internal DNS Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_LOG - bool "Disable Log Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_POLICY - bool "Disable Local Policy Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_REVERSE - bool "Disable Reverse Proxy Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_ROUTING - bool "Disable Internal Routing Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_STATISTICS - bool "Disable Statistics Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_BLACKHOLE_PROTO - bool "Disable Blackhole Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_DNS_PROXY - bool "Disable DNS Proxy" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_DOKODEMO_PROTO - bool "Disable Dokodemo-door Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_FREEDOM_PROTO - bool "Disable Freedom Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_MTPROTO_PROXY - bool "Disable MTProto Proxy" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_HTTP_PROTO - bool "Disable HTTP Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_SHADOWSOCKS_PROTO - bool "Disable Shadowsocks Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_SOCKS_PROTO - bool "Disable Socks Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_VMESS_PROTO - bool "Disable VMess Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_TCP_TRANS - bool "Disable TCP Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_MKCP_TRANS - bool "Disable mKCP Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_WEBSOCKET_TRANS - bool "Disable WebSocket Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_HTTP2_TRANS - bool "Disable HTTP/2 Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_DOMAIN_SOCKET_TRANS - bool "Disable Domain Socket Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_QUIC_TRANS - bool "Disable QUIC Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -endmenu diff --git a/package/lean/v2ray/Makefile b/package/lean/v2ray/Makefile deleted file mode 100644 index 40cee8e8..00000000 --- a/package/lean/v2ray/Makefile +++ /dev/null @@ -1,307 +0,0 @@ -# -# Copyright (C) 2019-2020 Xingwang Liao -# Copyright (C) 2019-2020 Mattraks -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=v2ray -PKG_VERSION:=4.23.1 -PKG_RELEASE:=1 -PKG_BUILD_DIR:=$(BUILD_DIR)/v2ray-core-$(PKG_VERSION) - -PKG_SOURCE:=v2ray-core-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://codeload.github.com/v2ray/v2ray-core/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=474b3aeed069d9867f7603a0544abcc0f31386cef9254423577ab752fc8d4dcc - -PKG_LICENSE:=MIT -PKG_LICENSE_FILES:=LICENSE -PKG_MAINTAINER:=Xingwang Liao - -PKG_CONFIG_DEPENDS := \ - CONFIG_V2RAY_JSON_V2CTL \ - CONFIG_V2RAY_JSON_INTERNAL \ - CONFIG_V2RAY_JSON_NONE \ - CONFIG_V2RAY_EXCLUDE_V2CTL \ - CONFIG_V2RAY_EXCLUDE_ASSETS \ - CONFIG_V2RAY_COMPRESS_GOPROXY \ - CONFIG_V2RAY_COMPRESS_UPX \ - CONFIG_V2RAY_DISABLE_NONE \ - CONFIG_V2RAY_DISABLE_CUSTOM \ - CONFIG_V2RAY_DISABLE_DNS \ - CONFIG_V2RAY_DISABLE_LOG \ - CONFIG_V2RAY_DISABLE_POLICY \ - CONFIG_V2RAY_DISABLE_REVERSE \ - CONFIG_V2RAY_DISABLE_ROUTING \ - CONFIG_V2RAY_DISABLE_STATISTICS \ - CONFIG_V2RAY_DISABLE_BLACKHOLE_PROTO \ - CONFIG_V2RAY_DISABLE_DNS_PROXY \ - CONFIG_V2RAY_DISABLE_DOKODEMO_PROTO \ - CONFIG_V2RAY_DISABLE_FREEDOM_PROTO \ - CONFIG_V2RAY_DISABLE_MTPROTO_PROXY \ - CONFIG_V2RAY_DISABLE_HTTP_PROTO \ - CONFIG_V2RAY_DISABLE_SHADOWSOCKS_PROTO \ - CONFIG_V2RAY_DISABLE_SOCKS_PROTO \ - CONFIG_V2RAY_DISABLE_VMESS_PROTO \ - CONFIG_V2RAY_DISABLE_TCP_TRANS \ - CONFIG_V2RAY_DISABLE_MKCP_TRANS \ - CONFIG_V2RAY_DISABLE_WEBSOCKET_TRANS \ - CONFIG_V2RAY_DISABLE_HTTP2_TRANS \ - CONFIG_V2RAY_DISABLE_DOMAIN_SOCKET_TRANS \ - CONFIG_V2RAY_DISABLE_QUIC_TRANS - -PKG_BUILD_DEPENDS:=golang/host -PKG_BUILD_PARALLEL:=1 -PKG_USE_MIPS16:=0 - -GO_PKG:=v2ray.com/core -GO_PKG_LDFLAGS:=-s -w -GO_PKG_LDFLAGS_X:= \ - v2ray.com/core.version=$(PKG_VERSION) \ - v2ray.com/core.build=Lean \ - v2ray.com/core.codename=OpenWrt - -include $(INCLUDE_DIR)/package.mk -include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk - -define Package/$(PKG_NAME) - TITLE:=A platform for building proxies - URL:=https://www.v2ray.com - SECTION:=net - CATEGORY:=Network - SUBMENU:=Project V - DEPENDS:=$(GO_ARCH_DEPENDS) +ca-certificates -endef - -define Package/$(PKG_NAME)/config - source "$(SOURCE)/Config.in" -endef - -define Package/$(PKG_NAME)/description -Project V is a set of network tools that help you to build your own computer network. -It secures your network connections and thus protects your privacy. - - This package contains v2ray, v2ctl and v2ray-assets. -endef - -ifeq ($(CONFIG_V2RAY_COMPRESS_GOPROXY),y) -export GO111MODULE=on -export GOPROXY=https://goproxy.cn -endif - -V2RAY_SED_ARGS:= - -ifeq ($(CONFIG_V2RAY_JSON_INTERNAL),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/main\/json"/\/\/ &/; \ - /\/\/ _ "v2ray.com\/core\/main\/jsonem"/s/\/\/ //; -else ifeq ($(CONFIG_V2RAY_JSON_NONE),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/main\/json"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_CUSTOM),y) - -ifeq ($(CONFIG_V2RAY_DISABLE_DNS),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/app\/dns"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_LOG),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/app\/log"/\/\/ &/; \ - s/_ "v2ray.com\/core\/app\/log\/command"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_POLICY),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/app\/policy"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_REVERSE),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/app\/reverse"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_ROUTING),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/app\/router"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_STATISTICS),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/app\/stats"/\/\/ &/; \ - s/_ "v2ray.com\/core\/app\/stats\/command"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_BLACKHOLE_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/blackhole"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_DNS_PROXY),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/dns"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_DOKODEMO_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/dokodemo"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_FREEDOM_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/freedom"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_MTPROTO_PROXY),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/mtproto"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_HTTP_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/http"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_SHADOWSOCKS_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/shadowsocks"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_SOCKS_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/socks"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_VMESS_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/proxy\/vmess\/inbound"/\/\/ &/; \ - s/_ "v2ray.com\/core\/proxy\/vmess\/outbound"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_TCP_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/transport\/internet\/tcp"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_MKCP_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/transport\/internet\/kcp"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_WEBSOCKET_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/transport\/internet\/websocket"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_HTTP2_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/transport\/internet\/http"/\/\/ &/; \ - s/_ "v2ray.com\/core\/transport\/internet\/headers\/http"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_DOMAIN_SOCKET_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/transport\/internet\/domainsocket"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_QUIC_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/transport\/internet\/quic"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_MKCP_TRANS)$(CONFIG_V2RAY_DISABLE_QUIC_TRANS),yy) -V2RAY_SED_ARGS += \ - s/_ "v2ray.com\/core\/transport\/internet\/headers\/noop"/\/\/ &/; \ - s/_ "v2ray.com\/core\/transport\/internet\/headers\/srtp"/\/\/ &/; \ - s/_ "v2ray.com\/core\/transport\/internet\/headers\/tls"/\/\/ &/; \ - s/_ "v2ray.com\/core\/transport\/internet\/headers\/utp"/\/\/ &/; \ - s/_ "v2ray.com\/core\/transport\/internet\/headers\/wechat"/\/\/ &/; \ - s/_ "v2ray.com\/core\/transport\/internet\/headers\/wireguard"/\/\/ &/; -endif - -endif - -GEOIP_VER:=latest -GEOIP_FILE:=geoip-$(GEOIP_VER).dat - -define Download/geoip.dat - URL:=https://github.com/v2ray/geoip/releases/$(GEOIP_VER)/download - URL_FILE:=geoip.dat - FILE:=$(GEOIP_FILE) - HASH:=skip -endef - -GEOSITE_VER:=latest -GEOSITE_FILE:=geosite-$(GEOSITE_VER).dat - -define Download/geosite.dat - URL:=https://github.com/v2ray/domain-list-community/releases/$(GEOSITE_VER)/download - URL_FILE:=dlc.dat - FILE:=$(GEOSITE_FILE) - HASH:=skip -endef - -define Build/Prepare - $(call Build/Prepare/Default) - -ifneq ($(CONFIG_V2RAY_EXCLUDE_ASSETS),y) - # move file to make sure download new file every build - mv -f $(DL_DIR)/$(GEOIP_FILE) $(PKG_BUILD_DIR)/release/config/geoip.dat - mv -f $(DL_DIR)/$(GEOSITE_FILE) $(PKG_BUILD_DIR)/release/config/geosite.dat -endif - -ifneq ($(V2RAY_SED_ARGS),) - ( \ - sed -i \ - '$(V2RAY_SED_ARGS)' \ - $(PKG_BUILD_DIR)/main/distro/all/all.go ; \ - ) -endif -endef - -define Build/Compile - $(eval GO_PKG_BUILD_PKG:=v2ray.com/core/main) - $(call GoPackage/Build/Compile) - mv -f $(GO_PKG_BUILD_BIN_DIR)/main $(GO_PKG_BUILD_BIN_DIR)/v2ray - -ifeq ($(CONFIG_V2RAY_COMPRESS_UPX),y) - $(STAGING_DIR_HOST)/bin/upx --lzma --best $(GO_PKG_BUILD_BIN_DIR)/v2ray -endif - -ifneq ($(CONFIG_V2RAY_EXCLUDE_V2CTL),y) - $(eval GO_PKG_BUILD_PKG:=v2ray.com/core/infra/control/main) - $(call GoPackage/Build/Compile) - mv -f $(GO_PKG_BUILD_BIN_DIR)/main $(GO_PKG_BUILD_BIN_DIR)/v2ctl - -ifeq ($(CONFIG_V2RAY_COMPRESS_UPX),y) - $(STAGING_DIR_HOST)/bin/upx --lzma --best $(GO_PKG_BUILD_BIN_DIR)/v2ctl -endif -endif -endef - -define Package/$(PKG_NAME)/install - $(INSTALL_DIR) $(1)/usr/bin/v2ray - - $(INSTALL_BIN) $(GO_PKG_BUILD_BIN_DIR)/v2ray $(1)/usr/bin/v2ray - -ifneq ($(CONFIG_V2RAY_EXCLUDE_V2CTL),y) - $(INSTALL_BIN) $(GO_PKG_BUILD_BIN_DIR)/v2ctl $(1)/usr/bin/v2ray -endif - -ifneq ($(CONFIG_V2RAY_EXCLUDE_ASSETS),y) - $(INSTALL_DATA) $(PKG_BUILD_DIR)/release/config/{geoip,geosite}.dat $(1)/usr/bin/v2ray -endif -endef - -ifneq ($(CONFIG_V2RAY_EXCLUDE_ASSETS),y) -$(eval $(call Download,geoip.dat)) -$(eval $(call Download,geosite.dat)) -endif - -$(eval $(call GoBinPackage,$(PKG_NAME))) -$(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/package/libs/libjson-c/Makefile b/package/libs/libjson-c/Makefile index 23cc7b5d..522de069 100644 --- a/package/libs/libjson-c/Makefile +++ b/package/libs/libjson-c/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=json-c PKG_VERSION:=0.12.1 -PKG_RELEASE:=3 +PKG_RELEASE:=3.1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-nodoc.tar.gz PKG_SOURCE_URL:=https://s3.amazonaws.com/json-c_releases/releases/ diff --git a/package/libs/libjson-c/patches/000-libm.patch b/package/libs/libjson-c/patches/000-libm.patch index 45adb059..e196b422 100644 --- a/package/libs/libjson-c/patches/000-libm.patch +++ b/package/libs/libjson-c/patches/000-libm.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -43,12 +43,6 @@ +@@ -43,12 +43,6 @@ AC_FUNC_MEMCMP AC_FUNC_MALLOC AC_FUNC_REALLOC AC_CHECK_FUNCS(strcasecmp strdup strerror snprintf vsnprintf vasprintf open vsyslog strncasecmp setlocale) diff --git a/package/libs/libjson-c/patches/001-Prevent-division-by-zero-in-linkhash.patch b/package/libs/libjson-c/patches/001-Prevent-division-by-zero-in-linkhash.patch new file mode 100644 index 00000000..5345328d --- /dev/null +++ b/package/libs/libjson-c/patches/001-Prevent-division-by-zero-in-linkhash.patch @@ -0,0 +1,32 @@ +From 77d935b7ae7871a1940cd827e850e6063044ec45 Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Mon, 4 May 2020 19:46:45 +0200 +Subject: [PATCH 2/2] Prevent division by zero in linkhash. + +If a linkhash with a size of zero is created, then modulo operations +are prone to division by zero operations. + +Purely protective measure against bad usage. +--- + linkhash.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/linkhash.c ++++ b/linkhash.c +@@ -10,6 +10,7 @@ + * + */ + ++#include + #include + #include + #include +@@ -431,6 +432,8 @@ struct lh_table* lh_table_new(int size, + int i; + struct lh_table *t; + ++ /* Allocate space for elements to avoid divisions by zero. */ ++ assert(size > 0); + t = (struct lh_table*)calloc(1, sizeof(struct lh_table)); + if(!t) lh_abort("lh_table_new: calloc failed\n"); + t->count = 0; diff --git a/package/libs/libjson-c/patches/002-Fix-integer-overflows.patch b/package/libs/libjson-c/patches/002-Fix-integer-overflows.patch new file mode 100644 index 00000000..2298785b --- /dev/null +++ b/package/libs/libjson-c/patches/002-Fix-integer-overflows.patch @@ -0,0 +1,83 @@ +From d07b91014986900a3a75f306d302e13e005e9d67 Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Mon, 4 May 2020 19:47:25 +0200 +Subject: [PATCH] Fix integer overflows. + +The data structures linkhash and printbuf are limited to 2 GB in size +due to a signed integer being used to track their current size. + +If too much data is added, then size variable can overflow, which is +an undefined behaviour in C programming language. + +Assuming that a signed int overflow just leads to a negative value, +like it happens on many sytems (Linux i686/amd64 with gcc), then +printbuf is vulnerable to an out of boundary write on 64 bit systems. +--- + linkhash.c | 7 +++++-- + printbuf.c | 19 ++++++++++++++++--- + 2 files changed, 21 insertions(+), 5 deletions(-) + +--- a/linkhash.c ++++ b/linkhash.c +@@ -498,7 +498,12 @@ int lh_table_insert(struct lh_table *t, + unsigned long h, n; + + t->inserts++; +- if(t->count >= t->size * LH_LOAD_FACTOR) lh_table_resize(t, t->size * 2); ++ if(t->count >= t->size * LH_LOAD_FACTOR) { ++ /* Avoid signed integer overflow with large tables. */ ++ int new_size = (t->size > INT_MAX / 2) ? INT_MAX : (t->size * 2); ++ if (t->size != INT_MAX) ++ lh_table_resize(t, new_size); ++ } + + h = t->hash_fn(k); + n = h % t->size; +--- a/printbuf.c ++++ b/printbuf.c +@@ -15,6 +15,7 @@ + + #include "config.h" + ++#include + #include + #include + #include +@@ -63,7 +64,16 @@ static int printbuf_extend(struct printb + if (p->size >= min_size) + return 0; + +- new_size = json_max(p->size * 2, min_size + 8); ++ /* Prevent signed integer overflows with large buffers. */ ++ if (min_size > INT_MAX - 8) ++ return -1; ++ if (p->size > INT_MAX / 2) ++ new_size = min_size + 8; ++ else { ++ new_size = p->size * 2; ++ if (new_size < min_size + 8) ++ new_size = min_size + 8; ++ } + #ifdef PRINTBUF_DEBUG + MC_DEBUG("printbuf_memappend: realloc " + "bpos=%d min_size=%d old_size=%d new_size=%d\n", +@@ -78,6 +88,9 @@ static int printbuf_extend(struct printb + + int printbuf_memappend(struct printbuf *p, const char *buf, int size) + { ++ /* Prevent signed integer overflows with large buffers. */ ++ if (size > INT_MAX - p->bpos - 1) ++ return -1; + if (p->size <= p->bpos + size + 1) { + if (printbuf_extend(p, p->bpos + size + 1) < 0) + return -1; +@@ -94,6 +107,9 @@ int printbuf_memset(struct printbuf *pb, + + if (offset == -1) + offset = pb->bpos; ++ /* Prevent signed integer overflows with large buffers. */ ++ if (len > INT_MAX - offset) ++ return -1; + size_needed = offset + len; + if (pb->size < size_needed) + { diff --git a/package/libs/libpcap/Makefile b/package/libs/libpcap/Makefile index fae955a5..c42fa86c 100644 --- a/package/libs/libpcap/Makefile +++ b/package/libs/libpcap/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libpcap PKG_VERSION:=1.9.1 -PKG_RELEASE:=1 +PKG_RELEASE:=2.1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.us.tcpdump.org/release/ \ @@ -20,7 +20,7 @@ PKG_FIXUP:=patch-libtool PKG_MAINTAINER:=Felix Fietkau PKG_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 +PKG_BUILD_PARALLEL:=0 PKG_LICENSE:=BSD-3-Clause include $(INCLUDE_DIR)/package.mk @@ -84,6 +84,10 @@ define Build/Configure $(if $(CONFIG_PCAP_HAS_USB),,$(SED) 's/pcap-usb-linux.c *//' $(PKG_BUILD_DIR)/Makefile) $(if $(CONFIG_PCAP_HAS_BT),,$(SED) '/^#define PCAP_SUPPORT_BT/D' $(PKG_BUILD_DIR)/config.h) $(if $(CONFIG_PCAP_HAS_BT),,$(SED) 's/pcap-bt-linux.c *//' $(PKG_BUILD_DIR)/Makefile) + + # Workaround https://bugs.openwrt.org/index.php?do=details&task_id=2970 + mkdir $(PKG_BUILD_DIR)/debian + echo "libpcap (1-0)" > $(PKG_BUILD_DIR)/debian/changelog endef define Build/InstallDev diff --git a/package/libs/libpcap/patches/100-debian_shared_lib.patch b/package/libs/libpcap/patches/100-debian_shared_lib.patch index 454490fb..ab70417d 100644 --- a/package/libs/libpcap/patches/100-debian_shared_lib.patch +++ b/package/libs/libpcap/patches/100-debian_shared_lib.patch @@ -3,12 +3,13 @@ build a shared library. --- a/Makefile.in +++ b/Makefile.in -@@ -40,6 +40,13 @@ mandir = @mandir@ +@@ -40,6 +40,14 @@ mandir = @mandir@ srcdir = @srcdir@ VPATH = @srcdir@ +# some defines for shared library compilation -+LIBVERSION=1 ++MAJ=0.8 ++LIBVERSION=$(shell head -1 debian/changelog | perl -nle 'm/\S+\s+\((\S+)-\S+\)/ and print $$1') +LIBNAME=pcap +LIBRARY=lib$(LIBNAME).a +SOLIBRARY=lib$(LIBNAME).so @@ -17,38 +18,38 @@ build a shared library. # # You shouldn't need to edit anything below. # -@@ -69,7 +76,8 @@ INSTALL_RPCAPD=@INSTALL_RPCAPD@ +@@ -69,7 +77,8 @@ INSTALL_RPCAPD=@INSTALL_RPCAPD@ EXTRA_NETWORK_LIBS=@EXTRA_NETWORK_LIBS@ # Standard CFLAGS for building members of a shared library -FULL_CFLAGS = $(CCOPT) @V_LIB_CCOPT_FAT@ $(SHLIB_CCOPT) $(INCLS) $(DEFS) $(CFLAGS) +FULL_CFLAGS = $(CCOPT) @V_LIB_CCOPT_FAT@ $(SHLIB_CCOPT) $(INCLS) $(DEFS) $(CFLAGS) $(CPPFLAGS) -+CFLAGS_SHARED = -shared -Wl,-soname,$(SHAREDLIB) ++CFLAGS_SHARED = -shared -Wl,-soname,$(SOLIBRARY).$(MAJ) -Wl,--version-script=libpcap-symbols.lds INSTALL = @INSTALL@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ -@@ -84,7 +92,11 @@ YACC = @YACC@ +@@ -84,7 +93,11 @@ YACC = @YACC@ # problem if you don't own the file but can write to the directory. .c.o: @rm -f $@ - $(CC) $(FULL_CFLAGS) -c $(srcdir)/$*.c + $(CC) $(FULL_CFLAGS) -c -o $@ $(srcdir)/$*.c + -+%_pic.o: %.c %.o ++%_pic.o: %.c + @rm -f $@ + $(CC) -fPIC $(FULL_CFLAGS) -c -o $@ $(srcdir)/$*.c PSRC = pcap-@V_PCAP@.c @USB_SRC@ @BT_SRC@ @BT_MONITOR_SRC@ @NETFILTER_SRC@ @DBUS_SRC@ @NETMAP_SRC@ @RDMA_SRC@ FSRC = @V_FINDALLDEVS@ -@@ -101,6 +113,7 @@ SRC = $(PSRC) $(FSRC) $(CSRC) $(SSRC) $( +@@ -101,6 +114,7 @@ SRC = $(PSRC) $(FSRC) $(CSRC) $(SSRC) $( # We would like to say "OBJ = $(SRC:.c=.o)" but Ultrix's make cannot # hack the extra indirection OBJ = $(PSRC:.c=.o) $(FSRC:.c=.o) $(CSRC:.c=.o) $(SSRC:.c=.o) $(GENSRC:.c=.o) $(LIBOBJS) -+OBJ_PIC = $(PSRC:.c=_pic.o) $(FSRC:.c=_pic.o) $(CSRC:.c=_pic.o) $(SSRC:.c=_pic.o) $(GENSRC:.c=_pic.o) ++OBJ_PIC = $(PSRC:.c=_pic.o) $(FSRC:.c=_pic.o) $(CSRC:.c=_pic.o) $(SSRC:.c=_pic.o) $(GENSRC:.c=_pic.o) $(LIBOBJS:.o=_pic.o) PUBHDR = \ pcap.h \ pcap-bpf.h \ -@@ -155,7 +168,7 @@ TAGFILES = \ +@@ -155,7 +169,7 @@ TAGFILES = \ CLEANFILES = $(OBJ) libpcap.a libpcap.so.`cat $(srcdir)/VERSION` \ $(PROG)-`cat $(srcdir)/VERSION`.tar.gz $(GENSRC) $(GENHDR) \ @@ -57,7 +58,7 @@ build a shared library. MAN1 = pcap-config.1 -@@ -392,7 +405,7 @@ libpcap.a: $(OBJ) +@@ -392,7 +406,7 @@ libpcap.a: $(OBJ) $(AR) rc $@ $(OBJ) $(ADDLARCHIVEOBJS) $(RANLIB) $@ @@ -66,20 +67,21 @@ build a shared library. libpcap.so: $(OBJ) @rm -f $@ -@@ -468,6 +481,12 @@ libpcap.shareda: $(OBJ) +@@ -468,6 +482,13 @@ libpcap.shareda: $(OBJ) # libpcap.none: +$(SHAREDLIB): $(OBJ_PIC) + -@rm -f $@ -+ -@rm -f $(SOLIBRARY) ++ -@rm -f $(SOLIBRARY) $(SOLIBRARY).$(MAJ) + $(CC) $(CFLAGS_SHARED) $(LDFLAGS) -o $(SHAREDLIB) $(OBJ_PIC) -lc $(LIBS) -+ ln -s $(SHAREDLIB) $(SOLIBRARY) ++ ln -s $(SHAREDLIB) $(SOLIBRARY).$(MAJ) ++ ln -s $(SOLIBRARY).$(MAJ) $(SOLIBRARY) + scanner.c: $(srcdir)/scanner.l $(LEX) -P pcap_ --header-file=scanner.h --nounput -o scanner.c $< scanner.h: scanner.c -@@ -480,6 +499,9 @@ scanner.h: scanner.c +@@ -480,6 +501,9 @@ scanner.h: scanner.c scanner.o: scanner.c grammar.h $(CC) $(FULL_CFLAGS) -c scanner.c @@ -89,17 +91,36 @@ build a shared library. grammar.c: $(srcdir)/grammar.y $(YACC) -p pcap_ -o grammar.c -d $< grammar.h: grammar.c -@@ -492,6 +514,9 @@ grammar.h: grammar.c +@@ -492,6 +516,10 @@ grammar.h: grammar.c grammar.o: grammar.c scanner.h $(CC) $(FULL_CFLAGS) -c grammar.c -+grammar_pic.o: grammar.c scanner.h ++grammar_pic.o: grammar.c ++ @rm -f $@ + $(CC) -fPIC $(FULL_CFLAGS) -o $@ -c grammar.c + gencode.o: $(srcdir)/gencode.c grammar.h scanner.h $(CC) $(FULL_CFLAGS) -c $(srcdir)/gencode.c -@@ -539,6 +564,9 @@ pcap-config: $(srcdir)/pcap-config.in ./ +@@ -504,9 +532,17 @@ snprintf.o: $(srcdir)/missing/snprintf.c + strlcat.o: $(srcdir)/missing/strlcat.c + $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strlcat.c + ++strlcat_pic.o: $(srcdir)/missing/strlcat.c ++ @rm -f $@ ++ $(CC) -fPIC $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strlcat.c ++ + strlcpy.o: $(srcdir)/missing/strlcpy.c + $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strlcpy.c + ++strlcpy_pic.o: $(srcdir)/missing/strlcpy.c ++ @rm -f $@ ++ $(CC) -fPIC $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strlcpy.c ++ + strtok_r.o: $(srcdir)/missing/strtok_r.c + $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strtok_r.c + +@@ -539,6 +575,9 @@ pcap-config: $(srcdir)/pcap-config.in ./ mv $@.tmp $@ chmod a+x $@ @@ -109,12 +130,8 @@ build a shared library. # # Remote pcap daemon. # -@@ -632,14 +660,11 @@ install: install-shared install-archive - $(DESTDIR)$(mandir)/man@MAN_MISC_INFO@/`echo $$i | sed 's/.manmisc.in/.@MAN_MISC_INFO@/'`; done - - install-shared: install-shared-$(DYEXT) --install-shared-so: libpcap.so -+install-shared-so: $(SHAREDLIB) +@@ -635,11 +674,9 @@ install-shared: install-shared-$(DYEXT) + install-shared-so: libpcap.so [ -d $(DESTDIR)$(libdir) ] || \ (mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir)) - VER=`cat $(srcdir)/VERSION`; \ @@ -123,7 +140,8 @@ build a shared library. - ln -sf libpcap.so.$$VER $(DESTDIR)$(libdir)/libpcap.so.$$MAJOR_VER; \ - ln -sf libpcap.so.$$MAJOR_VER $(DESTDIR)$(libdir)/libpcap.so + $(INSTALL_DATA) $(SHAREDLIB) $(DESTDIR)$(libdir)/ -+ ln -sf $(SHAREDLIB) $(DESTDIR)$(libdir)/$(SOLIBRARY) ++ ln -sf $(SHAREDLIB) $(DESTDIR)$(libdir)/$(SOLIBRARY).$(MAJ) ++ ln -sf $(SOLIBRARY).$(MAJ) $(DESTDIR)$(libdir)/$(SOLIBRARY) install-shared-dylib: libpcap.dylib [ -d $(DESTDIR)$(libdir) ] || \ (mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir)) @@ -147,22 +165,112 @@ build a shared library. V_SHLIB_CMD="\$(CC)" V_SHLIB_OPT="-shared" V_SONAME_OPT="-Wl,-soname," ---- a/pcap-config.in -+++ b/pcap-config.in -@@ -41,16 +41,6 @@ do - esac - shift - done --if [ "$V_RPATH_OPT" != "" ] --then -- # -- # If libdir isn't /usr/lib, add it to the run-time linker path. -- # -- if [ "$libdir" != "/usr/lib" ] -- then -- RPATH=$V_RPATH_OPT$libdir -- fi --fi - if [ "$static" = 1 ] - then - # +--- /dev/null ++++ b/libpcap-symbols.lds +@@ -0,0 +1,106 @@ ++{ ++ global: ++ bpf_dump; ++ bpf_filter; ++ bpf_image; ++ bpf_validate; ++ eproto_db; ++ pcap_breakloop; ++ pcap_can_set_rfmon; ++ pcap_close; ++ pcap_compile; ++ pcap_compile_nopcap; ++ pcap_datalink; ++ pcap_datalink_name_to_val; ++ pcap_datalink_val_to_description; ++ pcap_datalink_val_to_name; ++ pcap_dispatch; ++ pcap_dump; ++ pcap_dump_close; ++ pcap_dump_file; ++ pcap_dump_flush; ++ pcap_dump_fopen; ++ pcap_dump_ftell; ++ pcap_dump_open; ++ pcap_ether_aton; ++ pcap_ether_hostton; ++ pcap_file; ++ pcap_fileno; ++ pcap_findalldevs; ++ pcap_fopen_offline; ++ pcap_freealldevs; ++ pcap_freecode; ++ pcap_get_selectable_fd; ++ pcap_geterr; ++ pcap_getnonblock; ++ pcap_inject; ++ pcap_is_swapped; ++ pcap_lib_version; ++ pcap_list_datalinks; ++ pcap_lookupdev; ++ pcap_lookupnet; ++ pcap_loop; ++ pcap_major_version; ++ pcap_minor_version; ++ pcap_nametoaddr; ++ pcap_nametoaddrinfo; ++ pcap_nametoeproto; ++ pcap_nametollc; ++ pcap_nametonetaddr; ++ pcap_nametoport; ++ pcap_nametoportrange; ++ pcap_nametoproto; ++ pcap_next; ++ pcap_next_etherent; ++ pcap_next_ex; ++ pcap_open_dead; ++ pcap_open_live; ++ pcap_open_offline; ++ pcap_perror; ++ pcap_sendpacket; ++ pcap_set_datalink; ++ pcap_setdirection; ++ pcap_setfilter; ++ pcap_setnonblock; ++ pcap_snapshot; ++ pcap_stats; ++ pcap_statustostr; ++ pcap_strerror; ++ pcap_version; ++ /* introduced in pcap 1.0 */ ++ pcap_activate; ++ pcap_create; ++ pcap_datalink_ext; ++ pcap_free_datalinks; ++ pcap_offline_filter; ++ pcap_set_buffer_size; ++ pcap_set_promisc; ++ pcap_set_rfmon; ++ pcap_set_snaplen; ++ pcap_set_timeout; ++ /* introduced in pcap 1.2 */ ++ pcap_set_tstamp_type; ++ pcap_list_tstamp_types; ++ pcap_free_tstamp_types; ++ pcap_tstamp_type_name_to_val; ++ pcap_tstamp_type_val_to_name; ++ pcap_tstamp_type_val_to_description; ++ /* introduced in pcap 1.5 */ ++ pcap_set_immediate_mode; ++ pcap_set_tstamp_precision; ++ pcap_get_tstamp_precision; ++ pcap_open_dead_with_tstamp_precision; ++ pcap_open_offline_with_tstamp_precision; ++ pcap_fopen_offline_with_tstamp_precision; ++ /* introduced in pcap 1.7 */ ++ pcap_dump_open_append; ++ /* introduced in pcap 1.9.0 */ ++ pcap_bufsize; ++ pcap_dump_ftell64; ++ pcap_get_required_select_timeout; ++ pcap_set_protocol_linux; /* linux-only */ ++ /* introduced in pcap 1.9.1 */ ++ pcap_datalink_val_to_description_or_dlt; ++ local: ++ *; ++}; diff --git a/package/libs/libpcap/patches/102-makefile_disable_manpages.patch b/package/libs/libpcap/patches/102-makefile_disable_manpages.patch index bd1702be..5c8e6968 100644 --- a/package/libs/libpcap/patches/102-makefile_disable_manpages.patch +++ b/package/libs/libpcap/patches/102-makefile_disable_manpages.patch @@ -1,6 +1,6 @@ --- a/Makefile.in +++ b/Makefile.in -@@ -588,14 +588,6 @@ install: install-shared install-archive +@@ -599,14 +599,6 @@ install: install-shared install-archive (mkdir -p $(DESTDIR)$(includedir); chmod 755 $(DESTDIR)$(includedir)) [ -d $(DESTDIR)$(includedir)/pcap ] || \ (mkdir -p $(DESTDIR)$(includedir)/pcap; chmod 755 $(DESTDIR)$(includedir)/pcap) @@ -15,7 +15,7 @@ for i in $(PUBHDR); do \ $(INSTALL_DATA) $(srcdir)/$$i \ $(DESTDIR)$(includedir)/$$i; done -@@ -605,59 +597,6 @@ install: install-shared install-archive +@@ -616,59 +608,6 @@ install: install-shared install-archive [ -d $(DESTDIR)$(libdir)/pkgconfig ] || \ (mkdir -p $(DESTDIR)$(libdir)/pkgconfig; chmod 755 $(DESTDIR)$(libdir)/pkgconfig) $(INSTALL_DATA) libpcap.pc $(DESTDIR)$(libdir)/pkgconfig/libpcap.pc @@ -74,4 +74,4 @@ - $(DESTDIR)$(mandir)/man@MAN_MISC_INFO@/`echo $$i | sed 's/.manmisc.in/.