- 02 Mar, 2026 1 commit
-
-
Vitaly Lipatov authored
- Add third list "geo" (web-geo.list) for geo-blocked domains routed via gre - Add warp gateway to CHECK_GATEWAYS for site availability checks - Add left sidebar with all egw/ogw proxy servers (17 egw + 4 ogw) - Replace "Без правила" button with "Geo (gre)" button - Update makeEntry() to show two move buttons per entry (to other two lists) - Update OpenAPI spec with geo mode in all endpoints - Update documentation with web-geo.list and gre symlinks - Widen layout from 900px to 1300px for sidebar + 3 columns Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 28 Feb, 2026 6 commits
-
-
Vitaly Lipatov authored
Helps accumulate more DNS round-robin IPs over time. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Filter out invalid entries after DNS resolve: - IPv4: validate format and octet range (0-255) - IPv6: validate hex:colon format - Log WARNING when garbage entries are filtered Prevents broken IPs like 1886.110.224.97 from entering routing tables. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
route-health.sh creates gw-* state directories for per-gateway health tracking inside .state/routes.d/GROUP/. route-update.sh was incorrectly treating them as orphaned list-state and deleting them every run. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
New container cloned from xray.hetzner, traffic routed via gre.beget to Cloudflare WARP. Exit via Cloudflare PoP (ARN Stockholm). Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 25 Feb, 2026 17 commits
-
-
Vitaly Lipatov authored
- Flush routes per dead gateway instead of waiting for entire group to die - Add iperf3 bandwidth (success=0 → dead) as third health signal - Ping threshold: >=50% loss is now dead (was 100%) - State tracking per gateway (.state/GROUP/gw-TAG/) - GRE detection: use link UP instead of RX bytes delta (fixes false disconnected status on idle tunnels) - Timer interval: 20s (was 1min) Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Query vpn_status (connected=0/1) alongside ping data. If VPN tunnel is reported disconnected, gateway is immediately marked dead without waiting for ping loss to accumulate. VPN status is checked with 1m window (vs 3m for ping) since it updates every 10s. Shows vpn=DOWN marker in --show output for affected gateways. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Auto-detects VPN type and reports status to InfluxDB via Telegraf exec: - IKEv2/strongSwan: swanctl or ipsec* interface + RX bytes - OpenVPN: process + tun0 interface - GRE: gre1 interface + RX bytes changing - OpenConnect: process + vpns/tun interface - Xray: process + SOCKS port listening - AmneziaWG/WireGuard: interface + recent handshake Deployed to all 11 egw/ogw containers with Telegraf integration. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- Check domain accessibility through all gateways via SOCKS5 in parallel - Resolve domain IPs (v4+v6) and find matches in active route lists - Distinguish proxy errors (PROXY?) from site blocks (BLOCK) - Show whois summary (registrar, org, dates, nameservers) - Add per-entry check button in bypass/direct lists - Rate-limit: one check at a time (threading.Lock) Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Switch bandwidth source from net.bytes_recv (current traffic) to iperf3.recv_bps (tunnel throughput). Add gre.vdska gateway (91.232.225.127). Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Rename gre.beget/ikev2.beget to gre.beget.ogw/ikev2.beget.ogw to match telegraf gateway names. Add /api/bandwidth endpoint querying InfluxDB for 30-min average throughput. Display as first table row. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Add --json FILE option to check-blocked.sh for machine-readable output. Add check-blocked-web.py: minimal web server displaying results as a color-coded HTML table with auto-refresh every 5 min. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Use eget --get-response to get HTTP status code when --check-url fails. Shows HTTP403 (Cloudflare challenge) vs BLOCK (no connection). Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Tests site availability and download speed through different egw/ogw gateways via their SOCKS5 proxies. Uses eget --check-url and --speedtest. Default sites: instagram.com, facebook.com, youtube.com, rutracker.org, flibusta.is. Gateway list is easily extensible. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
New GET /api/status returns: - updated: last apply timestamp - pending: true if list files modified since last apply - remaining: seconds until next route-update cycle JS countdown now uses /api/status (lighter than /api/active) and shows different messages depending on whether there are pending changes. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Show exact remaining time until next route-update.sh run (every 5 min) with a live JS countdown, instead of static "в течение 5 минут" text. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Replace the full active routes listing with a lightweight timestamp fetched from /api/active, shown inline in the footer note. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- Add OpenAPI 3.0 spec (OPENAPI_SPEC) describing all API endpoints - Add /swagger page with Swagger UI loaded from CDN (unpkg.com) - Add /api/openapi.json endpoint serving the spec - Add "API docs" link on the main page - Use ThreadingHTTPServer for concurrent requests - Document Swagger UI in route-web-api.md Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 24 Feb, 2026 3 commits
