... Хук: /usr/local/Reductor/userinfo/hooks/billing_redirect.sh {code} #!/bin/bash ipset_prepare() { if [ "${billing['negbal']}" = '1' ]; then if [ -n "${billing['subnet']}" ]; then ipset create auth bitmap:ip,mac range "${billing['subnet']}" 2>/dev/null || true else ipset create auth iphash 2>/dev/null || true fi ipset flush auth for ipset in negbal blocked; do ipset create $ipset hash:net 2>/dev/null || true ipset flush $ipset done while read net; do ipset add negbal $net || true done < /usr/local/Reductor/userinfo/hooks/negbal.list || true fi } {code}
|
{code}
|
chmod a+x /app/reductor/cfg/userinfo/hooks/billing_redirect.sh /usr/local/Reductor/userinfo/hooks/billing_redirect.sh
|
{code} Список сетей для блокировки: cat /usr/local/Reductor/userinfo/hooks/negbal.list
|
... \\ {code} 10.30.30.0/24 {code} Маски шире /16 не поддерживаются, разбейте сеть на более мелкие. Опции для работы в конфиге: 10.50.140.73 - IP адрес заглушки настроенной по доке: [https://github.com/carbonsoft/reductor_blockpages]\\ {code} declare -A billing billing['negbal']='1' billing['ip']='' billing['negbal_ip']='10.50.140.73' billing['negbal_dns_ip']='10.50.140.73' billing['negbal_url']='http://10.50.140.73/' billing['blocked_ip']='' billing['blocked_dns_ip']='' billing['blocked_url']='' billing['noauth_ip']='' billing['noauth_dns_ip']='' billing['noauth_url']='' billing['subnet']='' billing['nocheckauth']='1' billing['justsync']='0' billing['other_traffic']='1' {code}
|