@MAN_MISC_INFO@/'`; done install-shared: install-shared-$(DYEXT) - install-shared-so: $(SHAREDLIB) + install-shared-so: libpcap.so diff --git a/package/libs/libpcap/patches/103-makefile_flex_workaround.patch b/package/libs/libpcap/patches/103-makefile_flex_workaround.patch index 93e07c69..e6597ae1 100644 --- a/package/libs/libpcap/patches/103-makefile_flex_workaround.patch +++ b/package/libs/libpcap/patches/103-makefile_flex_workaround.patch @@ -3,7 +3,7 @@ --- a/Makefile.in +++ b/Makefile.in -@@ -59,7 +59,7 @@ MKDEP = @MKDEP@ +@@ -60,7 +60,7 @@ MKDEP = @MKDEP@ CCOPT = @V_CCOPT@ SHLIB_CCOPT = @V_SHLIB_CCOPT@ INCLS = -I. @V_INCLS@ diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile index 618a7470..978d5ca1 100644 --- a/package/libs/mbedtls/Makefile +++ b/package/libs/mbedtls/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mbedtls -PKG_VERSION:=2.16.4 +PKG_VERSION:=2.16.6 PKG_RELEASE:=1 PKG_USE_MIPS16:=0 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz PKG_SOURCE_URL:=https://tls.mbed.org/download/ -PKG_HASH:=5fdb9c43ab43fd9bcc3631508170b089ede7b86dd655253a93cb0ffeb42309f3 +PKG_HASH:=80a484df42f32dbe95665cd4b18ce0dd14b6c67dfd561d36d1475802e41eb3ed PKG_BUILD_PARALLEL:=1 PKG_LICENSE:=GPL-2.0+ diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index eb267f31..8fe00d97 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -9,9 +9,9 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl PKG_BASE:=1.1.1 -PKG_BUGFIX:=d +PKG_BUGFIX:=g PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX) -PKG_RELEASE:=2 +PKG_RELEASE:=1 PKG_USE_MIPS16:=0 ENGINES_DIR=engines-1.1 @@ -24,7 +24,7 @@ PKG_SOURCE_URL:= \ ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \ http://www.openssl.org/source/ \ http://www.openssl.org/source/old/$(PKG_BASE)/ -PKG_HASH:=1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2 +PKG_HASH:=ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46 PKG_LICENSE:=OpenSSL PKG_LICENSE_FILES:=LICENSE diff --git a/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch b/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch index 6c7143dd..81d41963 100644 --- a/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch +++ b/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch @@ -1,6 +1,6 @@ --- a/apps/openssl.cnf +++ b/apps/openssl.cnf -@@ -22,6 +22,53 @@ oid_section = new_oids +@@ -22,6 +22,82 @@ oid_section = new_oids # (Alternatively, use a configuration file that has only # X.509v3 extensions in its main [= default] section.) @@ -16,8 +16,37 @@ +#padlock=padlock + +[afalg] ++# Leave this alone and configure algorithms with CIPERS/DIGESTS below +default_algorithms = ALL + ++# The following commands are only available if using the alternative ++# (sync) AFALG engine ++# Configuration commands: ++# Run 'openssl engine -t -c -vv -pre DUMP_INFO devcrypto' to see a ++# list of supported algorithms, along with their driver, whether they ++# are hw accelerated or not, and the engine's configuration commands. ++ ++# USE_SOFTDRIVERS: specifies whether to use software (not accelerated) ++# drivers (0=use only accelerated drivers, 1=allow all drivers, 2=use ++# if acceleration can't be determined) [default=2] ++#USE_SOFTDRIVERS = 2 ++ ++# CIPHERS: either ALL, NONE, NO_ECB (all except ECB-mode) or a ++# comma-separated list of ciphers to enable [default=NO_ECB] ++# Starting in 1.2.0, if you use a cipher list, each cipher may be ++# followed by a colon (:) and the minimum request length to use ++# AF_ALG drivers for that cipher; smaller requests are processed by ++# softare; a negative value will use the default for that cipher ++#CIPHERS=AES-128-CBC:1024, AES-256-CBC:768, DES-EDE3-CBC:0 ++ ++# DIGESTS: either ALL, NONE, or a comma-separated list of digests to ++# enable [default=NONE] ++# It is strongly recommended not to enable digests; their performance ++# is poor, and there are many cases in which they will not work, ++# especially when calling fork with open crypto contexts. Openssh, ++# for example, does this, and you may not be able to login. ++#DIGESTS = NONE ++ +[devcrypto] +# Leave this alone and configure algorithms with CIPERS/DIGESTS below +default_algorithms = ALL diff --git a/package/libs/openssl/patches/430-e_devcrypto-make-the-dev-crypto-engine-dynamic.patch b/package/libs/openssl/patches/430-e_devcrypto-make-the-dev-crypto-engine-dynamic.patch index ee339424..71dc5bf9 100644 --- a/package/libs/openssl/patches/430-e_devcrypto-make-the-dev-crypto-engine-dynamic.patch +++ b/package/libs/openssl/patches/430-e_devcrypto-make-the-dev-crypto-engine-dynamic.patch @@ -1,4 +1,4 @@ -From f3cef70b34afde3afd13ce3636232d41533b0162 Mon Sep 17 00:00:00 2001 +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Tue, 6 Nov 2018 10:57:03 -0200 Subject: e_devcrypto: make the /dev/crypto engine dynamic @@ -20,7 +20,7 @@ index e00802a3fd..47fe948966 100644 - SOURCE[../../libcrypto]=eng_devcrypto.c -ENDIF diff --git a/crypto/init.c b/crypto/init.c -index 9fc0e8ef68..b387559920 100644 +index 1b0d523bea..ee3e2eb075 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -329,18 +329,6 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl) @@ -116,7 +116,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/engines/e_devcrypto.c similarity index 95% rename from crypto/engine/eng_devcrypto.c rename to engines/e_devcrypto.c -index 64dc6b891d..fb5c6e1636 100644 +index 0d420e50aa..3fcd81de7a 100644 --- a/crypto/engine/eng_devcrypto.c +++ b/engines/e_devcrypto.c @@ -7,7 +7,7 @@ @@ -128,15 +128,7 @@ index 64dc6b891d..fb5c6e1636 100644 #include #include #include -@@ -23,26 +23,26 @@ - #include - #include - --#include "internal/engine.h" -- - /* #define ENGINE_DEVCRYPTO_DEBUG */ - - #if CRYPTO_ALGORITHM_MIN < CRYPTO_ALGORITHM_MAX +@@ -31,18 +31,20 @@ # define CHECK_BSD_STYLE_MACROS #endif @@ -160,18 +152,7 @@ index 64dc6b891d..fb5c6e1636 100644 /* * cipher/digest status & acceleration definitions -@@ -66,6 +66,10 @@ struct driver_info_st { - char *driver_name; - }; - -+#ifdef OPENSSL_NO_DYNAMIC_ENGINE -+void engine_load_devcrypto_int(void); -+#endif -+ - static int clean_devcrypto_session(struct session_op *sess) { - if (ioctl(cfd, CIOCFSESSION, &sess->ses) < 0) { - SYSerr(SYS_F_IOCTL, errno); -@@ -341,6 +345,7 @@ static int cipher_ctrl(EVP_CIPHER_CTX *ctx, int type, int p1, void* p2) +@@ -341,6 +343,7 @@ static int cipher_ctrl(EVP_CIPHER_CTX *ctx, int type, int p1, void* p2) struct cipher_ctx *to_cipher_ctx; switch (type) { @@ -179,7 +160,7 @@ index 64dc6b891d..fb5c6e1636 100644 case EVP_CTRL_COPY: if (cipher_ctx == NULL) return 1; -@@ -702,7 +707,6 @@ static int digest_init(EVP_MD_CTX *ctx) +@@ -702,7 +705,6 @@ static int digest_init(EVP_MD_CTX *ctx) SYSerr(SYS_F_IOCTL, errno); return 0; } @@ -187,7 +168,7 @@ index 64dc6b891d..fb5c6e1636 100644 return 1; } -@@ -1058,7 +1062,7 @@ static const ENGINE_CMD_DEFN devcrypto_cmds[] = { +@@ -1058,7 +1060,7 @@ static const ENGINE_CMD_DEFN devcrypto_cmds[] = { OPENSSL_MSTR(DEVCRYPTO_USE_SOFTWARE) "=allow all drivers, " OPENSSL_MSTR(DEVCRYPTO_REJECT_SOFTWARE) "=use if acceleration can't be determined) [default=" @@ -196,7 +177,7 @@ index 64dc6b891d..fb5c6e1636 100644 ENGINE_CMD_FLAG_NUMERIC}, #endif -@@ -1166,55 +1170,70 @@ static int devcrypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) +@@ -1166,55 +1168,70 @@ static int devcrypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) * *****/ @@ -284,12 +265,12 @@ index 64dc6b891d..fb5c6e1636 100644 - || !ENGINE_set_ctrl_function(e, devcrypto_ctrl) + || !ENGINE_set_ctrl_function(e, devcrypto_ctrl)) + return 0; -+ + + prepare_cipher_methods(); +#ifdef IMPLEMENT_DIGEST + prepare_digest_methods(); +#endif - ++ + return (ENGINE_set_ciphers(e, devcrypto_ciphers) +#ifdef IMPLEMENT_DIGEST + && ENGINE_set_digests(e, devcrypto_digests) @@ -297,7 +278,7 @@ index 64dc6b891d..fb5c6e1636 100644 /* * Asymmetric ciphers aren't well supported with /dev/crypto. Among the BSD * implementations, it seems to only exist in FreeBSD, and regarding the -@@ -1237,23 +1256,36 @@ void engine_load_devcrypto_int() +@@ -1237,23 +1254,36 @@ void engine_load_devcrypto_int() */ #if 0 # ifndef OPENSSL_NO_RSA @@ -343,7 +324,7 @@ index 64dc6b891d..fb5c6e1636 100644 ENGINE_free(e); return; } -@@ -1262,3 +1294,22 @@ void engine_load_devcrypto_int() +@@ -1262,3 +1292,22 @@ void engine_load_devcrypto_int() ENGINE_free(e); /* Loose our local reference */ ERR_clear_error(); } diff --git a/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch b/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch index 89385fa4..1f1cd7a5 100644 --- a/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch +++ b/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch @@ -1,4 +1,4 @@ -From 52ddedc09ee81fe05ea2fa384fce89afe92d6d72 Mon Sep 17 00:00:00 2001 +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Mon, 11 Mar 2019 09:29:13 -0300 Subject: e_devcrypto: default to not use digests in engine @@ -20,10 +20,10 @@ turn them on if it is safe and fast enough. Signed-off-by: Eneas U de Queiroz diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c -index fb5c6e1636..7741138b82 100644 +index 3fcd81de7a..d25230d366 100644 --- a/engines/e_devcrypto.c +++ b/engines/e_devcrypto.c -@@ -854,7 +854,7 @@ static void prepare_digest_methods(void) +@@ -852,7 +852,7 @@ static void prepare_digest_methods(void) for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data); i++) { @@ -32,7 +32,7 @@ index fb5c6e1636..7741138b82 100644 /* * Check that the digest is usable -@@ -1074,7 +1074,7 @@ static const ENGINE_CMD_DEFN devcrypto_cmds[] = { +@@ -1072,7 +1072,7 @@ static const ENGINE_CMD_DEFN devcrypto_cmds[] = { #ifdef IMPLEMENT_DIGEST {DEVCRYPTO_CMD_DIGESTS, "DIGESTS", diff --git a/package/libs/openssl/patches/510-e_devcrypto-ignore-error-when-closing-session.patch b/package/libs/openssl/patches/510-e_devcrypto-ignore-error-when-closing-session.patch index 08799437..bc514b88 100644 --- a/package/libs/openssl/patches/510-e_devcrypto-ignore-error-when-closing-session.patch +++ b/package/libs/openssl/patches/510-e_devcrypto-ignore-error-when-closing-session.patch @@ -1,4 +1,4 @@ -From b6b2744f06f64922b449b3cb4bf0ad3df3efba71 Mon Sep 17 00:00:00 2001 +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Mon, 11 Mar 2019 10:15:14 -0300 Subject: e_devcrypto: ignore error when closing session @@ -9,10 +9,10 @@ session. It may have been closed by another process after a fork. Signed-off-by: Eneas U de Queiroz diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c -index 7741138b82..2480bdbd57 100644 +index d25230d366..f4570f1666 100644 --- a/engines/e_devcrypto.c +++ b/engines/e_devcrypto.c -@@ -197,9 +197,8 @@ static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, +@@ -195,9 +195,8 @@ static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, get_cipher_data(EVP_CIPHER_CTX_nid(ctx)); /* cleanup a previous session */ diff --git a/package/libs/readline/Makefile b/package/libs/readline/Makefile index ddf05986..e0204104 100644 --- a/package/libs/readline/Makefile +++ b/package/libs/readline/Makefile @@ -25,6 +25,8 @@ PKG_INSTALL:=1 include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/host-build.mk +HOST_BUILD_DEPENDS:=ncurses/host + define Package/libreadline SECTION:=libs CATEGORY:=Libraries diff --git a/package/libs/ustream-ssl/Makefile b/package/libs/ustream-ssl/Makefile index 07377b07..d5fcaf4d 100644 --- a/package/libs/ustream-ssl/Makefile +++ b/package/libs/ustream-ssl/Makefile @@ -1,13 +1,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ustream-ssl -PKG_RELEASE:=2 +PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/ustream-ssl.git -PKG_SOURCE_DATE:=2019-11-05 -PKG_SOURCE_VERSION:=c9b6668215a27f2346d5eedd6f29cc720985b448 -PKG_MIRROR_HASH:=28b53b7e27b68d62c8fbbc57660d915bdcb6a464157c1930f16ed67e151398e9 +PKG_SOURCE_DATE:=2020-03-13 +PKG_SOURCE_VERSION:=40b563b1ea89dabb2b6cd90644908134a0c8eff2 +PKG_MIRROR_HASH:=db562c9919b4045c7b735c935b0a93983686b827ec4d537e8aa875c7e6df21a1 CMAKE_INSTALL:=1 PKG_LICENSE:=ISC diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile index 4a93a2fa..d31f4c7e 100644 --- a/package/network/services/dnsmasq/Makefile +++ b/package/network/services/dnsmasq/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsmasq PKG_UPSTREAM_VERSION:=2.80 PKG_VERSION:=$(subst test,~~test,$(subst rc,~rc,$(PKG_UPSTREAM_VERSION))) -PKG_RELEASE:=15 +PKG_RELEASE:=16.1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_UPSTREAM_VERSION).tar.xz PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init index 1054f7a1..06d83b06 100644 --- a/package/network/services/dnsmasq/files/dnsmasq.init +++ b/package/network/services/dnsmasq/files/dnsmasq.init @@ -866,6 +866,7 @@ dnsmasq_start() append_bool "$cfg" allservers "--all-servers" append_bool "$cfg" noping "--no-ping" append_bool "$cfg" rapidcommit "--dhcp-rapid-commit" + append_bool "$cfg" scriptarp "--script-arp" append_parm "$cfg" logfacility "--log-facility" @@ -915,6 +916,7 @@ dnsmasq_start() config_get user_dhcpscript $cfg dhcpscript if has_handler || [ -n "$user_dhcpscript" ]; then xappend "--dhcp-script=$DHCPSCRIPT" + xappend "--script-arp" fi config_get leasefile $cfg leasefile "/tmp/dhcp.leases" @@ -961,10 +963,9 @@ dnsmasq_start() xappend "--conf-file=$TRUSTANCHORSFILE" xappend "--dnssec" [ -x /etc/init.d/sysntpd ] && { - /etc/init.d/sysntpd enabled - [ "$?" -ne 0 -o "$(uci_get system.ntp.enabled)" = "1" ] && { + if /etc/init.d/sysntpd enabled || [ "$(uci_get system.ntp.enabled)" = "1" ] ; then [ -f "$TIMEVALIDFILE" ] || xappend "--dnssec-no-timecheck" - } + fi } append_bool "$cfg" dnsseccheckunsigned "--dnssec-check-unsigned" } diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index 48dff349..354f0944 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hostapd -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE_URL:=http://w1.fi/hostap.git PKG_SOURCE_PROTO:=git diff --git a/package/network/services/hostapd/patches/090-wolfssl-fix-crypto_bignum_sum.patch b/package/network/services/hostapd/patches/090-wolfssl-fix-crypto_bignum_sum.patch new file mode 100644 index 00000000..7cc0dec3 --- /dev/null +++ b/package/network/services/hostapd/patches/090-wolfssl-fix-crypto_bignum_sum.patch @@ -0,0 +1,26 @@ +From 1766e608ba1114220f3b3598e77aa53b50c38a6e Mon Sep 17 00:00:00 2001 +From: Jouni Malinen +Date: Mon, 14 Oct 2019 19:27:47 +0300 +Subject: [PATCH] wolfSSL: Fix crypto_bignum_sub() + +The initial crypto wrapper implementation for wolfSSL seems to have +included a copy-paste error in crypto_bignum_sub() implementation that +was identical to crypto_bignum_add() while mp_sub() should have been +used instead of mp_add(). + +Signed-off-by: Jouni Malinen +--- + src/crypto/crypto_wolfssl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/crypto/crypto_wolfssl.c ++++ b/src/crypto/crypto_wolfssl.c +@@ -1151,7 +1151,7 @@ int crypto_bignum_sub(const struct crypt + if (TEST_FAIL()) + return -1; + +- return mp_add((mp_int *) a, (mp_int *) b, ++ return mp_sub((mp_int *) a, (mp_int *) b, + (mp_int *) r) == MP_OKAY ? 0 : -1; + } + diff --git a/package/network/services/hostapd/patches/431-wpa_cli_ifdef.patch b/package/network/services/hostapd/patches/431-wpa_cli_ifdef.patch index 2c9fe28a..65c31c56 100644 --- a/package/network/services/hostapd/patches/431-wpa_cli_ifdef.patch +++ b/package/network/services/hostapd/patches/431-wpa_cli_ifdef.patch @@ -1,11 +1,17 @@ --- a/wpa_supplicant/wpa_cli.c +++ b/wpa_supplicant/wpa_cli.c -@@ -26,6 +26,9 @@ +@@ -26,6 +26,15 @@ #include #endif /* ANDROID */ +#ifndef CONFIG_P2P +#define CONFIG_P2P ++#endif ++#ifndef CONFIG_AP ++#define CONFIG_AP ++#endif ++#ifndef CONFIG_MESH ++#define CONFIG_MESH +#endif static const char *const wpa_cli_version = diff --git a/package/network/services/odhcpd/Makefile b/package/network/services/odhcpd/Makefile index 9bb7ddf1..ccc4f14e 100644 --- a/package/network/services/odhcpd/Makefile +++ b/package/network/services/odhcpd/Makefile @@ -12,9 +12,9 @@ PKG_RELEASE:=3 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/odhcpd.git -PKG_SOURCE_DATE:=2019-12-16 -PKG_SOURCE_VERSION:=e53fec897838aca411cb5fcdb9bf795e73414565 -PKG_MIRROR_HASH:=853dfcd464e2c6d09e37720421ebccb20581159763416fcd5ac8aad439e206b7 +PKG_SOURCE_DATE:=2020-05-03 +PKG_SOURCE_VERSION:=49e4949c6dee4a7e528e9bc51e9813228c3c16d8 +PKG_MIRROR_HASH:=5e23b60211a171d17d7015ce604b5fa128f0fbe4d7e7ddd48063b40590e17d4c PKG_MAINTAINER:=Hans Dedecker PKG_LICENSE:=GPL-2.0 diff --git a/package/network/services/relayd/Makefile b/package/network/services/relayd/Makefile index 7f1c1f94..64a08a96 100644 --- a/package/network/services/relayd/Makefile +++ b/package/network/services/relayd/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=relayd -PKG_RELEASE:=2 +PKG_RELEASE:=1 PKG_SOURCE_URL=$(PROJECT_GIT)/project/relayd.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2016-02-07 -PKG_SOURCE_VERSION:=ad0b25ad74345d367c62311e14b279f5ccb8ef13 -PKG_MIRROR_HASH:=8818e9da8cc056961f21f1569e06e63b840965d1453dfcef70a8d84ea76f84d7 +PKG_SOURCE_DATE:=2020-04-25 +PKG_SOURCE_VERSION:=f4d759be54ceb37714e9a6ca320d5b50c95e9ce9 +PKG_MIRROR_HASH:=b1ff6e99072867be0975ba0be52ba9da3a876c8b8da893d68301e8238243a51e PKG_MAINTAINER:=Felix Fietkau PKG_LICENSE:=GPL-2.0 diff --git a/package/network/services/uhttpd/Makefile b/package/network/services/uhttpd/Makefile index d227c5da..771b7c7d 100644 --- a/package/network/services/uhttpd/Makefile +++ b/package/network/services/uhttpd/Makefile @@ -12,9 +12,9 @@ PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/uhttpd.git -PKG_SOURCE_DATE:=2020-02-12 -PKG_SOURCE_VERSION:=2ee323c01079248baa9465969df9e25b5fb68cdf -PKG_MIRROR_HASH:=ebec09286cf5f977cac893931a5a4f27ba891db88d5e44a9b0de9446ae431527 +PKG_SOURCE_DATE:=2020-03-13 +PKG_SOURCE_VERSION:=975dce23257e713e5e52eb87b194513eb81110a5 +PKG_MIRROR_HASH:=e5fba74f1519ce461a09bf7e52685d67e99c1157b050b4f91e718146e690e0c1 PKG_MAINTAINER:=Felix Fietkau PKG_LICENSE:=ISC diff --git a/package/network/services/umdns/Makefile b/package/network/services/umdns/Makefile index ffbc3fed..6bf11248 100644 --- a/package/network/services/umdns/Makefile +++ b/package/network/services/umdns/Makefile @@ -12,9 +12,9 @@ PKG_RELEASE:=1 PKG_SOURCE_URL=$(PROJECT_GIT)/project/mdnsd.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2018-01-02 -PKG_SOURCE_VERSION:=78974417e182a3de8f78b7d73366ec0c98396b6c -PKG_MIRROR_HASH:=a60f9eb9428ac3256cd7c3c6d4207c116cedf4d212b82e2f86c1bf7c7898fcbb +PKG_SOURCE_DATE:=2020-04-25 +PKG_SOURCE_VERSION:=cdac0460ba50dc45735f0be2e19a5a8efc3dafe1 +PKG_MIRROR_HASH:=261cb929dfc03c1f293156cfdec8c2cd1541dcdc57ae42a323f9df5d26e6f7d2 PKG_MAINTAINER:=John Crispin PKG_LICENSE:=LGPL-2.1 @@ -30,7 +30,7 @@ define Package/umdns DEPENDS:=+libubox +libubus +libblobmsg-json endef -TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include +TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include -Wno-address-of-packed-member define Package/umdns/conffiles /etc/config/umdns diff --git a/package/network/services/wireguard/Makefile b/package/network/services/wireguard/Makefile index 05167694..69c9767b 100644 --- a/package/network/services/wireguard/Makefile +++ b/package/network/services/wireguard/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2016-2018 Jason A. Donenfeld +# Copyright (C) 2016-2019 Jason A. Donenfeld # Copyright (C) 2016 Baptiste Jonglez # Copyright (C) 2016-2017 Dan Luedtke # @@ -11,17 +11,17 @@ include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=wireguard -PKG_VERSION:=0.0.20190702 +PKG_VERSION:=1.0.20200506 PKG_RELEASE:=1 -PKG_SOURCE:=WireGuard-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=https://git.zx2c4.com/WireGuard/snapshot/ -PKG_HASH:=1a1311bc71abd47a72c47d918be3bacc486b3de90734661858af75cc990dbaac +PKG_SOURCE:=wireguard-linux-compat-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-linux-compat/snapshot/ +PKG_HASH:=98a99f2b825a82d57a7213e666f1ee4f7cc02bddb09bf4908b4b09447a8f121e -PKG_LICENSE:=GPL-2.0 Apache-2.0 +PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING -PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/WireGuard-$(PKG_VERSION) +PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/wireguard-linux-compat-$(PKG_VERSION) PKG_BUILD_PARALLEL:=1 PKG_USE_MIPS16:=0 @@ -57,13 +57,8 @@ endef include $(INCLUDE_DIR)/kernel-defaults.mk include $(INCLUDE_DIR)/package-defaults.mk -# Used by Build/Compile/Default -MAKE_PATH:=src/tools -MAKE_VARS += PLATFORM=linux - define Build/Compile $(MAKE) $(KERNEL_MAKEOPTS) M="$(PKG_BUILD_DIR)/src" modules - $(call Build/Compile/Default) endef define Package/wireguard/install @@ -74,27 +69,6 @@ define Package/wireguard/description $(call Package/wireguard/Default/description) endef -define Package/wireguard-tools - $(call Package/wireguard/Default) - TITLE:=WireGuard userspace control program (wg) - DEPENDS:=+libmnl +ip -endef - -define Package/wireguard-tools/description - $(call Package/wireguard/Default/description) - - This package provides the userspace control program for WireGuard, - `wg(8)`, a netifd protocol helper, and a re-resolve watchdog script. -endef - -define Package/wireguard-tools/install - $(INSTALL_DIR) $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/wg $(1)/usr/bin/ - $(INSTALL_BIN) ./files/wireguard_watchdog $(1)/usr/bin/ - $(INSTALL_DIR) $(1)/lib/netifd/proto/ - $(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/ -endef - define KernelPackage/wireguard SECTION:=kernel CATEGORY:=Kernel modules @@ -112,5 +86,4 @@ define KernelPackage/wireguard/description endef $(eval $(call BuildPackage,wireguard)) -$(eval $(call BuildPackage,wireguard-tools)) $(eval $(call KernelPackage,wireguard)) diff --git a/package/network/utils/curl/Makefile b/package/network/utils/curl/Makefile index d4fcf181..1c95b9f1 100644 --- a/package/network/utils/curl/Makefile +++ b/package/network/utils/curl/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=curl PKG_VERSION:=7.66.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://dl.uxnr.de/mirror/curl/ \ diff --git a/package/network/utils/curl/patches/100-file-on-Windows-refuse-paths-that-start-with.patch b/package/network/utils/curl/patches/100-file-on-Windows-refuse-paths-that-start-with.patch new file mode 100644 index 00000000..254d6782 --- /dev/null +++ b/package/network/utils/curl/patches/100-file-on-Windows-refuse-paths-that-start-with.patch @@ -0,0 +1,44 @@ +From 1b71bc532bde8621fd3260843f8197182a467ff2 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Thu, 7 Nov 2019 10:13:01 +0100 +Subject: [PATCH] file: on Windows, refuse paths that start with \\ +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +... as that might cause an unexpected SMB connection to a given host +name. + +Reported-by: Fernando Muñoz +CVE-2019-15601 +Bug: https://curl.haxx.se/docs/CVE-2019-15601.html + +Signed-off-by: Petr Štetiar +--- + lib/file.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/lib/file.c b/lib/file.c +index d349cd9241cd..166931d7f1ba 100644 +--- a/lib/file.c ++++ b/lib/file.c +@@ -136,7 +136,7 @@ static CURLcode file_connect(struct connectdata *conn, bool *done) + struct Curl_easy *data = conn->data; + char *real_path; + struct FILEPROTO *file = data->req.protop; +- int fd; ++ int fd = -1; + #ifdef DOS_FILESYSTEM + size_t i; + char *actual_path; +@@ -181,7 +181,9 @@ static CURLcode file_connect(struct connectdata *conn, bool *done) + return CURLE_URL_MALFORMAT; + } + +- fd = open_readonly(actual_path, O_RDONLY|O_BINARY); ++ if(strncmp("\\\\", actual_path, 2)) ++ /* refuse to open path that starts with two backslashes */ ++ fd = open_readonly(actual_path, O_RDONLY|O_BINARY); + file->path = actual_path; + #else + if(memchr(real_path, 0, real_path_len)) { diff --git a/package/network/utils/dante/Makefile b/package/network/utils/dante/Makefile index 4f5d0872..15bd6d2a 100644 --- a/package/network/utils/dante/Makefile +++ b/package/network/utils/dante/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dante PKG_VERSION:=1.4.1 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.inet.no/dante/files/ diff --git a/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch b/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch new file mode 100644 index 00000000..e711189c --- /dev/null +++ b/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch @@ -0,0 +1,53 @@ +When compiled with glibc the config_scan.c wants to use the +cpupolicy2numeric() function which is only available when +HAVE_SCHED_SETSCHEDULER is set. It looks like the wrong define was used here. + +This fixes a build problem with glibc in combination with the force +ac_cv_func_sched_setscheduler=no in the OpenWrt CONFIGURE_VARS. + +--- a/lib/config_scan.c ++++ b/lib/config_scan.c +@@ -3891,7 +3891,7 @@ YY_RULE_SETUP + SERRX(0); + + #else /* !SOCKS_CLIENT */ +-#if HAVE_SCHED_SETAFFINITY ++#if HAVE_SCHED_SETSCHEDULER + + BEGIN(0); + +@@ -3899,9 +3899,9 @@ YY_RULE_SETUP + yyerrorx("unknown scheduling policy \"%s\"", yytext); + + return SCHEDULEPOLICY; +-#else /* !HAVE_SCHED_SETAFFINITY */ ++#else /* !HAVE_SCHED_SETSCHEDULER */ + yyerrorx("setting cpu scheduling policy is not supported on this platform"); +-#endif /* !HAVE_SCHED_SETAFFINITY */ ++#endif /* !HAVE_SCHED_SETSCHEDULER */ + + #endif /* SOCKS_CLIENT */ + } +--- a/lib/config_scan.l ++++ b/lib/config_scan.l +@@ -456,7 +456,7 @@ cpu { + SERRX(0); + + #else /* !SOCKS_CLIENT */ +-#if HAVE_SCHED_SETAFFINITY ++#if HAVE_SCHED_SETSCHEDULER + + BEGIN(0); + +@@ -464,9 +464,9 @@ cpu { + yyerrorx("unknown scheduling policy \"%s\"", yytext); + + return SCHEDULEPOLICY; +-#else /* !HAVE_SCHED_SETAFFINITY */ ++#else /* !HAVE_SCHED_SETSCHEDULER */ + yyerrorx("setting cpu scheduling policy is not supported on this platform"); +-#endif /* !HAVE_SCHED_SETAFFINITY */ ++#endif /* !HAVE_SCHED_SETSCHEDULER */ + + #endif /* SOCKS_CLIENT */ + } diff --git a/package/network/utils/rssileds/Makefile b/package/network/utils/rssileds/Makefile index 27cdb4c6..7a593146 100644 --- a/package/network/utils/rssileds/Makefile +++ b/package/network/utils/rssileds/Makefile @@ -18,7 +18,7 @@ define Package/rssileds SECTION:=net CATEGORY:=Network TITLE:=RSSI real-time LED indicator - DEPENDS:=+libiwinfo + DEPENDS:=+libiwinfo +libnl-tiny +libubox +libuci MAINTAINER:=Daniel Golle endef diff --git a/package/network/utils/wireguard-tools/Makefile b/package/network/utils/wireguard-tools/Makefile new file mode 100644 index 00000000..2f6d3070 --- /dev/null +++ b/package/network/utils/wireguard-tools/Makefile @@ -0,0 +1,54 @@ +# +# Copyright (C) 2016-2019 Jason A. Donenfeld +# Copyright (C) 2016 Baptiste Jonglez +# Copyright (C) 2016-2017 Dan Luedtke +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. + +include $(TOPDIR)/rules.mk +include $(INCLUDE_DIR)/kernel.mk + +PKG_NAME:=wireguard-tools + +PKG_VERSION:=1.0.20191226 +PKG_RELEASE:=1 + +PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/ +PKG_HASH:=aa8af0fdc9872d369d8c890a84dbc2a2466b55795dccd5b47721b2d97644b04f + +PKG_LICENSE:=GPL-2.0 +PKG_LICENSE_FILES:=COPYING + +PKG_BUILD_PARALLEL:=1 +PKG_USE_MIPS16:=0 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/package-defaults.mk + +MAKE_PATH:=src +MAKE_VARS += PLATFORM=linux + +define Package/wireguard-tools + $(call Package/wireguard/Default) + TITLE:=WireGuard userspace control program (wg) + DEPENDS:=+libmnl +ip +endef + +define Package/wireguard-tools/description + $(call Package/wireguard/Default/description) + + This package provides the userspace control program for WireGuard, + `wg(8)`, a netifd protocol helper, and a re-resolve watchdog script. +endef + +define Package/wireguard-tools/install + $(INSTALL_DIR) $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/wg $(1)/usr/bin/ + $(INSTALL_BIN) ./files/wireguard_watchdog $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/lib/netifd/proto/ + $(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/ +endef + +$(eval $(call BuildPackage,wireguard-tools)) diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/utils/wireguard-tools/files/wireguard.sh similarity index 100% rename from package/network/services/wireguard/files/wireguard.sh rename to package/network/utils/wireguard-tools/files/wireguard.sh diff --git a/package/network/services/wireguard/files/wireguard_watchdog b/package/network/utils/wireguard-tools/files/wireguard_watchdog similarity index 100% rename from package/network/services/wireguard/files/wireguard_watchdog rename to package/network/utils/wireguard-tools/files/wireguard_watchdog diff --git a/package/system/fstools/Makefile b/package/system/fstools/Makefile index 69313cc4..d5f44893 100644 --- a/package/system/fstools/Makefile +++ b/package/system/fstools/Makefile @@ -12,9 +12,9 @@ PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/fstools.git -PKG_MIRROR_HASH:=ca3cc1d4a2de3014e63ec1fa223c5250116c6ae5cdc4e41b2053ca7b3c0a3d96 -PKG_SOURCE_DATE:=2020-01-18 -PKG_SOURCE_VERSION:=189b41b6b48786a51eb2b8bc450cb7d560f030f0 +PKG_MIRROR_HASH:=1b875efd7d675d74a56602f57dd27093e2feef8761ba28b567e2d2f43db14b48 +PKG_SOURCE_DATE:=2020-05-12 +PKG_SOURCE_VERSION:=84269037b75de93bdd4ea75b7f50ba77ba976377 CMAKE_INSTALL:=1 PKG_LICENSE:=GPL-2.0 diff --git a/package/system/opkg/Makefile b/package/system/opkg/Makefile index b40d6b61..0bb0ed27 100644 --- a/package/system/opkg/Makefile +++ b/package/system/opkg/Makefile @@ -14,9 +14,9 @@ PKG_FLAGS:=essential PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://git.openwrt.org/project/opkg-lede.git -PKG_SOURCE_DATE:=2020-01-25 -PKG_SOURCE_VERSION:=c09fe2098718807ddbca13ee36e3e38801822946 -PKG_MIRROR_HASH:=b2fba519fb3bf2da2e325a33eee951b85c7c1886e48ebaac3892435a71ae33d5 +PKG_SOURCE_DATE:=2020-05-07 +PKG_SOURCE_VERSION:=f2166a89b7e96e2c60002959731eebc5f45fa318 +PKG_MIRROR_HASH:=67e55cd9fb93bb5b62e2c7b11946483b5570287bd1504aa2a3886d11f8b750b9 PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING diff --git a/package/system/procd/Makefile b/package/system/procd/Makefile index b5b9cc6e..03b5dd07 100644 --- a/package/system/procd/Makefile +++ b/package/system/procd/Makefile @@ -12,9 +12,9 @@ PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/procd.git -PKG_MIRROR_HASH:=fe1329f2320f70249727763739da50555e8b02665ecfc8adb15fb25cd954de5b -PKG_SOURCE_DATE:=2020-01-24 -PKG_SOURCE_VERSION:=31e4b2dfdbd74f7451abf876dd5d9a674af7adfd +PKG_MIRROR_HASH:=3c818904c62261f973a016397d0eb9f11bf8d01f7ceddb48fcb0e1d59a139d52 +PKG_SOURCE_DATE:=2020-03-07 +PKG_SOURCE_VERSION:=09b9bd828981a4f9271f8906f7b6f5af04e1a6f9 CMAKE_INSTALL:=1 PKG_LICENSE:=GPL-2.0 diff --git a/package/system/rpcd/Makefile b/package/system/rpcd/Makefile index b0cf7fa2..653c859b 100644 --- a/package/system/rpcd/Makefile +++ b/package/system/rpcd/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=rpcd -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/rpcd.git -PKG_SOURCE_DATE:=2019-11-10 -PKG_SOURCE_VERSION:=77ad0de09247b9bdce50f4cecf3e5beb5636f57f +PKG_SOURCE_DATE:=2019-12-10 +PKG_SOURCE_VERSION:=aaa08366e6384d9933a405d1218b03c1b167f9e5 PKG_MAINTAINER:=Jo-Philipp Wich -PKG_MIRROR_HASH:=d36caff85bebbf7fb1b512359243bdbb7d9b16140e0d631afae9de2c3b8e4dff +PKG_MIRROR_HASH:=9b126ab4af26e5bd16e21175ccc24318e0a98afaf60f14199cebd4ec50ed2d8f PKG_LICENSE:=ISC PKG_LICENSE_FILES:= diff --git a/package/system/rpcd/files/rpcd.init b/package/system/rpcd/files/rpcd.init index 77ebcbe6..4c701a28 100755 --- a/package/system/rpcd/files/rpcd.init +++ b/package/system/rpcd/files/rpcd.init @@ -12,6 +12,7 @@ start_service() { procd_open_instance procd_set_param command "$PROG" ${socket:+-s "$socket"} ${timeout:+-t "$timeout"} + procd_set_param respawn procd_close_instance } diff --git a/package/utils/busybox/Config-defaults.in b/package/utils/busybox/Config-defaults.in index c715e4b9..36731f2b 100644 --- a/package/utils/busybox/Config-defaults.in +++ b/package/utils/busybox/Config-defaults.in @@ -843,6 +843,7 @@ config BUSYBOX_DEFAULT_TRUE default y config BUSYBOX_DEFAULT_TRUNCATE bool + default y if TARGET_bcm53xx default n config BUSYBOX_DEFAULT_TTY bool diff --git a/package/utils/ugps/Makefile b/package/utils/ugps/Makefile index 6eae5afb..85c64533 100644 --- a/package/utils/ugps/Makefile +++ b/package/utils/ugps/Makefile @@ -31,10 +31,6 @@ endef TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include -ifneq ($(CONFIG_USE_GLIBC),) - TARGET_CFLAGS += -D_DEFAULT_SOURCE -endif - define Package/ugps/conffiles /etc/config/gps endef diff --git a/scripts/download.pl b/scripts/download.pl index c14a44ba..a809c77e 100755 --- a/scripts/download.pl +++ b/scripts/download.pl @@ -258,6 +258,7 @@ sub cleanup } } +unshift @mirrors, 'https://sources.cdn.openwrt.org'; #push @mirrors, 'https://mirror1.openwrt.org'; push @mirrors, 'https://sources.openwrt.org'; push @mirrors, 'https://mirror2.openwrt.org/sources'; diff --git a/target/linux/apm821xx/patches-4.14/801-usb-xhci-add-firmware-loader-for-uPD720201-and-uPD72.patch b/target/linux/apm821xx/patches-4.14/801-usb-xhci-add-firmware-loader-for-uPD720201-and-uPD72.patch index ca7ae3bb..f95fdf3d 100644 --- a/target/linux/apm821xx/patches-4.14/801-usb-xhci-add-firmware-loader-for-uPD720201-and-uPD72.patch +++ b/target/linux/apm821xx/patches-4.14/801-usb-xhci-add-firmware-loader-for-uPD720201-and-uPD72.patch @@ -44,7 +44,7 @@ Signed-off-by: Christian Lamparter #include "xhci.h" #include "xhci-trace.h" -@@ -266,6 +268,458 @@ static void xhci_pme_acpi_rtd3_enable(st +@@ -269,6 +271,458 @@ static void xhci_pme_acpi_rtd3_enable(st static void xhci_pme_acpi_rtd3_enable(struct pci_dev *dev) { } #endif /* CONFIG_ACPI */ @@ -503,7 +503,7 @@ Signed-off-by: Christian Lamparter /* called during probe() after chip reset completes */ static int xhci_pci_setup(struct usb_hcd *hcd) { -@@ -301,6 +755,22 @@ static int xhci_pci_probe(struct pci_dev +@@ -307,6 +761,22 @@ static int xhci_pci_probe(struct pci_dev struct hc_driver *driver; struct usb_hcd *hcd; @@ -526,7 +526,7 @@ Signed-off-by: Christian Lamparter driver = (struct hc_driver *)id->driver_data; /* For some HW implementation, a XHCI reset is just not enough... */ -@@ -365,6 +835,16 @@ static void xhci_pci_remove(struct pci_d +@@ -368,6 +838,16 @@ static void xhci_pci_remove(struct pci_d { struct xhci_hcd *xhci; diff --git a/target/linux/apm821xx/patches-4.14/802-usb-xhci-force-msi-renesas-xhci.patch b/target/linux/apm821xx/patches-4.14/802-usb-xhci-force-msi-renesas-xhci.patch index 47ae3306..1fe94e8c 100644 --- a/target/linux/apm821xx/patches-4.14/802-usb-xhci-force-msi-renesas-xhci.patch +++ b/target/linux/apm821xx/patches-4.14/802-usb-xhci-force-msi-renesas-xhci.patch @@ -13,7 +13,7 @@ produce a noisy warning. --- a/drivers/usb/host/xhci-pci.c +++ b/drivers/usb/host/xhci-pci.c -@@ -219,7 +219,7 @@ static void xhci_pci_quirks(struct devic +@@ -222,7 +222,7 @@ static void xhci_pci_quirks(struct devic xhci->quirks |= XHCI_TRUST_TX_LENGTH; if (pdev->vendor == PCI_VENDOR_ID_RENESAS && pdev->device == 0x0015) diff --git a/target/linux/ar71xx/base-files/etc/board.d/02_network b/target/linux/ar71xx/base-files/etc/board.d/02_network index 99021eae..44fce970 100755 --- a/target/linux/ar71xx/base-files/etc/board.d/02_network +++ b/target/linux/ar71xx/base-files/etc/board.d/02_network @@ -240,6 +240,8 @@ ar71xx_setup_interfaces() "0@eth1" "2:lan" "3:lan" "4:lan" "5:lan" "6@eth0" "1:wan" ;; archer-c25-v1|\ + archer-c60-v1|\ + archer-c60-v2|\ rb-750-r2|\ rb-750p-pbr2|\ rb-750up-r2|\ @@ -258,12 +260,6 @@ ar71xx_setup_interfaces() ucidef_add_switch "switch0" \ "0@eth1" "1:lan:1" "2:lan:4" "3:lan:3" "4:lan:2" ;; - archer-c60-v1|\ - archer-c60-v2) - ucidef_set_interfaces_lan_wan "eth1.1" "eth0" - ucidef_add_switch "switch0" \ - "0@eth1" "1:lan:1" "2:lan:2" "3:lan:3" "4:lan:4" - ;; arduino-yun|\ dir-505-a1|\ tl-wa801nd-v3) diff --git a/target/linux/ar71xx/base-files/etc/diag.sh b/target/linux/ar71xx/base-files/etc/diag.sh index 8ff75627..29bf2ada 100644 --- a/target/linux/ar71xx/base-files/etc/diag.sh +++ b/target/linux/ar71xx/base-files/etc/diag.sh @@ -75,6 +75,7 @@ get_status_led() { fritz300e|\ fritz4020|\ fritz450e|\ + gl-ar750s|\ gl-usb150|\ mr12|\ mr16|\ diff --git a/target/linux/ar71xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata b/target/linux/ar71xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata index 718fd755..b7b7b3a7 100644 --- a/target/linux/ar71xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata +++ b/target/linux/ar71xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata @@ -121,7 +121,7 @@ case "$FIRMWARE" in ;; rb-952ui-5ac2nd|\ rb-wapg-5hact2hnd) - ath10kcal_from_file "/sys/firmware/routerboot/ext_wlan_data" 20480 2116 + ath10kcal_from_file "/sys/firmware/mikrotik/hard_config/wlan_data" 20480 2116 ;; re355|\ re450|\ @@ -158,7 +158,7 @@ case "$FIRMWARE" in rb-921gs-5hpacd-r2|\ rb-922uags-5hpacd|\ rb-962uigs-5hact2hnt) - ath10kcal_from_file "/sys/firmware/routerboot/ext_wlan_data" 20480 2116 + ath10kcal_from_file "/sys/firmware/mikrotik/hard_config/wlan_data" 20480 2116 ;; wlr8100) ath10kcal_extract "art" 20480 2116 @@ -182,7 +182,7 @@ case "$FIRMWARE" in ath10kcal_extract "art" 20480 12064 ln -sf /lib/firmware/ath10k/pre-cal-pci-0000\:00\:00.0.bin \ /lib/firmware/ath10k/QCA9888/hw2.0/board.bin - ath10kcal_patch_mac $(macaddr_add $(cat /sys/class/net/eth0/address) -1) + ath10kcal_patch_mac $(macaddr_add $(cat /sys/class/net/eth1/address) -1) ;; cf-e385ac) ath10kcal_extract "art" 20480 12064 diff --git a/target/linux/ar71xx/base-files/etc/hotplug.d/ieee80211/10_fix_wifi_mac b/target/linux/ar71xx/base-files/etc/hotplug.d/ieee80211/10_fix_wifi_mac index b58cf9b5..d6fac80b 100644 --- a/target/linux/ar71xx/base-files/etc/hotplug.d/ieee80211/10_fix_wifi_mac +++ b/target/linux/ar71xx/base-files/etc/hotplug.d/ieee80211/10_fix_wifi_mac @@ -15,8 +15,7 @@ case "$board" in archer-c58-v1|\ archer-c59-v1|\ archer-c59-v2|\ - archer-c60-v1|\ - archer-c60-v2) + archer-c60-v1) echo $(macaddr_add $(mtd_get_mac_binary mac 8) $(($PHYNBR - 1)) ) > /sys${DEVPATH}/macaddress ;; *) diff --git a/target/linux/ar71xx/base-files/etc/uci-defaults/04_led_migration b/target/linux/ar71xx/base-files/etc/uci-defaults/04_led_migration index 4dd224b5..c244b3b4 100644 --- a/target/linux/ar71xx/base-files/etc/uci-defaults/04_led_migration +++ b/target/linux/ar71xx/base-files/etc/uci-defaults/04_led_migration @@ -44,6 +44,9 @@ migrate_leds() board=$(board_name) case "$board" in +archer-c7) + migrate_leds ":blue:=:green:" + ;; dhp-1565-a1|\ dir-825-c1|\ dir-835-a1) diff --git a/target/linux/ar71xx/base-files/lib/upgrade/platform.sh b/target/linux/ar71xx/base-files/lib/upgrade/platform.sh index e2bd946d..e33b74a6 100755 --- a/target/linux/ar71xx/base-files/lib/upgrade/platform.sh +++ b/target/linux/ar71xx/base-files/lib/upgrade/platform.sh @@ -773,8 +773,13 @@ platform_nand_pre_upgrade() { local fw_mtd=$(find_mtd_part kernel) fw_mtd="${fw_mtd/block/}" [ -n "$fw_mtd" ] || return + + local board_dir=$(tar tf "$1" | grep -m 1 '^sysupgrade-.