发布于Software分类中的文章

Mar 05

本脚本适用于 DD-WRT 和 Tomato,来源于: https://git.losert.xyz/krypton/Scripts/tree/master

适用于 LEDE/OpenWRT 的脚本在: https://gist.github.com/lg/e91d1c5c9640d963e13dbb1901bb4396

#!/bin/sh

##############################################
# This script disconnects connected clients, #
# where the signal is below the configured   #
# signal.                                    #
##############################################
# v1.0                                       #
# maintained by Rene Losert  #
##############################################
DEV=$(nvram show 2>&1 |grep ifname|grep 'wl[01]'|cut -d"=" -f2)
SIGNAL="-80"
EXCLUDE="38:D5:47:62:F8:7A"
key="$1"

if [[ "$key" == "-d" ]]; then
	echo "Signal Threshold: $SIGNAL"
	echo "Connected Clients:"
fi

while true; do

date=$(date +"%a %b %e %H:%M:%S %Z %Y")

for current in $DEV; do
CLIENTS=$(/usr/sbin/wl -a $current assoclist)
	for MAC in $CLIENTS; do    # for loop for each client (MAC)
		if [ $MAC != "assoclist" ]; then
			SIG=$(/usr/sbin/wl -a $current rssi $MAC)
			if [[ "$key" == "-d" ]]; then echo "MAC: $MAC, Signal: $SIG"; fi
			if [[ ! "$MAC" = "$EXCLUDE" ]]; then
				if [ $SIG -lt $SIGNAL ]; then
					if [[ "$key" == "-d" ]]; then echo "$date: BELOW! Sending deauth to $MAC"; fi
					echo "$date: BELOW! Sending deauth to $MAC" >> /tmp/cleanup.log
					/usr/sbin/wl -a $current deauthenticate $MAC
				fi
			fi

		fi
	done
done

if [[ "$key" == "-d" ]]; then echo "-----------------------------------"; fi
#echo $date >> /tmp/cleanup.log
sleep 5
done

:!: :!: :!:


Mar 03

ProxyChain

这几个工具都支持带用户名密码认证的上级代理,代理可以是 socks4/5,http-connect 等,glider 和 gost 还额外支持 ss,ssr 作为上级代理,但是对用户名密码或者附加参数中带‘@’号处理有些问题。

还需要注意,代理链中的第二级代理(最后一级?),‘必须’要具有外网 IP ,不然很容易失败。(这也是为什么要求支持用户名密码认证)

范例:
本地代理监听 0.0.0.0:7777 端口,上级两个代理级联(代理链),第一代理为: 192.168.2.20:7575 ,第二代理为:1.1.1.1:10086 (用户名 user , 密码 passwd)

gost:(https://github.com/ginuerzh/gost)

gost -L=:7777 -F=socks5://192.168.2.20:7575 -F=socks5://user:passwd@1.1.1.1:10086 -D

glider: (https://github.com/nadoo/glider)

glider -listen 0.0.0.0:7777 -forward socks5://192.168.2.20:7575,socks5://user:passwd@1.1.1.1:10086 -verbose

proxychains+microsocks (https://github.com/rofl0r/proxychains-ng, https://github.com/rofl0r/microsocks)

proxychains 配置文件:
strict_chain
proxy_dns
remote_dns_subnet 224
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
socks5 192.168.2.20 7575
socks5 1.1.1.1 10086 user passwd

命令行:
proxychains4 microsocks -p 7777

访问流程:
客户端请求-->SOCKS5:7777-->SOCKS5:192.168.2.20:7575-->SOCKS5:1.1.1.1:10086-->远程服务

gost 启动很慢,内存占用极高,glider 比较均衡,这两个都是 golang 编写的;proxychains+microsocks 是 C 写的,占用最小,适合配置不高的设备,但是需要自己编译,配置稍显麻烦。


Feb 11

Upcycle Windows 7 petition image

Microsoft's support of Windows 7 is over, but its life doesn't have to end. We call on Microsoft to upcycle it instead.


