block-proxy 0.1.0

package/.eslintignore

@@ -0,0 +1,3 @@
+node_modules/
+build/
+dist/

package/AD_BLOCK.md

@@ -0,0 +1,38 @@
+[Rule]
+AND,((DOMAIN-SUFFIX,googlevideo.com), (PROTOCOL,UDP)),REJECT
+AND,((DOMAIN,youtubei.googleapis.com), (PROTOCOL,UDP)),REJECT
+
+[URL Rewrite]
+(^https?:\/\/[\w-]+\.googlevideo\.com\/(?!dclk_video_ads).+?)&ctier=L(&.+?),ctier,(.+) $1$2$3 302
+^https?:\/\/[\w-]+\.googlevideo\.com\/(?!(dclk_video_ads|videoplayback\?)).+&oad _ reject-200
+^https?:\/\/(www|s)\.youtube\.com\/api\/stats\/ads _ reject-200
+^https?:\/\/(www|s)\.youtube\.com\/(pagead|ptracking) _ reject-200
+^https?:\/\/s\.youtube\.com\/api\/stats\/qoe\?adcontext _ reject-200
+
+[Script]
+youtube.response = type=http-response,pattern=^https:\/\/youtubei\.googleapis\.com\/youtubei\/v1\/(browse|next|player|search|reel\/reel_watch_sequence|guide|account\/get_setting|get_watch),requires-body=1,max-size=-1,binary-body-mode=1,engine={{{脚本执行引擎}}},script-path=https://raw.githubusercontent.com/Maasea/sgmodule/master/Script/Youtube/youtube.response.js,argument="{"lyricLang":"{{{歌词翻译语言}}}","captionLang":"{{{字幕翻译语言}}}","blockUpload":{{{屏蔽上传按钮}}},"blockImmersive":{{{屏蔽选段按钮}}},"debug":{{{启用调试模式}}}}"
+
+[MITM]
+hostname = %APPEND% -redirector*.googlevideo.com,*.googlevideo.com,www.youtube.com,s.youtube.com,youtubei.googleapis.com
+
+
+
+--------------------
+
+youtube.com
+`^https?:\/\/(www|s)\.youtube\.com\/api\/stats\/ads`
+
+youtube.com
+`^https?:\/\/(www|s)\.youtube\.com\/(pagead|ptracking)`
+
+youtube.com
+`^https?:\/\/s\.youtube\.com\/api\/stats\/qoe\?adcontext`
+
+googlevideo.com
+`^https?:\/\/[\w-]+\.googlevideo\.com\/(?!(dclk_video_ads|videoplayback\?)).+(&oad|ctier)`
+
+s.youtube.com
+`^https?:\/\/s\.youtube\.com\/api\/stats\/atr.+&is_ad=1`
+
+youtube.com
+`^https?:\/\/(www|s)\.youtube\.com\/pcs\/activeview.+&ad_cpn=`

package/Dockerfile

@@ -0,0 +1,51 @@
+# 构建阶段
+# 使用与目标平台一致的基础镜像进行构建
+FROM --platform=$TARGETPLATFORM node:18-alpine AS builder
+
+WORKDIR /app
+
+# 安装 pnpm
+RUN npm install -g pnpm --registry=https://registry.npmmirror.com
+
+# 复制依赖文件（利用 Docker 缓存）
+COPY package.json pnpm-lock.yaml ./
+#COPY start.js ./
+
+# 安装依赖 - 这一步现在会在目标架构 (e.g., arm64) 的容器中执行
+# 这样生成的 node_modules 中的 native addons 就是为正确的架构编译的
+RUN pnpm install --force --registry=https://registry.npmmirror.com && \
+    pnpm store prune && \
+    rm -rf /root/.pnpm-store
+
+# 复制应用代码
+COPY . ./
+
+# 修复权限
+RUN chown -R 1001:1001 /app
+
+# 生产阶段
+# 同样使用与目标平台一致的基础镜像
+FROM --platform=$TARGETPLATFORM node:18-alpine
+
+# 创建非 root 用户
+RUN addgroup -g 1001 -S nodejs && \
+    adduser -S nodeuser -u 1001
+
+WORKDIR /app
+
+# 从构建阶段复制文件 (现在复制的是为正确架构构建的 node_modules)
+COPY --from=builder --chown=nodeuser:nodejs /app /app
+
+# 复制证书
+COPY cert/rootCA.key /root/.anyproxy/certificates/
+COPY cert/rootCA.crt /root/.anyproxy/certificates/
+# COPY init_permissions.sh /app/
+# RUN chmod +x /app/init_permissions.sh
+#COPY start.js /app/start.js
+
+USER nodeuser
+
+EXPOSE 8001 8002 8003
+
+# 使用 node 启动脚本作为 CMD
+CMD ["npm", "run", "start"]

