- 25 Feb, 2026 6 commits
-
-
Vitaly Lipatov authored
Tests site availability and download speed through different egw/ogw gateways via their SOCKS5 proxies. Uses eget --check-url and --speedtest. Default sites: instagram.com, facebook.com, youtube.com, rutracker.org, flibusta.is. Gateway list is easily extensible. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
New GET /api/status returns: - updated: last apply timestamp - pending: true if list files modified since last apply - remaining: seconds until next route-update cycle JS countdown now uses /api/status (lighter than /api/active) and shows different messages depending on whether there are pending changes. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Show exact remaining time until next route-update.sh run (every 5 min) with a live JS countdown, instead of static "в течение 5 минут" text. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Replace the full active routes listing with a lightweight timestamp fetched from /api/active, shown inline in the footer note. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- Add OpenAPI 3.0 spec (OPENAPI_SPEC) describing all API endpoints - Add /swagger page with Swagger UI loaded from CDN (unpkg.com) - Add /api/openapi.json endpoint serving the spec - Add "API docs" link on the main page - Use ThreadingHTTPServer for concurrent requests - Document Swagger UI in route-web-api.md Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 24 Feb, 2026 3 commits
-
-
Vitaly Lipatov authored
Python web API (route-web-api.py) on port 80 for adding domains to egw bypass or dgw direct lists. Runs as unprivileged routeweb user, list files are picked up by route-update.sh via symlinks. Features: - Add/remove/move domains between bypass and direct lists - Auto-remove from other list when adding (mutual exclusion) - "No rule" button to remove from input field - Active routes section showing all applied rules from route-update - Last update timestamp from all-routes.json mtime route-update.sh: generate_web_json() exports all list entries as JSON for the web UI after each run. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
ip rule show format is "PREF:\tfrom ... lookup TABLE", not "... pref PREF". The awk was looking for a "pref"/"priority" field that doesn't exist, so old rules were never removed and new prefs were never applied. Also fix grep -c/-q "lookup TABLE" to use -w (word boundary) to prevent "lookup 2" from matching "lookup 200". Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Pref was calculated as table_number × 10, meaning moving a .list between groups didn't change its priority. Now pref is assigned sequentially by group/list processing order (base=1000, group_step=100, list_step=10). Also improves cleanup_state to detect .list files moved between groups — only removes old state dir without flushing the shared routing table. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 23 Feb, 2026 4 commits
-
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Replace group_monitor_tag (first gateway only) with eval_group_health that checks all gateways. Group is healthy if any gateway is healthy, dead only if all are dead. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Replace monitor file requirement with group_monitor_tag() that derives InfluxDB tag from gateway's PTR record via find_gw_monitor. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- Add gw_monitor_tag(): derives InfluxDB tag from gateway PTR record (NAME.egw.etersoft.ru → NAME, with .v6 suffix for IPv6) - find_gw_monitor: fallback to PTR-based tag when no monitor file - Fix find_gw_monitor: use parse_gw_line instead of resolve_gw to handle "IP metric N" format in gateway files - Fix build_route_via and load_list_routes multipath: use parse_gw_line loop instead of resolve_gw with raw gateway lines Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 22 Feb, 2026 11 commits
-
-
Vitaly Lipatov authored
Duplicate .list basenames in different groups would share a routing table with conflicting gateways. Detect this early and abort. Also add BIRD2 BGP integration section to --help. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
generate_bird_config() creates /etc/bird/route-tables.conf with protocol kernel blocks for each per-list routing table, tagged with BGP community (AS:table_num). Each kernel syncer gets its own BIRD table with a pipe to master4/master6. Uses 'learn' to import routes from external programs. Only runs if birdc is installed. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
alloc_table vlog was captured by $() into _table variable, breaking route loading for newly allocated tables. Redirect vlog to stderr. Also pre-create resolved.new.tmp to avoid "file not found" on empty resolve. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