Aug 29

ECS (edns-client-subnet)的支持上,国内 DNS派,国外 Google 支持最好,而 Overture 支持上发 EDNS 信息,基于这几个特点,可以在 VPS (无论在国内还是国外)建立一个 CDN 友好的 DNS 服务器。

国外 VPS 配置范例:

{
"BindAddress": ":5353",
"DebugHTTPAddress": "127.0.0.1:5555",
"PrimaryDNS": [
{
"Name": "DNSPaiS",
"Address": "218.30.118.6:53",
"Protocol": "udp",
"SOCKS5Address": "",
"Timeout": 6,
"EDNSClientSubnet": {
"Policy": "auto",
"ExternalIP": "223.73.56.110",
"NoCookie": true
}
},
{
"Name": "DNSPaiM",
"Address": "101.226.4.6:53",
"Protocol": "udp",
"SOCKS5Address": "",
"Timeout": 6,
"EDNSClientSubnet": {
"Policy": "auto",
"ExternalIP": "223.73.56.110",
"NoCookie": true
}
}
],
"AlternativeDNS": [
{
"Name": "GoogleM",
"Address": "8.8.8.8:53",
"Protocol": "udp",
"SOCKS5Address": "",
"Timeout": 3,
"EDNSClientSubnet": {
"Policy": "auto",
"ExternalIP": "223.73.56.110",
"NoCookie": true
}
},
{
"Name": "GoogleS",
"Address": "8.8.4.4:53",
"Protocol": "udp",
"SOCKS5Address": "",
"Timeout": 3,
"EDNSClientSubnet": {
"Policy": "auto",
"ExternalIP": "223.73.56.110",
"NoCookie": true
}
}
],
"OnlyPrimaryDNS": false,
"IPv6UseAlternativeDNS": false,
"WhenPrimaryDNSAnswerNoneUse": "PrimaryDNS",
"IPNetworkFile": {
"Primary": "./cn.zone",
"Alternative": "./ip_network_alternative_sample"
},
"DomainFile": {
"Primary": "./domain_primary_sample",
"Alternative": "./domain_alternative_sample",
"Matcher": "regex-list"
},
"HostsFile": "./hosts_sample",
"MinimumTTL": 0,
"DomainTTLFile" : "./domain_ttl_sample",
"CacheSize" : 10000,
"RejectQType": [255]
}

国内/路由器等配置范例:(注意与国外的主要差别,使用了 Google 的 DNS-Over-TLS,否则会被污染)

{
"BindAddress": "0.0.0.0:5554",
"DebugHTTPAddress": "0.0.0.0:8081",
"PrimaryDNS": [
{
"Name": "DNSPaiS",
"Address": "123.125.81.6:53",
"Protocol": "udp",
"SOCKS5Address": "",
"Timeout": 3,
"EDNSClientSubnet": {
"Policy": "auto",
"ExternalIP": "223.73.56.110",
"NoCookie": true
}
},
{
"Name": "DNSPaiM",
"Address": "101.226.4.6:53",
"Protocol": "udp",
"SOCKS5Address": "",
"Timeout": 3,
"EDNSClientSubnet": {
"Policy": "auto",
"ExternalIP": "223.73.56.110",
"NoCookie": true
}
}
],
"AlternativeDNS": [
{
"Name": "GoogleM",
"Address": "dns.google:853@8.8.8.8",
"Protocol": "tcp-tls",
"SOCKS5Address": "",
"Timeout": 6,
"EDNSClientSubnet": {
"Policy": "auto",
"ExternalIP": "223.73.56.110",
"NoCookie": true
}
},
{
"Name": "GoogleS",
"Address": "dns.google:853@8.8.4.4",
"Protocol": "tcp-tls",
"SOCKS5Address": "",
"Timeout": 6,
"EDNSClientSubnet": {
"Policy": "auto",
"ExternalIP": "223.73.56.110",
"NoCookie": true
}
}
],
"OnlyPrimaryDNS": false,
"IPv6UseAlternativeDNS": false,
"WhenPrimaryDNSAnswerNoneUse": "AlternativeDNS",
"IPNetworkFile": {
"Primary": "/opt/etc/cn.zone",
"Alternative": "/opt/etc/empty"
},
"DomainFile": {
"Primary": "/opt/etc/empty",
"Alternative": "/opt/etc/empty"
},
"HostsFile": "",
"MinimumTTL": 300,
"DomainTTLFile" : "/opt/etc/domain_ttl.txt",
"CacheSize" : 8192,
"RejectQtype": [255]
}

