API tools faq
paste
Advertisement
Ubeavis

afer_fw work_config_2

Ubeavis
Jun 29th, 2020
47
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.16 KB | None | 0 0
raw download clone embed print report diff
  1. #!/bin/sh
  2.  
  3. ### Custom user script
  4. ### Called after internal iptables reconfig (firewall update)
  5.  
  6. # ICMP filter rules - для модема можно убрать
  7. # iptables -t raw -N icmpcheck
  8. # iptables -t raw -I icmpcheck -j DROP
  9. # iptables -t raw -I icmpcheck -p icmp -m icmp --icmp-type 12/0 -j RETURN
  10. # iptables -t raw -I icmpcheck -p icmp -m icmp --icmp-type 4/0 -j RETURN
  11. # iptables -t raw -I icmpcheck -p icmp -m icmp --icmp-type 3/4 -j RETURN
  12. # iptables -t raw -I icmpcheck -p icmp -m icmp --icmp-type 0 -j RETURN
  13. # iptables -t raw -I icmpcheck -p icmp -m icmp --icmp-type 11/0 -j RETURN
  14. # iptables -t raw -I icmpcheck -p icmp -m icmp --icmp-type 3/0 -j RETURN
  15. # iptables -t raw -I icmpcheck -p icmp -m icmp --icmp-type 3/1 -j RETURN
  16. # iptables -t raw -I PREROUTING ! -i br0 -p icmp -j icmpcheck
  17.  
  18. # DNS redirect to router
  19. iptables -t nat -I PREROUTING -i br0 -p udp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
  20. # по TCP обычно никто на запрашивает DNS
  21. # iptables -t nat -I PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
  22.  
  23. # интересная и полезная строчка для модема
  24. # iptables -I FORWARD 2 ! -o br0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1280
  25.  
  26. # iptables -t mangle -I POSTROUTING -s 192.168.5.0/24 -o weth0 -j TTL --ttl-set 65
  27.  
  28. iptables -t nat -D PREROUTING 2
  29. iptables -D INPUT 7
  30.  
  31. sleep 20
  32.  
  33. URLS=" \
  34. http://adaway.org/hosts.txt \
  35. http://winhelp2002.mvps.org/hosts.txt \
  36. http://mirror.cedia.org.ec/malwaredomains/domains.hosts \
  37. https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext \
  38. https://www.malwaredomainlist.com/hostslist/hosts.txt \
  39. https://zerodot1.gitlab.io/CoinBlockerLists/hosts \
  40. /"
  41.  
  42. wget --user-agent="Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" -T40 -q -O- $URLS | grep -v "^#" | cut -d "#" -f 1 | sed 's/127\.0\.0\.1/0\.0\.0\.0/' | grep "^0.0.0.0" | sed 's/ */ /g' | sed 's/\t/ /g' |sed 's/\r//' | cut -d " " -f 1,2 | tr A-Z a-z | sort | uniq > /tmp/hosts
  43. sed -i '/0.0.0.0 localhost/d' /tmp/hosts
  44. sed -i '/0.0.0.0 localhost.localdomain/d' /tmp/hosts
  45. sed -i '/0.0.0.0 www.booking.com/d' /tmp/hosts
  46. sed -i '/0.0.0.0 www.c.booking.com/d' /tmp/hosts
  47. sed -i '/0.0.0.0 s-ec.bstatic.com/d' /tmp/hosts
  48. sed -i '/0.0.0.0 t-ec.bstatic.com/d' /tmp/hosts
  49. sed -i '/0.0.0.0 cs715.wac.edgecastcdn.net/d' /tmp/hosts
  50. sed -i '/0.0.0.0 cs716.wac.edgecastcdn.net/d' /tmp/hosts
  51. sed -i '/0.0.0.0 tags.tiqcdn.com/d' /tmp/hosts
  52. sed -i '/0.0.0.0 ad.admitad.com/d' /tmp/hosts