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 lijing00333
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,182 @@
+
+<img width="300" alt="image" src="https://github.com/user-attachments/assets/2bb069d8-508a-41b9-9fee-94a1e31cc0cb" />
+
+---------------------------
+
+> **Block-Proxy**
+
+基于 MITM 的代理和上网过滤工具
+
+主要是限制小朋友上网，依赖 anyproxy，用在 openwrt 里。特性：
+
+- HTTP/Socks5 代理
+- 域名拦截
+- url 正则拦截
+- 指定拦截Mac地址
+- 设定日期和时间段
+- 顺便过滤广告
+
+### 1）使用方法
+
+#### ①  快速部署
+
+安装：
+
+`npm install -g block-proxy`
+
+启动：
+
+`block-proxy`
+
+#### ②  Docker 部署（推荐）
+
+1. 下载 Docker 文件
+   - Arm 架构 → <a href="http://yui.cool:7001/public/downloads/block-proxy/arm/block-proxy.tar" target=_blank>block-proxy-arm.tar</a>
+   - X86 架构 → <a href="http://yui.cool:7001/public/downloads/block-proxy/x86/block-proxy-x86.tar" target=_blank>block-proxy-x86.tar</a>
+2. 导入：`docker load < block-proxy.tar`
+3. 启动：参照下文 Docker 部署
+4. 服务端配置：配置面板 <http://server-ip:8004>，关闭、启用配置面板：<http://server-ip:8001>
+5. 客户端配置：http 代理直接在 iphone wifi 详情里手动配置，socks5 代理只支持 socks5 over TLS，用小火箭配置。配置信息参照[配置面板](http://localhost:8004)
+
+### 2）开发和调试
+
+代码 clone 下来后执行`pnpm i`，执行 `npm run dev` 运行本地服务。默认开启 5 个端口：
+
+|端口   |说明     |可否关闭|
+|:----:|:------:|:------:|
+|3000  |调试端口（仅开发调试配置面板用）| 生产环境不启用|
+|8001  |HTTP 代理端口 | 不可禁用 |
+|8002  |Socks5（Over TLS）代理端口 | 可禁用 |
+|8003  |AnyProxy 监控页面| 可禁用  |
+|8004  |后台配置页端口  | 可禁用 |
+
+
+### 3）Docker 构建和部署
+
+准备工作，构建 docker 包，先启动本地 Docker：
+
+- 开发调试：`npm run dev`，开发调试用3000端口
+- 生产启动：`npm run start`，生产环境使用
+- 只启动代理：`npm run proxy`，不启动配置后台，只启动代理
+- 后台构建：`npm run build`
+- 本地打包：`npm run docker:build`
+- 打arm包：`npm run docker:build_arm`
+- 导出tar包到本地：`docker save -o block-proxy.tar block-proxy`
+- 安装包到openwrt：`docker load < block-proxy.tar`
+
+> 要是打包 docker 空间不够就执行 `docker system prune -a --volumes`
+
+拷贝 tar 到 openwrt 后启动容器：
+
+```
+docker run --init -d --restart=unless-stopped \
+           -e TZ=Asia/Shanghai --network=host \
+           --user=root \
+           --log-driver local \
+           --log-opt max-size=10m \
+           --log-opt max-file=3 \
+           --cpus="5" \
+           --memory 400m \
+           --name block-proxy block-proxy
+```
+
+> block-proxy 可以配置只启动 proxy 不启动后台面板，首次启动后访问 http://代理IP:8001 根据提示操作。
+
+网关里为了方便获取子网机器 ip 和 mac 地址，docker 容器需要和宿主机共享同一个网络，同时指定时区。
+
+如果是在 Window/Mac 中，需要手动指定端口绑定（不推荐）：
+
+```
+docker run --init -d --restart=unless-stopped --user=root \
+           -e TZ=Asia/Shanghai -p 8001:8001 -p 8002:8002 -p 8003:8003 \
+           --name block-proxy block-proxy
+```
+
+
+### 4）配置说明
+
+#### 代理端口
+
+默认开启两个代理端口：HTTP 8001 和 Socks5（over TLS） 8002。
+