*/$') + board_dir=${board_dir%/} + [ -n "$board_dir" ] || return + mtd erase kernel - tar xf "$1" sysupgrade-routerboard/kernel -O | nandwrite -o "$fw_mtd" - + tar xf "$1" ${board_dir}/kernel -O | nandwrite -o "$fw_mtd" - ;; wi2a-ac200i) case "$(fw_printenv -n dualPartition)" in diff --git a/target/linux/ar71xx/files/arch/mips/ath79/mach-archer-c60-v1.c b/target/linux/ar71xx/files/arch/mips/ath79/mach-archer-c60-v1.c index 88f4f081..a0839e6b 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/mach-archer-c60-v1.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/mach-archer-c60-v1.c @@ -157,8 +157,8 @@ static void __init archer_c60_v1_setup(void) ath79_register_mdio(0, 0x0); ath79_register_mdio(1, 0x0); - ath79_init_mac(ath79_eth0_data.mac_addr, mac, 0); - ath79_init_mac(ath79_eth1_data.mac_addr, mac, 1); + ath79_init_mac(ath79_eth1_data.mac_addr, mac, 0); + ath79_init_mac(ath79_eth0_data.mac_addr, mac, 1); /* WAN port */ ath79_eth0_data.phy_if_mode = PHY_INTERFACE_MODE_MII; @@ -199,8 +199,8 @@ static void __init archer_c60_v2_setup(void) ath79_register_mdio(0, 0x0); ath79_register_mdio(1, 0x0); - ath79_init_mac(ath79_eth0_data.mac_addr, mac, 0); - ath79_init_mac(ath79_eth1_data.mac_addr, mac, 1); + ath79_init_mac(ath79_eth1_data.mac_addr, mac, 0); + ath79_init_mac(ath79_eth0_data.mac_addr, mac, 1); /* WAN port */ ath79_eth0_data.phy_if_mode = PHY_INTERFACE_MODE_MII; diff --git a/target/linux/ar71xx/files/arch/mips/ath79/mach-ew-dorin.c b/target/linux/ar71xx/files/arch/mips/ath79/mach-ew-dorin.c index 575a976a..5544596f 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/mach-ew-dorin.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/mach-ew-dorin.c @@ -47,7 +47,7 @@ static struct gpio_keys_button dorin_gpio_keys[] __initdata = { .code = KEY_WPS_BUTTON, .debounce_interval = DORIN_KEYS_DEBOUNCE_INTERVAL, .gpio = DORIN_GPIO_BTN_JUMPSTART, - .active_low = 1, + .active_low = 0, }, { .desc = "reset button", diff --git a/target/linux/ar71xx/files/arch/mips/ath79/mach-fritz450e.c b/target/linux/ar71xx/files/arch/mips/ath79/mach-fritz450e.c index 83127e4c..5bded81a 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/mach-fritz450e.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/mach-fritz450e.c @@ -115,7 +115,7 @@ static struct gpio_keys_button fritz450E_gpio_keys[] __initdata = { .code = KEY_WPS_BUTTON, .debounce_interval = FRITZ450E_KEYS_DEBOUNCE_INTERVAL, .gpio = FRITZ450E_GPIO_BTN_WPS, - .active_low = 1, + .active_low = 0, } }; diff --git a/target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c b/target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c index 33c4f531..c4cf5f12 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/mach-rb95x.c @@ -266,6 +266,7 @@ static void __init rb951g_setup(void) return; ath79_setup_ar934x_eth_cfg(AR934X_ETH_CFG_RGMII_GMAC0 | + AR934X_ETH_CFG_RXD_DELAY | AR934X_ETH_CFG_SW_ONLY_MODE); ath79_register_mdio(0, 0x0); @@ -276,6 +277,7 @@ static void __init rb951g_setup(void) ath79_init_mac(ath79_eth0_data.mac_addr, ath79_mac_base, 0); ath79_eth0_data.phy_if_mode = PHY_INTERFACE_MODE_RGMII; ath79_eth0_data.phy_mask = BIT(0); + ath79_eth0_pll_data.pll_1000 = 0x6f000000; ath79_register_eth(0); diff --git a/target/linux/ar71xx/files/arch/mips/ath79/mach-rbspi.c b/target/linux/ar71xx/files/arch/mips/ath79/mach-rbspi.c index 6bb42c78..cb05c914 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/mach-rbspi.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/mach-rbspi.c @@ -672,12 +672,12 @@ static struct spi_board_info rbspi_spi_info[] = { } }; -void __init rbspi_wlan_init(u16 id, int wmac_offset) +void __init rbspi_wlan_init(int wmac_offset) { char *art_buf; u8 wlan_mac[ETH_ALEN]; - art_buf = rb_get_ext_wlan_data(id); + art_buf = rb_get_wlan_data(); if (!art_buf) return; @@ -785,10 +785,10 @@ static void __init rbspi_network_setup(u32 flags, int gmac1_offset, ath79_register_eth(1); if (flags & RBSPI_HAS_WLAN0) - rbspi_wlan_init(0, wmac0_offset); + rbspi_wlan_init(wmac0_offset); if (flags & RBSPI_HAS_WLAN1) - rbspi_wlan_init(1, wmac1_offset); + rbspi_wlan_init(wmac1_offset); } static __init void rbspi_register_reset_button(int gpio) @@ -977,7 +977,7 @@ static void __init rb962_setup(void) ath79_register_eth(0); /* WLAN1 MAC is HW MAC + 7 */ - rbspi_wlan_init(1, 7); + rbspi_wlan_init(7); if (flags & RBSPI_HAS_USB) gpio_request_one(RB962_GPIO_USB_PWROFF, GPIOF_ACTIVE_LOW | @@ -1133,7 +1133,7 @@ static void __init rbwapgsc_setup(void) ath79_eth1_data.duplex = DUPLEX_FULL; ath79_register_eth(1); - rbspi_wlan_init(1, 2); + rbspi_wlan_init(2); rbspi_register_reset_button(RBWAPGSC_GPIO_BTN_RESET); @@ -1179,7 +1179,7 @@ static void __init rb911l_setup(void) ath79_register_eth(1); - rbspi_wlan_init(0, 1); + rbspi_wlan_init(1); rbspi_register_reset_button(RB911L_GPIO_BTN_RESET); diff --git a/target/linux/ar71xx/files/arch/mips/ath79/routerboot.c b/target/linux/ar71xx/files/arch/mips/ath79/routerboot.c index 76776e1d..4c0cd131 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/routerboot.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/routerboot.c @@ -206,10 +206,7 @@ __rb_get_wlan_data(u16 id) u8 *erd_data; u16 erd_len; - if (id == 0) - goto err_free; - - err = routerboot_find_tag(tag, tag_len, id, + err = routerboot_find_tag(tag, tag_len, 0x1, &erd_data, &erd_len); if (err) { pr_err("no ERD data found for id %u\n", id); @@ -224,9 +221,6 @@ __rb_get_wlan_data(u16 id) goto err_free; } } else { - if (id != 0) - goto err_free; - err = rle_decode((char *) tag, tag_len, buf, RB_ART_SIZE, &src_done, &dst_done); if (err) { @@ -300,6 +294,7 @@ rb_init_info(void *data, unsigned int size) return &rb_info; } +#if 0 static char *rb_ext_wlan_data; static ssize_t @@ -356,3 +351,4 @@ static int __init rb_sysfs_init(void) } late_initcall(rb_sysfs_init); +#endif diff --git a/target/linux/ar71xx/mikrotik/config-default b/target/linux/ar71xx/mikrotik/config-default index e324e4c2..eb2f3620 100644 --- a/target/linux/ar71xx/mikrotik/config-default +++ b/target/linux/ar71xx/mikrotik/config-default @@ -26,6 +26,8 @@ CONFIG_HW_HAS_PCI=y CONFIG_LEDS_RB750=y CONFIG_LZO_DECOMPRESS=y # CONFIG_MARVELL_PHY is not set +CONFIG_MIKROTIK=y +CONFIG_MIKROTIK_RB_SYSFS=y # CONFIG_MTD_CFI is not set CONFIG_MTD_CFI_I2=y # CONFIG_MTD_CMDLINE_PARTS is not set diff --git a/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch b/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch index 4ef23037..faf4391a 100644 --- a/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch +++ b/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch @@ -18,7 +18,7 @@ xip_enable(map, chip, adr); op_done: if (mode == FL_OTP_WRITE) -@@ -2236,7 +2238,6 @@ static int cfi_amdstd_panic_write(struct +@@ -2240,7 +2242,6 @@ static int cfi_amdstd_panic_write(struct return 0; } @@ -26,7 +26,7 @@ /* * Handle devices with one erase region, that only implement * the chip erase command. -@@ -2304,7 +2305,7 @@ static int __xipram do_erase_chip(struct +@@ -2308,7 +2309,7 @@ static int __xipram do_erase_chip(struct } if (chip_good(map, adr, map_word_ff(map))) @@ -35,7 +35,7 @@ if (time_after(jiffies, timeo)) { printk(KERN_WARNING "MTD %s(): software timeout\n", -@@ -2328,6 +2329,7 @@ static int __xipram do_erase_chip(struct +@@ -2332,6 +2333,7 @@ static int __xipram do_erase_chip(struct } } @@ -43,7 +43,7 @@ chip->state = FL_READY; xip_enable(map, chip, adr); DISABLE_VPP(map); -@@ -2401,7 +2403,7 @@ static int __xipram do_erase_oneblock(st +@@ -2405,7 +2407,7 @@ static int __xipram do_erase_oneblock(st if (chip_good(map, adr, map_word_ff(map))) { xip_enable(map, chip, adr); @@ -52,7 +52,7 @@ } if (time_after(jiffies, timeo)) { -@@ -2427,6 +2429,7 @@ static int __xipram do_erase_oneblock(st +@@ -2431,6 +2433,7 @@ static int __xipram do_erase_oneblock(st } } diff --git a/target/linux/ar71xx/patches-4.14/411-mtd-cfi_cmdset_0002-force-word-write.patch b/target/linux/ar71xx/patches-4.14/411-mtd-cfi_cmdset_0002-force-word-write.patch index 5a6eb77d..9a367c2a 100644 --- a/target/linux/ar71xx/patches-4.14/411-mtd-cfi_cmdset_0002-force-word-write.patch +++ b/target/linux/ar71xx/patches-4.14/411-mtd-cfi_cmdset_0002-force-word-write.patch @@ -43,7 +43,7 @@ static int __xipram do_write_buffer(struct map_info *map, struct flchip *chip, unsigned long adr, const u_char *buf, int len) -@@ -1928,7 +1933,6 @@ static int __xipram do_write_buffer(stru +@@ -1932,7 +1937,6 @@ static int __xipram do_write_buffer(stru return ret; } @@ -51,7 +51,7 @@ static int cfi_amdstd_write_buffers(struct mtd_info *mtd, loff_t to, size_t len, size_t *retlen, const u_char *buf) { -@@ -2003,6 +2007,7 @@ static int cfi_amdstd_write_buffers(stru +@@ -2007,6 +2011,7 @@ static int cfi_amdstd_write_buffers(stru return 0; } diff --git a/target/linux/ar71xx/patches-4.14/910-unaligned_access_hacks.patch b/target/linux/ar71xx/patches-4.14/910-unaligned_access_hacks.patch index 6c216712..b6d8348e 100644 --- a/target/linux/ar71xx/patches-4.14/910-unaligned_access_hacks.patch +++ b/target/linux/ar71xx/patches-4.14/910-unaligned_access_hacks.patch @@ -223,7 +223,7 @@ #include #include #include -@@ -820,10 +821,10 @@ static void tcp_v6_send_response(const s +@@ -819,10 +820,10 @@ static void tcp_v6_send_response(const s topt = (__be32 *)(t1 + 1); if (tsecr) { @@ -325,7 +325,7 @@ for (p = *head; p; p = p->next) { --- a/net/ipv4/route.c +++ b/net/ipv4/route.c -@@ -466,7 +466,7 @@ static struct neighbour *ipv4_neigh_look +@@ -464,7 +464,7 @@ static struct neighbour *ipv4_neigh_look else if (skb) pkey = &ip_hdr(skb)->daddr; diff --git a/target/linux/ath79/base-files/etc/board.d/01_leds b/target/linux/ath79/base-files/etc/board.d/01_leds index dd483c05..e89152ab 100755 --- a/target/linux/ath79/base-files/etc/board.d/01_leds +++ b/target/linux/ath79/base-files/etc/board.d/01_leds @@ -141,7 +141,8 @@ tplink,tl-wr842n-v3) tplink,archer-c58-v1|\ tplink,archer-c59-v1|\ tplink,archer-c60-v1|\ -tplink,archer-c60-v2) +tplink,archer-c60-v2|\ +tplink,archer-c60-v3) ucidef_set_led_switch "lan" "LAN" "tp-link:green:lan" "switch0" "0x1E" ucidef_set_led_netdev "wan" "WAN" "tp-link:green:wan" "eth1" ;; @@ -173,9 +174,19 @@ tplink,re450-v2) ucidef_set_led_netdev "lan_link" "LAN Link" "tp-link:green:lan_link" "eth0" "link" ;; tplink,tl-mr3020-v1|\ -tplink,tl-mr3040-v2) +tplink,tl-mr3040-v2|\ +tplink,tl-wa860re-v1) ucidef_set_led_netdev "lan" "LAN" "tp-link:green:lan" "eth0" ;; +tplink,tl-wa850re-v1) + ucidef_set_led_netdev "lan" "LAN" "tp-link:blue:lan" "eth0" + ucidef_set_rssimon "wlan0" "200000" "1" + ucidef_set_led_rssi "rssilow" "RSSILOW" "tp-link:blue:signal1" "wlan0" "1" "100" + ucidef_set_led_rssi "rssimediumlow" "RSSIMEDIUMLOW" "tp-link:blue:signal2" "wlan0" "20" "100" + ucidef_set_led_rssi "rssimedium" "RSSIMEDIUM" "tp-link:blue:signal3" "wlan0" "40" "100" + ucidef_set_led_rssi "rssimediumhigh" "RSSIMEDIUMHIGH" "tp-link:blue:signal4" "wlan0" "60" "100" + ucidef_set_led_rssi "rssihigh" "RSSIHIGH" "tp-link:blue:signal5" "wlan0" "80" "100" + ;; tplink,tl-wr740n-v1|\ tplink,tl-wr740n-v3|\ tplink,tl-wr741-v1|\ @@ -189,6 +200,7 @@ tplink,tl-wr941-v4) ucidef_set_led_switch "lan4" "LAN4" "tp-link:green:lan4" "switch0" "0x10" ;; tplink,tl-wr740n-v4|\ +tplink,tl-wr740n-v5|\ tplink,tl-wr741nd-v4|\ tplink,tl-wr841-v8|\ tplink,tl-wr842n-v2) diff --git a/target/linux/ath79/base-files/etc/board.d/02_network b/target/linux/ath79/base-files/etc/board.d/02_network index c985a823..1b0e76b1 100755 --- a/target/linux/ath79/base-files/etc/board.d/02_network +++ b/target/linux/ath79/base-files/etc/board.d/02_network @@ -31,6 +31,8 @@ ath79_setup_interfaces() tplink,tl-mr10u|\ tplink,tl-mr3020-v1|\ tplink,tl-mr3040-v2|\ + tplink,tl-wa850re-v1|\ + tplink,tl-wa860re-v1|\ tplink,tl-wa901nd-v2|\ tplink,tl-wr703n|\ ubnt,bullet-m|\ @@ -74,8 +76,12 @@ ath79_setup_interfaces() ;; buffalo,wzr-hp-ag300h|\ tplink,archer-c25-v1|\ + tplink,archer-c60-v1|\ + tplink,archer-c60-v2|\ + tplink,archer-c60-v3|\ tplink,tl-mr3220-v1|\ tplink,tl-mr3420-v1|\ + tplink,tl-wdr3500-v1|\ tplink,tl-wr841-v7|\ tplink,tl-wr841-v9|\ tplink,tl-wr841-v10|\ @@ -203,6 +209,7 @@ ath79_setup_interfaces() tplink,tl-wdr3600-v1|\ tplink,tl-wdr4300-v1|\ tplink,tl-wdr4300-v1-il|\ + tplink,tl-wdr4310-v1|\ tplink,tl-wr941n-v7-cn) ucidef_add_switch "switch0" \ "0@eth0" "2:lan:1" "3:lan:2" "4:lan:3" "5:lan:4" "1:wan" @@ -214,12 +221,6 @@ ath79_setup_interfaces() ucidef_add_switch "switch0" \ "0@eth1" "2:lan" "3:lan" "4:lan" "5:lan" "6@eth0" "1:wan" ;; - tplink,archer-c60-v1|\ - tplink,archer-c60-v2) - ucidef_set_interface_wan "eth1" - ucidef_add_switch "switch0" \ - "0@eth0" "1:lan" "2:lan" "3:lan" "4:lan" - ;; tplink,archer-d50-v1) ucidef_add_switch "switch0" \ "0@eth0" "2:lan:3" "3:lan:2" "4:lan:1" "1:wan" @@ -238,6 +239,7 @@ ath79_setup_interfaces() "1:lan" "2:lan" "3:lan" "4:lan" "0:wan" "9@eth0" ;; tplink,tl-wr740n-v4|\ + tplink,tl-wr740n-v5|\ tplink,tl-wr741nd-v4|\ tplink,tl-wr841-v8|\ tplink,tl-wr842n-v2) diff --git a/target/linux/ath79/base-files/etc/hotplug.d/firmware/10-ath9k-eeprom b/target/linux/ath79/base-files/etc/hotplug.d/firmware/10-ath9k-eeprom index 1469765b..d85e90f1 100644 --- a/target/linux/ath79/base-files/etc/hotplug.d/firmware/10-ath9k-eeprom +++ b/target/linux/ath79/base-files/etc/hotplug.d/firmware/10-ath9k-eeprom @@ -152,9 +152,11 @@ case "$FIRMWARE" in ath9k_patch_fw_mac $(macaddr_add $(mtd_get_mac_text "mac" 24) 1) 2 ;; ocedo,raccoon|\ + tplink,tl-wdr3500-v1|\ tplink,tl-wdr3600-v1|\ tplink,tl-wdr4300-v1|\ tplink,tl-wdr4300-v1-il|\ + tplink,tl-wdr4310-v1|\ tplink,tl-wdr4900-v2|\ winchannel,wb2000) ath9k_eeprom_extract "art" 20480 1088 diff --git a/target/linux/ath79/base-files/etc/hotplug.d/firmware/11-ath10k-caldata b/target/linux/ath79/base-files/etc/hotplug.d/firmware/11-ath10k-caldata index cbb50a8f..d93e6dcd 100644 --- a/target/linux/ath79/base-files/etc/hotplug.d/firmware/11-ath10k-caldata +++ b/target/linux/ath79/base-files/etc/hotplug.d/firmware/11-ath10k-caldata @@ -202,6 +202,7 @@ case "$FIRMWARE" in tplink,archer-c59-v1|\ tplink,archer-c60-v1|\ tplink,archer-c60-v2|\ + tplink,archer-c60-v3|\ tplink,archer-c6-v2) ath10kcal_extract "art" 20480 12064 ath10kcal_patch_mac_crc $(macaddr_add $(mtd_get_mac_binary mac 8) -1) diff --git a/target/linux/ath79/base-files/etc/uci-defaults/04_led_migration b/target/linux/ath79/base-files/etc/uci-defaults/04_led_migration index 2e1be7b0..9aa759c6 100644 --- a/target/linux/ath79/base-files/etc/uci-defaults/04_led_migration +++ b/target/linux/ath79/base-files/etc/uci-defaults/04_led_migration @@ -20,7 +20,8 @@ tplink,archer-c7-v5) tplink,archer-c7-v2|\ tplink,tl-wdr3600-v1|\ tplink,tl-wdr4300-v1|\ -tplink,tl-wdr4300-v1-il) +tplink,tl-wdr4300-v1-il|\ +tplink,tl-wdr4310-v1) migrate_leds ":blue:=:green:" ;; wd,mynet-n750) diff --git a/target/linux/ath79/dts/ar9331_embeddedwireless_dorin.dts b/target/linux/ath79/dts/ar9331_embeddedwireless_dorin.dts index d0e0169f..88b48faf 100644 --- a/target/linux/ath79/dts/ar9331_embeddedwireless_dorin.dts +++ b/target/linux/ath79/dts/ar9331_embeddedwireless_dorin.dts @@ -34,7 +34,7 @@ wps { label = "wps"; linux,code = ; - gpios = <&gpio 11 GPIO_ACTIVE_LOW>; + gpios = <&gpio 11 GPIO_ACTIVE_HIGH>; }; reset { diff --git a/target/linux/ath79/dts/ar9331_tplink_tl-mr3040-v2.dts b/target/linux/ath79/dts/ar9331_tplink_tl-mr3040-v2.dts index ebf4d448..6fc4b686 100644 --- a/target/linux/ath79/dts/ar9331_tplink_tl-mr3040-v2.dts +++ b/target/linux/ath79/dts/ar9331_tplink_tl-mr3040-v2.dts @@ -11,6 +11,7 @@ compatible = "tplink,tl-mr3040-v2", "qca,ar9331"; aliases { + serial0 = &uart; led-boot = &led_lan; led-failsafe = &led_lan; }; diff --git a/target/linux/ath79/dts/ar9331_tplink_tl-wr740n-v5.dts b/target/linux/ath79/dts/ar9331_tplink_tl-wr740n-v5.dts new file mode 100644 index 00000000..a031bf38 --- /dev/null +++ b/target/linux/ath79/dts/ar9331_tplink_tl-wr740n-v5.dts @@ -0,0 +1,9 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT +/dts-v1/; + +#include "ar9331_tplink_tl-wr741nd-v4.dtsi" + +/ { + model = "TP-Link TL-WR740N v5"; + compatible = "tplink,tl-wr740n-v5", "qca,ar9331"; +}; diff --git a/target/linux/ath79/dts/ar9341_tplink_tl-wa.dtsi b/target/linux/ath79/dts/ar9341_tplink_tl-wa.dtsi new file mode 100644 index 00000000..ecf54cc1 --- /dev/null +++ b/target/linux/ath79/dts/ar9341_tplink_tl-wa.dtsi @@ -0,0 +1,81 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT + +#include +#include + +#include "ar9341.dtsi" + +/ { + aliases { + serial0 = &uart; + }; +}; + +&ref { + clock-frequency = <25000000>; +}; + +&spi { + status = "okay"; + + num-cs = <1>; + + flash@0 { + compatible = "jedec,spi-nor"; + reg = <0>; + spi-max-frequency = <25000000>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + uboot: partition@0 { + label = "u-boot"; + reg = <0x000000 0x020000>; + read-only; + }; + + partition@20000 { + compatible = "tplink,firmware"; + label = "firmware"; + reg = <0x020000 0x3d0000>; + }; + + art: partition@3f0000 { + label = "art"; + reg = <0x3f0000 0x010000>; + read-only; + }; + }; + }; +}; + +&uart { + status = "okay"; +}; + +ð0 { + status = "okay"; + + phy-handle = <&swphy0>; + + mtd-mac-address = <&uboot 0x1fc00>; + + gmac-config { + device = <&gmac>; + + switch-phy-swap = <1>; + }; +}; + +ð1 { + compatible = "syscon", "simple-mfd"; +}; + +&wmac { + status = "okay"; + + mtd-cal-data = <&art 0x1000>; + mtd-mac-address = <&uboot 0x1fc00>; +}; diff --git a/target/linux/ath79/dts/ar9341_tplink_tl-wa850re-v1.dts b/target/linux/ath79/dts/ar9341_tplink_tl-wa850re-v1.dts new file mode 100644 index 00000000..bb0b498b --- /dev/null +++ b/target/linux/ath79/dts/ar9341_tplink_tl-wa850re-v1.dts @@ -0,0 +1,79 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT +/dts-v1/; + +#include "ar9341_tplink_tl-wa.dtsi" + +/ { + model = "TP-Link TL-WA850RE v1"; + compatible = "tplink,tl-wa850re-v1", "qca,ar9341"; + + aliases { + led-boot = &led_re; + led-failsafe = &led_re; + led-running = &led_re; + led-upgrade = &led_re; + }; + + keys { + compatible = "gpio-keys"; + + reset { + label = "Reset"; + linux,code = ; + gpios = <&gpio 17 GPIO_ACTIVE_LOW>; + debounce-interval = <60>; + }; + + wps { + label = "WPS"; + linux,code = ; + gpios = <&gpio 16 GPIO_ACTIVE_LOW>; + debounce-interval = <60>; + }; + }; + + leds { + compatible = "gpio-leds"; + + lan { + label = "tp-link:blue:lan"; + gpios = <&gpio 20 GPIO_ACTIVE_LOW>; + }; + + wlan { + label = "tp-link:blue:wlan"; + gpios = <&gpio 13 GPIO_ACTIVE_LOW>; + linux,default-trigger = "phy0tpt"; + }; + + led_re: re { + label = "tp-link:blue:re"; + gpios = <&gpio 15 GPIO_ACTIVE_LOW>; + }; + + signal1 { + label = "tp-link:blue:signal1"; + gpios = <&gpio 0 GPIO_ACTIVE_LOW>; + }; + + signal2 { + label = "tp-link:blue:signal2"; + gpios = <&gpio 1 GPIO_ACTIVE_LOW>; + }; + + signal3 { + label = "tp-link:blue:signal3"; + gpios = <&gpio 2 GPIO_ACTIVE_LOW>; + }; + + signal4 { + label = "tp-link:blue:signal4"; + gpios = <&gpio 3 GPIO_ACTIVE_LOW>; + }; + + signal5 { + label = "tp-link:blue:signal5"; + gpios = <&gpio 4 GPIO_ACTIVE_LOW>; + }; + }; +}; diff --git a/target/linux/ath79/dts/ar9341_tplink_tl-wa860re-v1.dts b/target/linux/ath79/dts/ar9341_tplink_tl-wa860re-v1.dts new file mode 100644 index 00000000..237a40d6 --- /dev/null +++ b/target/linux/ath79/dts/ar9341_tplink_tl-wa860re-v1.dts @@ -0,0 +1,72 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT +/dts-v1/; + +#include "ar9341_tplink_tl-wa.dtsi" + +/ { + model = "TP-Link TL-WA860RE v1"; + compatible = "tplink,tl-wa860re-v1", "qca,ar9341"; + + aliases { + led-boot = &led_power_green; + led-failsafe = &led_power_orange; + led-running = &led_power_green; + led-upgrade = &led_power_orange; + }; + + keys { + compatible = "gpio-keys"; + + reset { + label = "Reset"; + linux,code = ; + gpios = <&gpio 17 GPIO_ACTIVE_LOW>; + debounce-interval = <60>; + }; + + wps { + label = "WPS"; + linux,code = ; + gpios = <&gpio 16 GPIO_ACTIVE_LOW>; + debounce-interval = <60>; + }; + + onoff { + label = "ONOFF"; + linux,code = ; + gpios = <&gpio 11 GPIO_ACTIVE_LOW>; + debounce-interval = <60>; + }; + }; + + leds { + compatible = "gpio-leds"; + + lan { + label = "tp-link:green:lan"; + gpios = <&gpio 20 GPIO_ACTIVE_LOW>; + }; + + led_power_green: power_green { + label = "tp-link:green:power"; + gpios = <&gpio 14 GPIO_ACTIVE_LOW>; + default-state = "on"; + }; + + led_power_orange: power_orange { + label = "tp-link:orange:power"; + gpios = <&gpio 12 GPIO_ACTIVE_LOW>; + }; + + wlan_green { + label = "tp-link:green:wlan"; + gpios = <&gpio 2 GPIO_ACTIVE_LOW>; + linux,default-trigger = "phy0tpt"; + }; + + wlan_orange { + label = "tp-link:orange:wlan"; + gpios = <&gpio 0 GPIO_ACTIVE_LOW>; + }; + }; +}; diff --git a/target/linux/ath79/dts/ar9342_ubnt_nanobeam-ac.dts b/target/linux/ath79/dts/ar9342_ubnt_nanobeam-ac.dts index 6e64c7fa..d5021bcd 100644 --- a/target/linux/ath79/dts/ar9342_ubnt_nanobeam-ac.dts +++ b/target/linux/ath79/dts/ar9342_ubnt_nanobeam-ac.dts @@ -10,6 +10,12 @@ compatible = "ubnt,nanobeam-ac", "ubnt,wa", "qca,ar9342"; model = "Ubiquiti NanoBeam AC (WA)"; + aliases { + led-boot = &led_rssi3; + led-failsafe = &led_rssi3; + led-upgrade = &led_rssi3; + }; + leds { compatible = "gpio-leds"; @@ -28,7 +34,7 @@ gpios = <&gpio 13 GPIO_ACTIVE_LOW>; }; - rssi3 { + led_rssi3: rssi3 { label = "ubnt:blue:rssi3"; gpios = <&gpio 14 GPIO_ACTIVE_LOW>; }; diff --git a/target/linux/ath79/dts/ar9342_ubnt_nanostation-ac.dts b/target/linux/ath79/dts/ar9342_ubnt_nanostation-ac.dts index 2ace37ad..900aa95b 100644 --- a/target/linux/ath79/dts/ar9342_ubnt_nanostation-ac.dts +++ b/target/linux/ath79/dts/ar9342_ubnt_nanostation-ac.dts @@ -10,6 +10,12 @@ compatible = "ubnt,nanostation-ac","ubnt,wa", "qca,ar9342"; model = "Ubiquiti Nanostation AC (WA)"; + aliases { + led-boot = &led_rssi3; + led-failsafe = &led_rssi3; + led-upgrade = &led_rssi3; + }; + leds { compatible = "gpio-leds"; @@ -28,7 +34,7 @@ gpios = <&gpio 13 GPIO_ACTIVE_LOW>; }; - rssi3 { + led_rssi3: rssi3 { label = "ubnt:blue:rssi3"; gpios = <&gpio 14 GPIO_ACTIVE_LOW>; }; diff --git a/target/linux/ath79/dts/ar9344_tplink_tl-wdr3500-v1.dts b/target/linux/ath79/dts/ar9344_tplink_tl-wdr3500-v1.dts new file mode 100644 index 00000000..fbe10752 --- /dev/null +++ b/target/linux/ath79/dts/ar9344_tplink_tl-wdr3500-v1.dts @@ -0,0 +1,85 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT +/dts-v1/; + +#include "ar9344_tplink_tl-wdrxxxx.dtsi" + +/ { + model = "TP-Link TL-WDR3500 v1"; + compatible = "tplink,tl-wdr3500-v1", "qca,ar9344"; +}; + +&leds { + usb { + label = "tp-link:green:usb"; + gpios = <&gpio 11 GPIO_ACTIVE_LOW>; + linux,default-trigger = "usbport"; + trigger-sources = <&hub_port>; + }; +}; + +&gpio { + usb_power { + gpio-hog; + gpios = <12 GPIO_ACTIVE_HIGH>; + output-high; + line-name = "tp-link:power:usb"; + }; +}; + +&pinmux { + pmx_led_wan_lan: pinmux_led_wan_lan { + pinctrl-single,bits = <0x10 0x2c2d0000 0xffff0000>, + <0x14 0x292a2b 0xffffff>; + }; +}; + +&builtin_switch { + pinctrl-names = "default"; + pinctrl-0 = <&pmx_led_wan_lan>; +}; + +&usb { + #address-cells = <1>; + #size-cells = <0>; + status = "okay"; + + hub_port: port@1 { + reg = <1>; + #trigger-source-cells = <0>; + }; +}; + +&usb_phy { + status = "okay"; +}; + +&ath9k { + mtd-mac-address = <&uboot 0x1fc00>; + mtd-mac-address-increment = <1>; +}; + +&wmac { + mtd-mac-address = <&uboot 0x1fc00>; +}; + +ð1 { + status = "okay"; + + mtd-mac-address = <&uboot 0x1fc00>; + mtd-mac-address-increment = <(-1)>; + + gmac-config { + device = <&gmac>; + switch-phy-swap = <0>; + switch-only-mode = <1>; + }; +}; + +ð0 { + status = "okay"; + + phy-handle = <&swphy4>; + + mtd-mac-address = <&uboot 0x1fc00>; + mtd-mac-address-increment = <2>; +}; diff --git a/target/linux/ath79/dts/ar9344_tplink_tl-wdr4300.dtsi b/target/linux/ath79/dts/ar9344_tplink_tl-wdr4300.dtsi index f6e4856e..51c4940b 100644 --- a/target/linux/ath79/dts/ar9344_tplink_tl-wdr4300.dtsi +++ b/target/linux/ath79/dts/ar9344_tplink_tl-wdr4300.dtsi @@ -1,81 +1,8 @@ // SPDX-License-Identifier: GPL-2.0-or-later OR MIT -#include -#include - -#include "ar9344.dtsi" +#include "ar9344_tplink_tl-wdrxxxx.dtsi" / { - aliases { - led-boot = &system; - led-failsafe = &system; - led-running = &system; - led-upgrade = &system; - }; - - leds { - compatible = "gpio-leds"; - - usb1 { - label = "tp-link:green:usb1"; - gpios = <&gpio 11 GPIO_ACTIVE_LOW>; - trigger-sources = <&hub_port1>; - linux,default-trigger = "usbport"; - }; - - usb2 { - label = "tp-link:green:usb2"; - gpios = <&gpio 12 GPIO_ACTIVE_LOW>; - trigger-sources = <&hub_port2>; - linux,default-trigger = "usbport"; - }; - - wlan2g { - label = "tp-link:green:wlan2g"; - gpios = <&gpio 13 GPIO_ACTIVE_LOW>; - linux,default-trigger = "phy0tpt"; - }; - - system: system { - label = "tp-link:green:system"; - gpios = <&gpio 14 GPIO_ACTIVE_LOW>; - default-state = "on"; - }; - - qss { - label = "tp-link:green:qss"; - gpios = <&gpio 15 GPIO_ACTIVE_LOW>; - }; - }; - - ath9k-leds { - compatible = "gpio-leds"; - - wlan5g { - label = "tp-link:green:wlan5g"; - gpios = <&ath9k 0 GPIO_ACTIVE_LOW>; - linux,default-trigger = "phy1tpt"; - }; - }; - - keys { - compatible = "gpio-keys-polled"; - poll-interval = <20>; - - reset { - linux,code = ; - gpios = <&gpio 16 GPIO_ACTIVE_LOW>; - debounce-interval = <60>; - }; - - wifi { - linux,code = ; - linux,input-type = ; - gpios = <&gpio 17 GPIO_ACTIVE_LOW>; - debounce-interval = <60>; - }; - }; - gpio-export { compatible = "gpio-export"; @@ -105,51 +32,19 @@ }; }; -&ref { - clock-frequency = <40000000>; -}; - -&uart { - status = "okay"; -}; - -&gpio { - status = "okay"; -}; - -&spi { - num-cs = <1>; - - status = "okay"; +&leds { + usb1 { + label = "tp-link:green:usb1"; + gpios = <&gpio 11 GPIO_ACTIVE_LOW>; + trigger-sources = <&hub_port1>; + linux,default-trigger = "usbport"; + }; - flash@0 { - compatible = "jedec,spi-nor"; - reg = <0>; - spi-max-frequency = <25000000>; - - partitions { - compatible = "fixed-partitions"; - #address-cells = <1>; - #size-cells = <1>; - - uboot: partition@0 { - label = "u-boot"; - reg = <0x000000 0x020000>; - read-only; - }; - - partition@20000 { - compatible = "tplink,firmware"; - label = "firmware"; - reg = <0x020000 0x7d0000>; - }; - - art: partition@7f0000 { - label = "art"; - reg = <0x7f0000 0x010000>; - read-only; - }; - }; + usb2 { + label = "tp-link:green:usb2"; + gpios = <&gpio 12 GPIO_ACTIVE_LOW>; + trigger-sources = <&hub_port2>; + linux,default-trigger = "usbport"; }; }; @@ -180,23 +75,11 @@ status = "okay"; }; -&pcie { - status = "okay"; - - ath9k: wifi@0,0 { - compatible = "pci168c,0033"; - reg = <0x0000 0 0 0 0>; - mtd-mac-address = <&uboot 0x1fc00>; - qca,no-eeprom; - #gpio-cells = <2>; - gpio-controller; - }; +&ath9k { + mtd-mac-address = <&uboot 0x1fc00>; }; &wmac { - status = "okay"; - - mtd-cal-data = <&art 0x1000>; mtd-mac-address = <&uboot 0x1fc00>; mtd-mac-address-increment = <(-1)>; }; diff --git a/target/linux/ath79/dts/ar9344_tplink_tl-wdr4310-v1.dts b/target/linux/ath79/dts/ar9344_tplink_tl-wdr4310-v1.dts