refactoring

src/system/zaprett/bin/zaprett

@@ -0,0 +1,103 @@
+#!/system/bin/sh
+source /sdcard/zaprett/config
+
+clear_iptables_rules() {
+    iptables -t mangle -D POSTROUTING -j NFQUEUE --queue-num 200 --queue-bypass 2>/dev/null
+    iptables -t mangle -D PREROUTING -j NFQUEUE --queue-num 200 --queue-bypass 2>/dev/null
+    iptables -t filter -D FORWARD -j NFQUEUE --queue-num 200 --queue-bypass 2>/dev/null
+}
+
+
+if [ "$1" == "start" ]; then
+    rm -f /data/adb/modules/zaprett/tmp/*
+    echo "Starting zaprett..."; 
+hostlist=""
+for itm in $(echo "$activelists" | tr ',' ' ' | sort -u); do
+    if [ -f "$itm" ]; then
+        dst="/data/adb/modules/zaprett/tmp/$(basename "$itm")"
+        cp "$itm" "$dst"
+        case "$hostlist" in
+            *"--hostlist=$dst"*) ;;
+            *) hostlist="$hostlist --hostlist=$dst" ;;
+        esac
+    fi
+done
+
+config=""
+if [[ -n "$strategy" && -f "$strategy" ]]; then
+    config="$(eval "echo \"$(<"$strategy")\"")"
+fi
+
+if [[ -z "$config" ]]; then
+    config="--filter-tcp=80 --dpi-desync=fake,split2 --dpi-desync-autottl=2 --dpi-desync-fooling=md5sig,badsum $hostlist --new"
+    config="$config --filter-tcp=443 $hostlist --dpi-desync=fake,split2 --dpi-desync-repeats=6 --dpi-desync-fooling=md5sig,badsum --dpi-desync-fake-tls=${zaprettdir}/bin/tls_clienthello_www_google_com.bin --new"
+    config="$config --filter-tcp=80,443 --dpi-desync=fake,disorder2 --dpi-desync-repeats=6 --dpi-desync-autottl=2 --dpi-desync-fooling=md5sig,badsum $hostlist --new"
+    config="$config --filter-udp=50000-50100 --dpi-desync=fake --dpi-desync-any-protocol --dpi-desync-fake-quic=0xC30000000108 --new"
+    config="$config --filter-udp=443 $hostlist --dpi-desync=fake --dpi-desync-repeats=6 --dpi-desync-fake-quic=${zaprettdir}/bin/quic_initial_www_google_com.bin --new"
+    config="$config --filter-udp=443 --dpi-desync=fake --dpi-desync-repeats=6 $hostlist"
+    
+fi
+	sysctl net.netfilter.nf_conntrack_tcp_be_liberal=1 > /dev/null
+	
+    iptables -t mangle -I POSTROUTING -j NFQUEUE --queue-num 200 --queue-bypass
+    iptables -t mangle -I PREROUTING -j NFQUEUE --queue-num 200 --queue-bypass
+    iptables -t filter -A FORWARD -j NFQUEUE --queue-num 200 --queue-bypass
+
+    nfqws --uid=0:0 --qnum=200 $config > /dev/null & 
+    echo "zaprett service started!"; return 0;
+    fi
+
+if [ "$1" == "stop" ]; then
+clear_iptables_rules
+kill $(pidof nfqws);
+rm -f /data/adb/modules/zaprett/tmp/*
+echo "zaprett service stopped!"; return 0; fi;
+
+if [ "$1" == "status" ]; then
+	pidof "nfqws" > /dev/null && echo "zaprett is working" || echo "zaprett is stopped"
+fi
+
+if [ "$1" == "restart" ]; then
+    echo "Stopping zaprett..."
+    clear_iptables_rules
+    kill "$(pidof nfqws)" 2>/dev/null
+    rm -f /data/adb/modules/zaprett/tmp/*
+    echo "Starting zaprett..."
+hostlist=""
+for itm in $(echo "$activelists" | tr ',' ' ' | sort -u); do
+    if [ -f "$itm" ]; then
+        dst="/data/adb/modules/zaprett/tmp/$(basename "$itm")"
+        cp "$itm" "$dst"
+        case "$hostlist" in
+            *"--hostlist=$dst"*) ;;
+            *) hostlist="$hostlist --hostlist=$dst" ;;
+        esac
+    fi
+done
+
+config=""
+if [[ -n "$strategy" && -f "$strategy" ]]; then
+    config="$(eval "echo \"$(<"$strategy")\"")"
+fi
+
+if [[ -z "$config" ]]; then
+    config="--filter-tcp=80 --dpi-desync=fake,split2 --dpi-desync-autottl=2 --dpi-desync-fooling=md5sig,badsum $hostlist --new"
+    config="$config --filter-tcp=443 $hostlist --dpi-desync=fake,split2 --dpi-desync-repeats=6 --dpi-desync-fooling=md5sig,badsum --dpi-desync-fake-tls=${zaprettdir}/bin/tls_clienthello_www_google_com.bin --new"
+    config="$config --filter-tcp=80,443 --dpi-desync=fake,disorder2 --dpi-desync-repeats=6 --dpi-desync-autottl=2 --dpi-desync-fooling=md5sig,badsum $hostlist --new"
+    config="$config --filter-udp=50000-50100 --dpi-desync=fake --dpi-desync-any-protocol --dpi-desync-fake-quic=0xC30000000108 --new"
+    config="$config --filter-udp=443 $hostlist --dpi-desync=fake --dpi-desync-repeats=6 --dpi-desync-fake-quic=${zaprettdir}/bin/quic_initial_www_google_com.bin --new"
+    config="$config --filter-udp=443 --dpi-desync=fake --dpi-desync-repeats=6 $hostlist"
+
+fi
+    sysctl net.netfilter.nf_conntrack_tcp_be_liberal=1 > /dev/null
+
+    iptables -t mangle -I POSTROUTING -j NFQUEUE --queue-num 200 --queue-bypass
+    iptables -t mangle -I PREROUTING -j NFQUEUE --queue-num 200 --queue-bypass
+    iptables -t filter -A FORWARD -j NFQUEUE --queue-num 200 --queue-bypass
+
+    nfqws --uid=0:0 --qnum=200 $config > /dev/null &
+    echo "zaprett service restarted!"
+fi
+if [[ -z $1 ]]; then
+	echo "zaprett installed. Telegram: t.me/zaprett_module"
+fi