+⚠️ Socks5 代理不支持对 Mac 地址的定向拦截，Mac 地址的拦截只对局域网内的 HTTP 代理绑定生效。建议局域网绑定 http 代理，公网绑定 Socks5 代理。
+
+⚠️ 使用小火箭的 Socks5 over TLS 代理，TLS 选项里勾选“允许不安全”
+
+#### 后台配置
+
+访问路径：`http://proxy-ip:8004`
+
+路由表间隔两小时刷新一次。如果新加入网的设备没生效，刷新一下路由表。添加限制条件后，点击重启代理按钮。
+
+<img src="https://github.com/user-attachments/assets/16f47d3f-1ef9-47a2-8640-c7e04ec64e1a" width=300 />
+
+
+#### 设备配置
+
+1. 代理设置：iPhone/iPad 为例：设置 → 无线局域网 → 点击当前网络 → HTTP代理/配置代理，设置服务器和端口。
+2. 证书设置：打开anproxy监控地址（8003端口），扫码安装证书，在手机设置中安装该证书，同时配置完全信任：设置→通用→关于本机→证书信任设置→打开对AnyProxy的完全信任
+
+小朋友的设备里把 Mac 固定下来：
+
+<img width="350" alt="image" src="https://github.com/user-attachments/assets/f9bfab89-7194-4a72-b1ae-5cca27911bc9" />
+
+#### 禁掉设备直连
+
+防止小朋友修改网Wifi连接，只允许设备通过代理访问，把直连上网权限关掉。网关里配置防火墙规则：
+
+```
+iptables -I FORWARD -m mac --mac-source D2:9E:8D:1B:F1:4E  -j REJECT
+ip6tables -I forwarding_rule -m mac --mac-source D2:9E:8D:1B:F1:4E -j REJECT
+```
+
+然后重启防火墙
+
+
+### 5）使用说明
+
+#### 应用条件：
+
+1. MITM 基于 AnyProxy 的规则实现，客户端设备必须要安装 AnyProxy 的证书。
+2. 服务需要根据 ip 反查 mac 地址，需要代理服务工作在对子网有扫描权限的节点，最好是部署在 openwrt 网关，可以`arp -a`看下是否可以扫描完全。
+3. 服务会自动更新路由表，每 2 个小时更新一次，对于新入网的设备，最好在后台手动刷新并重启代理，以免拦截规则不能立即生效。
+4. 所有规则都在 HTTP 代理中生效，Socks5 是指向 AnyProxy 的反向代理，且默认开启了 TLS 加密，内网 Mac 地址的拦截只对直接绑定 HTTP 代理的情况生效。因此建议优先使用 HTTP 代理。
+
+#### Youtube 去广告
+
+一共六条拦截规则，这几条 reject 规则直接配置在后台里：
+
+- *youtube.com*：`^https?:\/\/(www|s)\.youtube\.com\/(pagead|ptracking)`
+- *youtube.com*：`^https?:\/\/s\.youtube\.com\/api\/stats\/qoe\?adcontext`
+- *youtube.com*：`^https?:\/\/(www|s)\.youtube\.com\/api\/stats\/ads`
+- *googlevideo.com*：`^https?:\/\/[\w-]+\.googlevideo\.com\/(?!(dclk_video_ads|videoplayback\?)).+&oad`
+- <del>*youtubei.googleapis.com*：`\/youtubei\/v1\/notification_registration\/get_settings`</del>
+
+另外两条规则在这里：<https://github.com/jayli/block-proxy/blob/main/proxy/mitm/rule.js>（手工添加上面四条规则就够了）
+
+#### 有道词典会员
+
+done！
+
+#### 代理性能
+
+**并发测试**：
+
+|直连测试     |代理测试     |
+|:---------:|:----------------:|
+|<img height="500" alt="image" src="https://github.com/user-attachments/assets/8268bc5c-956f-4b67-89c1-cdd5725114b3" />  | <img height="500" alt="image" src="https://github.com/user-attachments/assets/abf4bfa1-c8b8-4907-ba0e-bcc76e8899fa" />|
+
+**网速测试**：
+
+<img width="544" alt="image" src="https://github.com/user-attachments/assets/67c61e34-67ae-4345-97ca-d266cd35ddf4" />
+
+> ⚠️ 提示：如果把 block-proxy 部署在 openwrt 网关上，代理地址和网关地址一致，iOS Safari 有一个默认安全限制，不支持带认证的代理和网关 IP 一致，两个解决办法：
+>
+>1. 不要填代理认证用户名和密码
+>2. 给 openwrt lan 口再绑定一个 IP，ios 设备在局域网内绑定这个 IP
+>
+><img width="300" alt="image" src="https://github.com/user-attachments/assets/0f46d6b4-00b1-44aa-9be7-fa23a09bb199" />
+
+### License
+
+MIT

