1 年間前 · deb0169846
--- a/Build/build-reject-ip-list.ts
+++ b/Build/build-reject-ip-list.ts
@@ -3,11 +3,12 @@ import path from 'node:path';
 
				 import { createReadlineInterfaceFromResponse, readFileIntoProcessedArray } from './lib/fetch-text-by-line';
			
 
				 import { task } from './trace';
			
 
				 import { SHARED_DESCRIPTION } from './constants/description';
			
 
				-import { RulesetOutput } from './lib/create-file';
			
 
				-import { SOURCE_DIR } from './constants/dir';
			
 
				+import { compareAndWriteFile, RulesetOutput } from './lib/create-file';
			
 
				+import { OUTPUT_INTERNAL_DIR, SOURCE_DIR } from './constants/dir';
			
 
				 import { $$fetch } from './lib/fetch-retry';
			
 
				 import { fetchAssets } from './lib/fetch-assets';
			
 
				 import { fastIpVersion } from './lib/misc';
			
 
				+import { AUGUST_ASN } from '../Source/ip/august';
			
 
				 
			
 
				 const BOGUS_NXDOMAIN_URL = 'https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/bogus-nxdomain.china.conf';
			
 
				 const getBogusNxDomainIPsPromise: Promise<[ipv4: string[], ipv6: string[]]> = $$fetch(BOGUS_NXDOMAIN_URL).then(async (resp) => {
			
@@ -55,21 +56,25 @@ export const buildRejectIPList = task(require.main === module, __filename)(async
 
				     span.traceChildPromise('get botnet ips', getBotNetFilterIPsPromise)
			
 
				   ]);
			
 
				 
			
 
				-  return new RulesetOutput(span, 'reject', 'ip')
			
 
				-    .withTitle('Sukka\'s Ruleset - Anti Bogus Domain')
			
 
				-    .withDescription([
			
 
				-      ...SHARED_DESCRIPTION,
			
 
				-      '',
			
 
				-      'This file contains known addresses that are hijacking NXDOMAIN results returned by DNS servers, and botnet controller IPs.',
			
 
				-      '',
			
 
				-      'Data from:',
			
 
				-      ' - https://github.com/felixonmars/dnsmasq-china-list',
			
 
				-      ' - https://github.com/curbengh/botnet-filter'
			
 
				-    ])
			
 
				-    .addFromRuleset(readLocalRejectIpListPromise)
			
 
				-    .bulkAddCIDR4NoResolve(bogusNxDomainIPs[0])
			
 
				-    .bulkAddCIDR6NoResolve(bogusNxDomainIPs[1])
			
 
				-    .bulkAddCIDR4NoResolve(botNetIPs[0])
			
 
				-    .bulkAddCIDR6NoResolve(botNetIPs[1])
			
 
				-    .write();
			
 
				+  return Promise.all([
			
 
				+    new RulesetOutput(span, 'reject', 'ip')
			
 
				+      .withTitle('Sukka\'s Ruleset - Anti Bogus Domain')
			
 
				+      .withDescription([
			
 
				+        ...SHARED_DESCRIPTION,
			
 
				+        '',
			
 
				+        'This file contains known addresses that are hijacking NXDOMAIN results returned by DNS servers, and botnet controller IPs.',
			
 
				+        '',
			
 
				+        'Data from:',
			
 
				+        ' - https://github.com/felixonmars/dnsmasq-china-list',
			
 
				+        ' - https://github.com/curbengh/botnet-filter'
			
 
				+      ])
			
 
				+      .addFromRuleset(readLocalRejectIpListPromise)
			
 
				+      .bulkAddCIDR4NoResolve(bogusNxDomainIPs[0])
			
 
				+      .bulkAddCIDR6NoResolve(bogusNxDomainIPs[1])
			
 
				+      .bulkAddCIDR4NoResolve(botNetIPs[0])
			
 
				+      .bulkAddCIDR6NoResolve(botNetIPs[1])
			
 
				+      .bulkAddIPASN(AUGUST_ASN)
			
 
				+      .write(),
			
 
				+    compareAndWriteFile(span, [AUGUST_ASN.join(' ')], path.join(OUTPUT_INTERNAL_DIR, 'august_asn.txt'))
			
 
				+  ]);
			
 
				 });
			
--- a/Build/lib/rules/base.ts
+++ b/Build/lib/rules/base.ts
@@ -123,6 +123,18 @@ export abstract class RuleOutput<TPreprocessed = unknown> {
 
				     return this;
			
 
				   }
			
 
				 
			
 
				+  addIPASN(asn: string) {
			
 
				+    this.ipasn.add(asn);
			
 
				+    return this;
			
 
				+  }
			
 
				+
			
 
				+  bulkAddIPASN(asns: string[]) {
			
 
				+    for (let i = 0, len = asns.length; i < len; i++) {
			
 
				+      this.ipasn.add(asns[i]);
			
 
				+    }
			
 
				+    return this;
			
 
				+  }
			
 
				+
			
 
				   private async addFromDomainsetPromise(source: AsyncIterable<string> | Iterable<string> | string[]) {
			
 
				     for await (const line of source) {
			
 
				       if (line[0] === '.') {
			
--- a/Source/domainset/cdn.conf
+++ b/Source/domainset/cdn.conf
@@ -4027,3 +4027,4 @@ fdn.gsmarena.com
 
				 fdn2.gsmarena.com
			
 
				 static.fbot.me
			
 
				 nav.yumenosora.co.jp
			
 
				+.hgimg00.com
			
--- a/Source/ip/august.ts
+++ b/Source/ip/august.ts
@@ -0,0 +1,12 @@
 
				+export const AUGUST_ASN = [
			
 
				+  '1012', // Moe BGP, peers with both AS40111 and AS945
			
 
				+  '945', // hkgo LLC, peers with AS1012
			
 
				+  '401111', // peers with both AS1012 and AS945
			
 
				+  '62853', // hkgo LLC, peers with AS945
			
 
				+  '27523', // Kawaii Networks, peers with AS945
			
 
				+  '7719', // hkgo LLC
			
 
				+  '54625', // peers with AS945
			
 
				+  '7257', // only upstream is AS945
			
 
				+  '18044', // only upstream is AS945
			
 
				+  '62489' // only upstream is AS945 and AS1012
			
 
				+];
			
--- a/Source/non_ip/reject.conf
+++ b/Source/non_ip/reject.conf
@@ -127,6 +127,16 @@ DOMAIN-WILDCARD,adv0*.msa.cdn.mediaset.net
 
				 DOMAIN-SUFFIX,juejin.im
			
 
				 DOMAIN-SUFFIX,juejin.cn
			
 
				 
			
 
				+# >> hkgo LLC, a.k.a. August Internet
			
 
				+DOMAIN-SUFFIX,pgi.com
			
 
				+DOMAIN-SUFFIX,wakuwaku.ne.jp
			
 
				+DOMAIN-SUFFIX,bgp.co
			
 
				+DOMAIN-SUFFIX,moebgp.com
			
 
				+DOMAIN-SUFFIX,august.tw
			
 
				+DOMAIN-SUFFIX,esgltc.com
			
 
				+DOMAIN-SUFFIX,kimo.tw
			
 
				+DOMAIN-SUFFIX,lambda-ix.net
			
 
				+
			
 
				 # >> Google
			
 
				 # DOMAIN-KEYWORD,adsense # unblocks adsense.google.com
			
 
				 DOMAIN-KEYWORD,adwords