has_option returns false when options file is absent, making read_group_config return 1 and skip the entire group. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Per-list names like "egw/blocked" contain / which breaks sed s/// delimiter. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Per-list tables: each .list file gets its own routing table (auto-allocated 200-250) instead of one table per group. Enables BGP redistribution per list. Gateway metric: "IP metric N" syntax in gateway file. Multiple gateways with metric get separate route entries (preference-based) instead of ECMP multipath. Per-gateway failover: route-health.sh removes routes only via dead gateway in metric groups, keeping fallback routes alive. Refactored process_routes() into check_list_changed(), resolve_list_file(), load_list_routes() subfunctions for readability. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- CT 677 (ikev2.hetzner.egw): IPv6 via IPsec with NETMAP 2a03:5a00:c:20::/118 <-> ::c00/118 - CT 693 (ikev2.vdska.egw): IPv6 via IPsec with NETMAP, MASQUERADE on VDS (shared /47) - Add IPv6/NAT66 reference table with all NETMAP-enabled containers - Add vdska VDS section (Ubuntu 24.04, IPv6 forwarding, swanctl path) - Add swanctl IPv6 traffic selector config example - Update egw client IPs, add 10.20.30.x addresses to routers Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- CT 671 (amneziawg.sprintbox.egw) is actually running, moved from stopped - CT 690 (bydpi.ogw) is stopped, moved to stopped section - CT 694 (dgw, .12) added as baseline gateway (direct, no tunnel) - Updated mermaid diagram and telegraf monitoring accordingly Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Port 443 on hetzner is now multiplexed via nginx stream ssl_preread: - SNI chatgpt.com → ck-server (Cloak) on :1443 - other SNI → nginx http on 127.0.0.1:9443 Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 21 Feb, 2026 2 commits
-
-
Vitaly Lipatov authored
Replace broken sed JSON fallback with epm assure jq. Add fatal() helper to shared functions. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
vlog output was captured by command substitution table=$(lookup_table ...), corrupting the table number with log text. Redirect to stderr. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 20 Feb, 2026 3 commits
-
-
Vitaly Lipatov authored
Only re-resolve list files that actually changed (detected by mtime vs saved hash file). Unchanged files reuse cached resolved IPs from resolved_parts/ directory. Log message now shows which files triggered the re-resolve. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 19 Feb, 2026 2 commits
-
-
Vitaly Lipatov authored
antifilter lists contain IPs with /32 suffix, other lists without. This caused duplicates in resolved file (1.1.1.1 vs 1.1.1.1/32). Strip /32 before sort -u to properly deduplicate. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
ip route show omits /32 suffix for host routes, but resolved lists from antifilter contain explicit /32. This mismatch caused comm to mark all host routes as stale and delete them immediately after loading. Normalize both sides by stripping /32 before comparison. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
- 18 Feb, 2026 9 commits
-
-
Vitaly Lipatov authored
Same issue as vlog() — [ -n "$EXTRA_DNS" ] && cmd returns exit code 1 when EXTRA_DNS is empty, which can affect callers. Add || true to all four occurrences. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
vlog() { [ -n "$VERBOSE" ] && log "..." } returns exit code 1 when VERBOSE is empty, causing &&/|| chains to take wrong branch. This made "Extra DNS unreachable" message appear even when DNS works. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- Add new container bydpi.ogw (CT 690, .129) with byedpi DPI bypass - Add ovpn.vdska.egw (CT 688, .128) to documentation - Update ikev2.beget.ogw IP from .12 to .130 - Update mermaid diagram with all new containers Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
- Mark CT 670 (cloak.ovpn.sprintbox) and CT 672 (nfqws.ovpn.sprintbox) as running - Rename CT 677 from ikev2.egw to ikev2.hetzner.egw, move to hetzner group - Rename beget.egw.eterhost.ru to beget.ogw.eterhost.ru - Add DPI blocking note for CT 673 (amneziawg.hetzner.egw) - Update mermaid diagram connections Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Move from "Остановленные" to "Работающие" section, update mermaid diagram (remove
⏸ , add connections to hetzner and igw routing). Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Minimal script that only configures interface IP (IPv4+IPv6) without touching routing tables. Used by openconnect-egw.service. Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-
Vitaly Lipatov authored
Use grep '^[^[:space:]]' instead of wc -l for consistent counting when routes have multipath nexthop lines (3 lines per route). Co-Authored-By:Claude Opus 4.6 <noreply@anthropic.com>
-