new file mode 100644 index 00000000..3fa4af51 --- /dev/null +++ b/target/linux/ath79/dts/ar9344_tplink_tl-wdr4310-v1.dts @@ -0,0 +1,9 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT +/dts-v1/; + +#include "ar9344_tplink_tl-wdr4300.dtsi" + +/ { + model = "TP-Link TL-WDR4310 v1"; + compatible = "tplink,tl-wdr4310-v1", "qca,ar9344"; +}; diff --git a/target/linux/ath79/dts/ar9344_tplink_tl-wdrxxxx.dtsi b/target/linux/ath79/dts/ar9344_tplink_tl-wdrxxxx.dtsi new file mode 100644 index 00000000..67ff27de --- /dev/null +++ b/target/linux/ath79/dts/ar9344_tplink_tl-wdrxxxx.dtsi @@ -0,0 +1,126 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT + +#include +#include + +#include "ar9344.dtsi" + +/ { + aliases { + led-boot = &system; + led-failsafe = &system; + led-running = &system; + led-upgrade = &system; + }; + + leds: leds { + compatible = "gpio-leds"; + + wlan2g { + label = "tp-link:green:wlan2g"; + gpios = <&gpio 13 GPIO_ACTIVE_LOW>; + linux,default-trigger = "phy0tpt"; + }; + + system: system { + label = "tp-link:green:system"; + gpios = <&gpio 14 GPIO_ACTIVE_LOW>; + default-state = "on"; + }; + + qss { + label = "tp-link:green:qss"; + gpios = <&gpio 15 GPIO_ACTIVE_LOW>; + }; + }; + + ath9k-leds { + compatible = "gpio-leds"; + + wlan5g { + label = "tp-link:green:wlan5g"; + gpios = <&ath9k 0 GPIO_ACTIVE_LOW>; + linux,default-trigger = "phy1tpt"; + }; + }; + + keys { + compatible = "gpio-keys-polled"; + poll-interval = <20>; + + reset { + linux,code = ; + gpios = <&gpio 16 GPIO_ACTIVE_LOW>; + debounce-interval = <60>; + }; + + wifi { + linux,code = ; + linux,input-type = ; + gpios = <&gpio 17 GPIO_ACTIVE_LOW>; + debounce-interval = <60>; + }; + }; +}; + +&ref { + clock-frequency = <40000000>; +}; + +&uart { + status = "okay"; +}; + +&spi { + num-cs = <1>; + + status = "okay"; + + flash@0 { + compatible = "jedec,spi-nor"; + reg = <0>; + spi-max-frequency = <25000000>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + uboot: partition@0 { + label = "u-boot"; + reg = <0x000000 0x020000>; + read-only; + }; + + partition@20000 { + compatible = "tplink,firmware"; + label = "firmware"; + reg = <0x020000 0x7d0000>; + }; + + art: partition@7f0000 { + label = "art"; + reg = <0x7f0000 0x010000>; + read-only; + }; + }; + }; +}; + +&pcie { + status = "okay"; + + ath9k: wifi@0,0 { + compatible = "pci168c,0033"; + reg = <0x0000 0 0 0 0>; + qca,no-eeprom; + #gpio-cells = <2>; + gpio-controller; + }; +}; + +&wmac { + status = "okay"; + + mtd-cal-data = <&art 0x1000>; +}; diff --git a/target/linux/ath79/dts/qca9561_tplink_archer-c60-v1.dts b/target/linux/ath79/dts/qca9561_tplink_archer-c60-v1.dts index 85e456bb..a83b5881 100644 --- a/target/linux/ath79/dts/qca9561_tplink_archer-c60-v1.dts +++ b/target/linux/ath79/dts/qca9561_tplink_archer-c60-v1.dts @@ -8,6 +8,18 @@ model = "TP-Link Archer C60 v1"; }; +&leds { + wan_amber { + label = "tp-link:amber:wan"; + gpios = <&gpio 22 GPIO_ACTIVE_LOW>; + }; + + wps { + label = "tp-link:green:wps"; + gpios = <&gpio 19 GPIO_ACTIVE_LOW>; + }; +}; + &spi { status = "okay"; num-cs = <1>; diff --git a/target/linux/ath79/dts/qca9561_tplink_archer-c60-v2.dts b/target/linux/ath79/dts/qca9561_tplink_archer-c60-v2.dts index 29f91673..c19e4e97 100644 --- a/target/linux/ath79/dts/qca9561_tplink_archer-c60-v2.dts +++ b/target/linux/ath79/dts/qca9561_tplink_archer-c60-v2.dts @@ -8,6 +8,18 @@ model = "TP-Link Archer C60 v2"; }; +&leds { + wan_amber { + label = "tp-link:amber:wan"; + gpios = <&gpio 22 GPIO_ACTIVE_LOW>; + }; + + wps { + label = "tp-link:green:wps"; + gpios = <&gpio 19 GPIO_ACTIVE_LOW>; + }; +}; + &spi { status = "okay"; num-cs = <1>; diff --git a/target/linux/ath79/dts/qca9561_tplink_archer-c60-v3.dts b/target/linux/ath79/dts/qca9561_tplink_archer-c60-v3.dts new file mode 100644 index 00000000..444d54b0 --- /dev/null +++ b/target/linux/ath79/dts/qca9561_tplink_archer-c60-v3.dts @@ -0,0 +1,69 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT +/dts-v1/; + +#include "qca9561_tplink_archer-c6x.dtsi" + +/ { + compatible = "tplink,archer-c60-v3", "qca,qca9561"; + model = "TP-Link Archer C60 v3"; +}; + +&leds { + wan_amber { + label = "tp-link:amber:wan"; + gpios = <&gpio 19 GPIO_ACTIVE_LOW>; + }; +}; +&spi { + status = "okay"; + + num-cs = <1>; + + flash@0 { + compatible = "jedec,spi-nor"; + reg = <0>; + spi-max-frequency = <25000000>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + partition@0 { + label = "factory-boot"; + reg = <0x000000 0x01fb00>; + read-only; + }; + + mac: partition@1fb00 { + label = "mac"; + reg = <0x01fb00 0x000500>; + read-only; + }; + + partition@20000 { + label = "u-boot"; + reg = <0x020000 0x010000>; + read-only; + }; + + partition@30000 { + compatible = "denx,uimage"; + label = "firmware"; + reg = <0x030000 0x7a0000>; + }; + + partition@7d0000 { + label = "tplink"; + reg = <0x7d0000 0x020000>; + read-only; + }; + + art: partition@7f0000 { + label = "art"; + reg = <0x7f0000 0x010000>; + read-only; + }; + }; + }; +}; diff --git a/target/linux/ath79/dts/qca9561_tplink_archer-c6x.dtsi b/target/linux/ath79/dts/qca9561_tplink_archer-c6x.dtsi index deee64a6..6c015fcd 100644 --- a/target/linux/ath79/dts/qca9561_tplink_archer-c6x.dtsi +++ b/target/linux/ath79/dts/qca9561_tplink_archer-c6x.dtsi @@ -33,7 +33,7 @@ }; }; - leds { + leds: leds { compatible = "gpio-leds"; led_power: power { @@ -59,20 +59,10 @@ gpios = <&gpio 20 GPIO_ACTIVE_LOW>; }; - wan_amber { - label = "tp-link:amber:wan"; - gpios = <&gpio 22 GPIO_ACTIVE_LOW>; - }; - lan { label = "tp-link:green:lan"; gpios = <&gpio 2 GPIO_ACTIVE_LOW>; }; - - wps { - label = "tp-link:green:wps"; - gpios = <&gpio 19 GPIO_ACTIVE_LOW>; - }; }; }; @@ -91,13 +81,13 @@ phy-handle = <&swphy4>; mtd-mac-address = <&mac 0x8>; + mtd-mac-address-increment = <1>; }; ð1 { status = "okay"; mtd-mac-address = <&mac 0x8>; - mtd-mac-address-increment = <1>; }; &wmac { diff --git a/target/linux/ath79/image/generic-tp-link.mk b/target/linux/ath79/image/generic-tp-link.mk index 01d3c42a..99ca14eb 100644 --- a/target/linux/ath79/image/generic-tp-link.mk +++ b/target/linux/ath79/image/generic-tp-link.mk @@ -76,6 +76,16 @@ define Device/tplink_archer-c60-v2 endef TARGET_DEVICES += tplink_archer-c60-v2 +define Device/tplink_archer-c60-v3 + $(Device/tplink-safeloader-uimage) + ATH_SOC := qca9561 + IMAGE_SIZE := 7808k + DEVICE_TITLE := TP-Link Archer C60 v3 + TPLINK_BOARD_ID := ARCHER-C60-V3 + DEVICE_PACKAGES := kmod-ath10k-ct-smallbuffers ath10k-firmware-qca9888-ct +endef +TARGET_DEVICES += tplink_archer-c60-v3 + define Device/tplink_archer-c6-v2 $(Device/tplink-safeloader-uimage) ATH_SOC := qca9563 @@ -223,6 +233,16 @@ define Device/tplink_re450-v2 endef TARGET_DEVICES += tplink_re450-v2 +define Device/tplink_tl-wdr3500-v1 + $(Device/tplink-8mlzma) + ATH_SOC := ar9344 + DEVICE_TITLE := TP-Link TL-WDR3500 v1 + DEVICE_PACKAGES := kmod-usb-core kmod-usb2 kmod-usb-ledtrig-usbport + TPLINK_HWID := 0x35000001 + SUPPORTED_DEVICES += tl-wdr3500 +endef +TARGET_DEVICES += tplink_tl-wdr3500-v1 + define Device/tplink_tl-wdr3600-v1 $(Device/tplink-8mlzma) ATH_SOC := ar9344 @@ -253,12 +273,23 @@ define Device/tplink_tl-wdr4300-v1-il endef TARGET_DEVICES += tplink_tl-wdr4300-v1-il +define Device/tplink_tl-wdr4310-v1 + $(Device/tplink-8mlzma) + ATH_SOC := ar9344 + DEVICE_TITLE := TP-Link TL-WDR4310 v1 + DEVICE_PACKAGES := kmod-usb2 kmod-usb-ledtrig-usbport + TPLINK_HWID := 0x43100001 + SUPPORTED_DEVICES += tl-wdr4300 +endef +TARGET_DEVICES += tplink_tl-wdr4310-v1 + define Device/tplink_tl-wdr4900-v2 $(Device/tplink-8mlzma) ATH_SOC := qca9558 DEVICE_TITLE := TP-Link TL-WDR4900 v2 DEVICE_PACKAGES := kmod-usb-core kmod-usb2 kmod-usb-ledtrig-usbport TPLINK_HWID := 0x49000002 + SUPPORTED_DEVICES += tl-wdr4900-v2 endef TARGET_DEVICES += tplink_tl-wdr4900-v2 @@ -268,6 +299,7 @@ define Device/tplink_tl-wr810n-v1 DEVICE_TITLE := TP-Link TL-WR810N v1 TPLINK_HWID := 0x8100001 DEVICE_PACKAGES := kmod-usb2 kmod-usb-ledtrig-usbport + SUPPORTED_DEVICES += tl-wr810n endef TARGET_DEVICES += tplink_tl-wr810n-v1 @@ -276,6 +308,7 @@ define Device/tplink_tl-wr810n-v2 ATH_SOC := qca9533 DEVICE_TITLE := TP-Link TL-WR810N v2 TPLINK_HWID := 0x8100002 + SUPPORTED_DEVICES += tl-wr810n-v2 endef TARGET_DEVICES += tplink_tl-wr810n-v2 @@ -295,6 +328,7 @@ define Device/tplink_tl-wr842n-v1 DEVICE_TITLE := TP-Link TL-WR842N/ND v1 DEVICE_PACKAGES := kmod-usb-core kmod-usb2 kmod-usb-ledtrig-usbport TPLINK_HWID := 0x8420001 + SUPPORTED_DEVICES += tl-mr3420 endef TARGET_DEVICES += tplink_tl-wr842n-v1 diff --git a/target/linux/ath79/image/tiny-tp-link.mk b/target/linux/ath79/image/tiny-tp-link.mk index 817f5d8e..a2bedd24 100644 --- a/target/linux/ath79/image/tiny-tp-link.mk +++ b/target/linux/ath79/image/tiny-tp-link.mk @@ -51,11 +51,31 @@ define Device/tplink_tl-mr3420-v1 endef TARGET_DEVICES += tplink_tl-mr3420-v1 +define Device/tplink_tl-wa850re-v1 + $(Device/tplink-4mlzma) + ATH_SOC := ar9341 + DEVICE_TITLE := TP-Link TL-WA850RE v1 + TPLINK_HWID := 0x08500001 + DEVICE_PACKAGES := rssileds + SUPPORTED_DEVICES += tl-wa850re +endef +TARGET_DEVICES += tplink_tl-wa850re-v1 + +define Device/tplink_tl-wa860re-v1 + $(Device/tplink-4mlzma) + ATH_SOC := ar9341 + DEVICE_TITLE := TP-Link TL-WA860RE v1 + TPLINK_HWID := 0x08600001 + SUPPORTED_DEVICES += tl-wa860re +endef +TARGET_DEVICES += tplink_tl-wa860re-v1 + define Device/tplink_tl-wa901nd-v2 $(Device/tplink-4m) ATH_SOC := ar9132 DEVICE_TITLE := TP-Link TL-WA901ND v2 TPLINK_HWID := 0x09010002 + SUPPORTED_DEVICES += tl-wa901nd-v2 endef TARGET_DEVICES += tplink_tl-wa901nd-v2 @@ -74,6 +94,7 @@ define Device/tplink_tl-wr740n-v1 ATH_SOC := ar7240 DEVICE_TITLE := TP-Link TL-WR740N v1/v2 TPLINK_HWID := 0x07400001 + SUPPORTED_DEVICES += tl-wr741nd endef TARGET_DEVICES += tplink_tl-wr740n-v1 @@ -82,6 +103,7 @@ define Device/tplink_tl-wr740n-v3 ATH_SOC := ar7240 DEVICE_TITLE := TP-Link TL-WR740N v3 TPLINK_HWID := 0x07400003 + SUPPORTED_DEVICES += tl-wr741nd endef TARGET_DEVICES += tplink_tl-wr740n-v3 @@ -90,14 +112,25 @@ define Device/tplink_tl-wr740n-v4 ATH_SOC := ar9331 DEVICE_TITLE := TP-Link TL-WR740N v4 TPLINK_HWID := 0x07400004 + SUPPORTED_DEVICES += tl-wr741nd-v4 endef TARGET_DEVICES += tplink_tl-wr740n-v4 +define Device/tplink_tl-wr740n-v5 + $(Device/tplink-4mlzma) + ATH_SOC := ar9331 + DEVICE_TITLE := TP-Link TL-WR740N v5 + TPLINK_HWID := 0x07400005 + SUPPORTED_DEVICES += tl-wr741nd-v4 +endef +TARGET_DEVICES += tplink_tl-wr740n-v5 + define Device/tplink_tl-wr741-v1 $(Device/tplink-4m) ATH_SOC := ar7240 DEVICE_TITLE := TP-Link TL-WR741N/ND v1/v2 TPLINK_HWID := 0x07410001 + SUPPORTED_DEVICES += tl-wr741nd endef TARGET_DEVICES += tplink_tl-wr741-v1 @@ -115,6 +148,7 @@ define Device/tplink_tl-wr743nd-v1 ATH_SOC := ar7240 DEVICE_TITLE := TP-Link TL-WR743ND v1 TPLINK_HWID := 0x07430001 + SUPPORTED_DEVICES += tl-wr741nd endef TARGET_DEVICES += tplink_tl-wr743nd-v1 @@ -123,6 +157,7 @@ define Device/tplink_tl-wr841-v5 ATH_SOC := ar7240 DEVICE_TITLE := TP-Link TL-WR841N/ND v5/v6 TPLINK_HWID := 0x08410005 + SUPPORTED_DEVICES += tl-wr741nd endef TARGET_DEVICES += tplink_tl-wr841-v5 @@ -192,6 +227,7 @@ define Device/tplink_tl-wr941-v2 DEVICE_TITLE := TP-Link TL-WR941N/ND v2/v3 TPLINK_HWID := 0x09410002 TPLINK_HWREV := 2 + SUPPORTED_DEVICES += tl-wr941nd endef TARGET_DEVICES += tplink_tl-wr941-v2 @@ -200,6 +236,7 @@ define Device/tplink_tl-wr941-v4 ATH_SOC := ar7240 DEVICE_TITLE := TP-Link TL-WR941N/ND v4 TPLINK_HWID := 0x09410004 + SUPPORTED_DEVICES += tl-wr741nd endef TARGET_DEVICES += tplink_tl-wr941-v4 diff --git a/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch b/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch index 4ef23037..faf4391a 100644 --- a/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch +++ b/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch @@ -18,7 +18,7 @@ xip_enable(map, chip, adr); op_done: if (mode == FL_OTP_WRITE) -@@ -2236,7 +2238,6 @@ static int cfi_amdstd_panic_write(struct +@@ -2240,7 +2242,6 @@ static int cfi_amdstd_panic_write(struct return 0; } @@ -26,7 +26,7 @@ /* * Handle devices with one erase region, that only implement * the chip erase command. -@@ -2304,7 +2305,7 @@ static int __xipram do_erase_chip(struct +@@ -2308,7 +2309,7 @@ static int __xipram do_erase_chip(struct } if (chip_good(map, adr, map_word_ff(map))) @@ -35,7 +35,7 @@ if (time_after(jiffies, timeo)) { printk(KERN_WARNING "MTD %s(): software timeout\n", -@@ -2328,6 +2329,7 @@ static int __xipram do_erase_chip(struct +@@ -2332,6 +2333,7 @@ static int __xipram do_erase_chip(struct } } @@ -43,7 +43,7 @@ chip->state = FL_READY; xip_enable(map, chip, adr); DISABLE_VPP(map); -@@ -2401,7 +2403,7 @@ static int __xipram do_erase_oneblock(st +@@ -2405,7 +2407,7 @@ static int __xipram do_erase_oneblock(st if (chip_good(map, adr, map_word_ff(map))) { xip_enable(map, chip, adr); @@ -52,7 +52,7 @@ } if (time_after(jiffies, timeo)) { -@@ -2427,6 +2429,7 @@ static int __xipram do_erase_oneblock(st +@@ -2431,6 +2433,7 @@ static int __xipram do_erase_oneblock(st } } diff --git a/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch b/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch index cff52e5a..5e98c56e 100644 --- a/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch +++ b/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch @@ -214,7 +214,7 @@ #include #include #include -@@ -820,10 +821,10 @@ static void tcp_v6_send_response(const s +@@ -819,10 +820,10 @@ static void tcp_v6_send_response(const s topt = (__be32 *)(t1 + 1); if (tsecr) { @@ -316,7 +316,7 @@ for (p = *head; p; p = p->next) { --- a/net/ipv4/route.c +++ b/net/ipv4/route.c -@@ -466,7 +466,7 @@ static struct neighbour *ipv4_neigh_look +@@ -464,7 +464,7 @@ static struct neighbour *ipv4_neigh_look else if (skb) pkey = &ip_hdr(skb)->daddr; diff --git a/target/linux/bcm53xx/base-files/etc/board.d/02_network b/target/linux/bcm53xx/base-files/etc/board.d/02_network index 9fd26e72..b3d614d6 100755 --- a/target/linux/bcm53xx/base-files/etc/board.d/02_network +++ b/target/linux/bcm53xx/base-files/etc/board.d/02_network @@ -6,108 +6,126 @@ . /lib/functions/system.sh . /lib/functions/uci-defaults.sh -board_config_update +bcm53xx_setup_interfaces() +{ + local board="$1" -board=$(board_name) + # On BCM4708 / BCM4709(4) there are 3 Ethernet interfaces connected to 3 switch + # ports. It's up to vendor which to use. + case "$board" in + tenda,ac9) + ucidef_add_switch "switch0" \ + "1:lan" "2:lan" "3:lan" "4:lan" "8@eth0" "0:wan" "5@eth1" + ;; + buffalo,wxr-1900dhp| \ + buffalo,wzr-1750dhp) + ucidef_add_switch "switch0" \ + "0:lan:1" "1:lan:2" "2:lan:3" "3:lan:4" "4:wan:5" "5@eth0" + ;; + dlink,dir-885l | \ + netgear,r7900 | \ + netgear,r8000 | \ + netgear,r8500) + # NVRAM specifies port 8 (eth2) - unsupported by OpenWrt b53 + # Use port 5 (eth0) as workaround + ucidef_add_switch "switch0" \ + "0:lan" "1:lan" "2:lan" "3:lan" "4:wan" "5t@eth0" + ;; + luxul,abr-4500-v1|\ + luxul,xbr-4500-v1) + ucidef_add_switch "switch0" \ + "0:wan" "1:lan:4" "2:lan:3" "3:lan:2" "4:lan:1" "5@eth0" + ;; + luxul,xap-1610-v1) + ucidef_add_switch "switch0" \ + "0:lan" "1:lan" "5@eth0" + ucidef_set_interface_lan "eth0.1" "dhcp" + ;; + luxul,xwr-3150-v1) + ucidef_add_switch "switch0" \ + "0:lan:1" "1:lan:2" "2:lan:3" "3:lan:4" "4:wan" "5@eth0" + ;; + phicomm,k3) + ucidef_add_switch "switch0" \ + "0:lan" "1:lan" "2:lan" "3:wan" "5@eth0" + ;; + *) + # NVRAM entries may contain unsorted ports, e.g. Netgear R6250 uses + # vlan1ports=3 2 1 0 5* + # vlan2ports=4 5u + # and early Netgear R8000 was using + # vlan1ports=3 2 1 0 5 7 8* + vlan1ports="$(echo $(nvram get vlan1ports | tr " " "\n" | sort))" + vlan2ports="$(echo $(nvram get vlan2ports | tr " " "\n" | sort))" + if echo "$vlan1ports" | egrep -q "^1 2 3 4 5" && \ + echo "$vlan2ports" | egrep -q "^0 5"; then + ucidef_add_switch "switch0" \ + "1:lan" "2:lan" "3:lan" "4:lan" "0:wan" "5t@eth0" + elif echo "$vlan1ports" | egrep -q "^1 2 3 5 7" && \ + echo "$vlan2ports" | egrep -q "^0 7"; then + ucidef_add_switch "switch0" \ + "1:lan" "2:lan" "3:lan" "5:lan" "0:wan" "7t@eth1" + elif echo "$vlan1ports" | egrep -q "^0 1 2 3 5 7 8" && \ + echo "$vlan2ports" | egrep -q "^4 8"; then + ucidef_add_switch "switch0" \ + "0:lan" "1:lan" "2:lan" "3:lan" "5:lan" "7:lan" "4:wan" "8t@eth2" + else + ucidef_add_switch "switch0" \ + "0:lan" "1:lan" "2:lan" "3:lan" "4:wan" "5t@eth0" + fi + ;; + esac +} -case "$board" in -tenda,ac9) - ucidef_add_switch "switch0" \ - "1:lan" "2:lan" "3:lan" "4:lan" "8@eth0" "0:wan" "5@eth1" - board_config_flush - exit 0 - ;; -buffalo,wxr-1900dhp| \ -buffalo,wzr-1750dhp) - ucidef_add_switch "switch0" \ - "0:lan:1" "1:lan:2" "2:lan:3" "3:lan:4" "4:wan:5" "5@eth0" - board_config_flush - exit 0 - ;; -luxul,abr-4500-v1|\ -luxul,xbr-4500-v1) - ucidef_add_switch "switch0" \ - "0:wan" "1:lan:4" "2:lan:3" "3:lan:2" "4:lan:1" "5@eth0" - board_config_flush - exit 0 - ;; -phicomm,k3) - ucidef_add_switch "switch0" \ - "0:lan" "1:lan" "2:lan" "3:wan" "5@eth0" - board_config_flush - exit 0 - ;; -esac +bcm53xx_setup_macs() +{ + local board="$1" -wan_macaddr="$(nvram get wan_hwaddr)" -case "$board" in -asus,rt-ac87u) - ifname=eth1 - etXmacaddr=$(nvram get et1macaddr) - ;; -dlink,dir-885l | \ -netgear,r7900 | \ -netgear,r8000 | \ -netgear,r8500) - ifname=eth2 - etXmacaddr=$(nvram get et2macaddr) - ;; -*) - ifname=eth0 - etXmacaddr=$(nvram get et0macaddr) - ;; -esac + case "$board" in + dlink,dir-885l | \ + netgear,r7900 | \ + netgear,r8000 | \ + netgear,r8500) + # As vendor doesn't use eth0 its MAC may be missing. Use one from eth2. + et2macaddr="$(nvram get et2macaddr)" + [ -n "$et2macaddr" ] && ucidef_set_interface_macaddr "lan" "$et2macaddr" + ;; + esac -# If WAN MAC isn't explicitly set, calculate it using base MAC as reference. -[ -z "$wan_macaddr" -a -n "$etXmacaddr" ] && wan_macaddr=$(macaddr_add "$etXmacaddr" 1) + wan_macaddr="$(nvram get wan_hwaddr)" + case "$board" in + asus,rt-ac87u) + etXmacaddr=$(nvram get et1macaddr) + offset=1 + ;; + dlink,dir-885l | \ + netgear,r7900 | \ + netgear,r8000 | \ + netgear,r8500) + etXmacaddr=$(nvram get et2macaddr) + offset=1 + ;; + luxul,xwr-3100v1 | \ + luxul,xwr-3150-v1) + etXmacaddr=$(nvram get et0macaddr) + offset=5 + ;; + *) + etXmacaddr=$(nvram get et0macaddr) + offset=1 + ;; + esac -# Workaround for devices using eth2 connected to (CPU) switch port 8 -case "$board" in -dlink,dir-885l | \ -netgear,r7900 | \ -netgear,r8000 | \ -netgear,r8500) - ifname=eth0 - ucidef_add_switch "switch0" \ - "0:lan" "1:lan" "2:lan" "3:lan" "4:wan" "5t@$ifname" + # If WAN MAC isn't explicitly set, calculate it using base MAC as reference. + [ -z "$wan_macaddr" -a -n "$etXmacaddr" ] && wan_macaddr=$(macaddr_add "$etXmacaddr" $offset) - # These devices should use eth2 so their eth0 interface often has no MAC - # assigned. Manually assign eth2's MAC to the LAN. - et2macaddr="$(nvram get et2macaddr)" - [ -n "$et2macaddr" ] && ucidef_set_interface_macaddr "lan" "$et2macaddr" [ -n "$wan_macaddr" ] && ucidef_set_interface_macaddr "wan" "$wan_macaddr" +} - board_config_flush - exit 0 - ;; -esac - -# NVRAM entries may contain unsorted ports, e.g. Netgear R6250 uses -# vlan1ports=3 2 1 0 5* -# vlan2ports=4 5u -# and early Netgear R8000 was using -# vlan1ports=3 2 1 0 5 7 8* -vlan1ports="$(echo $(nvram get vlan1ports | tr " " "\n" | sort))" -vlan2ports="$(echo $(nvram get vlan2ports | tr " " "\n" | sort))" -if echo "$vlan1ports" | egrep -q "^1 2 3 4 5" && \ - echo "$vlan2ports" | egrep -q "^0 5"; then - ucidef_add_switch "switch0" \ - "1:lan" "2:lan" "3:lan" "4:lan" "0:wan" "5t@$ifname" -elif echo "$vlan1ports" | egrep -q "^1 2 3 5 7" && \ - echo "$vlan2ports" | egrep -q "^0 7"; then - ucidef_add_switch "switch0" \ - "1:lan" "2:lan" "3:lan" "5:lan" "0:wan" "7t@$ifname" -elif echo "$vlan1ports" | egrep -q "^0 1 2 3 5 7 8" && \ - echo "$vlan2ports" | egrep -q "^4 8"; then - ucidef_add_switch "switch0" \ - "0:lan" "1:lan" "2:lan" "3:lan" "5:lan" "7:lan" "4:wan" "8t@$ifname" -else - ucidef_add_switch "switch0" \ - "0:lan" "1:lan" "2:lan" "3:lan" "4:wan" "5t@$ifname" -fi - -[ -n "$wan_macaddr" ] && ucidef_set_interface_macaddr "wan" "$wan_macaddr" - +board_config_update +board=$(board_name) +bcm53xx_setup_interfaces "$board" +bcm53xx_setup_macs "$board" board_config_flush exit 0 diff --git a/target/linux/bcm53xx/base-files/lib/upgrade/platform.sh b/target/linux/bcm53xx/base-files/lib/upgrade/platform.sh index 1686462c..40b2ef67 100644 --- a/target/linux/bcm53xx/base-files/lib/upgrade/platform.sh +++ b/target/linux/bcm53xx/base-files/lib/upgrade/platform.sh @@ -1,4 +1,4 @@ -RAMFS_COPY_BIN='osafeloader oseama otrx' +RAMFS_COPY_BIN='osafeloader oseama otrx truncate' PART_NAME=firmware @@ -281,7 +281,7 @@ platform_do_upgrade_nand_trx() { while [ "$(dd if=$dir/root skip=$ubi_length bs=1 count=4 2>/dev/null)" = "UBI#" ]; do ubi_length=$(($ubi_length + 131072)) done - dd if=$dir/root of=/tmp/root.ubi bs=131072 count=$((ubi_length / 131072)) 2>/dev/null + truncate -s $ubi_length $dir/root [ $? -ne 0 ] && { echo "Failed to prepare new UBI image." return @@ -289,7 +289,7 @@ platform_do_upgrade_nand_trx() { # Flash mtd write /tmp/kernel.trx firmware || exit 1 - nand_do_upgrade /tmp/root.ubi + nand_do_upgrade $dir/root } platform_do_upgrade_nand_seama() { diff --git a/target/linux/bcm53xx/image/Makefile b/target/linux/bcm53xx/image/Makefile index 4f18a9c0..f2dd405a 100644 --- a/target/linux/bcm53xx/image/Makefile +++ b/target/linux/bcm53xx/image/Makefile @@ -79,7 +79,7 @@ endef define Build/asus-trx $(STAGING_DIR_HOST)/bin/asustrx \ - -p $(PRODUCTID) -i $@ -o $@.new + -p $(ASUS_PRODUCTID) -i $@ -o $@.new mv $@.new $@ endef @@ -107,8 +107,10 @@ define Build/seama-nand -i $@.entity endef -DEVICE_VARS += PRODUCTID SIGNATURE NETGEAR_BOARD_ID NETGEAR_REGION TPLINK_BOARD +DEVICE_VARS += ASUS_PRODUCTID DEVICE_VARS += BUFFALO_TAG_PLATFORM BUFFALO_TAG_VERSION BUFFALO_TAG_MINOR +DEVICE_VARS += SIGNATURE +DEVICE_VARS += NETGEAR_BOARD_ID NETGEAR_REGION TPLINK_BOARD DEVICE_VARS += LUXUL_BOARD IEEE8021X := wpad-basic @@ -143,26 +145,34 @@ define Device/asus endef define Device/asus-rt-ac56u + $(call Device/asus) DEVICE_TITLE := Asus RT-AC56U DEVICE_PACKAGES := $(B43) $(USB3_PACKAGES) + ASUS_PRODUCTID := RT-AC56U endef TARGET_DEVICES += asus-rt-ac56u define Device/asus-rt-ac68u + $(call Device/asus) DEVICE_TITLE := Asus RT-AC68U DEVICE_PACKAGES := $(USB3_PACKAGES) + ASUS_PRODUCTID := RT-AC68U endef TARGET_DEVICES += asus-rt-ac68u define Device/asus-rt-ac87u + $(call Device/asus) DEVICE_TITLE := Asus RT-AC87U DEVICE_PACKAGES := $(USB3_PACKAGES) + ASUS_PRODUCTID := RT-AC87U endef TARGET_DEVICES += asus-rt-ac87u define Device/asus-rt-n18u + $(call Device/asus) DEVICE_TITLE := Asus RT-N18U DEVICE_PACKAGES := $(USB3_PACKAGES) + ASUS_PRODUCTID := RT-N18U endef TARGET_DEVICES += asus-rt-n18u @@ -270,6 +280,15 @@ define Device/luxul-abr-4500 endef TARGET_DEVICES += luxul-abr-4500 +define Device/luxul-xap-1610 + $(Device/luxul) + DEVICE_TITLE := Luxul XAP-1610 + DEVICE_PACKAGES := $(BRCMFMAC_4366C0) + IMAGE/lxl := append-rootfs | trx-serial | luxul-lxl + LUXUL_BOARD := XAP-1610 +endef +TARGET_DEVICES += luxul-xap-1610 + define Device/luxul-xbr-4500 $(Device/luxul) DEVICE_TITLE := Luxul XBR-4500 @@ -278,6 +297,15 @@ define Device/luxul-xbr-4500 endef TARGET_DEVICES += luxul-xbr-4500 +define Device/luxul-xwr-3150 + $(Device/luxul) + DEVICE_TITLE := Luxul XWR-3150 + DEVICE_PACKAGES := $(BRCMFMAC_4366C0) $(USB3_PACKAGES) + DEVICE_DTS := bcm47094-luxul-xwr-3150-v1 + LUXUL_BOARD := XWR-3150 +endef +TARGET_DEVICES += luxul-xwr-3150 + define Device/netgear IMAGES := chk IMAGE/chk := append-ubi | trx-nand | netgear-chk diff --git a/target/linux/brcm2708/patches-4.14/950-0037-Add-dwc_otg-driver.patch b/target/linux/brcm2708/patches-4.14/950-0037-Add-dwc_otg-driver.patch index afc4311e..c0d9578a 100644 --- a/target/linux/brcm2708/patches-4.14/950-0037-Add-dwc_otg-driver.patch +++ b/target/linux/brcm2708/patches-4.14/950-0037-Add-dwc_otg-driver.patch @@ -841,7 +841,7 @@ Signed-off-by: Malik Olivier Boussejra } --- a/drivers/usb/core/hub.c +++ b/drivers/usb/core/hub.c -@@ -5106,7 +5106,7 @@ static void port_event(struct usb_hub *h +@@ -5130,7 +5130,7 @@ static void port_event(struct usb_hub *h if (portchange & USB_PORT_STAT_C_OVERCURRENT) { u16 status = 0, unused; @@ -852,7 +852,7 @@ Signed-off-by: Malik Olivier Boussejra msleep(100); /* Cool down */ --- a/drivers/usb/core/message.c +++ b/drivers/usb/core/message.c -@@ -1925,6 +1925,85 @@ free_interfaces: +@@ -1932,6 +1932,85 @@ free_interfaces: if (cp->string == NULL && !(dev->quirks & USB_QUIRK_CONFIG_INTF_STRINGS)) cp->string = usb_cache_string(dev, cp->desc.iConfiguration); diff --git a/target/linux/brcm2708/patches-4.14/950-0054-BCM2708-Add-core-Device-Tree-support.patch b/target/linux/brcm2708/patches-4.14/950-0054-BCM2708-Add-core-Device-Tree-support.patch index 027fc258..611233e1 100644 --- a/target/linux/brcm2708/patches-4.14/950-0054-BCM2708-Add-core-Device-Tree-support.patch +++ b/target/linux/brcm2708/patches-4.14/950-0054-BCM2708-Add-core-Device-Tree-support.patch @@ -475,7 +475,7 @@ Signed-off-by: Phil Elwell --- a/arch/arm/Makefile +++ b/arch/arm/Makefile -@@ -341,6 +341,8 @@ $(INSTALL_TARGETS): +@@ -343,6 +343,8 @@ $(INSTALL_TARGETS): %.dtb: | scripts $(Q)$(MAKE) $(build)=$(boot)/dts MACHINE=$(MACHINE) $(boot)/dts/$@ diff --git a/target/linux/brcm2708/patches-4.14/950-0061-Improve-__copy_to_user-and-__copy_from_user-performa.patch b/target/linux/brcm2708/patches-4.14/950-0061-Improve-__copy_to_user-and-__copy_from_user-performa.patch index d7b04c9e..1045733b 100644 --- a/target/linux/brcm2708/patches-4.14/950-0061-Improve-__copy_to_user-and-__copy_from_user-performa.patch +++ b/target/linux/brcm2708/patches-4.14/950-0061-Improve-__copy_to_user-and-__copy_from_user-performa.patch @@ -279,7 +279,7 @@ Signed-off-by: Phil Elwell ENDPROC(arm_copy_from_user) +ENDPROC(__copy_from_user_std) - .pushsection .fixup,"ax" + .pushsection .text.fixup,"ax" .align 0 --- /dev/null +++ b/arch/arm/lib/exports_rpi.c @@ -1313,9 +1313,9 @@ Signed-off-by: Phil Elwell + DAT2 .req ip + DAT3 .req lr + -+ orr DAT0, DAT0, lsl #8 ++ orr DAT0, DAT0, DAT0, lsl #8 + push {S, lr} -+ orr DAT0, DAT0, lsl #16 ++ orr DAT0, DAT0, DAT0, lsl #16 + mov DAT1, DAT0 + + /* See if we're guaranteed to have at least one 16-byte aligned 16-byte write */ diff --git a/target/linux/brcm2708/patches-4.14/950-0136-cgroup-Disable-cgroup-memory-by-default.patch b/target/linux/brcm2708/patches-4.14/950-0136-cgroup-Disable-cgroup-memory-by-default.patch index 6aefcb50..ec964531 100644 --- a/target/linux/brcm2708/patches-4.14/950-0136-cgroup-Disable-cgroup-memory-by-default.patch +++ b/target/linux/brcm2708/patches-4.14/950-0136-cgroup-Disable-cgroup-memory-by-default.patch @@ -17,7 +17,7 @@ Signed-off-by: Phil Elwell --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c -@@ -5207,6 +5207,8 @@ int __init cgroup_init_early(void) +@@ -5220,6 +5220,8 @@ int __init cgroup_init_early(void) } static u16 cgroup_disable_mask __initdata; @@ -26,7 +26,7 @@ Signed-off-by: Phil Elwell /** * cgroup_init - cgroup initialization -@@ -5245,6 +5247,12 @@ int __init cgroup_init(void) +@@ -5258,6 +5260,12 @@ int __init cgroup_init(void) mutex_unlock(&cgroup_mutex); @@ -39,7 +39,7 @@ Signed-off-by: Phil Elwell for_each_subsys(ss, ssid) { if (ss->early_init) { struct cgroup_subsys_state *css = -@@ -5636,6 +5644,28 @@ static int __init cgroup_disable(char *s +@@ -5649,6 +5657,28 @@ static int __init cgroup_disable(char *s } __setup("cgroup_disable=", cgroup_disable); diff --git a/target/linux/brcm2708/patches-4.14/950-0280-gpiolib-Don-t-prevent-IRQ-usage-of-output-GPIOs.patch b/target/linux/brcm2708/patches-4.14/950-0280-gpiolib-Don-t-prevent-IRQ-usage-of-output-GPIOs.patch index 53ce2653..416914da 100644 --- a/target/linux/brcm2708/patches-4.14/950-0280-gpiolib-Don-t-prevent-IRQ-usage-of-output-GPIOs.patch +++ b/target/linux/brcm2708/patches-4.14/950-0280-gpiolib-Don-t-prevent-IRQ-usage-of-output-GPIOs.patch @@ -26,7 +26,7 @@ Signed-off-by: Phil Elwell /* Device and char device-related information */ static DEFINE_IDA(gpio_ida); static dev_t gpio_devt; -@@ -2323,7 +2325,7 @@ static int _gpiod_direction_output_raw(s +@@ -2306,7 +2308,7 @@ static int _gpiod_direction_output_raw(s int ret; /* GPIOs used for IRQs shall not be set as output */ @@ -35,7 +35,7 @@ Signed-off-by: Phil Elwell gpiod_err(desc, "%s: tried to set a GPIO tied to an IRQ as output\n", __func__); -@@ -2849,7 +2851,7 @@ int gpiochip_lock_as_irq(struct gpio_chi +@@ -2832,7 +2834,7 @@ int gpiochip_lock_as_irq(struct gpio_chi set_bit(FLAG_IS_OUT, &desc->flags); } diff --git a/target/linux/brcm2708/patches-4.14/950-0291-ARM-dts-bcm283x-Fix-DTC-warnings-about-missing-phy-c.patch b/target/linux/brcm2708/patches-4.14/950-0291-ARM-dts-bcm283x-Fix-DTC-warnings-about-missing-phy-c.patch index 402abec7..c2ed7afa 100644 --- a/target/linux/brcm2708/patches-4.14/950-0291-ARM-dts-bcm283x-Fix-DTC-warnings-about-missing-phy-c.patch +++ b/target/linux/brcm2708/patches-4.14/950-0291-ARM-dts-bcm283x-Fix-DTC-warnings-about-missing-phy-c.patch @@ -17,7 +17,7 @@ Reviewed-by: Eric Anholt --- a/arch/arm/boot/dts/bcm283x.dtsi +++ b/arch/arm/boot/dts/bcm283x.dtsi -@@ -639,5 +639,6 @@ +@@ -640,5 +640,6 @@ usbphy: phy { compatible = "usb-nop-xceiv"; diff --git a/target/linux/brcm2708/patches-4.14/950-0294-net-phy-add-unlocked-accessors.patch b/target/linux/brcm2708/patches-4.14/950-0294-net-phy-add-unlocked-accessors.patch index f0b916e8..9a6dc179 100644 --- a/target/linux/brcm2708/patches-4.14/950-0294-net-phy-add-unlocked-accessors.patch +++ b/target/linux/brcm2708/patches-4.14/950-0294-net-phy-add-unlocked-accessors.patch @@ -53,7 +53,7 @@ Signed-off-by: David S. Miller +EXPORT_SYMBOL_GPL(__phy_modify); --- a/include/linux/phy.h +++ b/include/linux/phy.h -@@ -726,6 +726,18 @@ static inline int phy_read(struct phy_de +@@ -728,6 +728,18 @@ static inline int phy_read(struct phy_de } /** @@ -72,7 +72,7 @@ Signed-off-by: David S. Miller * phy_write - Convenience function for writing a given PHY register * @phydev: the phy_device struct * @regnum: register number to write -@@ -741,6 +753,22 @@ static inline int phy_write(struct phy_d +@@ -743,6 +755,22 @@ static inline int phy_write(struct phy_d } /** diff --git a/target/linux/brcm2708/patches-4.14/950-0295-net-phy-add-paged-phy-register-accessors.patch b/target/linux/brcm2708/patches-4.14/950-0295-net-phy-add-paged-phy-register-accessors.patch index 51866b44..b1da67fe 100644 --- a/target/linux/brcm2708/patches-4.14/950-0295-net-phy-add-paged-phy-register-accessors.patch +++ b/target/linux/brcm2708/patches-4.14/950-0295-net-phy-add-paged-phy-register-accessors.patch @@ -181,7 +181,7 @@ Signed-off-by: David S. Miller +EXPORT_SYMBOL(phy_modify_paged); --- a/include/linux/phy.h +++ b/include/linux/phy.h -@@ -644,6 +644,9 @@ struct phy_driver { +@@ -646,6 +646,9 @@ struct phy_driver { int (*write_mmd)(struct phy_device *dev, int devnum, u16 regnum, u16 val); @@ -191,7 +191,7 @@ Signed-off-by: David S. Miller /* Get the size and type of the eeprom contained within a plug-in * module */ int (*module_info)(struct phy_device *dev, -@@ -832,6 +835,14 @@ static inline bool phy_is_pseudo_fixed_l +@@ -834,6 +837,14 @@ static inline bool phy_is_pseudo_fixed_l */ int phy_write_mmd(struct phy_device *phydev, int devad, u32 regnum, u16 val); diff --git a/target/linux/brcm2708/patches-4.14/950-0341-BCM283x-DT-Add-CSI-nodes-to-the-device-tree.patch b/target/linux/brcm2708/patches-4.14/950-0341-BCM283x-DT-Add-CSI-nodes-to-the-device-tree.patch index eb3635a8..65818b95 100644 --- a/target/linux/brcm2708/patches-4.14/950-0341-BCM283x-DT-Add-CSI-nodes-to-the-device-tree.patch +++ b/target/linux/brcm2708/patches-4.14/950-0341-BCM283x-DT-Add-CSI-nodes-to-the-device-tree.patch @@ -142,7 +142,7 @@ Signed-off-by: Dave Stevenson +}; --- a/arch/arm/boot/dts/bcm283x.dtsi +++ b/arch/arm/boot/dts/bcm283x.dtsi -@@ -544,6 +544,34 @@ +@@ -545,6 +545,34 @@ status = "disabled"; }; diff --git a/target/linux/brcm63xx/patches-4.14/143-gpio-fix-device-tree-gpio-hogs-on-dual-role-gpio-pin.patch b/target/linux/brcm63xx/patches-4.14/143-gpio-fix-device-tree-gpio-hogs-on-dual-role-gpio-pin.patch index bbd39811..e1d43da8 100644 --- a/target/linux/brcm63xx/patches-4.14/143-gpio-fix-device-tree-gpio-hogs-on-dual-role-gpio-pin.patch +++ b/target/linux/brcm63xx/patches-4.14/143-gpio-fix-device-tree-gpio-hogs-on-dual-role-gpio-pin.patch @@ -89,7 +89,7 @@ Signed-off-by: Jonas Gorski --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c -@@ -1958,7 +1958,8 @@ int gpiochip_add_pingroup_range(struct g +@@ -1941,7 +1941,8 @@ int gpiochip_add_pingroup_range(struct g list_add_tail(&pin_range->node, &gdev->pin_ranges); @@ -99,7 +99,7 @@ Signed-off-by: Jonas Gorski } EXPORT_SYMBOL_GPL(gpiochip_add_pingroup_range); -@@ -2010,7 +2011,7 @@ int gpiochip_add_pin_range(struct gpio_c +@@ -1993,7 +1994,7 @@ int gpiochip_add_pin_range(struct gpio_c list_add_tail(&pin_range->node, &gdev->pin_ranges); diff --git a/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch b/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch index b8517998..7939ee46 100644 --- a/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch +++ b/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch @@ -55,7 +55,7 @@ Cc: Kir Kolyshkin rwlock_t sk_callback_lock; --- a/net/core/sock.c +++ b/net/core/sock.c -@@ -2745,6 +2745,7 @@ void sock_init_data(struct socket *sock, +@@ -2748,6 +2748,7 @@ void sock_init_data(struct socket *sock, sk->sk_max_pacing_rate = ~0U; sk->sk_pacing_rate = ~0U; diff --git a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch index c09a5e47..6d6c575a 100644 --- a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch +++ b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch @@ -30,7 +30,7 @@ Signed-off-by: Johan Hovold --- a/drivers/usb/serial/option.c +++ b/drivers/usb/serial/option.c -@@ -1981,7 +1981,8 @@ static const struct usb_device_id option +@@ -1983,7 +1983,8 @@ static const struct usb_device_id option { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) }, /* D-Link DWM-156 (variant) */ { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) }, { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) }, diff --git a/target/linux/generic/backport-4.14/050-v4.19-f2fs-skip-verifying-block-address-non-regular-inode.patch b/target/linux/generic/backport-4.14/050-v4.19-f2fs-skip-verifying-block-address-non-regular-inode.patch new file mode 100644 index 00000000..65ab16a9 --- /dev/null +++ b/target/linux/generic/backport-4.14/050-v4.19-f2fs-skip-verifying-block-address-non-regular-inode.patch @@ -0,0 +1,69 @@ +From dda9f4b9cac6bdd2a96253b4444d7a6ce5132edb Mon Sep 17 00:00:00 2001 +From: Chao Yu +Date: Sat, 11 Aug 2018 23:42:09 +0800 +Subject: f2fs: fix to skip verifying block address for non-regular inode + +generic/184 1s ... [failed, exit status 1]- output mismatch + --- tests/generic/184.out 2015-01-11 16:52:27.643681072 +0800 + QA output created by 184 - silence is golden + +rm: cannot remove '/mnt/f2fs/null': Bad address + +mknod: '/mnt/f2fs/null': Bad address + +chmod: cannot access '/mnt/f2fs/null': Bad address + +./tests/generic/184: line 36: /mnt/f2fs/null: Bad address + ... + +F2FS-fs (zram0): access invalid blkaddr:259 +EIP: f2fs_is_valid_blkaddr+0x14b/0x1b0 [f2fs] + f2fs_iget+0x927/0x1010 [f2fs] + f2fs_lookup+0x26e/0x630 [f2fs] + __lookup_slow+0xb3/0x140 + lookup_slow+0x31/0x50 + walk_component+0x185/0x1f0 + path_lookupat+0x51/0x190 + filename_lookup+0x7f/0x140 + user_path_at_empty+0x36/0x40 + vfs_statx+0x61/0xc0 + __do_sys_stat64+0x29/0x40 + sys_stat64+0x13/0x20 + do_fast_syscall_32+0xaa/0x22c + entry_SYSENTER_32+0x53/0x86 + +In f2fs_iget(), we will check inode's first block address, if it is valid, +we will set FI_FIRST_BLOCK_WRITTEN flag in inode. + +But we should only do this for regular inode, otherwise, like special +inode, i_addr[0] is used for storing device info instead of block address, +it will fail checking flow obviously. + +So for non-regular inode, let's skip verifying address and setting flag. + +Signed-off-by: Chao Yu +Signed-off-by: Jaegeuk Kim +--- + fs/f2fs/inode.c | 14 ++++++++------ + 1 file changed, 8 insertions(+), 6 deletions(-) + +--- a/fs/f2fs/inode.c ++++ b/fs/f2fs/inode.c +@@ -310,13 +310,15 @@ static int do_read_inode(struct inode *i + /* get rdev by using inline_info */ + __get_inode_rdev(inode, ri); + +- err = __written_first_block(sbi, ri); +- if (err < 0) { +- f2fs_put_page(node_page, 1); +- return err; ++ if (S_ISREG(inode->i_mode)) { ++ err = __written_first_block(sbi, ri); ++ if (err < 0) { ++ f2fs_put_page(node_page, 1); ++ return err; ++ } ++ if (!err) ++ set_inode_flag(inode, FI_FIRST_BLOCK_WRITTEN); + } +- if (!err) +- set_inode_flag(inode, FI_FIRST_BLOCK_WRITTEN); + + if (!need_inode_block_update(sbi, inode->i_ino)) + fi->last_disk_size = inode->i_size; diff --git a/target/linux/generic/backport-4.14/095-Allow-class-e-address-assignment-via-ifconfig-ioctl.patch b/target/linux/generic/backport-4.14/095-Allow-class-e-address-assignment-via-ifconfig-ioctl.patch index 1c501867..e3f77ab9 100644 --- a/target/linux/generic/backport-4.14/095-Allow-class-e-address-assignment-via-ifconfig-ioctl.patch +++ b/target/linux/generic/backport-4.14/095-Allow-class-e-address-assignment-via-ifconfig-ioctl.patch @@ -48,7 +48,7 @@ Reviewed-by: John Gilmore #define INADDR_ANY ((unsigned long int) 0x00000000) --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c -@@ -929,7 +929,7 @@ static int inet_abc_len(__be32 addr) +@@ -934,7 +934,7 @@ static int inet_abc_len(__be32 addr) { int rc = -1; /* Something else, probably a multicast. */ @@ -57,7 +57,7 @@ Reviewed-by: John Gilmore rc = 0; else { __u32 haddr = ntohl(addr); -@@ -940,6 +940,8 @@ static int inet_abc_len(__be32 addr) +@@ -945,6 +945,8 @@ static int inet_abc_len(__be32 addr) rc = 16; else if (IN_CLASSC(haddr)) rc = 24; diff --git a/target/linux/generic/backport-4.14/273-batman-adv-Convert-packet.h-to-uapi-header.patch b/target/linux/generic/backport-4.14/273-batman-adv-Convert-packet.h-to-uapi-header.patch index 0435803f..a9f744fd 100644 --- a/target/linux/generic/backport-4.14/273-batman-adv-Convert-packet.h-to-uapi-header.patch +++ b/target/linux/generic/backport-4.14/273-batman-adv-Convert-packet.h-to-uapi-header.patch @@ -27,7 +27,7 @@ Signed-off-by: David S. Miller --- a/net/batman-adv/bat_iv_ogm.c +++ b/net/batman-adv/bat_iv_ogm.c -@@ -51,6 +51,7 @@ +@@ -52,6 +52,7 @@ #include #include #include @@ -35,7 +35,7 @@ Signed-off-by: David S. Miller #include #include "bat_algo.h" -@@ -62,7 +63,6 @@ +@@ -63,7 +64,6 @@ #include "netlink.h" #include "network-coding.h" #include "originator.h" @@ -45,7 +45,7 @@ Signed-off-by: David S. Miller #include "translation-table.h" --- a/net/batman-adv/bat_v.c +++ b/net/batman-adv/bat_v.c -@@ -37,6 +37,7 @@ +@@ -36,6 +36,7 @@ #include #include #include @@ -53,7 +53,7 @@ Signed-off-by: David S. Miller #include #include "bat_algo.h" -@@ -49,7 +50,6 @@ +@@ -48,7 +49,6 @@ #include "log.h" #include "netlink.h" #include "originator.h" @@ -80,7 +80,7 @@ Signed-off-by: David S. Miller --- a/net/batman-adv/bat_v_ogm.c +++ b/net/batman-adv/bat_v_ogm.c -@@ -38,13 +38,13 @@ +@@ -40,13 +40,13 @@ #include #include #include @@ -174,7 +174,7 @@ Signed-off-by: David S. Miller /** --- a/net/batman-adv/hard-interface.c +++ b/net/batman-adv/hard-interface.c -@@ -36,6 +36,7 @@ +@@ -37,6 +37,7 @@ #include #include #include @@ -182,7 +182,7 @@ Signed-off-by: David S. Miller #include "bat_v.h" #include "bridge_loop_avoidance.h" -@@ -44,7 +45,6 @@ +@@ -45,7 +46,6 @@ #include "gateway_client.h" #include "log.h" #include "originator.h" @@ -1025,7 +1025,7 @@ Signed-off-by: David S. Miller --- a/net/batman-adv/types.h +++ b/net/batman-adv/types.h -@@ -34,10 +34,9 @@ +@@ -35,10 +35,9 @@ #include #include #include diff --git a/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch b/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch index de888258..885d632d 100644 --- a/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch +++ b/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch @@ -47,7 +47,7 @@ Signed-off-by: Pablo Neira Ayuso }; --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c -@@ -960,6 +960,9 @@ static unsigned int early_drop_list(stru +@@ -974,6 +974,9 @@ static unsigned int early_drop_list(stru hlist_nulls_for_each_entry_rcu(h, n, head, hnnode) { tmp = nf_ct_tuplehash_to_ctrack(h); @@ -57,7 +57,7 @@ Signed-off-by: Pablo Neira Ayuso if (nf_ct_is_expired(tmp)) { nf_ct_gc_expired(tmp); continue; -@@ -1037,6 +1040,18 @@ static bool gc_worker_can_early_drop(con +@@ -1051,6 +1054,18 @@ static bool gc_worker_can_early_drop(con return false; } @@ -76,7 +76,7 @@ Signed-off-by: Pablo Neira Ayuso static void gc_worker(struct work_struct *work) { unsigned int min_interval = max(HZ / GC_MAX_BUCKETS_DIV, 1u); -@@ -1073,6 +1088,11 @@ static void gc_worker(struct work_struct +@@ -1087,6 +1102,11 @@ static void gc_worker(struct work_struct tmp = nf_ct_tuplehash_to_ctrack(h); scanned++; diff --git a/target/linux/generic/backport-4.14/350-v4.18-ipv6-make-ip6_dst_mtu_forward-inline.patch b/target/linux/generic/backport-4.14/350-v4.18-ipv6-make-ip6_dst_mtu_forward-inline.patch index dddc3474..bbc04555 100644 --- a/target/linux/generic/backport-4.14/350-v4.18-ipv6-make-ip6_dst_mtu_forward-inline.patch +++ b/target/linux/generic/backport-4.14/350-v4.18-ipv6-make-ip6_dst_mtu_forward-inline.patch @@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau --- a/include/net/ip6_route.h +++ b/include/net/ip6_route.h -@@ -252,4 +252,26 @@ static inline bool rt6_duplicate_nexthop +@@ -253,4 +253,26 @@ static inline bool rt6_duplicate_nexthop ipv6_addr_equal(&a->rt6i_gateway, &b->rt6i_gateway) && !lwtunnel_cmp_encap(a->dst.lwtstate, b->dst.lwtstate); } diff --git a/target/linux/generic/backport-4.14/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch b/target/linux/generic/backport-4.14/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch index 286f1f65..d8285490 100644 --- a/target/linux/generic/backport-4.14/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch +++ b/target/linux/generic/backport-4.14/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch @@ -21,7 +21,7 @@ Signed-off-by: Felix Fietkau --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c -@@ -1040,18 +1040,6 @@ static bool gc_worker_can_early_drop(con +@@ -1054,18 +1054,6 @@ static bool gc_worker_can_early_drop(con return false; } @@ -40,7 +40,7 @@ Signed-off-by: Felix Fietkau static void gc_worker(struct work_struct *work) { unsigned int min_interval = max(HZ / GC_MAX_BUCKETS_DIV, 1u); -@@ -1088,10 +1076,8 @@ static void gc_worker(struct work_struct +@@ -1102,10 +1090,8 @@ static void gc_worker(struct work_struct tmp = nf_ct_tuplehash_to_ctrack(h); scanned++; diff --git a/target/linux/generic/backport-4.14/950-tty-serial-exar-generalize-rs485-setup.patch b/target/linux/generic/backport-4.14/950-tty-serial-exar-generalize-rs485-setup.patch index 42c4705e..353dc149 100644 --- a/target/linux/generic/backport-4.14/950-tty-serial-exar-generalize-rs485-setup.patch +++ b/target/linux/generic/backport-4.14/950-tty-serial-exar-generalize-rs485-setup.patch @@ -19,7 +19,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/drivers/tty/serial/8250/8250_exar.c +++ b/drivers/tty/serial/8250/8250_exar.c -@@ -275,8 +275,32 @@ static int xr17v35x_register_gpio(struct +@@ -283,8 +283,32 @@ static int xr17v35x_register_gpio(struct return 0; } @@ -52,7 +52,7 @@ Signed-off-by: Greg Kroah-Hartman }; static int iot2040_rs485_config(struct uart_port *port, -@@ -309,19 +333,7 @@ static int iot2040_rs485_config(struct u +@@ -317,19 +341,7 @@ static int iot2040_rs485_config(struct u value |= mode; writeb(value, p + UART_EXAR_MPIOLVL_7_0); diff --git a/target/linux/generic/config-4.14 b/target/linux/generic/config-4.14 index 5a4dab98..d54ede9e 100644 --- a/target/linux/generic/config-4.14 +++ b/target/linux/generic/config-4.14 @@ -2652,6 +2652,7 @@ CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 # CONFIG_MIGRATION is not set CONFIG_MII=y # CONFIG_MIKROTIK_RB532 is not set +# CONFIG_MIKROTIK is not set # CONFIG_MINIX_FS is not set # CONFIG_MINIX_FS_NATIVE_ENDIAN is not set # CONFIG_MINIX_SUBPARTITION is not set diff --git a/target/linux/generic/files/drivers/net/phy/ar8216.c b/target/linux/generic/files/drivers/net/phy/ar8216.c index 5ace4e0b..9ac0d8fd 100644 --- a/target/linux/generic/files/drivers/net/phy/ar8216.c +++ b/target/linux/generic/files/drivers/net/phy/ar8216.c @@ -943,10 +943,14 @@ ar8229_init_globals(struct ar8xxx_priv *priv) ar8xxx_reg_set(priv, AR8229_REG_QM_CTRL, AR8229_QM_CTRL_ARP_EN); - /* Enable Broadcast/Multicast frames transmitted to the CPU */ + /* + * Enable Broadcast/unknown multicast and unicast frames + * transmitted to the CPU port. + */ ar8xxx_reg_set(priv, AR8216_REG_FLOOD_MASK, AR8229_FLOOD_MASK_BC_DP(0) | - AR8229_FLOOD_MASK_MC_DP(0)); + AR8229_FLOOD_MASK_MC_DP(0) | + AR8229_FLOOD_MASK_UC_DP(0)); /* setup MTU */ ar8xxx_rmw(priv, AR8216_REG_GLOBAL_CTRL, @@ -1008,7 +1012,7 @@ ar7240sw_init_globals(struct ar8xxx_priv *priv) /* Enable Broadcast frames transmitted to the CPU */ ar8xxx_reg_set(priv, AR8216_REG_FLOOD_MASK, - AR8236_FM_CPU_BROADCAST_EN); + AR8216_FM_CPU_BROADCAST_EN); /* setup MTU */ ar8xxx_rmw(priv, AR8216_REG_GLOBAL_CTRL, @@ -1074,9 +1078,14 @@ ar8236_init_globals(struct ar8xxx_priv *priv) ar8xxx_reg_set(priv, AR8216_REG_ATU_CTRL, AR8236_ATU_CTRL_RES); - /* enable cpu port to receive multicast and broadcast frames */ + /* + * Enable Broadcast/unknown multicast and unicast frames + * transmitted to the CPU port. + */ ar8xxx_reg_set(priv, AR8216_REG_FLOOD_MASK, - AR8236_FM_CPU_BROADCAST_EN | AR8236_FM_CPU_BCAST_FWD_EN); + AR8229_FLOOD_MASK_BC_DP(0) | + AR8229_FLOOD_MASK_MC_DP(0) | + AR8229_FLOOD_MASK_UC_DP(0)); /* Enable MIB counters */ ar8xxx_rmw(priv, AR8216_REG_MIB_FUNC, AR8216_MIB_FUNC | AR8236_MIB_EN, diff --git a/target/linux/generic/files/drivers/net/phy/ar8216.h b/target/linux/generic/files/drivers/net/phy/ar8216.h index bf34fdb7..d62cf60f 100644 --- a/target/linux/generic/files/drivers/net/phy/ar8216.h +++ b/target/linux/generic/files/drivers/net/phy/ar8216.h @@ -56,10 +56,10 @@ #define AR8216_REG_FLOOD_MASK 0x002C #define AR8216_FM_UNI_DEST_PORTS BITS(0, 6) #define AR8216_FM_MULTI_DEST_PORTS BITS(16, 6) +#define AR8216_FM_CPU_BROADCAST_EN BIT(26) +#define AR8229_FLOOD_MASK_UC_DP(_p) BIT(_p) #define AR8229_FLOOD_MASK_MC_DP(_p) BIT(16 + (_p)) #define AR8229_FLOOD_MASK_BC_DP(_p) BIT(25 + (_p)) -#define AR8236_FM_CPU_BROADCAST_EN BIT(26) -#define AR8236_FM_CPU_BCAST_FWD_EN BIT(25) #define AR8216_REG_GLOBAL_CTRL 0x0030 #define AR8216_GCTRL_MTU BITS(0, 11) diff --git a/target/linux/generic/files/drivers/platform/mikrotik/Kconfig b/target/linux/generic/files/drivers/platform/mikrotik/Kconfig new file mode 100644 index 00000000..195a1e8f --- /dev/null +++ b/target/linux/generic/files/drivers/platform/mikrotik/Kconfig @@ -0,0 +1,18 @@ +menuconfig MIKROTIK + bool "Platform support for MikroTik RouterBoard virtual devices" + default n + depends on MTD + select LZO_DECOMPRESS + help + Say Y here to get to see options for the MikroTik RouterBoard platform. + This option alone does not add any kernel code. + + +if MIKROTIK + +config MIKROTIK_RB_SYSFS + tristate "RouterBoot sysfs support" + help + This driver exposes RouterBoot configuration in sysfs. + +endif # MIKROTIK diff --git a/target/linux/generic/files/drivers/platform/mikrotik/Makefile b/target/linux/generic/files/drivers/platform/mikrotik/Makefile new file mode 100644 index 00000000..4d50ede9 --- /dev/null +++ b/target/linux/generic/files/drivers/platform/mikrotik/Makefile @@ -0,0 +1,4 @@ +# +# Makefile for MikroTik RouterBoard platform specific drivers +# +obj-$(CONFIG_MIKROTIK_RB_SYSFS) += routerboot.o rb_hardconfig.o diff --git a/target/linux/generic/files/drivers/platform/mikrotik/rb_hardconfig.c b/target/linux/generic/files/drivers/platform/mikrotik/rb_hardconfig.c new file mode 100644 index 00000000..e5257b92 --- /dev/null +++ b/target/linux/generic/files/drivers/platform/mikrotik/rb_hardconfig.c @@ -0,0 +1,756 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Driver for MikroTik RouterBoot hard config. + * + * Copyright (C) 2020 Thibaut VARÈNE + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 as published + * by the Free Software Foundation. + * + * This driver exposes the data encoded in the "hard_config" flash segment of + * MikroTik RouterBOARDs devices. It presents the data in a sysfs folder + * named "hard_config". The WLAN calibration data is available on demand via + * the 'wlan_data' sysfs file in that folder. + * + * This driver permanently allocates a chunk of RAM as large as the hard_config + * MTD partition, although it is technically possible to operate entirely from + * the MTD device without using a local buffer (except when requesting WLAN + * calibration data), at the cost of a performance penalty. + * + * Some constant defines extracted from routerboot.{c,h} by Gabor Juhos + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "routerboot.h" + +#define RB_HARDCONFIG_VER "0.03" +#define RB_HC_PR_PFX "[rb_hardconfig] " + +/* ID values for hardware settings */ +#define RB_ID_FLASH_INFO 0x03 +#define RB_ID_MAC_ADDRESS_PACK 0x04 +#define RB_ID_BOARD_PRODUCT_CODE 0x05 +#define RB_ID_BIOS_VERSION 0x06 +#define RB_ID_SDRAM_TIMINGS 0x08 +#define RB_ID_DEVICE_TIMINGS 0x09 +#define RB_ID_SOFTWARE_ID 0x0A +#define RB_ID_SERIAL_NUMBER 0x0B +#define RB_ID_MEMORY_SIZE 0x0D +#define RB_ID_MAC_ADDRESS_COUNT 0x0E +#define RB_ID_HW_OPTIONS 0x15 +#define RB_ID_WLAN_DATA 0x16 +#define RB_ID_BOARD_IDENTIFIER 0x17 +#define RB_ID_PRODUCT_NAME 0x21 +#define RB_ID_DEFCONF 0x26 + +/* Bit definitions for hardware options */ +#define RB_HW_OPT_NO_UART BIT(0) +#define RB_HW_OPT_HAS_VOLTAGE BIT(1) +#define RB_HW_OPT_HAS_USB BIT(2) +#define RB_HW_OPT_HAS_ATTINY BIT(3) +#define RB_HW_OPT_NO_NAND BIT(14) +#define RB_HW_OPT_HAS_LCD BIT(15) +#define RB_HW_OPT_HAS_POE_OUT BIT(16) +#define RB_HW_OPT_HAS_uSD BIT(17) +#define RB_HW_OPT_HAS_SIM BIT(18) +#define RB_HW_OPT_HAS_SFP BIT(20) +#define RB_HW_OPT_HAS_WIFI BIT(21) +#define RB_HW_OPT_HAS_TS_FOR_ADC BIT(22) +#define RB_HW_OPT_HAS_PLC BIT(29) + +static struct kobject *hc_kobj; +static u8 *hc_buf; // ro buffer after init(): no locking required +static size_t hc_buflen; + +/* + * For LZOR style WLAN data unpacking. + * This binary blob is prepended to the data encoded on some devices as + * RB_ID_WLAN_DATA, the result is then first decompressed with LZO, and then + * finally RLE-decoded. + * This binary blob has been extracted from RouterOS by + * https://forum.openwrt.org/u/ius + */ +static const u8 hc_lzor_prefix[] = { + 0x00, 0x05, 0x4c, 0x4c, 0x44, 0x00, 0x34, 0xfe, + 0xfe, 0x34, 0x11, 0x3c, 0x1e, 0x3c, 0x2e, 0x3c, + 0x4c, 0x34, 0x00, 0x52, 0x62, 0x92, 0xa2, 0xb2, + 0xc3, 0x2a, 0x14, 0x00, 0x00, 0x05, 0xfe, 0x6a, + 0x3c, 0x16, 0x32, 0x16, 0x11, 0x1e, 0x12, 0x46, + 0x32, 0x46, 0x11, 0x4e, 0x12, 0x36, 0x32, 0x36, + 0x11, 0x3e, 0x12, 0x5a, 0x9a, 0x64, 0x00, 0x04, + 0xfe, 0x10, 0x3c, 0x00, 0x01, 0x00, 0x00, 0x28, + 0x0c, 0x00, 0x0f, 0xfe, 0x14, 0x00, 0x24, 0x24, + 0x23, 0x24, 0x24, 0x23, 0x25, 0x22, 0x21, 0x21, + 0x23, 0x22, 0x21, 0x22, 0x21, 0x2d, 0x38, 0x00, + 0x0c, 0x25, 0x25, 0x24, 0x25, 0x25, 0x24, 0x23, + 0x22, 0x21, 0x20, 0x23, 0x21, 0x21, 0x22, 0x21, + 0x2d, 0x38, 0x00, 0x28, 0xb0, 0x00, 0x00, 0x22, + 0x00, 0x00, 0xc0, 0xfe, 0x03, 0x00, 0xc0, 0x00, + 0x62, 0xff, 0x62, 0xff, 0xfe, 0x06, 0x00, 0xbb, + 0xff, 0xba, 0xff, 0xfe, 0x08, 0x00, 0x9e, 0xff, + 0xfe, 0x0a, 0x00, 0x53, 0xff, 0xfe, 0x02, 0x00, + 0x20, 0xff, 0xb1, 0xfe, 0xfe, 0xb2, 0xfe, 0xfe, + 0xed, 0xfe, 0xfe, 0xfe, 0x04, 0x00, 0x3a, 0xff, + 0x3a, 0xff, 0xde, 0xfd, 0x5f, 0x04, 0x33, 0xff, + 0x4c, 0x74, 0x03, 0x05, 0x05, 0xff, 0x6d, 0xfe, + 0xfe, 0x6d, 0xfe, 0xfe, 0xaf, 0x08, 0x63, 0xff, + 0x64, 0x6f, 0x08, 0xac, 0xff, 0xbf, 0x6d, 0x08, + 0x7a, 0x6d, 0x08, 0x96, 0x74, 0x04, 0x00, 0x08, + 0x79, 0xff, 0xda, 0xfe, 0xfe, 0xdb, 0xfe, 0xfe, + 0x56, 0xff, 0xfe, 0x04, 0x00, 0x5e, 0xff, 0x5e, + 0xff, 0x6c, 0xfe, 0xfe, 0xfe, 0x06, 0x00, 0x41, + 0xff, 0x7f, 0x74, 0x03, 0x00, 0x11, 0x44, 0xff, + 0xa9, 0xfe, 0xfe, 0xa9, 0xfe, 0xfe, 0xa5, 0x8f, + 0x01, 0x00, 0x08, 0x01, 0x01, 0x02, 0x04, 0x08, + 0x02, 0x04, 0x08, 0x08, 0x01, 0x01, 0xfe, 0x22, + 0x00, 0x4c, 0x60, 0x64, 0x8c, 0x90, 0xd0, 0xd4, + 0xd8, 0x5c, 0x10, 0x09, 0xd8, 0xff, 0xb0, 0xff, + 0x00, 0x00, 0xba, 0xff, 0x14, 0x00, 0xba, 0xff, + 0x64, 0x00, 0x00, 0x08, 0xfe, 0x06, 0x00, 0x74, + 0xff, 0x42, 0xff, 0xce, 0xff, 0x60, 0xff, 0x0a, + 0x00, 0xb4, 0x00, 0xa0, 0x00, 0xa0, 0xfe, 0x07, + 0x00, 0x0a, 0x00, 0xb0, 0xff, 0x96, 0x4d, 0x00, + 0x56, 0x57, 0x18, 0xa6, 0xff, 0x92, 0x70, 0x11, + 0x00, 0x12, 0x90, 0x90, 0x76, 0x5a, 0x54, 0x54, + 0x4c, 0x46, 0x38, 0x00, 0x10, 0x10, 0x08, 0xfe, + 0x05, 0x00, 0x38, 0x29, 0x25, 0x23, 0x22, 0x22, + 0x1f, 0x00, 0x00, 0x00, 0xf6, 0xe1, 0xdd, 0xf8, + 0xfe, 0x00, 0xfe, 0x15, 0x00, 0x00, 0xd0, 0x02, + 0x74, 0x02, 0x08, 0xf8, 0xe5, 0xde, 0x02, 0x04, + 0x04, 0xfd, 0x00, 0x00, 0x00, 0x07, 0x50, 0x2d, + 0x01, 0x90, 0x90, 0x76, 0x60, 0xb0, 0x07, 0x07, + 0x0c, 0x0c, 0x04, 0xfe, 0x05, 0x00, 0x66, 0x66, + 0x5a, 0x56, 0xbc, 0x01, 0x06, 0xfc, 0xfc, 0xf1, + 0xfe, 0x07, 0x00, 0x24, 0x95, 0x70, 0x64, 0x18, + 0x06, 0x2c, 0xff, 0xb5, 0xfe, 0xfe, 0xb5, 0xfe, + 0xfe, 0xe2, 0x8c, 0x24, 0x02, 0x2f, 0xff, 0x2f, + 0xff, 0xb4, 0x78, 0x02, 0x05, 0x73, 0xff, 0xed, + 0xfe, 0xfe, 0x4f, 0xff, 0x36, 0x74, 0x1e, 0x09, + 0x4f, 0xff, 0x50, 0xff, 0xfe, 0x16, 0x00, 0x70, + 0xac, 0x70, 0x8e, 0xac, 0x40, 0x0e, 0x01, 0x70, + 0x7f, 0x8e, 0xac, 0x6c, 0x00, 0x0b, 0xfe, 0x02, + 0x00, 0xfe, 0x0a, 0x2c, 0x2a, 0x2a, 0x28, 0x26, + 0x1e, 0x1e, 0xfe, 0x02, 0x20, 0x65, 0x20, 0x00, + 0x00, 0x05, 0x12, 0x00, 0x11, 0x1e, 0x11, 0x11, + 0x41, 0x1e, 0x41, 0x11, 0x31, 0x1e, 0x31, 0x11, + 0x70, 0x75, 0x7a, 0x7f, 0x84, 0x89, 0x8e, 0x93, + 0x98, 0x30, 0x20, 0x00, 0x02, 0x00, 0xfe, 0x06, + 0x3c, 0xbc, 0x32, 0x0c, 0x00, 0x00, 0x2a, 0x12, + 0x1e, 0x12, 0x2e, 0x12, 0xcc, 0x12, 0x11, 0x1a, + 0x1e, 0x1a, 0x2e, 0x1a, 0x4c, 0x10, 0x1e, 0x10, + 0x11, 0x18, 0x1e, 0x42, 0x1e, 0x42, 0x2e, 0x42, + 0xcc, 0x42, 0x11, 0x4a, 0x1e, 0x4a, 0x2e, 0x4a, + 0x4c, 0x40, 0x1e, 0x40, 0x11, 0x48, 0x1e, 0x32, + 0x1e, 0x32, 0x2e, 0x32, 0xcc, 0x32, 0x11, 0x3a, + 0x1e, 0x3a, 0x2e, 0x3a, 0x4c, 0x30, 0x1e, 0x30, + 0x11, 0x38, 0x1e, 0x27, 0x9a, 0x01, 0x9d, 0xa2, + 0x2f, 0x28, 0x00, 0x00, 0x46, 0xde, 0xc4, 0xbf, + 0xa6, 0x9d, 0x81, 0x7b, 0x5c, 0x61, 0x40, 0xc7, + 0xc0, 0xae, 0xa9, 0x8c, 0x83, 0x6a, 0x62, 0x50, + 0x3e, 0xce, 0xc2, 0xae, 0xa3, 0x8c, 0x7b, 0x6a, + 0x5a, 0x50, 0x35, 0xd7, 0xc2, 0xb7, 0xa4, 0x95, + 0x7e, 0x72, 0x5a, 0x59, 0x37, 0xfe, 0x02, 0xf8, + 0x8c, 0x95, 0x90, 0x8f, 0x00, 0xd7, 0xc0, 0xb7, + 0xa2, 0x95, 0x7b, 0x72, 0x56, 0x59, 0x32, 0xc7, + 0xc3, 0xae, 0xad, 0x8c, 0x85, 0x6a, 0x63, 0x50, + 0x3e, 0xce, 0xc3, 0xae, 0xa4, 0x8c, 0x7c, 0x6a, + 0x59, 0x50, 0x34, 0xd7, 0xc2, 0xb7, 0xa5, 0x95, + 0x7e, 0x72, 0x59, 0x59, 0x36, 0xfc, 0x05, 0x00, + 0x02, 0xce, 0xc5, 0xae, 0xa5, 0x95, 0x83, 0x72, + 0x5c, 0x59, 0x36, 0xbf, 0xc6, 0xa5, 0xab, 0x8c, + 0x8c, 0x6a, 0x67, 0x50, 0x41, 0x64, 0x07, 0x00, + 0x02, 0x95, 0x8c, 0x72, 0x65, 0x59, 0x3f, 0xce, + 0xc7, 0xae, 0xa8, 0x95, 0x86, 0x72, 0x5f, 0x59, + 0x39, 0xfe, 0x02, 0xf8, 0x8b, 0x7c, 0x0b, 0x09, + 0xb7, 0xc2, 0x9d, 0xa4, 0x83, 0x85, 0x6a, 0x6b, + 0x50, 0x44, 0xb7, 0xc1, 0x64, 0x01, 0x00, 0x06, + 0x61, 0x5d, 0x48, 0x3d, 0xae, 0xc4, 0x9d, 0xad, + 0x7b, 0x85, 0x61, 0x66, 0x48, 0x46, 0xae, 0xc3, + 0x95, 0xa3, 0x72, 0x7c, 0x59, 0x56, 0x38, 0x31, + 0x7c, 0x0b, 0x00, 0x0c, 0x96, 0x91, 0x8f, 0x00, + 0xb7, 0xc0, 0xa5, 0xab, 0x8c, 0x8a, 0x6a, 0x64, + 0x50, 0x3c, 0xb7, 0xc0, 0x9d, 0xa0, 0x83, 0x80, + 0x6a, 0x64, 0x50, 0x3d, 0xb7, 0xc5, 0x9d, 0xa5, + 0x83, 0x87, 0x6c, 0x08, 0x07, 0xae, 0xc0, 0x9d, + 0xa8, 0x83, 0x88, 0x6a, 0x6d, 0x50, 0x46, 0xfc, + 0x05, 0x00, 0x16, 0xbf, 0xc0, 0xa5, 0xa2, 0x8c, + 0x7f, 0x6a, 0x57, 0x50, 0x2f, 0xb7, 0xc7, 0xa5, + 0xb1, 0x8c, 0x8e, 0x72, 0x6d, 0x59, 0x45, 0xbf, + 0xc6, 0xa5, 0xa8, 0x8c, 0x87, 0x6a, 0x5f, 0x50, + 0x37, 0xbf, 0xc2, 0xa5, 0xa4, 0x8c, 0x83, 0x6a, + 0x5c, 0x50, 0x34, 0xbc, 0x05, 0x00, 0x0e, 0x90, + 0x00, 0xc7, 0xc2, 0xae, 0xaa, 0x95, 0x82, 0x7b, + 0x60, 0x61, 0x3f, 0xb7, 0xc6, 0xa5, 0xb1, 0x8c, + 0x8d, 0x72, 0x6b, 0x61, 0x51, 0xbf, 0xc4, 0xa5, + 0xa5, 0x8c, 0x82, 0x72, 0x61, 0x59, 0x39, 0x6c, + 0x26, 0x03, 0x95, 0x82, 0x7b, 0x61, 0x61, 0x40, + 0xfc, 0x05, 0x00, 0x00, 0x7e, 0xd7, 0xc3, 0xb7, + 0xa8, 0x9d, 0x80, 0x83, 0x5d, 0x6a, 0x3f, 0xbf, + 0xc7, 0xa5, 0xa8, 0x8c, 0x84, 0x72, 0x60, 0x61, + 0x46, 0xbf, 0xc2, 0xae, 0xb0, 0x9d, 0x92, 0x83, + 0x6f, 0x6a, 0x50, 0xd7, 0xc3, 0xb7, 0xa7, 0x9d, + 0x80, 0x83, 0x5e, 0x6a, 0x40, 0xfe, 0x02, 0xf8, + 0x8d, 0x96, 0x90, 0x90, 0xfe, 0x05, 0x00, 0x8a, + 0xc4, 0x63, 0xb8, 0x3c, 0xa6, 0x29, 0x97, 0x16, + 0x81, 0x84, 0xb7, 0x5b, 0xa9, 0x33, 0x94, 0x1e, + 0x83, 0x11, 0x70, 0xb8, 0xc2, 0x70, 0xb1, 0x4d, + 0xa3, 0x2a, 0x8d, 0x1b, 0x7b, 0xa8, 0xbc, 0x68, + 0xab, 0x47, 0x9d, 0x27, 0x87, 0x18, 0x75, 0xae, + 0xc6, 0x7d, 0xbb, 0x4d, 0xaa, 0x1c, 0x84, 0x11, + 0x72, 0xa3, 0xbb, 0x6e, 0xad, 0x3c, 0x97, 0x24, + 0x85, 0x16, 0x71, 0x80, 0xb2, 0x57, 0xa4, 0x30, + 0x8e, 0x1c, 0x7c, 0x10, 0x68, 0xbb, 0xbd, 0x75, + 0xac, 0x4f, 0x9e, 0x2b, 0x87, 0x1a, 0x76, 0x96, + 0xc5, 0x5e, 0xb5, 0x3e, 0xa5, 0x1f, 0x8c, 0x12, + 0x7a, 0xc1, 0xc6, 0x42, 0x9f, 0x27, 0x8c, 0x16, + 0x77, 0x0f, 0x67, 0x9d, 0xbc, 0x68, 0xad, 0x36, + 0x95, 0x20, 0x83, 0x11, 0x6d, 0x9b, 0xb8, 0x67, + 0xa8, 0x34, 0x90, 0x1f, 0x7c, 0x10, 0x67, 0x9e, + 0xc9, 0x6a, 0xbb, 0x37, 0xa4, 0x20, 0x90, 0x11, + 0x7b, 0xc6, 0xc8, 0x47, 0xa4, 0x2a, 0x90, 0x18, + 0x7b, 0x10, 0x6c, 0xae, 0xc4, 0x5d, 0xad, 0x37, + 0x9a, 0x1f, 0x85, 0x13, 0x75, 0x70, 0xad, 0x42, + 0x99, 0x25, 0x84, 0x17, 0x74, 0x0b, 0x56, 0x87, + 0xc8, 0x57, 0xb8, 0x2b, 0x9e, 0x19, 0x8a, 0x0d, + 0x74, 0xa7, 0xc8, 0x6e, 0xb9, 0x36, 0xa0, 0x1f, + 0x8b, 0x11, 0x75, 0x94, 0xbe, 0x4b, 0xa5, 0x2a, + 0x92, 0x18, 0x7c, 0x0f, 0x6b, 0xaf, 0xc0, 0x58, + 0xa8, 0x34, 0x94, 0x1d, 0x7d, 0x12, 0x6d, 0x82, + 0xc0, 0x52, 0xb0, 0x25, 0x94, 0x14, 0x7f, 0x0c, + 0x68, 0x84, 0xbf, 0x3e, 0xa4, 0x22, 0x8e, 0x10, + 0x76, 0x0b, 0x65, 0x88, 0xb6, 0x42, 0x9b, 0x26, + 0x87, 0x14, 0x70, 0x0c, 0x5f, 0xc5, 0xc2, 0x3e, + 0x97, 0x23, 0x83, 0x13, 0x6c, 0x0c, 0x5c, 0xb1, + 0xc9, 0x76, 0xbc, 0x4a, 0xaa, 0x20, 0x8d, 0x12, + 0x78, 0x93, 0xbf, 0x46, 0xa3, 0x26, 0x8d, 0x14, + 0x74, 0x0c, 0x62, 0xc8, 0xc4, 0x3b, 0x97, 0x21, + 0x82, 0x11, 0x6a, 0x0a, 0x59, 0xa3, 0xb9, 0x68, + 0xa9, 0x30, 0x8d, 0x1a, 0x78, 0x0f, 0x61, 0xa0, + 0xc9, 0x73, 0xbe, 0x50, 0xb1, 0x30, 0x9f, 0x14, + 0x80, 0x83, 0xb7, 0x3c, 0x9a, 0x20, 0x84, 0x0e, + 0x6a, 0x0a, 0x57, 0xac, 0xc2, 0x68, 0xb0, 0x2e, + 0x92, 0x19, 0x7c, 0x0d, 0x63, 0x93, 0xbe, 0x62, + 0xb0, 0x3c, 0x9e, 0x1a, 0x80, 0x0e, 0x6b, 0xbb, + 0x02, 0xa0, 0x02, 0xa0, 0x02, 0x6f, 0x00, 0x75, + 0x00, 0x75, 0x00, 0x00, 0x00, 0xad, 0x02, 0xb3, + 0x02, 0x6f, 0x00, 0x87, 0x00, 0x85, 0xfe, 0x03, + 0x00, 0xc2, 0x02, 0x82, 0x4d, 0x92, 0x6e, 0x4d, + 0xb1, 0xa8, 0x84, 0x01, 0x00, 0x07, 0x7e, 0x00, + 0xa8, 0x02, 0xa4, 0x02, 0xa4, 0x02, 0xa2, 0x00, + 0xa6, 0x00, 0xa6, 0x00, 0x00, 0x00, 0xb4, 0x02, + 0xb4, 0x02, 0x92, 0x00, 0x96, 0x00, 0x96, 0x46, + 0x04, 0xb0, 0x02, 0x64, 0x02, 0x0a, 0x8c, 0x00, + 0x90, 0x02, 0x98, 0x02, 0x98, 0x02, 0x0e, 0x01, + 0x11, 0x01, 0x11, 0x50, 0xc3, 0x08, 0x88, 0x02, + 0x88, 0x02, 0x19, 0x01, 0x02, 0x01, 0x02, 0x01, + 0xf3, 0x2d, 0x00, 0x00 +}; + +/* Array of known hw_options bits with human-friendly parsing */ +static struct hc_hwopt { + const u32 bit; + const char *str; +} const hc_hwopts[] = { + { + .bit = RB_HW_OPT_NO_UART, + .str = "no UART\t\t", + }, { + .bit = RB_HW_OPT_HAS_VOLTAGE, + .str = "has Vreg\t", + }, { + .bit = RB_HW_OPT_HAS_USB, + .str = "has usb\t\t", + }, { + .bit = RB_HW_OPT_HAS_ATTINY, + .str = "has ATtiny\t", + }, { + .bit = RB_HW_OPT_NO_NAND, + .str = "no NAND\t\t", + }, { + .bit = RB_HW_OPT_HAS_LCD, + .str = "has LCD\t\t", + }, { + .bit = RB_HW_OPT_HAS_POE_OUT, + .str = "has POE out\t", + }, { + .bit = RB_HW_OPT_HAS_uSD, + .str = "has MicroSD\t", + }, { + .bit = RB_HW_OPT_HAS_SIM, + .str = "has SIM\t\t", + }, { + .bit = RB_HW_OPT_HAS_SFP, + .str = "has SFP\t\t", + }, { + .bit = RB_HW_OPT_HAS_WIFI, + .str = "has WiFi\t", + }, { + .bit = RB_HW_OPT_HAS_TS_FOR_ADC, + .str = "has TS ADC\t", + }, { + .bit = RB_HW_OPT_HAS_PLC, + .str = "has PLC\t\t", + }, +}; + +static ssize_t hc_tag_show_string(const u8 *pld, u16 pld_len, char *buf) +{ + return snprintf(buf, pld_len+1, "%s\n", pld); +} + +static ssize_t hc_tag_show_u32(const u8 *pld, u16 pld_len, char *buf) +{ + char *out = buf; + u32 data; // cpu-endian + + /* Caller ensures pld_len > 0 */ + if (pld_len % sizeof(data)) + return -EINVAL; + + data = *(u32 *)pld; + + do { + out += sprintf(out, "0x%08x\n", data); + data++; + } while ((pld_len -= sizeof(data))); + + return out - buf; +} + +/* + * The MAC is stored network-endian on all devices, in 2 32-bit segments: + * . Kernel print has us covered. + */ +static ssize_t hc_tag_show_mac(const u8 *pld, u16 pld_len, char *buf) +{ + if (8 != pld_len) + return -EINVAL; + + return sprintf(buf, "%pM\n", pld); +} + +/* + * Print HW options in a human readable way: + * The raw number and in decoded form + */ +static ssize_t hc_tag_show_hwoptions(const u8 *pld, u16 pld_len, char *buf) +{ + char *out = buf; + u32 data; // cpu-endian + int i; + + if (sizeof(data) != pld_len) + return -EINVAL; + + data = *(u32 *)pld; + out += sprintf(out, "raw\t\t: 0x%08x\n\n", data); + + for (i = 0; i < ARRAY_SIZE(hc_hwopts); i++) + out += sprintf(out, "%s: %s\n", hc_hwopts[i].str, + (data & hc_hwopts[i].bit) ? "true" : "false"); + + return out - buf; +} + +static ssize_t hc_wlan_data_bin_read(struct file *filp, struct kobject *kobj, + struct bin_attribute *attr, char *buf, + loff_t off, size_t count); + +static struct hc_wlan_attr { + struct bin_attribute battr; + u16 pld_ofs; + u16 pld_len; +} hc_wlandata_battr = { + .battr = __BIN_ATTR(wlan_data, S_IRUSR, hc_wlan_data_bin_read, NULL, 0), +}; + +static ssize_t hc_attr_show(struct kobject *kobj, struct kobj_attribute *attr, + char *buf); + +/* Array of known tags to publish in sysfs */ +static struct hc_attr { + const u16 tag_id; + ssize_t (* const tshow)(const u8 *pld, u16 pld_len, char *buf); + struct kobj_attribute kattr; + u16 pld_ofs; + u16 pld_len; +} hc_attrs[] = { + { + .tag_id = RB_ID_FLASH_INFO, + .tshow = hc_tag_show_u32, + .kattr = __ATTR(flash_info, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_MAC_ADDRESS_PACK, + .tshow = hc_tag_show_mac, + .kattr = __ATTR(mac_base, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_BOARD_PRODUCT_CODE, + .tshow = hc_tag_show_string, + .kattr = __ATTR(board_product_code, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_BIOS_VERSION, + .tshow = hc_tag_show_string, + .kattr = __ATTR(booter_version, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_SERIAL_NUMBER, + .tshow = hc_tag_show_string, + .kattr = __ATTR(board_serial, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_MEMORY_SIZE, + .tshow = hc_tag_show_u32, + .kattr = __ATTR(mem_size, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_MAC_ADDRESS_COUNT, + .tshow = hc_tag_show_u32, + .kattr = __ATTR(mac_count, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_HW_OPTIONS, + .tshow = hc_tag_show_hwoptions, + .kattr = __ATTR(hw_options, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_WLAN_DATA, + .tshow = NULL, + }, { + .tag_id = RB_ID_BOARD_IDENTIFIER, + .tshow = hc_tag_show_string, + .kattr = __ATTR(board_identifier, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_PRODUCT_NAME, + .tshow = hc_tag_show_string, + .kattr = __ATTR(product_name, S_IRUSR, hc_attr_show, NULL), + }, { + .tag_id = RB_ID_DEFCONF, + .tshow = hc_tag_show_string, + .kattr = __ATTR(defconf, S_IRUSR, hc_attr_show, NULL), + } +}; + +/* + * If the RB_ID_WLAN_DATA payload starts with RB_MAGIC_ERD, then past + * that magic number the payload itself contains a routerboot tag node + * locating the LZO-compressed calibration data at id 0x1. + */ +static int hc_wlan_data_unpack_erd(const u8 *inbuf, size_t inlen, + void *outbuf, size_t *outlen) +{ + u16 lzo_ofs, lzo_len; + int ret; + + /* Find embedded tag */ + ret = routerboot_tag_find(inbuf, inlen, 0x1, // always id 1 + &lzo_ofs, &lzo_len); + if (ret) { + pr_debug(RB_HC_PR_PFX "ERD data not found\n"); + goto fail; + } + + if (lzo_len > inlen) { + pr_debug(RB_HC_PR_PFX "Invalid ERD data length\n"); + ret = -EINVAL; + goto fail; + } + + ret = lzo1x_decompress_safe(inbuf+lzo_ofs, lzo_len, outbuf, outlen); + if (ret) + pr_debug(RB_HC_PR_PFX "LZO decompression error (%d)\n", ret); + +fail: + return ret; +} + +/* + * If the RB_ID_WLAN_DATA payload starts with RB_MAGIC_LZOR, then past + * that magic number is a payload that must be appended to the hc_lzor_prefix, + * the resulting blob is LZO-compressed. In the LZO decompression result, + * the RB_MAGIC_ERD magic number (aligned) must be located. Following that + * magic, there is a routerboot tag node (id 0x1) locating the RLE-encoded + * calibration data payload. + */ +static int hc_wlan_data_unpack_lzor(const u8 *inbuf, size_t inlen, + void *outbuf, size_t *outlen) +{ + u16 rle_ofs, rle_len; + const u32 *needle; + u8 *tempbuf; + size_t templen, lzo_len; + int ret; + + lzo_len = inlen + sizeof(hc_lzor_prefix); + if (lzo_len > *outlen) + return -EFBIG; + + /* Temporary buffer same size as the outbuf */ + templen = *outlen; + tempbuf = kmalloc(templen, GFP_KERNEL); + if (!outbuf) + return -ENOMEM; + + /* Concatenate into the outbuf */ + memcpy(outbuf, hc_lzor_prefix, sizeof(hc_lzor_prefix)); + memcpy(outbuf + sizeof(hc_lzor_prefix), inbuf, inlen); + + /* LZO-decompress lzo_len bytes of outbuf into the tempbuf */ + ret = lzo1x_decompress_safe(outbuf, lzo_len, tempbuf, &templen); + if (ret) { + if (LZO_E_INPUT_NOT_CONSUMED == ret) { + /* + * It is assumed that because the LZO payload is embedded + * in a "root" RB_ID_WLAN_DATA tag, the tag length is aligned + * and the payload is padded at the end, which triggers a + * spurious error which we ignore here. + */ + pr_debug(RB_HC_PR_PFX "LZOR: LZO EOF before buffer end - this may be harmless\n"); + } else { + pr_debug(RB_HC_PR_PFX "LZOR: LZO decompression error (%d)\n", ret); + goto fail; + } + } + + /* + * Post decompression we have a blob (possibly byproduct of the lzo + * dictionary). We need to find RB_MAGIC_ERD. The magic number seems to + * be 32bit-aligned in the decompression output. + */ + needle = (const u32 *)tempbuf; + while (RB_MAGIC_ERD != *needle++) { + if ((u8 *)needle >= tempbuf+templen) { + pr_debug(RB_HC_PR_PFX "LZOR: ERD magic not found\n"); + goto fail; + } + }; + templen -= (u8 *)needle - tempbuf; + + /* Past magic. Look for tag node */ + ret = routerboot_tag_find((u8 *)needle, templen, 0x1, &rle_ofs, &rle_len); + if (ret) { + pr_debug(RB_HC_PR_PFX "LZOR: RLE data not found\n"); + goto fail; + } + + if (rle_len > templen) { + pr_debug(RB_HC_PR_PFX "LZOR: Invalid RLE data length\n"); + ret = -EINVAL; + goto fail; + } + + /* RLE-decode tempbuf from needle back into the outbuf */ + ret = routerboot_rle_decode((u8 *)needle+rle_ofs, rle_len, outbuf, outlen); + if (ret) + pr_debug(RB_HC_PR_PFX "LZOR: RLE decoding error (%d)\n", ret); + +fail: + kfree(tempbuf); + return ret; +} + +static int hc_wlan_data_unpack(const size_t tofs, size_t tlen, + void *outbuf, size_t *outlen) +{ + const u8 *lbuf; + u32 magic; + int ret; + + /* Caller ensure tlen > 0. tofs is aligned */ + if ((tofs + tlen) > hc_buflen) + return -EIO; + + lbuf = hc_buf + tofs; + magic = *(u32 *)lbuf; + + ret = -ENODATA; + switch (magic) { + case RB_MAGIC_LZOR: + /* Skip magic */ + lbuf += sizeof(magic); + tlen -= sizeof(magic); + ret = hc_wlan_data_unpack_lzor(lbuf, tlen, outbuf, outlen); + break; + case RB_MAGIC_ERD: + /* Skip magic */ + lbuf += sizeof(magic); + tlen -= sizeof(magic); + ret = hc_wlan_data_unpack_erd(lbuf, tlen, outbuf, outlen); + break; + default: + /* + * If the RB_ID_WLAN_DATA payload doesn't start with a + * magic number, the payload itself is the raw RLE-encoded + * calibration data. + */ + ret = routerboot_rle_decode(lbuf, tlen, outbuf, outlen); + if (ret) + pr_debug(RB_HC_PR_PFX "RLE decoding error (%d)\n", ret); + break; + } + + return ret; +} + +static ssize_t hc_attr_show(struct kobject *kobj, struct kobj_attribute *attr, + char *buf) +{ + struct hc_attr *hc_attr; + const u8 *pld; + u16 pld_len; + + hc_attr = container_of(attr, typeof(*hc_attr), kattr); + + if (!hc_attr->pld_len) + return -ENOENT; + + pld = hc_buf + hc_attr->pld_ofs; + pld_len = hc_attr->pld_len; + + return hc_attr->tshow(pld, pld_len, buf); +} + +/* + * This function will allocate and free memory every time it is called. This + * is not the fastest way to do this, but since the data is rarely read (mainly + * at boot time to load wlan caldata), this makes it possible to save memory for + * the system. + */ +static ssize_t hc_wlan_data_bin_read(struct file *filp, struct kobject *kobj, + struct bin_attribute *attr, char *buf, + loff_t off, size_t count) +{ + struct hc_wlan_attr *hc_wattr; + size_t outlen; + void *outbuf; + int ret; + + hc_wattr = container_of(attr, typeof(*hc_wattr), battr); + + if (!hc_wattr->pld_len) + return -ENOENT; + + outlen = RB_ART_SIZE; + + /* Don't bother unpacking if the source is already too large */ + if (hc_wattr->pld_len > outlen) + return -EFBIG; + + outbuf = kmalloc(outlen, GFP_KERNEL); + if (!outbuf) + return -ENOMEM; + + ret = hc_wlan_data_unpack(hc_wattr->pld_ofs, hc_wattr->pld_len, outbuf, &outlen); + if (ret) { + kfree(outbuf); + return ret; + } + + if (off >= outlen) { + kfree(outbuf); + return 0; + } + + if (off + count > outlen) + count = outlen - off; + + memcpy(buf, outbuf + off, count); + + kfree(outbuf); + return count; +} + +int __init rb_hardconfig_init(struct kobject *rb_kobj) +{ + struct mtd_info *mtd; + size_t bytes_read, buflen; + const u8 *buf; + int i, ret; + u32 magic; + + // TODO allow override + mtd = get_mtd_device_nm(RB_MTD_HARD_CONFIG); + if (IS_ERR(mtd)) + return -ENODEV; + + hc_buflen = mtd->size; + hc_buf = kmalloc(hc_buflen, GFP_KERNEL); + if (!hc_buf) + return -ENOMEM; + + ret = mtd_read(mtd, 0, hc_buflen, &bytes_read, hc_buf); + + if (bytes_read != hc_buflen) { + ret = -EIO; + goto fail; + } + + /* Check we have what we expect */ + magic = *(const u32 *)hc_buf; + if (RB_MAGIC_HARD != magic) { + ret = -EINVAL; + goto fail; + } + + /* Skip magic */ + buf = hc_buf + sizeof(magic); + buflen = hc_buflen - sizeof(magic); + + /* Populate sysfs */ + ret = -ENOMEM; + hc_kobj = kobject_create_and_add(RB_MTD_HARD_CONFIG, rb_kobj); + if (!hc_kobj) + goto fail; + + /* Locate and publish all known tags */ + for (i = 0; i < ARRAY_SIZE(hc_attrs); i++) { + ret = routerboot_tag_find(buf, buflen, hc_attrs[i].tag_id, + &hc_attrs[i].pld_ofs, &hc_attrs[i].pld_len); + if (ret) { + hc_attrs[i].pld_ofs = hc_attrs[i].pld_len = 0; + continue; + } + + /* Account for skipped magic */ + hc_attrs[i].pld_ofs += sizeof(magic); + + /* Special case RB_ID_WLAN_DATA to prep and create the binary attribute */ + if ((RB_ID_WLAN_DATA == hc_attrs[i].tag_id) && hc_attrs[i].pld_len) { + hc_wlandata_battr.pld_ofs = hc_attrs[i].pld_ofs; + hc_wlandata_battr.pld_len = hc_attrs[i].pld_len; + + ret = sysfs_create_bin_file(hc_kobj, &hc_wlandata_battr.battr); + if (ret) + pr_err(RB_HC_PR_PFX "Could not create %s sysfs entry (%d)\n", + hc_wlandata_battr.battr.attr.name, ret); + } + /* All other tags are published via standard attributes */ + else { + ret = sysfs_create_file(hc_kobj, &hc_attrs[i].kattr.attr); + if (ret) + pr_err(RB_HC_PR_PFX "Could not create %s sysfs entry (%d)\n", + hc_attrs[i].kattr.attr.name, ret); + } + } + + pr_info("MikroTik RouterBOARD hardware configuration sysfs driver v" RB_HARDCONFIG_VER "\n"); + + return 0; + +fail: + kfree(hc_buf); + return ret; +} + +void __exit rb_hardconfig_exit(void) +{ + kobject_put(hc_kobj); + kfree(hc_buf); +} diff --git a/target/linux/generic/files/drivers/platform/mikrotik/routerboot.c b/target/linux/generic/files/drivers/platform/mikrotik/routerboot.c new file mode 100644 index 00000000..172db025 --- /dev/null +++ b/target/linux/generic/files/drivers/platform/mikrotik/routerboot.c @@ -0,0 +1,183 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Driver for MikroTik RouterBoot flash data. Common routines. + * + * Copyright (C) 2020 Thibaut VARÈNE + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 as published + * by the Free Software Foundation. + */ + +#include +#include +#include +#include + +#include "routerboot.h" + +static struct kobject *rb_kobj; + +/** + * routerboot_tag_find() - Locate a given tag in routerboot config data. + * @bufhead: the buffer to look into. Must start with a tag node. + * @buflen: size of bufhead + * @tag_id: the tag identifier to look for + * @pld_ofs: will be updated with tag payload offset in bufhead, if tag found + * @pld_len: will be updated with tag payload size, if tag found + * + * This incarnation of tag_find() does only that: it finds a specific routerboot + * tag node in the input buffer. Routerboot tag nodes are u32 values: + * - The low nibble is the tag identification number, + * - The high nibble is the tag payload length (node excluded) in bytes. + * The payload immediately follows the tag node. Tag nodes are 32bit-aligned. + * The returned pld_ofs will always be aligned. pld_len may not end on 32bit + * boundary (the only known case is when parsing ERD data). + * The nodes are cpu-endian on the flash media. The payload is cpu-endian when + * applicable. Tag nodes are not ordered (by ID) on flash. + * + * Return: 0 on success (tag found) or errno + */ +int routerboot_tag_find(const u8 *bufhead, const size_t buflen, const u16 tag_id, + u16 *pld_ofs, u16 *pld_len) +{ + const u32 *datum, *bufend; + u32 node; + u16 id, len; + int ret; + + if (!bufhead || !tag_id) + return -EINVAL; + + ret = -ENOENT; + datum = (const u32 *)bufhead; + bufend = (const u32 *)(bufhead + buflen); + + while (datum < bufend) { + node = *datum++; + + /* Tag list ends with null node */ + if (!node) + break; + + id = node & 0xFFFF; + len = node >> 16; + + if (tag_id == id) { + if (datum >= bufend) + break; + + if (pld_ofs) + *pld_ofs = (u16)((u8 *)datum - bufhead); + if (pld_len) + *pld_len = len; + + ret = 0; + break; + } + + /* + * The only known situation where len may not end on 32bit + * boundary is within ERD data. Since we're only extracting + * one tag (the first and only one) from that data, we should + * never need to forcefully ALIGN(). Do it anyway, this is not a + * performance path. + */ + len = ALIGN(len, sizeof(*datum)); + datum += len / sizeof(*datum); + } + + return ret; +} + +/** + * routerboot_rle_decode() - Simple RLE (MikroTik variant) decoding routine. + * @in: input buffer to decode + * @inlen: size of in + * @out: output buffer to write decoded data to + * @outlen: pointer to out size when function is called, will be updated with + * size of decoded output on return + * + * MikroTik's variant of RLE operates as follows, considering a signed run byte: + * - positive run => classic RLE + * - negative run => the next - bytes must be copied verbatim + * The API is matched to the lzo1x routines for convenience. + * + * NB: The output buffer cannot overlap with the input buffer. + * + * Return: 0 on success or errno + */ +int routerboot_rle_decode(const u8 *in, size_t inlen, u8 *out, size_t *outlen) +{ + int ret, run, nbytes; // use native types for speed + u8 byte; + + if (!in || (inlen < 2) || !out) + return -EINVAL; + + ret = -ENOSPC; + nbytes = 0; + while (inlen >= 2) { + run = *in++; + inlen--; + + /* Verbatim copies */ + if (run & 0x80) { + /* Invert run byte sign */ + run = ~run & 0xFF; + run++; + + if (run > inlen) + goto fail; + + inlen -= run; + + nbytes += run; + if (nbytes > *outlen) + goto fail; + + /* Basic memcpy */ + while (run-- > 0) + *out++ = *in++; + } + /* Stream of half-words RLE: . run == 0 is ignored */ + else { + byte = *in++; + inlen--; + + nbytes += run; + if (nbytes > *outlen) + goto fail; + + while (run-- > 0) + *out++ = byte; + } + } + + ret = 0; +fail: + *outlen = nbytes; + return ret; +} + +static int __init routerboot_init(void) +{ + rb_kobj = kobject_create_and_add("mikrotik", firmware_kobj); + if (!rb_kobj) + return -ENOMEM; + + return rb_hardconfig_init(rb_kobj); +} + +static void __exit routerboot_exit(void) +{ + rb_hardconfig_exit(); + kobject_put(rb_kobj); // recursive afaict +} + +module_init(routerboot_init); +module_exit(routerboot_exit); + +MODULE_LICENSE("GPL v2"); +MODULE_DESCRIPTION("MikroTik RouterBoot sysfs support"); +MODULE_AUTHOR("Thibaut VARENE"); diff --git a/target/linux/generic/files/drivers/platform/mikrotik/routerboot.h b/target/linux/generic/files/drivers/platform/mikrotik/routerboot.h new file mode 100644 index 00000000..d2ca41fb --- /dev/null +++ b/target/linux/generic/files/drivers/platform/mikrotik/routerboot.h @@ -0,0 +1,31 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Common definitions for MikroTik RouterBoot data. + * + * Copyright (C) 2020 Thibaut VARÈNE + */ + + +#ifndef _ROUTERBOOT_H_ +#define _ROUTERBOOT_H_ + +#include + +// these magic values are stored in cpu-endianness on flash +#define RB_MAGIC_HARD (('H') | ('a' << 8) | ('r' << 16) | ('d' << 24)) +#define RB_MAGIC_SOFT (('S') | ('o' << 8) | ('f' << 16) | ('t' << 24)) +#define RB_MAGIC_LZOR (('L') | ('Z' << 8) | ('O' << 16) | ('R' << 24)) +#define RB_MAGIC_ERD (('E' << 16) | ('R' << 8) | ('D')) + +#define RB_ART_SIZE 0x10000 + +#define RB_MTD_HARD_CONFIG "hard_config" +#define RB_MTD_SOFT_CONFIG "soft_config" + +int routerboot_tag_find(const u8 *bufhead, const size_t buflen, const u16 tag_id, u16 *pld_ofs, u16 *pld_len); +int routerboot_rle_decode(const u8 *in, size_t inlen, u8 *out, size_t *outlen); + +int __init rb_hardconfig_init(struct kobject *rb_kobj); +void __exit rb_hardconfig_exit(void); + +#endif /* _ROUTERBOOT_H_ */ diff --git a/target/linux/generic/hack-4.14/702-phy_add_aneg_done_function.patch b/target/linux/generic/hack-4.14/702-phy_add_aneg_done_function.patch index cc84311e..5885c8fa 100644 --- a/target/linux/generic/hack-4.14/702-phy_add_aneg_done_function.patch +++ b/target/linux/generic/hack-4.14/702-phy_add_aneg_done_function.patch @@ -1,6 +1,6 @@ --- a/include/linux/phy.h +++ b/include/linux/phy.h -@@ -547,6 +547,12 @@ struct phy_driver { +@@ -549,6 +549,12 @@ struct phy_driver { /* Determines the negotiated speed and duplex */ int (*read_status)(struct phy_device *phydev); @@ -15,7 +15,7 @@ --- a/drivers/net/phy/phy_device.c +++ b/drivers/net/phy/phy_device.c -@@ -1462,6 +1462,9 @@ int genphy_update_link(struct phy_device +@@ -1466,6 +1466,9 @@ int genphy_update_link(struct phy_device { int status; diff --git a/target/linux/generic/hack-4.14/901-debloat_sock_diag.patch b/target/linux/generic/hack-4.14/901-debloat_sock_diag.patch index 5945aee5..a4ca5735 100644 --- a/target/linux/generic/hack-4.14/901-debloat_sock_diag.patch +++ b/target/linux/generic/hack-4.14/901-debloat_sock_diag.patch @@ -96,7 +96,7 @@ Signed-off-by: Felix Fietkau u64 res; --- a/net/ipv4/Kconfig +++ b/net/ipv4/Kconfig -@@ -420,6 +420,7 @@ config INET_XFRM_MODE_BEET +@@ -421,6 +421,7 @@ config INET_XFRM_MODE_BEET config INET_DIAG tristate "INET: socket monitoring interface" diff --git a/target/linux/generic/hack-4.14/902-debloat_proc.patch b/target/linux/generic/hack-4.14/902-debloat_proc.patch index c5f6397b..54c6b4d2 100644 --- a/target/linux/generic/hack-4.14/902-debloat_proc.patch +++ b/target/linux/generic/hack-4.14/902-debloat_proc.patch @@ -189,7 +189,7 @@ Signed-off-by: Felix Fietkau } --- a/kernel/irq/proc.c +++ b/kernel/irq/proc.c -@@ -396,6 +396,9 @@ void register_irq_proc(unsigned int irq, +@@ -418,6 +418,9 @@ void register_irq_proc(unsigned int irq, void __maybe_unused *irqp = (void *)(unsigned long) irq; char name [MAX_NAMELEN]; @@ -199,7 +199,7 @@ Signed-off-by: Felix Fietkau if (!root_irq_dir || (desc->irq_data.chip == &no_irq_chip)) return; -@@ -449,6 +452,9 @@ void unregister_irq_proc(unsigned int ir +@@ -471,6 +474,9 @@ void unregister_irq_proc(unsigned int ir { char name [MAX_NAMELEN]; @@ -209,7 +209,7 @@ Signed-off-by: Felix Fietkau if (!root_irq_dir || !desc->dir) return; #ifdef CONFIG_SMP -@@ -487,6 +493,9 @@ void init_irq_proc(void) +@@ -509,6 +515,9 @@ void init_irq_proc(void) unsigned int irq; struct irq_desc *desc; @@ -232,7 +232,7 @@ Signed-off-by: Felix Fietkau return -ENOMEM; --- a/mm/vmalloc.c +++ b/mm/vmalloc.c -@@ -2783,6 +2783,8 @@ static const struct file_operations proc +@@ -2798,6 +2798,8 @@ static const struct file_operations proc static int __init proc_vmalloc_init(void) { @@ -327,7 +327,7 @@ Signed-off-by: Felix Fietkau --- a/net/core/sock.c +++ b/net/core/sock.c -@@ -3384,6 +3384,8 @@ static __net_initdata struct pernet_oper +@@ -3387,6 +3387,8 @@ static __net_initdata struct pernet_oper static int __init proto_init(void) { @@ -338,7 +338,7 @@ Signed-off-by: Felix Fietkau --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c -@@ -2740,10 +2740,12 @@ static const struct file_operations fib_ +@@ -2743,10 +2743,12 @@ static const struct file_operations fib_ int __net_init fib_proc_init(struct net *net) { @@ -353,7 +353,7 @@ Signed-off-by: Felix Fietkau &fib_triestat_fops)) goto out2; -@@ -2753,17 +2755,21 @@ int __net_init fib_proc_init(struct net +@@ -2756,17 +2758,21 @@ int __net_init fib_proc_init(struct net return 0; out3: @@ -393,7 +393,7 @@ Signed-off-by: Felix Fietkau --- a/net/ipv4/route.c +++ b/net/ipv4/route.c -@@ -428,6 +428,9 @@ static struct pernet_operations ip_rt_pr +@@ -426,6 +426,9 @@ static struct pernet_operations ip_rt_pr static int __init ip_rt_proc_init(void) { diff --git a/target/linux/generic/pending-4.14/270-platform-mikrotik-build-bits.patch b/target/linux/generic/pending-4.14/270-platform-mikrotik-build-bits.patch new file mode 100644 index 00000000..5f1009bf --- /dev/null +++ b/target/linux/generic/pending-4.14/270-platform-mikrotik-build-bits.patch @@ -0,0 +1,38 @@ +From c2deb5ef01a0ef09088832744cbace9e239a6ee0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Thibaut=20VAR=C3=88NE?= +Date: Tue, 24 Mar 2020 22:11:50 +0100 +Subject: [PATCH] generic: platform/mikrotik build bits (4.14) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch adds platform/mikrotik kernel build bits + +Signed-off-by: Thibaut VARÈNE +--- + drivers/platform/Kconfig | 2 ++ + drivers/platform/Makefile | 1 + + 2 files changed, 3 insertions(+) + +diff --git a/drivers/platform/Kconfig b/drivers/platform/Kconfig +index c11db8b..0283f0b 100644 +--- a/drivers/platform/Kconfig ++++ b/drivers/platform/Kconfig +@@ -8,3 +8,5 @@ endif + source "drivers/platform/goldfish/Kconfig" + + source "drivers/platform/chrome/Kconfig" ++ ++source "drivers/platform/mikrotik/Kconfig" +diff --git a/drivers/platform/Makefile b/drivers/platform/Makefile +index d3a6630..ad290c3 100644 +--- a/drivers/platform/Makefile ++++ b/drivers/platform/Makefile +@@ -8,3 +8,4 @@ obj-$(CONFIG_MIPS) += mips/ + obj-$(CONFIG_OLPC) += olpc/ + obj-$(CONFIG_GOLDFISH) += goldfish/ + obj-$(CONFIG_CHROME_PLATFORMS) += chrome/ ++obj-$(CONFIG_MIKROTIK) += mikrotik/ +-- +2.11.0 + diff --git a/target/linux/generic/pending-4.14/630-packet_socket_type.patch b/target/linux/generic/pending-4.14/630-packet_socket_type.patch index a4737b23..c4bd5fda 100644 --- a/target/linux/generic/pending-4.14/630-packet_socket_type.patch +++ b/target/linux/generic/pending-4.14/630-packet_socket_type.patch @@ -71,7 +71,7 @@ Signed-off-by: Felix Fietkau if (!net_eq(dev_net(dev), sock_net(sk))) goto drop; -@@ -2213,12 +2215,12 @@ static int tpacket_rcv(struct sk_buff *s +@@ -2214,12 +2216,12 @@ static int tpacket_rcv(struct sk_buff *s BUILD_BUG_ON(TPACKET_ALIGN(sizeof(*h.h2)) != 32); BUILD_BUG_ON(TPACKET_ALIGN(sizeof(*h.h3)) != 48); @@ -87,7 +87,7 @@ Signed-off-by: Felix Fietkau if (!net_eq(dev_net(dev), sock_net(sk))) goto drop; -@@ -3301,6 +3303,7 @@ static int packet_create(struct net *net +@@ -3313,6 +3315,7 @@ static int packet_create(struct net *net mutex_init(&po->pg_vec_lock); po->rollover = NULL; po->prot_hook.func = packet_rcv; @@ -95,7 +95,7 @@ Signed-off-by: Felix Fietkau if (sock->type == SOCK_PACKET) po->prot_hook.func = packet_rcv_spkt; -@@ -3923,6 +3926,16 @@ packet_setsockopt(struct socket *sock, i +@@ -3935,6 +3938,16 @@ packet_setsockopt(struct socket *sock, i po->xmit = val ? packet_direct_xmit : dev_queue_xmit; return 0; } @@ -112,7 +112,7 @@ Signed-off-by: Felix Fietkau default: return -ENOPROTOOPT; } -@@ -3975,6 +3988,13 @@ static int packet_getsockopt(struct sock +@@ -3987,6 +4000,13 @@ static int packet_getsockopt(struct sock case PACKET_VNET_HDR: val = po->has_vnet_hdr; break; @@ -128,7 +128,7 @@ Signed-off-by: Felix Fietkau break; --- a/net/packet/internal.h +++ b/net/packet/internal.h -@@ -132,6 +132,7 @@ struct packet_sock { +@@ -135,6 +135,7 @@ struct packet_sock { struct net_device __rcu *cached_dev; int (*xmit)(struct sk_buff *skb); struct packet_type prot_hook ____cacheline_aligned_in_smp; diff --git a/target/linux/generic/pending-4.14/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch b/target/linux/generic/pending-4.14/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch index e6b0940a..57ba68f4 100644 --- a/target/linux/generic/pending-4.14/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch +++ b/target/linux/generic/pending-4.14/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch @@ -66,7 +66,7 @@ Signed-off-by: Jonas Gorski static void rt_fibinfo_free(struct rtable __rcu **rtp) --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c -@@ -2469,6 +2469,7 @@ static const char *const rtn_type_names[ +@@ -2472,6 +2472,7 @@ static const char *const rtn_type_names[ [RTN_THROW] = "THROW", [RTN_NAT] = "NAT", [RTN_XRESOLVE] = "XRESOLVE", @@ -181,7 +181,7 @@ Signed-off-by: Jonas Gorski cfg->fc_flags |= RTF_REJECT; if (rtm->rtm_type == RTN_LOCAL) -@@ -3514,6 +3548,9 @@ static int rt6_fill_node(struct net *net +@@ -3515,6 +3549,9 @@ static int rt6_fill_node(struct net *net case -EACCES: rtm->rtm_type = RTN_PROHIBIT; break; @@ -191,7 +191,7 @@ Signed-off-by: Jonas Gorski case -EAGAIN: rtm->rtm_type = RTN_THROW; break; -@@ -3832,6 +3869,8 @@ static int ip6_route_dev_notify(struct n +@@ -3833,6 +3870,8 @@ static int ip6_route_dev_notify(struct n #ifdef CONFIG_IPV6_MULTIPLE_TABLES net->ipv6.ip6_prohibit_entry->dst.dev = dev; net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev); @@ -200,7 +200,7 @@ Signed-off-by: Jonas Gorski net->ipv6.ip6_blk_hole_entry->dst.dev = dev; net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev); #endif -@@ -3843,6 +3882,7 @@ static int ip6_route_dev_notify(struct n +@@ -3844,6 +3883,7 @@ static int ip6_route_dev_notify(struct n in6_dev_put_clear(&net->ipv6.ip6_null_entry->rt6i_idev); #ifdef CONFIG_IPV6_MULTIPLE_TABLES in6_dev_put_clear(&net->ipv6.ip6_prohibit_entry->rt6i_idev); @@ -208,7 +208,7 @@ Signed-off-by: Jonas Gorski in6_dev_put_clear(&net->ipv6.ip6_blk_hole_entry->rt6i_idev); #endif } -@@ -4059,6 +4099,17 @@ static int __net_init ip6_route_net_init +@@ -4060,6 +4100,17 @@ static int __net_init ip6_route_net_init net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops; dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst, ip6_template_metrics, true); @@ -226,7 +226,7 @@ Signed-off-by: Jonas Gorski #endif net->ipv6.sysctl.flush_delay = 0; -@@ -4077,6 +4128,8 @@ out: +@@ -4078,6 +4129,8 @@ out: return ret; #ifdef CONFIG_IPV6_MULTIPLE_TABLES @@ -235,7 +235,7 @@ Signed-off-by: Jonas Gorski out_ip6_prohibit_entry: kfree(net->ipv6.ip6_prohibit_entry); out_ip6_null_entry: -@@ -4094,6 +4147,7 @@ static void __net_exit ip6_route_net_exi +@@ -4095,6 +4148,7 @@ static void __net_exit ip6_route_net_exi #ifdef CONFIG_IPV6_MULTIPLE_TABLES kfree(net->ipv6.ip6_prohibit_entry); kfree(net->ipv6.ip6_blk_hole_entry); @@ -243,7 +243,7 @@ Signed-off-by: Jonas Gorski #endif dst_entries_destroy(&net->ipv6.ip6_dst_ops); } -@@ -4167,6 +4221,9 @@ void __init ip6_route_init_special_entri +@@ -4168,6 +4222,9 @@ void __init ip6_route_init_special_entri init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev; init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); diff --git a/target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch b/target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch index 067de75f..286e98f5 100644 --- a/target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch +++ b/target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch @@ -32,7 +32,7 @@ Signed-off-by: Felix Fietkau __u16 tc_index; /* traffic control index */ --- a/net/core/dev.c +++ b/net/core/dev.c -@@ -4805,6 +4805,9 @@ static enum gro_result dev_gro_receive(s +@@ -4806,6 +4806,9 @@ static enum gro_result dev_gro_receive(s enum gro_result ret; int grow; @@ -42,7 +42,7 @@ Signed-off-by: Felix Fietkau if (netif_elide_gro(skb->dev)) goto normal; -@@ -6282,6 +6285,48 @@ static void __netdev_adjacent_dev_unlink +@@ -6283,6 +6286,48 @@ static void __netdev_adjacent_dev_unlink &upper_dev->adj_list.lower); } @@ -91,7 +91,7 @@ Signed-off-by: Felix Fietkau static int __netdev_upper_dev_link(struct net_device *dev, struct net_device *upper_dev, bool master, void *upper_priv, void *upper_info) -@@ -6320,6 +6365,7 @@ static int __netdev_upper_dev_link(struc +@@ -6321,6 +6366,7 @@ static int __netdev_upper_dev_link(struc if (ret) return ret; @@ -99,7 +99,7 @@ Signed-off-by: Felix Fietkau ret = call_netdevice_notifiers_info(NETDEV_CHANGEUPPER, dev, &changeupper_info.info); ret = notifier_to_errno(ret); -@@ -6397,6 +6443,7 @@ void netdev_upper_dev_unlink(struct net_ +@@ -6398,6 +6444,7 @@ void netdev_upper_dev_unlink(struct net_ __netdev_adjacent_dev_unlink_neighbour(dev, upper_dev); @@ -107,7 +107,7 @@ Signed-off-by: Felix Fietkau call_netdevice_notifiers_info(NETDEV_CHANGEUPPER, dev, &changeupper_info.info); } -@@ -6961,6 +7008,7 @@ int dev_set_mac_address(struct net_devic +@@ -6962,6 +7009,7 @@ int dev_set_mac_address(struct net_devic if (err) return err; dev->addr_assign_type = NET_ADDR_SET; diff --git a/target/linux/generic/pending-4.14/703-phy-add-detach-callback-to-struct-phy_driver.patch b/target/linux/generic/pending-4.14/703-phy-add-detach-callback-to-struct-phy_driver.patch index d49fdc77..03579657 100644 --- a/target/linux/generic/pending-4.14/703-phy-add-detach-callback-to-struct-phy_driver.patch +++ b/target/linux/generic/pending-4.14/703-phy-add-detach-callback-to-struct-phy_driver.patch @@ -11,7 +11,7 @@ Signed-off-by: Gabor Juhos --- a/drivers/net/phy/phy_device.c +++ b/drivers/net/phy/phy_device.c -@@ -1106,6 +1106,9 @@ void phy_detach(struct phy_device *phyde +@@ -1110,6 +1110,9 @@ void phy_detach(struct phy_device *phyde struct module *ndev_owner = dev->dev.parent->driver->owner; struct mii_bus *bus; @@ -23,7 +23,7 @@ Signed-off-by: Gabor Juhos sysfs_remove_link(&phydev->mdio.dev.kobj, "attached_dev"); --- a/include/linux/phy.h +++ b/include/linux/phy.h -@@ -559,6 +559,12 @@ struct phy_driver { +@@ -561,6 +561,12 @@ struct phy_driver { */ int (*did_interrupt)(struct phy_device *phydev); diff --git a/target/linux/ipq40xx/patches-4.14/074-ARM-qcom-Add-IPQ4019-SoC-support.patch b/target/linux/ipq40xx/patches-4.14/074-ARM-qcom-Add-IPQ4019-SoC-support.patch index b3a83957..95dc8b29 100644 --- a/target/linux/ipq40xx/patches-4.14/074-ARM-qcom-Add-IPQ4019-SoC-support.patch +++ b/target/linux/ipq40xx/patches-4.14/074-ARM-qcom-Add-IPQ4019-SoC-support.patch @@ -14,7 +14,7 @@ Signed-off-by: John Crispin --- a/arch/arm/Makefile +++ b/arch/arm/Makefile -@@ -150,6 +150,7 @@ endif +@@ -152,6 +152,7 @@ endif textofs-$(CONFIG_ARCH_MSM8X60) := 0x00208000 textofs-$(CONFIG_ARCH_MSM8960) := 0x00208000 textofs-$(CONFIG_ARCH_AXXIA) := 0x00308000 diff --git a/target/linux/ipq806x/patches-4.14/0055-cpufreq-dt-Add-L2-frequency-scaling-support.patch b/target/linux/ipq806x/patches-4.14/0055-cpufreq-dt-Add-L2-frequency-scaling-support.patch index f3e79b21..2bcd3553 100644 --- a/target/linux/ipq806x/patches-4.14/0055-cpufreq-dt-Add-L2-frequency-scaling-support.patch +++ b/target/linux/ipq806x/patches-4.14/0055-cpufreq-dt-Add-L2-frequency-scaling-support.patch @@ -55,7 +55,7 @@ Signed-off-by: Georgi Djakov mutex_unlock(&priv->lock); return ret; -@@ -197,6 +227,8 @@ static int cpufreq_init(struct cpufreq_p +@@ -197,6 +228,8 @@ static int cpufreq_init(struct cpufreq_p const char *name; int ret; struct srcu_notifier_head *opp_srcu_head; @@ -64,7 +64,7 @@ Signed-off-by: Georgi Djakov cpu_dev = get_cpu_device(policy->cpu); if (!cpu_dev) { -@@ -305,6 +337,13 @@ static int cpufreq_init(struct cpufreq_p +@@ -305,6 +338,13 @@ static int cpufreq_init(struct