:cool: :cool: :cool:


Aug 28

移动网络完全没法下载 BT,想到用电信网络做代理,试过 shadowsocks,3proxy 等大量 Socks5 服务器软件,都因为不支持 udp:// 格式的 Tracker 服务器导致速度上不去,最后用 Dante 解决问题。证据看下面用 Proxifier 代理 qBittorrent 的截图:

我们从源码安装 Dante:

# cd /usr/src
# wget http://www.inet.no/dante/files/dante-1.4.2.tar.gz
# tar -zxf dante-1.4.2.tar.gz
# cd dante-1.4.2/
# apt-get install gcc make
# ./configure --prefix=/usr/local --sysconfdir=/etc --localstatedir=/var --disable-client --without-libwrap --without-bsdauth --without-gssapi --without-krb5 --without-upnp --without-pam
# make && make install

之后检查下安装情况:

# /usr/local/sbin/sockd -v
Dante v1.4.2. Copyright (c) 1997 - 2014 Inferno Nettverk A/S, Norway

编辑配置文件:

# nano /etc/sockd.conf

内容如下:

logoutput: /var/log/socks.log

internal: 0.0.0.0 port = 10086
external: br0/eth0/ppp0 #这里一定要设置对,可用 ifconfig 查看

method: username #使用 Linux 内置用户登录,请添加一个不能 SSH 的专用账户,Socks5 连接时账户密码是明文,如无认证需要这里填 none
user.privileged: root
user.notprivileged: nobody

client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}

client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}

pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}

block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}

启动服务器:

/usr/local/sbin/sockd -f /etc/sockd.conf -D

然后在路由器上做端口映射,把 10086 端口暴露出去即可。 :mrgreen: :mrgreen: :mrgreen:


Aug 27

劫持 53 就算了,还他妈长期缓存一些错误的结果,记录下。注释的是曾经错误的目前好了的。

#SHIT CMCC
#server=/ikafan.com/127.0.0.1#5053
#server=/ikafan.com/211.136.17.107#53
#server=/ikafan.com/211.136.20.203#53
#ignore-address=42.236.6.20
server=/g.csdnimg.cn/127.0.0.1#5053

:evil: :evil: :evil:

Tags: ,

Aug 27

说是转码,其实还有下载,录屏,线性编辑等功能,同时支持 Intel/Nvidia/AMD 的硬件加速解码编码。同类软件不用试了,没一个能打的,人肉测试了几十款下来的结果。小缺点就是不直接支持蓝光碟,还有你说它不能非线性编辑也可以~

:cool: :cool: :cool:


Aug 26

冲突表现为开着安装版(便携版好像没这个问题)的 Proxifier 则 Pandownload 无法下载,看错误日志与 DNS 解析有关,解决方法如下图:

:roll: :roll: :roll:


Aug 18

直接上脚本:(https://gist.github.com/rampageX/28ca79a9812fe684650be9ac18df84fe)

安装,替换默认设置:

apt-get install -y distcc distcc-pump ccache
sed -ie 's/STARTDISTCC="false"/STARTDISTCC="true"/' /etc/default/distcc
sed -ie 's/ALLOWEDNETS="127.0.0.1"/ALLOWEDNETS="192.168.0.0\/16 172.16.0.0\/12 10.0.0.0\/8"/' /etc/default/distcc
sed -ie 's/LISTENER="127.0.0.1"/LISTENER="0.0.0.0"/' /etc/default/distcc
sed -ie "s/JOBS=\"\"/JOBS=\"`grep processor /proc/cpuinfo | wc -l`\"/" /etc/default/distcc
sed -ie 's/ZEROCONF="false"/ZEROCONF="true"/' /etc/default/distcc