  53. sed -i '/0.0.0.0 api.cc.skype.com/d' /tmp/hosts
  54. sed -i '/0.0.0.0 api.mcr.skype.com/d' /tmp/hosts
  55. sed -i '/0.0.0.0 api.skype.com/d' /tmp/hosts
  56. sed -i '/0.0.0.0 avatar.skype.com/d' /tmp/hosts
  57. sed -i '/0.0.0.0 b.config.skype.com/d' /tmp/hosts
  58. sed -i '/0.0.0.0 client-s.gateway.messenger.live.com/d' /tmp/hosts
  59. sed -i '/0.0.0.0 contacts.skype.com/d' /tmp/hosts
  60. sed -i '/0.0.0.0 dev.microsofttranslator.com/d' /tmp/hosts
  61. sed -i '/0.0.0.0 diagnostics.support.microsoft.akadns.net/d' /tmp/hosts
  62. sed -i '/0.0.0.0 diagnostics.support.microsoft.com/d' /tmp/hosts
  63. sed -i '/0.0.0.0 edge.skype.com/d' /tmp/hosts
  64. sed -i '/0.0.0.0 m.hotmail.com/d' /tmp/hosts
  65. sed -i '/0.0.0.0 mobile.pipe.aria.microsoft.com/d' /tmp/hosts
  66. sed -i '/0.0.0.0 msftncsi.com/d' /tmp/hosts
  67. sed -i '/0.0.0.0 msg.skype.com/d' /tmp/hosts
  68. sed -i '/0.0.0.0 next-services.apps.microsoft.com/d' /tmp/hosts
  69. sed -i '/0.0.0.0 nexus.officeapps.live.com/d' /tmp/hosts
  70. sed -i '/0.0.0.0 profile.skype.com/d' /tmp/hosts
  71. sed -i '/0.0.0.0 s.gateway.messenger.live.com/d' /tmp/hosts
  72. sed -i '/0.0.0.0 skype.net/d' /tmp/hosts
  73. sed -i '/0.0.0.0 ui.skype.com/d' /tmp/hosts
  74. sed -i '/0.0.0.0 www.msftncsi.com/d' /tmp/hosts
  75. sed -i '/0.0.0.0 stat.online.sberbank.ru/d' /tmp/hosts
  76. sed -i '/0.0.0.0 s.click.aliexpress.com/d' /tmp/hosts
  77. sed -i '/0.0.0.0 star-mini.c10r.facebook.com/d' /tmp/hosts
  78. sed -i '/0.0.0.0 connect.facebook.net/d' /tmp/hosts
  79. sed -i '/0.0.0.0 graph.facebook.com/d' /tmp/hosts
  80. sed -i '/0.0.0.0 cdn.siftscience.com/d' /tmp/hosts
  81. sed -i '/0.0.0.0 ct.pinterest.com/d' /tmp/hosts
  82. sed -i '/0.0.0.0 api.pinterest.com/d' /tmp/hosts
  83. sed -i '/0.0.0.0 log.pinterest.com/d' /tmp/hosts
  84. sed -i '/0.0.0.0 widgets.pinterest.com/d' /tmp/hosts
  85. sed -i '/0.0.0.0 clck.yandex.ru/d' /tmp/hosts
  86. sed -i '/0.0.0.0 mc.yandex.ru/d' /tmp/hosts
  87. sed -i '/0.0.0.0 cdn.yandex.net/d' /tmp/hosts
  88. sed -i '/0.0.0.0 yandex.ru/d' /tmp/hosts
  89. sed -i '/0.0.0.0 money.yandex.ru/d' /tmp/hosts
  90. sed -i '/0.0.0.0 yastatic.net/d' /tmp/hosts
  91. sed -i '/0.0.0.0 analytics.mobile.yandex.net/d' /tmp/hosts
  92. sed -i '/0.0.0.0 informer.yandex.ru/d' /tmp/hosts
  93. sed -i '/0.0.0.0 r.mail.ru/d' /tmp/hosts
  94. sed -i '/0.0.0.0 c.fa.jd.com/d' /tmp/hosts
  95. sed -i '/0.0.0.0 whale.jd.com/d' /tmp/hosts
  96. sed -i '/0.0.0.0 saturn.jd.com/d' /tmp/hosts
  97. sed -i '/0.0.0.0 static.360buyimg.com/d' /tmp/hosts
  98. sed -i '/0.0.0.0 static.criteo.net/d' /tmp/hosts
  99. sed -i '/0.0.0.0 s.go-mpulse.net/d' /tmp/hosts
  100. sed -i '/0.0.0.0 ciuvo.com/d' /tmp/hosts
  101. sed -i '/0.0.0.0 gia.jd.com/d' /tmp/hosts
  102. sed -i '/0.0.0.0 t.paypal.com/d' /tmp/hosts
  103. sed -i '/0.0.0.0 b.stats.paypal.com/d' /tmp/hosts