cpufreq_p policy->suspend_freq = dev_pm_opp_get_suspend_opp_freq(cpu_dev) / 1000; diff --git a/target/linux/ipq806x/patches-4.14/0056-cpufreq-dt-Add-missing-rcu-locks.patch b/target/linux/ipq806x/patches-4.14/0056-cpufreq-dt-Add-missing-rcu-locks.patch index d9d76e40..a5ae5629 100644 --- a/target/linux/ipq806x/patches-4.14/0056-cpufreq-dt-Add-missing-rcu-locks.patch +++ b/target/linux/ipq806x/patches-4.14/0056-cpufreq-dt-Add-missing-rcu-locks.patch @@ -10,7 +10,7 @@ Signed-off-by: Georgi Djakov --- a/drivers/cpufreq/cpufreq-dt.c +++ b/drivers/cpufreq/cpufreq-dt.c -@@ -144,8 +144,10 @@ static int opp_notifier(struct notifier_ +@@ -145,8 +145,10 @@ static int opp_notifier(struct notifier_ ret = PTR_ERR(cpu_reg); goto out; } diff --git a/target/linux/ipq806x/patches-4.14/0060-HACK-arch-arm-force-ZRELADDR-on-arch-qcom.patch b/target/linux/ipq806x/patches-4.14/0060-HACK-arch-arm-force-ZRELADDR-on-arch-qcom.patch index f810f6ac..581761f5 100644 --- a/target/linux/ipq806x/patches-4.14/0060-HACK-arch-arm-force-ZRELADDR-on-arch-qcom.patch +++ b/target/linux/ipq806x/patches-4.14/0060-HACK-arch-arm-force-ZRELADDR-on-arch-qcom.patch @@ -44,7 +44,7 @@ Signed-off-by: Mathieu Olivari select GENERIC_CLOCKEVENTS --- a/arch/arm/Makefile +++ b/arch/arm/Makefile -@@ -255,9 +255,11 @@ MACHINE := arch/arm/mach-$(word 1,$(mac +@@ -257,9 +257,11 @@ MACHINE := arch/arm/mach-$(word 1,$(mac else MACHINE := endif diff --git a/target/linux/ipq806x/patches-4.14/0067-generic-Mangle-bootloader-s-kernel-arguments.patch b/target/linux/ipq806x/patches-4.14/0067-generic-Mangle-bootloader-s-kernel-arguments.patch index 5d3243cc..f0cc3ed5 100644 --- a/target/linux/ipq806x/patches-4.14/0067-generic-Mangle-bootloader-s-kernel-arguments.patch +++ b/target/linux/ipq806x/patches-4.14/0067-generic-Mangle-bootloader-s-kernel-arguments.patch @@ -22,7 +22,7 @@ Signed-off-by: Adrian Panella --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig -@@ -1939,6 +1939,17 @@ config ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN +@@ -1934,6 +1934,17 @@ config ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN The command-line arguments provided by the boot loader will be appended to the the device tree bootargs property. diff --git a/target/linux/layerscape/image/armv8_64b.mk b/target/linux/layerscape/image/armv8_64b.mk index fa81cfd7..a8e96d0e 100644 --- a/target/linux/layerscape/image/armv8_64b.mk +++ b/target/linux/layerscape/image/armv8_64b.mk @@ -231,7 +231,7 @@ define Device/traverse-ls1043 DEVICE_PACKAGES += \ layerscape-fman-ls1043ardb \ uboot-envtools \ - kmod-i2c-core kmod-i2c-mux-pca954x \ + kmod-i2c-core kmod-i2c-mux kmod-i2c-mux-pca954x \ kmod-hwmon-core \ kmod-gpio-pca953x kmod-input-gpio-keys-polled \ kmod-rtc-isl1208 diff --git a/target/linux/layerscape/patches-4.14/202-core-linux-support-layerscape.patch b/target/linux/layerscape/patches-4.14/202-core-linux-support-layerscape.patch index 784b10dd..07fc71f0 100644 --- a/target/linux/layerscape/patches-4.14/202-core-linux-support-layerscape.patch +++ b/target/linux/layerscape/patches-4.14/202-core-linux-support-layerscape.patch @@ -442,7 +442,7 @@ Signed-off-by: Yangbo Lu --- a/drivers/soc/imx/gpc.c +++ b/drivers/soc/imx/gpc.c -@@ -209,7 +209,7 @@ static int imx_pgc_power_domain_probe(st +@@ -210,7 +210,7 @@ static int imx_pgc_power_domain_probe(st goto genpd_err; } @@ -713,7 +713,7 @@ Signed-off-by: Yangbo Lu } #ifdef CONFIG_NET_INGRESS -@@ -6341,7 +6342,15 @@ static int __netdev_upper_dev_link(struc +@@ -6342,7 +6343,15 @@ static int __netdev_upper_dev_link(struc struct net_device *upper_dev, bool master, void *upper_priv, void *upper_info) { @@ -730,7 +730,7 @@ Signed-off-by: Yangbo Lu int ret = 0; ASSERT_RTNL(); -@@ -6359,12 +6368,7 @@ static int __netdev_upper_dev_link(struc +@@ -6360,12 +6369,7 @@ static int __netdev_upper_dev_link(struc if (master && netdev_master_upper_dev_get(dev)) return -EBUSY; @@ -744,7 +744,7 @@ Signed-off-by: Yangbo Lu &changeupper_info.info); ret = notifier_to_errno(ret); if (ret) -@@ -6376,7 +6380,7 @@ static int __netdev_upper_dev_link(struc +@@ -6377,7 +6381,7 @@ static int __netdev_upper_dev_link(struc return ret; netdev_update_addr_mask(dev); @@ -753,7 +753,7 @@ Signed-off-by: Yangbo Lu &changeupper_info.info); ret = notifier_to_errno(ret); if (ret) -@@ -6440,21 +6444,25 @@ EXPORT_SYMBOL(netdev_master_upper_dev_li +@@ -6441,21 +6445,25 @@ EXPORT_SYMBOL(netdev_master_upper_dev_li void netdev_upper_dev_unlink(struct net_device *dev, struct net_device *upper_dev) { @@ -784,7 +784,7 @@ Signed-off-by: Yangbo Lu &changeupper_info.info); } EXPORT_SYMBOL(netdev_upper_dev_unlink); -@@ -6470,11 +6478,13 @@ EXPORT_SYMBOL(netdev_upper_dev_unlink); +@@ -6471,11 +6479,13 @@ EXPORT_SYMBOL(netdev_upper_dev_unlink); void netdev_bonding_info_change(struct net_device *dev, struct netdev_bonding_info *bonding_info) { @@ -800,7 +800,7 @@ Signed-off-by: Yangbo Lu &info.info); } EXPORT_SYMBOL(netdev_bonding_info_change); -@@ -6600,11 +6610,13 @@ EXPORT_SYMBOL(dev_get_nest_level); +@@ -6601,11 +6611,13 @@ EXPORT_SYMBOL(dev_get_nest_level); void netdev_lower_state_changed(struct net_device *lower_dev, void *lower_state_info) { @@ -816,7 +816,7 @@ Signed-off-by: Yangbo Lu &changelowerstate_info.info); } EXPORT_SYMBOL(netdev_lower_state_changed); -@@ -6895,11 +6907,14 @@ void __dev_notify_flags(struct net_devic +@@ -6896,11 +6908,14 @@ void __dev_notify_flags(struct net_devic if (dev->flags & IFF_UP && (changes & ~(IFF_UP | IFF_PROMISC | IFF_ALLMULTI | IFF_VOLATILE))) { diff --git a/target/linux/layerscape/patches-4.14/707-dpaa-ethernet-support-layerscape.patch b/target/linux/layerscape/patches-4.14/707-dpaa-ethernet-support-layerscape.patch index 6d39a85e..30f2ea72 100644 --- a/target/linux/layerscape/patches-4.14/707-dpaa-ethernet-support-layerscape.patch +++ b/target/linux/layerscape/patches-4.14/707-dpaa-ethernet-support-layerscape.patch @@ -1306,7 +1306,7 @@ Signed-off-by: Zhao Qiang } static const struct net_device_ops dpaa_ops = { -@@ -2654,7 +2938,6 @@ static inline u16 dpaa_get_headroom(stru +@@ -2652,7 +2936,6 @@ static inline u16 dpaa_get_headroom(stru static int dpaa_eth_probe(struct platform_device *pdev) { struct dpaa_bp *dpaa_bps[DPAA_BPS_NUM] = {NULL}; @@ -1314,7 +1314,7 @@ Signed-off-by: Zhao Qiang struct net_device *net_dev = NULL; struct dpaa_fq *dpaa_fq, *tmp; struct dpaa_priv *priv = NULL; -@@ -2663,7 +2946,51 @@ static int dpaa_eth_probe(struct platfor +@@ -2661,7 +2944,51 @@ static int dpaa_eth_probe(struct platfor int err = 0, i, channel; struct device *dev; @@ -1367,7 +1367,7 @@ Signed-off-by: Zhao Qiang /* Allocate this early, so we can store relevant information in * the private area -@@ -2671,7 +2998,7 @@ static int dpaa_eth_probe(struct platfor +@@ -2669,7 +2996,7 @@ static int dpaa_eth_probe(struct platfor net_dev = alloc_etherdev_mq(sizeof(*priv), DPAA_ETH_TXQ_NUM); if (!net_dev) { dev_err(dev, "alloc_etherdev_mq() failed\n"); @@ -1376,7 +1376,7 @@ Signed-off-by: Zhao Qiang } /* Do this here, so we can be verbose early */ -@@ -2683,13 +3010,6 @@ static int dpaa_eth_probe(struct platfor +@@ -2681,13 +3008,6 @@ static int dpaa_eth_probe(struct platfor priv->msg_enable = netif_msg_init(debug, DPAA_MSG_DEFAULT); @@ -1390,7 +1390,7 @@ Signed-off-by: Zhao Qiang /* If fsl_fm_max_frm is set to a higher value than the all-common 1500, * we choose conservatively and let the user explicitly set a higher * MTU via ifconfig. Otherwise, the user may end up with different MTUs -@@ -2705,21 +3025,13 @@ static int dpaa_eth_probe(struct platfor +@@ -2703,21 +3023,13 @@ static int dpaa_eth_probe(struct platfor priv->buf_layout[RX].priv_data_size = DPAA_RX_PRIV_DATA_SIZE; /* Rx */ priv->buf_layout[TX].priv_data_size = DPAA_TX_PRIV_DATA_SIZE; /* Tx */ @@ -1416,7 +1416,7 @@ Signed-off-by: Zhao Qiang /* the raw size of the buffers used for reception */ dpaa_bps[i]->raw_size = bpool_buffer_raw_size(i, DPAA_BPS_NUM); /* avoid runtime computations by keeping the usable size here */ -@@ -2727,11 +3039,8 @@ static int dpaa_eth_probe(struct platfor +@@ -2725,11 +3037,8 @@ static int dpaa_eth_probe(struct platfor dpaa_bps[i]->dev = dev; err = dpaa_bp_alloc_pool(dpaa_bps[i]); @@ -1430,7 +1430,7 @@ Signed-off-by: Zhao Qiang priv->dpaa_bps[i] = dpaa_bps[i]; } -@@ -2742,7 +3051,7 @@ static int dpaa_eth_probe(struct platfor +@@ -2740,7 +3049,7 @@ static int dpaa_eth_probe(struct platfor err = dpaa_alloc_all_fqs(dev, &priv->dpaa_fq_list, &port_fqs); if (err < 0) { dev_err(dev, "dpaa_alloc_all_fqs() failed\n"); @@ -1439,7 +1439,7 @@ Signed-off-by: Zhao Qiang } priv->mac_dev = mac_dev; -@@ -2751,12 +3060,12 @@ static int dpaa_eth_probe(struct platfor +@@ -2749,12 +3058,12 @@ static int dpaa_eth_probe(struct platfor if (channel < 0) { dev_err(dev, "dpaa_get_channel() failed\n"); err = channel; @@ -1454,7 +1454,7 @@ Signed-off-by: Zhao Qiang * and add this pool channel to each's dequeue mask. */ dpaa_eth_add_channel(priv->channel); -@@ -2771,20 +3080,20 @@ static int dpaa_eth_probe(struct platfor +@@ -2769,20 +3078,20 @@ static int dpaa_eth_probe(struct platfor err = dpaa_eth_cgr_init(priv); if (err < 0) { dev_err(dev, "Error initializing CGR\n"); @@ -1478,7 +1478,7 @@ Signed-off-by: Zhao Qiang } priv->tx_headroom = dpaa_get_headroom(&priv->buf_layout[TX]); -@@ -2794,7 +3103,7 @@ static int dpaa_eth_probe(struct platfor +@@ -2792,7 +3101,7 @@ static int dpaa_eth_probe(struct platfor err = dpaa_eth_init_ports(mac_dev, dpaa_bps, DPAA_BPS_NUM, &port_fqs, &priv->buf_layout[0], dev); if (err) @@ -1487,7 +1487,7 @@ Signed-off-by: Zhao Qiang /* Rx traffic distribution based on keygen hashing defaults to on */ priv->keygen_in_use = true; -@@ -2803,11 +3112,7 @@ static int dpaa_eth_probe(struct platfor +@@ -2801,11 +3110,7 @@ static int dpaa_eth_probe(struct platfor if (!priv->percpu_priv) { dev_err(dev, "devm_alloc_percpu() failed\n"); err = -ENOMEM; @@ -1500,7 +1500,7 @@ Signed-off-by: Zhao Qiang } priv->num_tc = 1; -@@ -2816,11 +3121,11 @@ static int dpaa_eth_probe(struct platfor +@@ -2814,11 +3119,11 @@ static int dpaa_eth_probe(struct platfor /* Initialize NAPI */ err = dpaa_napi_add(net_dev); if (err < 0) @@ -1514,7 +1514,7 @@ Signed-off-by: Zhao Qiang dpaa_eth_sysfs_init(&net_dev->dev); -@@ -2829,32 +3134,21 @@ static int dpaa_eth_probe(struct platfor +@@ -2827,32 +3132,21 @@ static int dpaa_eth_probe(struct platfor return 0; @@ -1553,7 +1553,7 @@ Signed-off-by: Zhao Qiang return err; } -@@ -2891,6 +3185,23 @@ static int dpaa_remove(struct platform_d +@@ -2889,6 +3183,23 @@ static int dpaa_remove(struct platform_d return err; } @@ -1577,7 +1577,7 @@ Signed-off-by: Zhao Qiang static const struct platform_device_id dpaa_devtype[] = { { .name = "dpaa-ethernet", -@@ -2915,6 +3226,10 @@ static int __init dpaa_load(void) +@@ -2913,6 +3224,10 @@ static int __init dpaa_load(void) pr_debug("FSL DPAA Ethernet driver\n"); @@ -1700,7 +1700,7 @@ Signed-off-by: Zhao Qiang +fsl_dpaa_mac-objs:= mac.o fman_dtsec.o fman_memac.o fman_tgec.o --- a/drivers/net/ethernet/freescale/fman/fman.c +++ b/drivers/net/ethernet/freescale/fman/fman.c -@@ -629,6 +629,7 @@ static void set_port_order_restoration(s +@@ -634,6 +634,7 @@ static void set_port_order_restoration(s iowrite32be(tmp, &fpm_rg->fmfp_prc); } @@ -1708,7 +1708,7 @@ Signed-off-by: Zhao Qiang static void set_port_liodn(struct fman *fman, u8 port_id, u32 liodn_base, u32 liodn_ofst) { -@@ -646,6 +647,27 @@ static void set_port_liodn(struct fman * +@@ -651,6 +652,27 @@ static void set_port_liodn(struct fman * iowrite32be(tmp, &fman->dma_regs->fmdmplr[port_id / 2]); iowrite32be(liodn_ofst, &fman->bmi_regs->fmbm_spliodn[port_id - 1]); } @@ -1736,7 +1736,7 @@ Signed-off-by: Zhao Qiang static void enable_rams_ecc(struct fman_fpm_regs __iomem *fpm_rg) { -@@ -1914,7 +1936,10 @@ _return: +@@ -1919,7 +1941,10 @@ _return: static int fman_init(struct fman *fman) { struct fman_cfg *cfg = NULL; @@ -1748,7 +1748,7 @@ Signed-off-by: Zhao Qiang if (is_init_done(fman->cfg)) return -EINVAL; -@@ -1934,6 +1959,7 @@ static int fman_init(struct fman *fman) +@@ -1939,6 +1964,7 @@ static int fman_init(struct fman *fman) memset_io((void __iomem *)(fman->base_addr + CGP_OFFSET), 0, fman->state->fm_port_num_of_cg); @@ -1756,7 +1756,7 @@ Signed-off-by: Zhao Qiang /* Save LIODN info before FMan reset * Skipping non-existent port 0 (i = 1) */ -@@ -1953,6 +1979,9 @@ static int fman_init(struct fman *fman) +@@ -1958,6 +1984,9 @@ static int fman_init(struct fman *fman) } fman->liodn_base[i] = liodn_base; } @@ -1766,7 +1766,7 @@ Signed-off-by: Zhao Qiang err = fman_reset(fman); if (err) -@@ -2181,8 +2210,12 @@ int fman_set_port_params(struct fman *fm +@@ -2186,8 +2215,12 @@ int fman_set_port_params(struct fman *fm if (err) goto return_err; @@ -1779,7 +1779,7 @@ Signed-off-by: Zhao Qiang if (fman->state->rev_info.major < 6) set_port_order_restoration(fman->fpm_regs, port_id); -@@ -2800,7 +2833,8 @@ static struct fman *read_dts_node(struct +@@ -2813,7 +2846,8 @@ static struct fman *read_dts_node(struct of_node_put(muram_node); @@ -1791,7 +1791,7 @@ Signed-off-by: Zhao Qiang __func__, irq, err); --- a/drivers/net/ethernet/freescale/fman/fman.h +++ b/drivers/net/ethernet/freescale/fman/fman.h -@@ -41,6 +41,7 @@ +@@ -42,6 +42,7 @@ /* Frame queue Context Override */ #define FM_FD_CMD_FCO 0x80000000 #define FM_FD_CMD_RPD 0x40000000 /* Read Prepended Data */ @@ -1799,7 +1799,7 @@ Signed-off-by: Zhao Qiang #define FM_FD_CMD_DTC 0x10000000 /* Do L4 Checksum */ /* TX-Port: Unsupported Format */ -@@ -345,8 +346,12 @@ struct fman { +@@ -346,8 +347,12 @@ struct fman { unsigned long fifo_offset; size_t fifo_size; diff --git a/target/linux/layerscape/patches-4.14/806-rtc-support-layerscape.patch b/target/linux/layerscape/patches-4.14/806-rtc-support-layerscape.patch index b7535100..5e4aac04 100644 --- a/target/linux/layerscape/patches-4.14/806-rtc-support-layerscape.patch +++ b/target/linux/layerscape/patches-4.14/806-rtc-support-layerscape.patch @@ -65,7 +65,7 @@ Signed-off-by: Biwen Li +}; --- a/drivers/rtc/Kconfig +++ b/drivers/rtc/Kconfig -@@ -433,6 +433,14 @@ config RTC_DRV_PCF85063 +@@ -434,6 +434,14 @@ config RTC_DRV_PCF85063 This driver can also be built as a module. If so, the module will be called rtc-pcf85063. diff --git a/target/linux/layerscape/patches-4.14/807-usb-support-layerscape.patch b/target/linux/layerscape/patches-4.14/807-usb-support-layerscape.patch index 2aa77f1a..d0bee3b4 100644 --- a/target/linux/layerscape/patches-4.14/807-usb-support-layerscape.patch +++ b/target/linux/layerscape/patches-4.14/807-usb-support-layerscape.patch @@ -323,7 +323,7 @@ Signed-off-by: Zhao Chenhui usb_phy_set_suspend(dwc->usb2_phy, 0); usb_phy_set_suspend(dwc->usb3_phy, 0); ret = phy_power_on(dwc->usb2_generic_phy); -@@ -870,6 +1006,22 @@ static int dwc3_core_init(struct dwc3 *d +@@ -873,6 +1009,22 @@ static int dwc3_core_init(struct dwc3 *d dwc3_writel(dwc->regs, DWC3_GUCTL1, reg); } @@ -346,7 +346,7 @@ Signed-off-by: Zhao Chenhui return 0; err4: -@@ -1076,6 +1228,8 @@ static void dwc3_get_properties(struct d +@@ -1079,6 +1231,8 @@ static void dwc3_get_properties(struct d &hird_threshold); dwc->usb3_lpm_capable = device_property_read_bool(dev, "snps,usb3_lpm_capable"); @@ -355,9 +355,9 @@ Signed-off-by: Zhao Chenhui dwc->disable_scramble_quirk = device_property_read_bool(dev, "snps,disable_scramble_quirk"); -@@ -1108,8 +1262,16 @@ static void dwc3_get_properties(struct d - dwc->dis_tx_ipgap_linecheck_quirk = device_property_read_bool(dev, - "snps,dis-tx-ipgap-linecheck-quirk"); +@@ -1113,8 +1267,16 @@ static void dwc3_get_properties(struct d + dwc->parkmode_disable_ss_quirk = device_property_read_bool(dev, + "snps,parkmode-disable-ss-quirk"); + dwc->quirk_reverse_in_out = device_property_read_bool(dev, + "snps,quirk_reverse_in_out"); @@ -372,7 +372,7 @@ Signed-off-by: Zhao Chenhui device_property_read_u8(dev, "snps,tx_de_emphasis", &tx_de_emphasis); device_property_read_string(dev, "snps,hsphy_interface", -@@ -1120,6 +1282,9 @@ static void dwc3_get_properties(struct d +@@ -1125,6 +1287,9 @@ static void dwc3_get_properties(struct d dwc->dis_metastability_quirk = device_property_read_bool(dev, "snps,dis_metastability_quirk"); @@ -382,7 +382,7 @@ Signed-off-by: Zhao Chenhui dwc->lpm_nyet_threshold = lpm_nyet_threshold; dwc->tx_de_emphasis = tx_de_emphasis; -@@ -1371,12 +1536,14 @@ static int dwc3_resume_common(struct dwc +@@ -1376,12 +1541,14 @@ static int dwc3_resume_common(struct dwc switch (dwc->dr_mode) { case USB_DR_MODE_PERIPHERAL: @@ -440,9 +440,9 @@ Signed-off-by: Zhao Chenhui +#define DWC3_GUCTL_HSTINAUTORETRY BIT(14) + /* Global User Control 1 Register */ + #define DWC3_GUCTL1_PARKMODE_DISABLE_SS BIT(17) #define DWC3_GUCTL1_TX_IPGAP_LINECHECK_DIS BIT(28) - #define DWC3_GUCTL1_DEV_L1_EXIT_BY_HW BIT(24) -@@ -477,6 +506,14 @@ +@@ -478,6 +507,14 @@ #define DWC3_DEV_IMOD_INTERVAL_SHIFT 0 #define DWC3_DEV_IMOD_INTERVAL_MASK (0xffff << 0) @@ -457,7 +457,7 @@ Signed-off-by: Zhao Chenhui /* Structures */ struct dwc3_trb; -@@ -788,6 +825,7 @@ struct dwc3_scratchpad_array { +@@ -789,6 +826,7 @@ struct dwc3_scratchpad_array { * @regs: base address for our registers * @regs_size: address space size * @fladj: frame length adjustment @@ -465,7 +465,7 @@ Signed-off-by: Zhao Chenhui * @irq_gadget: peripheral controller's IRQ number * @nr_scratch: number of scratch buffers * @u1u2: only used on revisions <1.83a for workaround -@@ -843,6 +881,7 @@ struct dwc3_scratchpad_array { +@@ -844,6 +882,7 @@ struct dwc3_scratchpad_array { * @setup_packet_pending: true when there's a Setup Packet in FIFO. Workaround * @three_stage_setup: set if we perform a three phase setup * @usb3_lpm_capable: set if hadrware supports Link Power Management @@ -473,7 +473,7 @@ Signed-off-by: Zhao Chenhui * @disable_scramble_quirk: set if we enable the disable scramble quirk * @u2exit_lfps_quirk: set if we enable u2exit lfps quirk * @u2ss_inp3_quirk: set if we enable P3 OK for U2/SS Inactive quirk -@@ -922,6 +961,12 @@ struct dwc3 { +@@ -925,6 +964,12 @@ struct dwc3 { enum usb_phy_interface hsphy_mode; u32 fladj; @@ -486,7 +486,7 @@ Signed-off-by: Zhao Chenhui u32 irq_gadget; u32 nr_scratch; u32 u1u2; -@@ -1006,6 +1051,7 @@ struct dwc3 { +@@ -1009,6 +1054,7 @@ struct dwc3 { unsigned setup_packet_pending:1; unsigned three_stage_setup:1; unsigned usb3_lpm_capable:1; @@ -494,7 +494,7 @@ Signed-off-by: Zhao Chenhui unsigned disable_scramble_quirk:1; unsigned u2exit_lfps_quirk:1; -@@ -1025,6 +1071,11 @@ struct dwc3 { +@@ -1029,6 +1075,11 @@ struct dwc3 { unsigned tx_de_emphasis_quirk:1; unsigned tx_de_emphasis:2; @@ -528,7 +528,7 @@ Signed-off-by: Zhao Chenhui reg &= ~DWC3_DCTL_INITU2ENA; --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c -@@ -3220,6 +3220,7 @@ int dwc3_gadget_init(struct dwc3 *dwc) +@@ -3216,6 +3216,7 @@ int dwc3_gadget_init(struct dwc3 *dwc) { int ret; int irq; @@ -536,7 +536,7 @@ Signed-off-by: Zhao Chenhui irq = dwc3_gadget_get_irq(dwc); if (irq < 0) { -@@ -3299,6 +3300,12 @@ int dwc3_gadget_init(struct dwc3 *dwc) +@@ -3294,6 +3295,12 @@ int dwc3_gadget_init(struct dwc3 *dwc) dwc3_gadget_set_speed(&dwc->gadget, dwc->maximum_speed); @@ -1289,7 +1289,7 @@ Signed-off-by: Zhao Chenhui xhci->quirks |= XHCI_BROKEN_PORT_PED; --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c -@@ -1972,10 +1972,12 @@ static int finish_td(struct xhci_hcd *xh +@@ -1978,10 +1978,12 @@ static int finish_td(struct xhci_hcd *xh union xhci_trb *ep_trb, struct xhci_transfer_event *event, struct xhci_virt_ep *ep, int *status) { @@ -1302,7 +1302,7 @@ Signed-off-by: Zhao Chenhui u32 trb_comp_code; int ep_index; -@@ -1998,14 +2000,30 @@ static int finish_td(struct xhci_hcd *xh +@@ -2004,14 +2006,30 @@ static int finish_td(struct xhci_hcd *xh if (trb_comp_code == COMP_STALL_ERROR || xhci_requires_manual_halt_cleanup(xhci, ep_ctx, trb_comp_code)) { diff --git a/target/linux/layerscape/patches-4.14/816-pcie-support-layerscape.patch b/target/linux/layerscape/patches-4.14/816-pcie-support-layerscape.patch index 6cfc4342..4362863b 100644 --- a/target/linux/layerscape/patches-4.14/816-pcie-support-layerscape.patch +++ b/target/linux/layerscape/patches-4.14/816-pcie-support-layerscape.patch @@ -610,7 +610,7 @@ Signed-off-by: Yangbo Lu int err; - int irq = 0; int id; - char name[20]; + char name[24]; enum pci_barno bar; @@ -486,12 +665,15 @@ static int pci_endpoint_test_probe(struc test->alignment = 0; @@ -5715,7 +5715,7 @@ Signed-off-by: Yangbo Lu int (*start)(struct pci_epc *epc); void (*stop)(struct pci_epc *epc); struct module *owner; -@@ -91,8 +97,17 @@ struct pci_epc { +@@ -94,8 +100,17 @@ struct pci_epc { struct config_group *group; /* spinlock to protect against concurrent access of EP controller */ spinlock_t lock; @@ -5733,7 +5733,7 @@ Signed-off-by: Yangbo Lu #define to_pci_epc(device) container_of((device), struct pci_epc, dev) #define pci_epc_create(dev, ops) \ -@@ -124,17 +139,23 @@ void pci_epc_destroy(struct pci_epc *epc +@@ -127,17 +142,23 @@ void pci_epc_destroy(struct pci_epc *epc int pci_epc_add_epf(struct pci_epc *epc, struct pci_epf *epf); void pci_epc_linkup(struct pci_epc *epc); void pci_epc_remove_epf(struct pci_epc *epc, struct pci_epf *epf); diff --git a/target/linux/mediatek/patches-4.14/0052-net-phy-add-FC.patch b/target/linux/mediatek/patches-4.14/0052-net-phy-add-FC.patch index bb49ee75..46427a1d 100644 --- a/target/linux/mediatek/patches-4.14/0052-net-phy-add-FC.patch +++ b/target/linux/mediatek/patches-4.14/0052-net-phy-add-FC.patch @@ -10,7 +10,7 @@ Signed-off-by: John Crispin --- a/drivers/net/phy/phy_device.c +++ b/drivers/net/phy/phy_device.c -@@ -1944,7 +1944,7 @@ static struct phy_driver genphy_driver = +@@ -1948,7 +1948,7 @@ static struct phy_driver genphy_driver = .config_init = genphy_config_init, .features = PHY_GBIT_FEATURES | SUPPORTED_MII | SUPPORTED_AUI | SUPPORTED_FIBRE | diff --git a/target/linux/mediatek/patches-4.14/0138-rtc-mediatek-add-driver-for-RTC-on-MT7622-SoC.patch b/target/linux/mediatek/patches-4.14/0138-rtc-mediatek-add-driver-for-RTC-on-MT7622-SoC.patch index 8cf900d1..374d4d39 100644 --- a/target/linux/mediatek/patches-4.14/0138-rtc-mediatek-add-driver-for-RTC-on-MT7622-SoC.patch +++ b/target/linux/mediatek/patches-4.14/0138-rtc-mediatek-add-driver-for-RTC-on-MT7622-SoC.patch @@ -17,7 +17,7 @@ Signed-off-by: Alexandre Belloni --- a/drivers/rtc/Kconfig +++ b/drivers/rtc/Kconfig -@@ -1715,6 +1715,16 @@ config RTC_DRV_MT6397 +@@ -1716,6 +1716,16 @@ config RTC_DRV_MT6397 If you want to use Mediatek(R) RTC interface, select Y or M here. diff --git a/target/linux/mediatek/patches-4.14/0139-rtc-mediatek-enhance-the-description-for-MediaTek-PM.patch b/target/linux/mediatek/patches-4.14/0139-rtc-mediatek-enhance-the-description-for-MediaTek-PM.patch index 0513a085..f8840f93 100644 --- a/target/linux/mediatek/patches-4.14/0139-rtc-mediatek-enhance-the-description-for-MediaTek-PM.patch +++ b/target/linux/mediatek/patches-4.14/0139-rtc-mediatek-enhance-the-description-for-MediaTek-PM.patch @@ -18,7 +18,7 @@ Signed-off-by: Alexandre Belloni --- a/drivers/rtc/Kconfig +++ b/drivers/rtc/Kconfig -@@ -1706,14 +1706,14 @@ config RTC_DRV_MOXART +@@ -1707,14 +1707,14 @@ config RTC_DRV_MOXART will be called rtc-moxart config RTC_DRV_MT6397 diff --git a/target/linux/mediatek/patches-4.14/0191-usb-xhci-allow-imod-interval-to-be-configurable.patch b/target/linux/mediatek/patches-4.14/0191-usb-xhci-allow-imod-interval-to-be-configurable.patch index d3cb1915..df099ea3 100644 --- a/target/linux/mediatek/patches-4.14/0191-usb-xhci-allow-imod-interval-to-be-configurable.patch +++ b/target/linux/mediatek/patches-4.14/0191-usb-xhci-allow-imod-interval-to-be-configurable.patch @@ -86,7 +86,7 @@ Signed-off-by: Greg Kroah-Hartman if (!xhci->shared_hcd) { --- a/drivers/usb/host/xhci-pci.c +++ b/drivers/usb/host/xhci-pci.c -@@ -277,6 +277,9 @@ static int xhci_pci_setup(struct usb_hcd +@@ -280,6 +280,9 @@ static int xhci_pci_setup(struct usb_hcd if (!xhci->sbrn) pci_read_config_byte(pdev, XHCI_SBRN_OFFSET, &xhci->sbrn); diff --git a/target/linux/mvebu/cortexa9/target.mk b/target/linux/mvebu/cortexa9/target.mk index 2a75599b..cdd4d86e 100644 --- a/target/linux/mvebu/cortexa9/target.mk +++ b/target/linux/mvebu/cortexa9/target.mk @@ -10,5 +10,5 @@ include $(TOPDIR)/rules.mk ARCH:=arm BOARDNAME:=Marvell Armada 37x/38x/XP CPU_TYPE:=cortex-a9 -CPU_SUBTYPE:=vfpv3 +CPU_SUBTYPE:=vfpv3-d16 KERNELNAME:=zImage dtbs diff --git a/target/linux/mvebu/patches-4.14/006-mvebu-Mangle-bootloader-s-kernel-arguments.patch b/target/linux/mvebu/patches-4.14/006-mvebu-Mangle-bootloader-s-kernel-arguments.patch index 8f11632d..4ef86edb 100644 --- a/target/linux/mvebu/patches-4.14/006-mvebu-Mangle-bootloader-s-kernel-arguments.patch +++ b/target/linux/mvebu/patches-4.14/006-mvebu-Mangle-bootloader-s-kernel-arguments.patch @@ -28,7 +28,7 @@ Signed-off-by: Michael Gray --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig -@@ -1939,6 +1939,17 @@ config ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN +@@ -1934,6 +1934,17 @@ config ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN The command-line arguments provided by the boot loader will be appended to the the device tree bootargs property. diff --git a/target/linux/mvebu/patches-4.14/300-mvneta-tx-queue-workaround.patch b/target/linux/mvebu/patches-4.14/300-mvneta-tx-queue-workaround.patch index f21f8083..6c21fa30 100644 --- a/target/linux/mvebu/patches-4.14/300-mvneta-tx-queue-workaround.patch +++ b/target/linux/mvebu/patches-4.14/300-mvneta-tx-queue-workaround.patch @@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau --- --- a/drivers/net/ethernet/marvell/mvneta.c +++ b/drivers/net/ethernet/marvell/mvneta.c -@@ -3961,6 +3961,15 @@ static int mvneta_ethtool_set_wol(struct +@@ -3960,6 +3960,15 @@ static int mvneta_ethtool_set_wol(struct return ret; } @@ -25,7 +25,7 @@ Signed-off-by: Felix Fietkau static const struct net_device_ops mvneta_netdev_ops = { .ndo_open = mvneta_open, .ndo_stop = mvneta_stop, -@@ -3971,6 +3980,7 @@ static const struct net_device_ops mvnet +@@ -3970,6 +3979,7 @@ static const struct net_device_ops mvnet .ndo_fix_features = mvneta_fix_features, .ndo_get_stats64 = mvneta_get_stats64, .ndo_do_ioctl = mvneta_ioctl, diff --git a/target/linux/mvebu/patches-4.14/403-net-mvneta-convert-to-phylink.patch b/target/linux/mvebu/patches-4.14/403-net-mvneta-convert-to-phylink.patch index 34a2d342..8cefb1db 100644 --- a/target/linux/mvebu/patches-4.14/403-net-mvneta-convert-to-phylink.patch +++ b/target/linux/mvebu/patches-4.14/403-net-mvneta-convert-to-phylink.patch @@ -251,7 +251,7 @@ Signed-off-by: Russell King } /* Release Tx descriptors */ -@@ -3061,7 +3020,6 @@ static int mvneta_setup_txqs(struct mvne +@@ -3060,7 +3019,6 @@ static int mvneta_setup_txqs(struct mvne static void mvneta_start_dev(struct mvneta_port *pp) { int cpu; @@ -259,7 +259,7 @@ Signed-off-by: Russell King mvneta_max_rx_size_set(pp, pp->pkt_size); mvneta_txq_max_tx_size_set(pp, pp->pkt_size); -@@ -3089,16 +3047,15 @@ static void mvneta_start_dev(struct mvne +@@ -3088,16 +3046,15 @@ static void mvneta_start_dev(struct mvne MVNETA_CAUSE_LINK_CHANGE | MVNETA_CAUSE_PSC_SYNC_CHANGE); @@ -278,7 +278,7 @@ Signed-off-by: Russell King if (!pp->neta_armada3700) { for_each_online_cpu(cpu) { -@@ -3251,103 +3208,232 @@ static int mvneta_set_mac_addr(struct ne +@@ -3250,103 +3207,232 @@ static int mvneta_set_mac_addr(struct ne return 0; } @@ -585,7 +585,7 @@ Signed-off-by: Russell King } /* Electing a CPU must be done in an atomic way: it should be done -@@ -3626,10 +3712,9 @@ static int mvneta_stop(struct net_device +@@ -3625,10 +3711,9 @@ static int mvneta_stop(struct net_device static int mvneta_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) { @@ -598,7 +598,7 @@ Signed-off-by: Russell King } /* Ethtool methods */ -@@ -3640,44 +3725,25 @@ mvneta_ethtool_set_link_ksettings(struct +@@ -3639,44 +3724,25 @@ mvneta_ethtool_set_link_ksettings(struct const struct ethtool_link_ksettings *cmd) { struct mvneta_port *pp = netdev_priv(ndev); @@ -657,7 +657,7 @@ Signed-off-by: Russell King } /* Set interrupt coalescing for ethtools */ -@@ -3769,6 +3835,22 @@ static int mvneta_ethtool_set_ringparam( +@@ -3768,6 +3834,22 @@ static int mvneta_ethtool_set_ringparam( return 0; } @@ -680,7 +680,7 @@ Signed-off-by: Russell King static void mvneta_ethtool_get_strings(struct net_device *netdev, u32 sset, u8 *data) { -@@ -3785,26 +3867,35 @@ static void mvneta_ethtool_update_stats( +@@ -3784,26 +3866,35 @@ static void mvneta_ethtool_update_stats( { const struct mvneta_statistic *s; void __iomem *base = pp->base; @@ -721,7 +721,7 @@ Signed-off-by: Russell King } } -@@ -3939,28 +4030,65 @@ static int mvneta_ethtool_get_rxfh(struc +@@ -3938,28 +4029,65 @@ static int mvneta_ethtool_get_rxfh(struc static void mvneta_ethtool_get_wol(struct net_device *dev, struct ethtool_wolinfo *wol) { @@ -795,7 +795,7 @@ Signed-off-by: Russell King static u16 mvneta_select_queue(struct net_device *dev, struct sk_buff *skb, void *accel_priv, select_queue_fallback_t fallback) -@@ -3984,13 +4112,15 @@ static const struct net_device_ops mvnet +@@ -3983,13 +4111,15 @@ static const struct net_device_ops mvnet }; static const struct ethtool_ops mvneta_eth_tool_ops = { @@ -812,7 +812,7 @@ Signed-off-by: Russell King .get_strings = mvneta_ethtool_get_strings, .get_ethtool_stats = mvneta_ethtool_get_stats, .get_sset_count = mvneta_ethtool_get_sset_count, -@@ -3998,10 +4128,12 @@ static const struct ethtool_ops mvneta_e +@@ -3997,10 +4127,12 @@ static const struct ethtool_ops mvneta_e .get_rxnfc = mvneta_ethtool_get_rxnfc, .get_rxfh = mvneta_ethtool_get_rxfh, .set_rxfh = mvneta_ethtool_set_rxfh, @@ -826,7 +826,7 @@ Signed-off-by: Russell King }; /* Initialize hw */ -@@ -4146,14 +4278,13 @@ static int mvneta_probe(struct platform_ +@@ -4145,14 +4277,13 @@ static int mvneta_probe(struct platform_ { struct resource *res; struct device_node *dn = pdev->dev.of_node; @@ -842,7 +842,7 @@ Signed-off-by: Russell King int tx_csum_limit; int phy_mode; int err; -@@ -4169,31 +4300,11 @@ static int mvneta_probe(struct platform_ +@@ -4168,31 +4299,11 @@ static int mvneta_probe(struct platform_ goto err_free_netdev; } @@ -875,7 +875,7 @@ Signed-off-by: Russell King } dev->tx_queue_len = MVNETA_MAX_TXD; -@@ -4204,12 +4315,7 @@ static int mvneta_probe(struct platform_ +@@ -4203,12 +4314,7 @@ static int mvneta_probe(struct platform_ pp = netdev_priv(dev); spin_lock_init(&pp->lock); @@ -889,7 +889,7 @@ Signed-off-by: Russell King pp->rxq_def = rxq_def; -@@ -4231,7 +4337,7 @@ static int mvneta_probe(struct platform_ +@@ -4230,7 +4336,7 @@ static int mvneta_probe(struct platform_ pp->clk = devm_clk_get(&pdev->dev, NULL); if (IS_ERR(pp->clk)) { err = PTR_ERR(pp->clk); @@ -898,7 +898,7 @@ Signed-off-by: Russell King } clk_prepare_enable(pp->clk); -@@ -4357,6 +4463,14 @@ static int mvneta_probe(struct platform_ +@@ -4356,6 +4462,14 @@ static int mvneta_probe(struct platform_ /* 9676 == 9700 - 20 and rounding to 8 */ dev->max_mtu = 9676; @@ -913,7 +913,7 @@ Signed-off-by: Russell King err = register_netdev(dev); if (err < 0) { dev_err(&pdev->dev, "failed to register\n"); -@@ -4368,14 +4482,6 @@ static int mvneta_probe(struct platform_ +@@ -4367,14 +4481,6 @@ static int mvneta_probe(struct platform_ platform_set_drvdata(pdev, pp->dev); @@ -928,7 +928,7 @@ Signed-off-by: Russell King return 0; err_netdev: -@@ -4384,16 +4490,14 @@ err_netdev: +@@ -4383,16 +4489,14 @@ err_netdev: mvneta_bm_pool_destroy(pp->bm_priv, pp->pool_short, 1 << pp->id); } @@ -947,7 +947,7 @@ Signed-off-by: Russell King err_free_irq: irq_dispose_mapping(dev->irq); err_free_netdev: -@@ -4405,7 +4509,6 @@ err_free_netdev: +@@ -4404,7 +4508,6 @@ err_free_netdev: static int mvneta_remove(struct platform_device *pdev) { struct net_device *dev = platform_get_drvdata(pdev); @@ -955,7 +955,7 @@ Signed-off-by: Russell King struct mvneta_port *pp = netdev_priv(dev); unregister_netdev(dev); -@@ -4413,10 +4516,8 @@ static int mvneta_remove(struct platform +@@ -4412,10 +4515,8 @@ static int mvneta_remove(struct platform clk_disable_unprepare(pp->clk); free_percpu(pp->ports); free_percpu(pp->stats); @@ -967,7 +967,7 @@ Signed-off-by: Russell King free_netdev(dev); if (pp->bm_priv) { -@@ -4468,9 +4569,6 @@ static int mvneta_resume(struct device * +@@ -4467,9 +4568,6 @@ static int mvneta_resume(struct device * return err; } diff --git a/target/linux/mvebu/patches-4.14/404-net-mvneta-hack-fix-phy_interface.patch b/target/linux/mvebu/patches-4.14/404-net-mvneta-hack-fix-phy_interface.patch index 906c163a..584e6381 100644 --- a/target/linux/mvebu/patches-4.14/404-net-mvneta-hack-fix-phy_interface.patch +++ b/target/linux/mvebu/patches-4.14/404-net-mvneta-hack-fix-phy_interface.patch @@ -18,7 +18,7 @@ Signed-off-by: Russell King struct device_node *dn; unsigned int tx_csum_limit; struct phylink *phylink; -@@ -4315,6 +4316,7 @@ static int mvneta_probe(struct platform_ +@@ -4314,6 +4315,7 @@ static int mvneta_probe(struct platform_ pp = netdev_priv(dev); spin_lock_init(&pp->lock); diff --git a/target/linux/mvebu/patches-4.14/405-net-mvneta-disable-MVNETA_CAUSE_PSC_SYNC_CHANGE-inte.patch b/target/linux/mvebu/patches-4.14/405-net-mvneta-disable-MVNETA_CAUSE_PSC_SYNC_CHANGE-inte.patch index 7d02b0a9..0889aff9 100644 --- a/target/linux/mvebu/patches-4.14/405-net-mvneta-disable-MVNETA_CAUSE_PSC_SYNC_CHANGE-inte.patch +++ b/target/linux/mvebu/patches-4.14/405-net-mvneta-disable-MVNETA_CAUSE_PSC_SYNC_CHANGE-inte.patch @@ -24,7 +24,7 @@ Signed-off-by: Russell King mvneta_link_change(pp); } -@@ -3045,8 +3044,7 @@ static void mvneta_start_dev(struct mvne +@@ -3044,8 +3043,7 @@ static void mvneta_start_dev(struct mvne mvreg_write(pp, MVNETA_INTR_MISC_MASK, MVNETA_CAUSE_PHY_STATUS_CHANGE | @@ -34,7 +34,7 @@ Signed-off-by: Russell King phylink_start(pp->phylink); netif_tx_start_all_queues(pp->dev); -@@ -3542,8 +3540,7 @@ static int mvneta_cpu_online(unsigned in +@@ -3541,8 +3539,7 @@ static int mvneta_cpu_online(unsigned in on_each_cpu(mvneta_percpu_unmask_interrupt, pp, true); mvreg_write(pp, MVNETA_INTR_MISC_MASK, MVNETA_CAUSE_PHY_STATUS_CHANGE | @@ -44,7 +44,7 @@ Signed-off-by: Russell King netif_tx_start_all_queues(pp->dev); spin_unlock(&pp->lock); return 0; -@@ -3584,8 +3581,7 @@ static int mvneta_cpu_dead(unsigned int +@@ -3583,8 +3580,7 @@ static int mvneta_cpu_dead(unsigned int on_each_cpu(mvneta_percpu_unmask_interrupt, pp, true); mvreg_write(pp, MVNETA_INTR_MISC_MASK, MVNETA_CAUSE_PHY_STATUS_CHANGE | diff --git a/target/linux/mvebu/patches-4.14/406-net-mvneta-add-module-EEPROM-reading-support.patch b/target/linux/mvebu/patches-4.14/406-net-mvneta-add-module-EEPROM-reading-support.patch index 39eb33ac..7b0323b1 100644 --- a/target/linux/mvebu/patches-4.14/406-net-mvneta-add-module-EEPROM-reading-support.patch +++ b/target/linux/mvebu/patches-4.14/406-net-mvneta-add-module-EEPROM-reading-support.patch @@ -10,7 +10,7 @@ Signed-off-by: Russell King --- a/drivers/net/ethernet/marvell/mvneta.c +++ b/drivers/net/ethernet/marvell/mvneta.c -@@ -4045,6 +4045,22 @@ static int mvneta_ethtool_set_wol(struct +@@ -4044,6 +4044,22 @@ static int mvneta_ethtool_set_wol(struct return ret; } @@ -33,7 +33,7 @@ Signed-off-by: Russell King static int mvneta_ethtool_get_eee(struct net_device *dev, struct ethtool_eee *eee) { -@@ -4129,6 +4145,8 @@ static const struct ethtool_ops mvneta_e +@@ -4128,6 +4144,8 @@ static const struct ethtool_ops mvneta_e .set_link_ksettings = mvneta_ethtool_set_link_ksettings, .get_wol = mvneta_ethtool_get_wol, .set_wol = mvneta_ethtool_set_wol, diff --git a/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch b/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch index 19f8f1e6..539b816b 100644 --- a/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch +++ b/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch @@ -15,7 +15,7 @@ Signed-off-by: Russell King --- a/drivers/net/ethernet/marvell/mvneta.c +++ b/drivers/net/ethernet/marvell/mvneta.c -@@ -4045,22 +4045,6 @@ static int mvneta_ethtool_set_wol(struct +@@ -4044,22 +4044,6 @@ static int mvneta_ethtool_set_wol(struct return ret; } @@ -38,7 +38,7 @@ Signed-off-by: Russell King static int mvneta_ethtool_get_eee(struct net_device *dev, struct ethtool_eee *eee) { -@@ -4145,8 +4129,6 @@ static const struct ethtool_ops mvneta_e +@@ -4144,8 +4128,6 @@ static const struct ethtool_ops mvneta_e .set_link_ksettings = mvneta_ethtool_set_link_ksettings, .get_wol = mvneta_ethtool_get_wol, .set_wol = mvneta_ethtool_set_wol, diff --git a/target/linux/mvebu/patches-4.14/529-armada388-clearfog-enable-spi-flash.patch b/target/linux/mvebu/patches-4.14/529-armada388-clearfog-enable-spi-flash.patch new file mode 100644 index 00000000..7ec5b019 --- /dev/null +++ b/target/linux/mvebu/patches-4.14/529-armada388-clearfog-enable-spi-flash.patch @@ -0,0 +1,50 @@ +From bb683d7ad9d53442586cfdd0a79a6d6c1fec344e Mon Sep 17 00:00:00 2001 +From: Baruch Siach +Date: Thu, 28 Jun 2018 10:13:35 +0300 +Subject: [PATCH] ARM: dts: armada388-clearfog: enable spi flash + +The SolidRun Armada 388 SOM has the SPI flash populated by default +unless the customer explicitly asks otherwise. Enable support by +default. + +Signed-off-by: Baruch Siach +Acked-by: Russell King +Signed-off-by: Gregory CLEMENT +--- + arch/arm/boot/dts/armada-388-clearfog.dts | 2 +- + arch/arm/boot/dts/armada-388-clearfog.dtsi | 2 +- + arch/arm/boot/dts/armada-38x-solidrun-microsom.dtsi | 1 - + 3 files changed, 2 insertions(+), 3 deletions(-) + +--- a/arch/arm/boot/dts/armada-388-clearfog.dts ++++ b/arch/arm/boot/dts/armada-388-clearfog.dts +@@ -284,7 +284,7 @@ + &spi1 { + /* + * Add SPI CS pins for clearfog: +- * CS0: W25Q32 (not populated on uSOM) ++ * CS0: W25Q32 + * CS1: + * CS2: mikrobus + */ +--- a/arch/arm/boot/dts/armada-388-clearfog.dtsi ++++ b/arch/arm/boot/dts/armada-388-clearfog.dtsi +@@ -265,7 +265,7 @@ + &spi1 { + /* + * Add SPI CS pins for clearfog: +- * CS0: W25Q32 (not populated on uSOM) ++ * CS0: W25Q32 + * CS1: PIC microcontroller (Pro models) + * CS2: mikrobus + */ +--- a/arch/arm/boot/dts/armada-38x-solidrun-microsom.dtsi ++++ b/arch/arm/boot/dts/armada-38x-solidrun-microsom.dtsi +@@ -135,7 +135,6 @@ + compatible = "w25q32", "jedec,spi-nor"; + reg = <0>; /* Chip select 0 */ + spi-max-frequency = <3000000>; +- status = "disabled"; + }; + }; + diff --git a/target/linux/mxs/patches-4.14/110-crypto-mxsdcp-provide-importexport.patch b/target/linux/mxs/patches-4.14/110-crypto-mxsdcp-provide-importexport.patch index 4a1722a6..49e96d1e 100644 --- a/target/linux/mxs/patches-4.14/110-crypto-mxsdcp-provide-importexport.patch +++ b/target/linux/mxs/patches-4.14/110-crypto-mxsdcp-provide-importexport.patch @@ -1,6 +1,6 @@ --- a/drivers/crypto/mxs-dcp.c +++ b/drivers/crypto/mxs-dcp.c -@@ -833,6 +833,24 @@ static void dcp_sha_cra_exit(struct cryp +@@ -831,6 +831,24 @@ static void dcp_sha_cra_exit(struct cryp { } @@ -25,7 +25,7 @@ /* AES 128 ECB and AES 128 CBC */ static struct crypto_alg dcp_aes_algs[] = { { -@@ -892,8 +910,11 @@ static struct ahash_alg dcp_sha1_alg = { +@@ -890,8 +908,11 @@ static struct ahash_alg dcp_sha1_alg = { .final = dcp_sha_final, .finup = dcp_sha_finup, .digest = dcp_sha_digest, @@ -37,7 +37,7 @@ .base = { .cra_name = "sha1", .cra_driver_name = "sha1-dcp", -@@ -916,8 +937,11 @@ static struct ahash_alg dcp_sha256_alg = +@@ -914,8 +935,11 @@ static struct ahash_alg dcp_sha256_alg = .final = dcp_sha_final, .finup = dcp_sha_finup, .digest = dcp_sha_digest, diff --git a/target/linux/octeontx/patches-4.14/0001-net-thunderx-add-support-for-rgmii-internal-delay-mo.patch b/target/linux/octeontx/patches-4.14/0001-net-thunderx-add-support-for-rgmii-internal-delay-mo.patch index cf0f96dc..212b6ddd 100644 --- a/target/linux/octeontx/patches-4.14/0001-net-thunderx-add-support-for-rgmii-internal-delay-mo.patch +++ b/target/linux/octeontx/patches-4.14/0001-net-thunderx-add-support-for-rgmii-internal-delay-mo.patch @@ -27,7 +27,7 @@ Signed-off-by: Tim Harvey }; static struct bgx *bgx_vnic[MAX_BGX_THUNDER]; -@@ -841,12 +842,12 @@ static void bgx_poll_for_link(struct wor +@@ -850,12 +851,12 @@ static void bgx_poll_for_link(struct wor queue_delayed_work(lmac->check_link, &lmac->dwork, HZ * 2); } @@ -42,7 +42,7 @@ Signed-off-by: Tim Harvey return PHY_INTERFACE_MODE_SGMII; } -@@ -912,7 +913,8 @@ static int bgx_lmac_enable(struct bgx *b +@@ -921,7 +922,8 @@ static int bgx_lmac_enable(struct bgx *b if (phy_connect_direct(&lmac->netdev, lmac->phydev, bgx_lmac_handler, @@ -52,7 +52,7 @@ Signed-off-by: Tim Harvey return -ENODEV; phy_start(lmac->phydev); -@@ -1287,6 +1289,8 @@ static int bgx_init_of_phy(struct bgx *b +@@ -1296,6 +1298,8 @@ static int bgx_init_of_phy(struct bgx *b bgx->lmac[lmac].lmacid = lmac; phy_np = of_parse_phandle(node, "phy-handle", 0); @@ -61,7 +61,7 @@ Signed-off-by: Tim Harvey /* If there is no phy or defective firmware presents * this cortina phy, for which there is no driver * support, ignore it. -@@ -1390,7 +1394,6 @@ static int bgx_probe(struct pci_dev *pde +@@ -1441,7 +1445,6 @@ static int bgx_probe(struct pci_dev *pde bgx->max_lmac = 1; bgx->bgx_id = MAX_BGX_PER_CN81XX - 1; bgx_vnic[bgx->bgx_id] = bgx; @@ -69,7 +69,7 @@ Signed-off-by: Tim Harvey } /* On 81xx all are DLMs and on 83xx there are 3 BGX QLMs and one -@@ -1407,6 +1410,8 @@ static int bgx_probe(struct pci_dev *pde +@@ -1458,6 +1461,8 @@ static int bgx_probe(struct pci_dev *pde if (err) goto err_enable; @@ -77,10 +77,10 @@ Signed-off-by: Tim Harvey + xcv_init_hw(bgx->phy_mode); bgx_init_hw(bgx); - /* Enable all LMACs */ + bgx_register_intr(pdev); --- a/drivers/net/ethernet/cavium/thunder/thunder_bgx.h +++ b/drivers/net/ethernet/cavium/thunder/thunder_bgx.h -@@ -226,7 +226,7 @@ void bgx_lmac_internal_loopback(int node +@@ -235,7 +235,7 @@ void bgx_lmac_internal_loopback(int node void bgx_lmac_get_pfc(int node, int bgx_idx, int lmacid, void *pause); void bgx_lmac_set_pfc(int node, int bgx_idx, int lmacid, void *pause); diff --git a/target/linux/octeontx/patches-4.14/0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch b/target/linux/octeontx/patches-4.14/0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch deleted file mode 100644 index ef7aef3a..00000000 --- a/target/linux/octeontx/patches-4.14/0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch +++ /dev/null @@ -1,110 +0,0 @@ -From b1e7791e688620c9bb8476ac2d0bc99abeb7f825 Mon Sep 17 00:00:00 2001 -From: Tim Harvey -Date: Fri, 29 Dec 2017 16:48:04 -0800 -Subject: [PATCH] net: thunderx: workaround BGX TX Underflow issue - -While it is not yet understood why a TX underflow can easily occur -for SGMII interfaces resulting in a TX wedge. It has been found that -disabling/re-enabling the LMAC resolves the issue. - -Signed-off-by: Tim Harvey ---- - drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 54 +++++++++++++++++++++++ - drivers/net/ethernet/cavium/thunder/thunder_bgx.h | 9 ++++ - 2 files changed, 63 insertions(+) - ---- a/drivers/net/ethernet/cavium/thunder/thunder_bgx.c -+++ b/drivers/net/ethernet/cavium/thunder/thunder_bgx.c -@@ -1344,6 +1344,54 @@ static int bgx_init_phy(struct bgx *bgx) - return bgx_init_of_phy(bgx); - } - -+static irqreturn_t bgx_intr_handler(int irq, void *data) -+{ -+ struct bgx *bgx = (struct bgx *)data; -+ struct device *dev = &bgx->pdev->dev; -+ u64 status, val; -+ int lmac; -+ -+ for (lmac = 0; lmac < bgx->lmac_count; lmac++) { -+ status = bgx_reg_read(bgx, lmac, BGX_GMP_GMI_TXX_INT); -+ if (status & GMI_TXX_INT_UNDFLW) { -+ dev_err(dev, "BGX%d lmac%d UNDFLW\n", bgx->bgx_id, -+ lmac); -+ val = bgx_reg_read(bgx, lmac, BGX_CMRX_CFG); -+ val &= ~CMR_EN; -+ bgx_reg_write(bgx, lmac, BGX_CMRX_CFG, val); -+ val |= CMR_EN; -+ bgx_reg_write(bgx, lmac, BGX_CMRX_CFG, val); -+ } -+ /* clear interrupts */ -+ bgx_reg_write(bgx, lmac, BGX_GMP_GMI_TXX_INT, status); -+ } -+ -+ return IRQ_HANDLED; -+} -+ -+static int bgx_register_intr(struct pci_dev *pdev) -+{ -+ struct bgx *bgx = pci_get_drvdata(pdev); -+ struct device *dev = &pdev->dev; -+ int num_vec, ret; -+ char irq_name[32]; -+ -+ /* Enable MSI-X */ -+ num_vec = pci_msix_vec_count(pdev); -+ ret = pci_alloc_irq_vectors(pdev, num_vec, num_vec, PCI_IRQ_MSIX); -+ if (ret < 0) { -+ dev_err(dev, "Req for #%d msix vectors failed\n", num_vec); -+ return 1; -+ } -+ sprintf(irq_name, "BGX%d", bgx->bgx_id); -+ ret = request_irq(pci_irq_vector(pdev, GMPX_GMI_TX_INT), -+ bgx_intr_handler, 0, irq_name, bgx); -+ if (ret) -+ return 1; -+ -+ return 0; -+} -+ - static int bgx_probe(struct pci_dev *pdev, const struct pci_device_id *ent) - { - int err; -@@ -1414,6 +1462,8 @@ static int bgx_probe(struct pci_dev *pde - xcv_init_hw(bgx->phy_mode); - bgx_init_hw(bgx); - -+ bgx_register_intr(pdev); -+ - /* Enable all LMACs */ - for (lmac = 0; lmac < bgx->lmac_count; lmac++) { - err = bgx_lmac_enable(bgx, lmac); -@@ -1424,6 +1474,10 @@ static int bgx_probe(struct pci_dev *pde - bgx_lmac_disable(bgx, --lmac); - goto err_enable; - } -+ -+ /* enable TX FIFO Underflow interrupt */ -+ bgx_reg_modify(bgx, lmac, BGX_GMP_GMI_TXX_INT_ENA_W1S, -+ GMI_TXX_INT_UNDFLW); - } - - return 0; ---- a/drivers/net/ethernet/cavium/thunder/thunder_bgx.h -+++ b/drivers/net/ethernet/cavium/thunder/thunder_bgx.h -@@ -179,6 +179,15 @@ - #define BGX_GMP_GMI_TXX_BURST 0x38228 - #define BGX_GMP_GMI_TXX_MIN_PKT 0x38240 - #define BGX_GMP_GMI_TXX_SGMII_CTL 0x38300 -+#define BGX_GMP_GMI_TXX_INT 0x38500 -+#define BGX_GMP_GMI_TXX_INT_W1S 0x38508 -+#define BGX_GMP_GMI_TXX_INT_ENA_W1C 0x38510 -+#define BGX_GMP_GMI_TXX_INT_ENA_W1S 0x38518 -+#define GMI_TXX_INT_PTP_LOST BIT_ULL(4) -+#define GMI_TXX_INT_LATE_COL BIT_ULL(3) -+#define GMI_TXX_INT_XSDEF BIT_ULL(2) -+#define GMI_TXX_INT_XSCOL BIT_ULL(1) -+#define GMI_TXX_INT_UNDFLW BIT_ULL(0) - - #define BGX_MSIX_VEC_0_29_ADDR 0x400000 /* +(0..29) << 4 */ - #define BGX_MSIX_VEC_0_29_CTL 0x400008 diff --git a/target/linux/oxnas/base-files/init.d/set-irq-affinity b/target/linux/oxnas/base-files/etc/init.d/set-irq-affinity similarity index 100% rename from target/linux/oxnas/base-files/init.d/set-irq-affinity rename to target/linux/oxnas/base-files/etc/init.d/set-irq-affinity diff --git a/target/linux/oxnas/patches-4.14/996-generic-Mangle-bootloader-s-kernel-arguments.patch b/target/linux/oxnas/patches-4.14/996-generic-Mangle-bootloader-s-kernel-arguments.patch index d3b047f3..a06825f7 100644 --- a/target/linux/oxnas/patches-4.14/996-generic-Mangle-bootloader-s-kernel-arguments.patch +++ b/target/linux/oxnas/patches-4.14/996-generic-Mangle-bootloader-s-kernel-arguments.patch @@ -22,7 +22,7 @@ Signed-off-by: Adrian Panella --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig -@@ -1939,6 +1939,17 @@ config ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN +@@ -1934,6 +1934,17 @@ config ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN The command-line arguments provided by the boot loader will be appended to the the device tree bootargs property. diff --git a/target/linux/ramips/base-files/etc/board.d/01_leds b/target/linux/ramips/base-files/etc/board.d/01_leds index f3a4b452..9f22c667 100755 --- a/target/linux/ramips/base-files/etc/board.d/01_leds +++ b/target/linux/ramips/base-files/etc/board.d/01_leds @@ -403,7 +403,7 @@ xiaomi,mir3p) ;; xiaomi,rm2100) ucidef_set_led_netdev "internet" "internet" "$boardname:blue:internet" "eth0.2" - ;; + ;; xzwifi,creativebox-v1) ucidef_set_led_switch "internet" "internet" "$boardname:blue:internet" "switch0" "0x10" ;; diff --git a/target/linux/ramips/dts/ZBT-WE3526.dts b/target/linux/ramips/dts/ZBT-WE3526.dts index 30c941c9..7973626f 100644 --- a/target/linux/ramips/dts/ZBT-WE3526.dts +++ b/target/linux/ramips/dts/ZBT-WE3526.dts @@ -9,11 +9,6 @@ compatible = "zbtlink,zbt-we3526", "mediatek,mt7621-soc"; model = "ZBT-WE3526"; - memory@0 { - device_type = "memory"; - reg = <0x0 0x1c000000>, <0x20000000 0x4000000>; - }; - chosen { bootargs = "console=ttyS0,115200"; }; diff --git a/target/linux/ramips/dts/ZBT-WG2626.dts b/target/linux/ramips/dts/ZBT-WG2626.dts index 4ceee9bd..ca2044f7 100644 --- a/target/linux/ramips/dts/ZBT-WG2626.dts +++ b/target/linux/ramips/dts/ZBT-WG2626.dts @@ -16,11 +16,6 @@ led-upgrade = &led_status; }; - memory@0 { - device_type = "memory"; - reg = <0x0 0x1c000000>, <0x20000000 0x4000000>; - }; - chosen { bootargs = "console=ttyS0,115200"; }; diff --git a/target/linux/ramips/dts/ZBT-WG3526.dtsi b/target/linux/ramips/dts/ZBT-WG3526.dtsi index 0cf94d57..87999b1e 100644 --- a/target/linux/ramips/dts/ZBT-WG3526.dtsi +++ b/target/linux/ramips/dts/ZBT-WG3526.dtsi @@ -13,11 +13,6 @@ led-upgrade = &led_status; }; - memory@0 { - device_type = "memory"; - reg = <0x0 0x1c000000>, <0x20000000 0x4000000>; - }; - chosen { bootargs = "console=ttyS0,115200"; }; diff --git a/target/linux/ramips/dts/kn.dts b/target/linux/ramips/dts/kn.dts index 1f9928e5..baa24a96 100644 --- a/target/linux/ramips/dts/kn.dts +++ b/target/linux/ramips/dts/kn.dts @@ -48,7 +48,7 @@ partition@50000 { compatible = "denx,uimage"; label = "firmware"; - reg = <0x50000 0x3b0000>; + reg = <0x50000 0x7b0000>; }; }; }; diff --git a/target/linux/ramips/image/mt7621.mk b/target/linux/ramips/image/mt7621.mk index f3ef43df..521b90df 100644 --- a/target/linux/ramips/image/mt7621.mk +++ b/target/linux/ramips/image/mt7621.mk @@ -298,7 +298,7 @@ define Device/xiaomi_mir3g endef TARGET_DEVICES += xiaomi_mir3g -define Device/xiaomi_mir4 +define Device/xiaomi_mi-router-4 DTS := MIR4 BLOCKSIZE := 128k PAGESIZE := 2048 diff --git a/target/linux/ramips/image/rt305x.mk b/target/linux/ramips/image/rt305x.mk index f59a7489..6413c4c4 100644 --- a/target/linux/ramips/image/rt305x.mk +++ b/target/linux/ramips/image/rt305x.mk @@ -342,7 +342,6 @@ define Device/f7c027 DTS := F7C027 IMAGE_SIZE := 7616k DEVICE_TITLE := Belkin F7C027 - DEVICE_PACKAGES := -kmod-usb-core -kmod-usb-dwc2 -kmod-usb-ledtrig-usbport endef TARGET_DEVICES += f7c027 @@ -905,10 +904,9 @@ TARGET_DEVICES += xdxrn502j define Device/kn DTS := kn BLOCKSIZE := 64k - IMAGE_SIZE := $(ralink_default_fw_size_4M) + IMAGE_SIZE := 7872k DEVICE_TITLE := ZyXEL Keenetic DEVICE_PACKAGES := kmod-usb-core kmod-usb2 kmod-usb-ehci kmod-usb-ledtrig-usbport - DEFAULT := n endef TARGET_DEVICES += kn diff --git a/target/linux/ramips/patches-4.14/0034-NET-multi-phy-support.patch b/target/linux/ramips/patches-4.14/0034-NET-multi-phy-support.patch index 5536e3f6..98ea5f55 100644 --- a/target/linux/ramips/patches-4.14/0034-NET-multi-phy-support.patch +++ b/target/linux/ramips/patches-4.14/0034-NET-multi-phy-support.patch @@ -49,8 +49,8 @@ Signed-off-by: John Crispin break; --- a/include/linux/phy.h +++ b/include/linux/phy.h -@@ -412,6 +412,7 @@ struct phy_device { - bool suspended; +@@ -414,6 +414,7 @@ struct phy_device { + bool suspended_by_mdio_bus; bool sysfs_links; bool loopback_enabled; + bool no_auto_carrier_off; diff --git a/target/linux/ramips/patches-4.14/0037-mtd-cfi-cmdset-0002-force-word-write.patch b/target/linux/ramips/patches-4.14/0037-mtd-cfi-cmdset-0002-force-word-write.patch index 478af4cb..39717bba 100644 --- a/target/linux/ramips/patches-4.14/0037-mtd-cfi-cmdset-0002-force-word-write.patch +++ b/target/linux/ramips/patches-4.14/0037-mtd-cfi-cmdset-0002-force-word-write.patch @@ -52,7 +52,7 @@ Subject: [PATCH 37/53] mtd: cfi cmdset 0002 force word write static int __xipram do_write_buffer(struct map_info *map, struct flchip *chip, unsigned long adr, const u_char *buf, int len) -@@ -1926,7 +1931,6 @@ static int __xipram do_write_buffer(stru +@@ -1930,7 +1935,6 @@ static int __xipram do_write_buffer(stru return ret; } @@ -60,7 +60,7 @@ Subject: [PATCH 37/53] mtd: cfi cmdset 0002 force word write static int cfi_amdstd_write_buffers(struct mtd_info *mtd, loff_t to, size_t len, size_t *retlen, const u_char *buf) { -@@ -2001,6 +2005,7 @@ static int cfi_amdstd_write_buffers(stru +@@ -2005,6 +2009,7 @@ static int cfi_amdstd_write_buffers(stru return 0; } diff --git a/target/linux/tegra/Makefile b/target/linux/tegra/Makefile index 57cb902c..5f6cec4d 100644 --- a/target/linux/tegra/Makefile +++ b/target/linux/tegra/Makefile @@ -11,7 +11,7 @@ BOARD := tegra BOARDNAME := NVIDIA Tegra FEATURES := audio boot-part display ext4 fpu gpio pci pcie rootfs-part rtc squashfs usb CPU_TYPE := cortex-a9 -CPU_SUBTYPE := vfpv3 +CPU_SUBTYPE := vfpv3-d16 MAINTAINER := Tomasz Maciej Nowak KERNEL_PATCHVER := 4.14 diff --git a/tools/Makefile b/tools/Makefile index f7ecb77d..d7207ba8 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -28,7 +28,6 @@ tools-y += firmware-utils patch-image quilt padjffs2 tools-y += mm-macros missing-macros cmake scons bc findutils gengetopt patchelf tools-y += mtools dosfstools libressl tools-$(CONFIG_TARGET_orion_generic) += wrt350nv2-builder upslug2 -tools-y += ucl upx tools-$(CONFIG_TARGET_x86) += qemu tools-$(CONFIG_TARGET_mxs) += elftosb sdimage tools-$(CONFIG_TARGET_ar71xx) += lzma-old @@ -42,7 +41,6 @@ tools-$(CONFIG_TARGET_apm821xx)$(CONFIG_TARGET_gemini) += genext2fs tools-$(CONFIG_TARGET_tegra) += cbootimage cbootimage-configs # builddir dependencies -$(curdir)/upx/compile := $(curdir)/ucl/compile $(curdir)/bison/compile := $(curdir)/flex/compile $(curdir)/flex/compile := $(curdir)/libtool/compile $(curdir)/libtool/compile := $(curdir)/m4/compile $(curdir)/autoconf/compile $(curdir)/automake/compile $(curdir)/missing-macros/compile diff --git a/tools/firmware-utils/src/mkrasimage.c b/tools/firmware-utils/src/mkrasimage.c index 8eee29cc..8d830ead 100644 --- a/tools/firmware-utils/src/mkrasimage.c +++ b/tools/firmware-utils/src/mkrasimage.c @@ -315,6 +315,16 @@ int build_image() map_file(&kernel); map_file(&rootfs); + /* As ZyXEL Web-GUI only accept images with a rootfs equal or larger than the first firmware shipped + * for the device, we need to pad rootfs partition to this size. To perform further calculations, we + * decide the size of this part here. In case the rootfs we want to integrate in our image is larger, + * take it's size, otherwise the supplied size. + * + * Be careful! We rely on assertion of correct size to be performed beforehand. It is unknown if images + * with a to large rootfs are accepted or not. + */ + rootfs_out.size = rootfs_size < rootfs.size ? rootfs.size : rootfs_size; + /* * Allocate memory and copy input rootfs for temporary output rootfs. * This is important as we have to generate the rootfs checksum over the @@ -446,14 +456,5 @@ int main(int argc, char *argv[]) if (ret) usage(EXIT_FAILURE); - /* As ZyXEL Web-GUI only accept images with a rootfs equal or larger than the first firmware shipped - * for the device, we need to pad rootfs partition to this size. To perform further calculations, we - * decide the size of this part here. In case the rootfs we want to integrate in our image is larger, - * take it's size, otherwise the supplied size. - * - * Be careful! We rely on assertion of correct size to be performed beforehand. It is unknown if images - * with a to large rootfs are accepted or not. - */ - rootfs_out.size = rootfs_size < rootfs.size ? rootfs.size : rootfs_size; return build_image(); } diff --git a/tools/firmware-utils/src/tplink-safeloader.c b/tools/firmware-utils/src/tplink-safeloader.c index 1c5792f7..b6ad5c08 100644 --- a/tools/firmware-utils/src/tplink-safeloader.c +++ b/tools/firmware-utils/src/tplink-safeloader.c @@ -799,6 +799,42 @@ static struct device_info boards[] = { .last_sysupgrade_partition = "file-system", }, + /** Firmware layout for the C60v3 */ + { + .id = "ARCHER-C60-V3", + .vendor = "", + .support_list = + "SupportList:\r\n" + "{product_name:Archer C60,product_ver:3.0.0,special_id:42520000}\r\n" + "{product_name:Archer C60,product_ver:3.0.0,special_id:45550000}\r\n" + "{product_name:Archer C60,product_ver:3.0.0,special_id:55530000}\r\n", + .support_trail = '\x00', + .soft_ver = "soft_ver:3.0.0\n", + + .partitions = { + {"factory-boot", 0x00000, 0x1fb00}, + {"default-mac", 0x1fb00, 0x00200}, + {"pin", 0x1fd00, 0x00100}, + {"product-info", 0x1fe00, 0x00100}, + {"device-id", 0x1ff00, 0x00100}, + {"fs-uboot", 0x20000, 0x10000}, + {"firmware", 0x30000, 0x7a0000}, + {"soft-version", 0x7d9500, 0x00100}, + {"support-list", 0x7d9600, 0x00100}, + {"extra-para", 0x7d9700, 0x00100}, + {"profile", 0x7d9800, 0x03000}, + {"default-config", 0x7dc800, 0x03000}, + {"partition-table", 0x7df800, 0x00800}, + {"user-config", 0x7e0000, 0x0c000}, + {"certificate", 0x7ec000, 0x04000}, + {"radio", 0x7f0000, 0x10000}, + {NULL, 0, 0} + }, + + .first_sysupgrade_partition = "os-image", + .last_sysupgrade_partition = "file-system", + }, + /** Firmware layout for the C5 */ { .id = "ARCHER-C5-V2", @@ -1835,6 +1871,7 @@ static void build_image(const char *output, strcasecmp(info->id, "ARCHER-C25-V1") == 0 || strcasecmp(info->id, "ARCHER-C59-V2") == 0 || strcasecmp(info->id, "ARCHER-C60-V2") == 0 || + strcasecmp(info->id, "ARCHER-C60-V3") == 0 || strcasecmp(info->id, "TLWR1043NV5") == 0) { const char mdat[11] = {0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00}; parts[5] = put_data("extra-para", mdat, 11); diff --git a/tools/squashfskit4/Makefile b/tools/squashfskit4/Makefile index 4808c560..396a7c0e 100644 --- a/tools/squashfskit4/Makefile +++ b/tools/squashfskit4/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=squashfskit4 PKG_VERSION:=4.14 - +PKG_RELEASE:=2 PKG_SOURCE:=squashfskit-v$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/squashfskit/squashfskit/releases/download/v$(PKG_VERSION)/ PKG_HASH:=5761aaa3aedc4f7112b708367d891c9abdc1ffea972e3fe47923ddba23984d95 diff --git a/tools/squashfskit4/patches/0002-fix-build-failure-against-gcc-10.patch b/tools/squashfskit4/patches/0002-fix-build-failure-against-gcc-10.patch new file mode 100644 index 00000000..46c6a5ea --- /dev/null +++ b/tools/squashfskit4/patches/0002-fix-build-failure-against-gcc-10.patch @@ -0,0 +1,43 @@ +From fe2f5da4b0f8994169c53e84b7cb8a0feefc97b5 Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich +Date: Sun, 26 Jan 2020 18:35:13 +0000 +Subject: [PATCH] squashfs-tools: fix build failure against gcc-10 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +On gcc-10 (and gcc-9 -fno-common) build fails as: + +``` +cc ... -o mksquashfs +ld: read_fs.o:(.bss+0x0): + multiple definition of `fwriter_buffer'; mksquashfs.o:(.bss+0x400c90): first defined here +ld: read_fs.o:(.bss+0x8): + multiple definition of `bwriter_buffer'; mksquashfs.o:(.bss+0x400c98): first defined here +``` + +gcc-10 will change the default from -fcommon to fno-common: +https://gcc.gnu.org/PR85678. + +The error also happens if CFLAGS=-fno-common passed explicitly. + +Reported-by: Toralf Förster +Bug: https://bugs.gentoo.org/706456 +Signed-off-by: Sergei Trofimovich +--- + squashfs-tools/mksquashfs.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/squashfs-tools/mksquashfs.h b/squashfs-tools/mksquashfs.h +index 1beefef7..b6503063 100644 +--- a/squashfs-tools/mksquashfs.h ++++ b/squashfs-tools/mksquashfs.h +@@ -143,7 +143,7 @@ struct append_file { + #endif + + extern struct cache *reader_buffer, *fragment_buffer, *reserve_cache; +-struct cache *bwriter_buffer, *fwriter_buffer; ++extern struct cache *bwriter_buffer, *fwriter_buffer; + extern struct queue *to_reader, *to_deflate, *to_writer, *from_writer, + *to_frag, *locked_fragment, *to_process_frag; + extern struct append_file **file_mapping; diff --git a/tools/ucl/Makefile b/tools/ucl/Makefile deleted file mode 100644 index 9fb9aec1..00000000 --- a/tools/ucl/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# -# Copyright (C) 2019 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# -include $(TOPDIR)/rules.mk - -PKG_NAME:=ucl -PKG_VERSION:=1.03 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=http://www.oberhumer.com/opensource/ucl/download/$(PKG_SOURCE) -PKG_HASH:=b865299ffd45d73412293369c9754b07637680e5c826915f097577cd27350348 - -HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)-$(PKG_VERSION) - -include $(INCLUDE_DIR)/host-build.mk - -HOSTCC :=gcc -HOST_CFLAGS +=-std=gnu89 - -define Host/Prepare - $(Host/Prepare/Default) - mkdir -p $(STAGING_DIR_HOST)/include/ucl -endef - -define Host/Configure - (cd $(HOST_BUILD_DIR); \ - CC="$(HOSTCC)" \ - CFLAGS="$(HOST_CFLAGS)" \ - ./configure --prefix=$(STAGING_DIR_HOST) \ - ); - $(call Host/Configure/Default) -endef - -define Host/Compile - $(MAKE) -C $(HOST_BUILD_DIR) -endef - -define Host/Install - $(MAKE) -C $(HOST_BUILD_DIR) install -endef - -define Host/Clean - $(MAKE) -C $(HOST_BUILD_DIR) uninstall - rm -rf $(HOST_BUILD_DIR) - rm -rf $(STAGING_DIR_HOST)/include/ucl -endef - -$(eval $(call HostBuild)) diff --git a/tools/upx/Makefile b/tools/upx/Makefile deleted file mode 100644 index fbf1dfbd..00000000 --- a/tools/upx/Makefile +++ /dev/null @@ -1,35 +0,0 @@ -# -# Copyright (C) 2011-2020 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# -include $(TOPDIR)/rules.mk - -PKG_NAME:=upx -PKG_VERSION:=3.95 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-src.tar.xz -PKG_SOURCE_URL:=https://github.com/upx/upx/releases/download/v$(PKG_VERSION) -PKG_HASH:=3b0f55468d285c760fcf5ea865a070b27696393002712054c69ff40d8f7f5592 - -HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)-$(PKG_VERSION)-src - -include $(INCLUDE_DIR)/host-build.mk - -define Host/Compile - UPX_UCLDIR=$(STAGING_DIR_HOST) \ - $(MAKE) -C $(HOST_BUILD_DIR)/src \ - CXXFLAGS_WERROR="" LDFLAGS="$(HOST_LDFLAGS)" \ - CXX="$(HOSTCXX)" -endef - -define Host/Install - $(CP) $(HOST_BUILD_DIR)/src/upx.out $(STAGING_DIR_HOST)/bin/upx -endef - -define Host/Clean - rm -f $(STAGING_DIR_HOST)/bin/upx -endef - -$(eval $(call HostBuild)) diff --git a/version b/version index 551e99bd..802b91a5 100644 --- a/version +++ b/version @@ -1 +1 @@ -r10947-65030d81f3 +r11063-85e04e9f46 diff --git a/version.date b/version.date index 9bbd665e..7216140e 100644 --- a/version.date +++ b/version.date @@ -1 +1 @@ -1582837512 +1589653940