-
-
Vitaly Lipatov authored
Python web API (route-web-api.py) on port 80 for adding domains to egw bypass or dgw direct lists. Runs as unprivileged routeweb user, list files are picked up by route-update.sh via symlinks. Features: - Add/remove/move domains between bypass and direct lists - Auto-remove from other list when adding (mutual exclusion) - "No rule" button to remove from input field - Active routes section showing all applied rules from route-update - Last update timestamp from all-routes.json mtime route-update.sh: generate_web_json() exports all list entries as JSON for the web UI after each run. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
ip rule show format is "PREF:\tfrom ... lookup TABLE", not "... pref PREF". The awk was looking for a "pref"/"priority" field that doesn't exist, so old rules were never removed and new prefs were never applied. Also fix grep -c/-q "lookup TABLE" to use -w (word boundary) to prevent "lookup 2" from matching "lookup 200". Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Pref was calculated as table_number × 10, meaning moving a .list between groups didn't change its priority. Now pref is assigned sequentially by group/list processing order (base=1000, group_step=100, list_step=10). Also improves cleanup_state to detect .list files moved between groups — only removes old state dir without flushing the shared routing table. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 23 Feb, 2026 4 commits
-
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Replace group_monitor_tag (first gateway only) with eval_group_health that checks all gateways. Group is healthy if any gateway is healthy, dead only if all are dead. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Replace monitor file requirement with group_monitor_tag() that derives InfluxDB tag from gateway's PTR record via find_gw_monitor. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- Add gw_monitor_tag(): derives InfluxDB tag from gateway PTR record (NAME.egw.etersoft.ru → NAME, with .v6 suffix for IPv6) - find_gw_monitor: fallback to PTR-based tag when no monitor file - Fix find_gw_monitor: use parse_gw_line instead of resolve_gw to handle "IP metric N" format in gateway files - Fix build_route_via and load_list_routes multipath: use parse_gw_line loop instead of resolve_gw with raw gateway lines Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 22 Feb, 2026 9 commits
-
-
Vitaly Lipatov authored
Duplicate .list basenames in different groups would share a routing table with conflicting gateways. Detect this early and abort. Also add BIRD2 BGP integration section to --help. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
generate_bird_config() creates /etc/bird/route-tables.conf with protocol kernel blocks for each per-list routing table, tagged with BGP community (AS:table_num). Each kernel syncer gets its own BIRD table with a pipe to master4/master6. Uses 'learn' to import routes from external programs. Only runs if birdc is installed. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
alloc_table vlog was captured by $() into _table variable, breaking route loading for newly allocated tables. Redirect vlog to stderr. Also pre-create resolved.new.tmp to avoid "file not found" on empty resolve. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
has_option returns false when options file is absent, making read_group_config return 1 and skip the entire group. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Per-list names like "egw/blocked" contain / which breaks sed s/// delimiter. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Per-list tables: each .list file gets its own routing table (auto-allocated 200-250) instead of one table per group. Enables BGP redistribution per list. Gateway metric: "IP metric N" syntax in gateway file. Multiple gateways with metric get separate route entries (preference-based) instead of ECMP multipath. Per-gateway failover: route-health.sh removes routes only via dead gateway in metric groups, keeping fallback routes alive. Refactored process_routes() into check_list_changed(), resolve_list_file(), load_list_routes() subfunctions for readability. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- CT 677 (ikev2.hetzner.egw): IPv6 via IPsec with NETMAP 2a03:5a00:c:20::/118 <-> ::c00/118 - CT 693 (ikev2.vdska.egw): IPv6 via IPsec with NETMAP, MASQUERADE on VDS (shared /47) - Add IPv6/NAT66 reference table with all NETMAP-enabled containers - Add vdska VDS section (Ubuntu 24.04, IPv6 forwarding, swanctl path) - Add swanctl IPv6 traffic selector config example - Update egw client IPs, add 10.20.30.x addresses to routers Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- CT 671 (amneziawg.sprintbox.egw) is actually running, moved from stopped - CT 690 (bydpi.ogw) is stopped, moved to stopped section - CT 694 (dgw, .12) added as baseline gateway (direct, no tunnel) - Updated mermaid diagram and telegraf monitoring accordingly Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-