  104. sed -i '/0.0.0.0 l.deals.ebay.com/d' /tmp/hosts
  105. sed -i '/0.0.0.0 stats.ebay.com/d' /tmp/hosts
  106. sed -i '/0.0.0.0 rover.ebay.com/d' /tmp/hosts
  107. sed -i '/0.0.0.0 us1111.alicdn.com.edgekey.net/d' /tmp/hosts
  108. sed -i '/0.0.0.0 gj.mmstat.com/d' /tmp/hosts
  109. sed -i '/0.0.0.0 gm.mmstat.com/d' /tmp/hosts
  110. sed -i '/0.0.0.0 gm.gds.mmstat.com/d' /tmp/hosts
  111. sed -i '/0.0.0.0 ws.mmstat.com/d' /tmp/hosts
  112. sed -i '/0.0.0.0 gj.gds.mmstat.com/d' /tmp/hosts
  113. sed -i '/0.0.0.0 ynuf.alipay.com/d' /tmp/hosts
  114. sed -i '/0.0.0.0 ynuf.aliapp.com/d' /tmp/hosts
  115. sed -i '/0.0.0.0 log.gds.mmstat.com/d' /tmp/hosts
  116. sed -i '/0.0.0.0 perf.gds.mmstat.com/d' /tmp/hosts
  117. sed -i '/0.0.0.0 c.go-mpulse.net/d' /tmp/hosts
  118. sed -i '/0.0.0.0 oneid.mmstat.com/d' /tmp/hosts
  119. sed -i '/0.0.0.0 gm.mmstat.com/d' /tmp/hosts
  120. sed -i '/0.0.0.0 log.mmstat.com/d' /tmp/hosts
  121. sed -i '/0.0.0.0 perf.mmstat.com/d' /tmp/hosts
  122. sed -i '/0.0.0.0 ynuf.mmstat.com/d' /tmp/hosts
  123. sed -i '/0.0.0.0 dmtracking2.alibaba.com/d' /tmp/hosts
  124. sed -i '/0.0.0.0 cmap.alibaba.com/d' /tmp/hosts
  125. sed -i '/0.0.0.0 us.ynuf.aliapp.org/d' /tmp/hosts
  126. sed -i '/0.0.0.0 nocn-ru-aebridge.aliexpress.com/d' /tmp/hosts
  127. sed -i '/0.0.0.0 nocn-ru-aebridge.aliexpress.com.gds.alibabadns.com/d' /tmp/hosts
  128. sed -i '/0.0.0.0 sa-aebridge.aliexpress.com/d' /tmp/hosts
  129. sed -i '/0.0.0.0 sa-aebridge.aliexpress.com.gds.alibabadns.com/d' /tmp/hosts
  130. sed -i '/0.0.0.0 e1429.x.akamaiedge.net/d' /tmp/hosts
  131. sed -i '/0.0.0.0 ocsp.comodoca.com/d' /tmp/hosts
  132. sed -i '/0.0.0.0 ocsp.comodoca.com.edgesuite.net/d' /tmp/hosts
  133. sed -i '/0.0.0.0 a652.dscb.akamai.net/d' /tmp/hosts
  134. sed -i '/0.0.0.0 report-uri.cloudflare.com/d' /tmp/hosts
  135. sed -i '/0.0.0.0 www.ojrq.net/d' /tmp/hosts
  136. sed -i '/0.0.0.0 letyshops.com/d' /tmp/hosts
  137. sed -i '/0.0.0.0 pochta.ru/d' /tmp/hosts
  138. sed -i '/0.0.0.0 www.pochta.ru/d' /tmp/hosts
  139. sed -i '/0.0.0.0 youtube.com/d' /tmp/hosts
  140. sed -i '/0.0.0.0 www.youtube.com/d' /tmp/hosts
  141. sed -i '/0.0.0.0 youtube-ui.l.google.com/d' /tmp/hosts
  142. sed -i '/0.0.0.0 www.google-analytics.com/d' /tmp/hosts
  143. sed -i '/0.0.0.0 www-google-analytics.l.google.com/d' /tmp/hosts
  144. sed -i '/0.0.0.0 ytstatic.l.google.com/d' /tmp/hosts
  145. sed -i '/0.0.0.0 google-analytics.com/d' /tmp/hosts
  146. sed -i '/0.0.0.0 ssl.google-analytics.com/d' /tmp/hosts
  147. sed -i '/0.0.0.0 ssl-google-analytics.l.google.com/d' /tmp/hosts
  148. sed -i '/0.0.0.0 analytics.google.com/d' /tmp/hosts
  149. sed -i '/0.0.0.0 id.google.com/d' /tmp/hosts
  150. sed -i '/0.0.0.0 connectivitycheck.gstatic.com/d' /tmp/hosts
  151. sed -i '/0.0.0.0 accounts.google.com/d' /tmp/hosts
  152. sed -i '/0.0.0.0 myaccount.google.com/d' /tmp/hosts
  153. sed -i '/0.0.0.0 hangouts.google.com/d' /tmp/hosts