src/system/zaprett/etc/hosts

@@ -0,0 +1,35 @@
+127.0.0.1       localhost
+::1             ip6-localhost
+89.108.98.20 chatgpt.com
+134.0.118.88 ab.chatgpt.com
+89.108.98.20 auth.openai.com
+89.108.98.20 auth0.openai.com
+89.108.98.20 platform.openai.com
+89.108.98.20 cdn.oaistatic.com
+89.108.98.20 files.oaiusercontent.com
+89.108.98.20 cdn.auth0.com
+89.108.98.20 tcr9i.chat.openai.com
+89.108.98.20 webrtc.chatgpt.com
+89.108.98.20 android.chat.openai.com
+89.108.98.20 gemini.google.com
+89.108.98.20 aistudio.google.com
+89.108.98.20 ai.google
+89.108.98.20 assistant-s3-pa.googleapis.com
+89.108.98.20 generativelanguage.googleapis.com
+89.108.98.20 alkalimakersuite-pa.clients6.google.com
+64.233.162.188 mtalk.google.com
+89.108.98.20 copilot.microsoft.com
+89.108.98.20 sydney.bing.com
+89.108.98.20 edgeservices.bing.com
+89.108.98.20 claude.ai
+89.108.98.20 aitestkitchen.withgoogle.com
+89.108.98.20 aisandbox-pa.googleapis.com
+89.108.98.20 o.pki.goog
+89.108.98.20 labs.google
+89.108.98.20 notebooklm.google
+89.108.98.20 notebooklm.google.com
+89.108.98.20 www.notion.so
+89.108.98.20 www.googleapis.com
+89.108.98.20 proactivebackend-pa.googleapis.com
+89.108.98.20 grok.com
+89.108.98.20 assets.grok.com