添加 Tomatoware 编译工具路径:
#PATH here? https://midnightyell.wordpress.com/2012/10/14/a-good-compromise-cross-compiling-with-distcc/
echo "PATH=/opt/tomatoware/arm-soft-mmc/usr/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" >> /etc/default/distcc

#for tomatoware, arm-linux-gcc etc. must in service path, or error code 110 on Router.
sed -ie 's~/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin~/opt/tomatoware/arm-soft-mmc/usr/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin~' /etc/init.d/distcc

service distcc restart

添加 ccache 支持,可选:
echo 'CCACHE_PREFIX="distcc"' > /etc/profile.d/ccache-distcc.sh
echo 'CC="ccache gcc"' >> /etc/profile.d/ccache-distcc.sh

distcc 3.3 如果编译了白名单支持,还需要添加编译工具到白名单:
#add arm-linux-gcc/g++ to whitelist of distcc (error: CRITICAL! arm-linux-gcc not in /usr/lib/distcc whitelist.)
cd /usr/lib/distcc
sudo ln -s ../../bin/distcc ./arm-linux-gcc
sudo ln -s ../../bin/distcc ./arm-linux-g++

其他参考:
#Tomatoware REF: https://github.com/lancethepants/tomatoware/wiki/Using-distcc

#apt-get install Error and Fix: https://github.com/distcc/distcc/issues/311
#`Traceback (most recent call last): File "/usr/bin/update-distcc-symlinks", line 39, in for gnu_host in os.listdir(gcccross_dir): FileNotFoundError: [Errno 2] No such file or directory: '/usr/lib/gcc-cross'`

#Fixed by disable following code:
#`for gnu_host in os.listdir(gcccross_dir): consider_gcc("%(gnu_host)s-" % vars(), "") for version in os.listdir(gcccross_dir + "/" + gnu_host): consider_gcc("", "-%(version)s" % vars()) consider_gcc("%(gnu_host)s-" % vars(), "-%(version)s" % vars())`

调试命令:
PATH=/opt/tomatoware/arm-soft-mmc/usr/bin/:/opt/tomatoware/mipsel-soft-mmc/usr/bin/:$PATH distccd --verbose --no-detach --daemon --allow 192.168.2.0/16 --log-level debug --log-file /home/punk/log/distccd.log --user punk


May 04

CoreDNS 1.5 彻底废除了 Proxy 插件,用 Forward 插件替代,但想不到怎么写才能实现分流,它不允许一个服务器块中用两次 forward。

只好重新把 Proxy 插件编译进去,添加原 coredns/proxy 插件,编译会出错:

proxy.go:107:22: state.ErrorMessage undefined (type request.Request has no field or method ErrorMessage)

暴力修改过的版本,可以编译通过并且可用:https://github.com/rampageX/proxy

编译方法:

按照官方的方法,git clone 下来后,修改 plugin.cfg ,添加一句:

proxy:github.com/rampageX/proxy

然后 make 即可。

root@phicomm-n1:/devel/src/coredns# ./coredns -plugins
Server types:
dns

Caddyfile loaders:
flag
default

Other plugins:
dns.alternate
dns.any
dns.auto
dns.autopath
dns.bind
dns.cache
dns.cancel
dns.chaos
dns.debug
dns.dnssec
dns.dnstap
dns.erratic
dns.errors
dns.etcd
dns.federation
dns.file
dns.forward
dns.grpc
dns.health
dns.hosts
dns.k8s_external
dns.kubernetes
dns.loadbalance
dns.log
dns.loop
dns.metadata
dns.nsid
dns.pprof
dns.prometheus
dns.proxy
dns.ready
dns.reload
dns.rewrite
dns.root
dns.route53
dns.secondary
dns.template
dns.tls
dns.trace
dns.whoami
on

:mrgreen: :mrgreen: :mrgreen:


[1/20]  1 2 3 4 5 6 7 8 9 10 > ... »