  154. sed -i '/0.0.0.0 www3.l.google.com/d' /tmp/hosts
  155. sed -i '/0.0.0.0 plus.l.google.com/d' /tmp/hosts
  156. sed -i '/0.0.0.0 fonts.gstatic.com/d' /tmp/hosts
  157. sed -i '/0.0.0.0 fonts.googleapis.com/d' /tmp/hosts
  158. sed -i '/0.0.0.0 gstaticadssl.l.google.com/d' /tmp/hosts
  159. sed -i '/0.0.0.0 googleadapis.l.google.com/d' /tmp/hosts
  160. sed -i '/0.0.0.0 googlehosted.l.googleusercontent.com/d' /tmp/hosts
  161. sed -i '/0.0.0.0 photos-ugc.l.googleusercontent.com/d' /tmp/hosts
  162. sed -i '/0.0.0.0 redirector.gvt1.com/d' /tmp/hosts
  163. sed -i '/0.0.0.0 platform-lookaside.fbsbx.com/d' /tmp/hosts
  164. sed -i '/0.0.0.0 dualstack.com.imgix.map.fastly.net/d' /tmp/hosts
  165. sed -i '/0.0.0.0 massdrop-s3.imgix.net/d' /tmp/hosts
  166. sed -i '/0.0.0.0 badges.instagram.com/d' /tmp/hosts
  167. sed -i '/0.0.0.0 graph.instagram.com/d' /tmp/hosts
  168. sed -i '/0.0.0.0 ocsp.apple.com/d' /tmp/hosts
  169. sed -i '/0.0.0.0 world-gen.g.aaplimg.com/d' /tmp/hosts
  170. sed -i '/0.0.0.0 www.lightinthebox.com/d' /tmp/hosts
  171. sed -i '/0.0.0.0 c.media-amazon.com/d' /tmp/hosts
  172. sed -i '/0.0.0.0 m.media-amazon.com/d' /tmp/hosts
  173. sed -i '/0.0.0.0 autolinkmaker.itunes.apple.com/d' /tmp/hosts
  174. sed -i '/0.0.0.0 littlebuddy.apple.com/d' /tmp/hosts
  175. sed -i '/0.0.0.0 images-na.ssl-images-amazon.com/d' /tmp/hosts
  176. sed -i '/0.0.0.0 a.lmcdn.ru/d' /tmp/hosts
  177. sed -i '/0.0.0.0 d.gcdn.co/d' /tmp/hosts
  178. sed -i '/0.0.0.0 iam.gcdn.co/d' /tmp/hosts
  179. sed -i '/0.0.0.0 js-agent.newrelic.com/d' /tmp/hosts
  180. sed -i '/0.0.0.0 cdn.livechatinc.com/d' /tmp/hosts
  181. sed -i '/0.0.0.0 lu.api.mega.co.nz/d' /tmp/hosts
  182. sed -i '/0.0.0.0 www.ant.com/d' /tmp/hosts
  183. sed -i '/0.0.0.0 fresnel.vimeocdn.com/d' /tmp/hosts
  184. sed -i '/0.0.0.0 ocsp.digicert.com/d' /tmp/hosts
  185. sed -i '/0.0.0.0 cs9.wac.phicdn.net/d' /tmp/hosts
  186. sed -i '/0.0.0.0 secure.livechatinc.com/d' /tmp/hosts
  187. sed -i '/0.0.0.0 bitpay.com/d' /tmp/hosts
  188. sed -i '/0.0.0.0 cds.j3z9t3p6.hwcdn.net/d' /tmp/hosts
  189. sed -i '/0.0.0.0 app.getresponse.com/d' /tmp/hosts
  190. sed -i '/0.0.0.0 kssm.kuaipandata.com/d' /tmp/hosts
  191. sed -i '/0.0.0.0 www.turkishạirlines.com/d' /tmp/hosts
  192. sed -i '/0.0.0.0 ɢoogle.com/d' /tmp/hosts
  193. sed -i '/0.0.0.0 secret.ɢoogle.com/d' /tmp/hosts
  194. sed -i '/0.0.0.0 myètherwället.com/d' /tmp/hosts
  195. sed -i '/0.0.0.0 mÿethèrwallét.com/d' /tmp/hosts
  196. sed -i '/0.0.0.0 a.radikal.ru/d' /tmp/hosts
  197. sed -i '/0.0.0.0 cstatic.weborama.fr/d' /tmp/hosts
  198. sed -i '/0.0.0.0 displaycatalog.mp.microsoft.com/d' /tmp/hosts
  199. sed -i '/0.0.0.0 mediation.adnxs.com/d' /tmp/hosts
  200. sed -i '/0.0.0.0 pagead2.googlesyndication.com/d' /tmp/hosts
  201.  
  202. killall -SIGHUP dnsmasq
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!