package/bin/start.js

@@ -0,0 +1,45 @@
+#!/usr/bin/env node
+
+const { spawn } = require('child_process');
+const path = require('path');
+
+// 获取包根目录和 start.js 路径
+const pkgDir = path.join(__dirname, '..');
+const startScript = path.resolve(pkgDir, 'server/start.js');
+
+// 构造命令：先运行 npm run cp，再运行 node server/start.js
+const command = `npm run cp && node "${startScript}"`;
+
+console.error(`[💟] Block-Proxy 启动: ${command}`);
+
+// 使用 spawn + shell: true 来支持 && 和管道
+const child = spawn(command, {
+  cwd: pkgDir,
+  shell: true,           // ⭐ 必须启用 shell 才能解析 &&、|、> 等
+  stdio: 'pipe'          // 我们要手动处理流
+});
+
+// 实时输出 stdout（流式）
+child.stdout.on('data', (data) => {
+  process.stdout.write(data); // 直接写到父进程 stdout
+});
+
+// 实时输出 stderr（流式）
+child.stderr.on('data', (data) => {
+  process.stderr.write(data);
+});
+
+// 处理子进程退出
+child.on('close', (code, signal) => {
+  console.error(`\n[my_app] Process exited with code ${code}`);
+  process.exit(code || 0);
+});
+
+// 转发 Ctrl+C 信号（重要！）
+process.on('SIGINT', () => {
+  console.error('\n[my_app] Received SIGINT, shutting down...');
+  child.kill('SIGINT'); // 发送中断信号给子进程
+  setTimeout(() => {
+    child.kill('SIGTERM'); // 2秒后强制终止
+  }, 2000);
+});

package/cert/rootCA.crt

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRzCCAi+gAwIBAgIDA4l1MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNVBAYTAkNO
+MREwDwYDVQQKEwhBbnlQcm94eTELMAkGA1UECBMCU0gxGzAZBgNVBAsTEkFueVBy
+b3h5IFNTTCBQcm94eTERMA8GA1UEAxMIQW55UHJveHkwHhcNMjUxMjI4MTYzNTA4
+WhcNMjgwNDAxMTYzNTA4WjBdMQswCQYDVQQGEwJDTjERMA8GA1UEChMIQW55UHJv
+eHkxCzAJBgNVBAgTAlNIMRswGQYDVQQLExJBbnlQcm94eSBTU0wgUHJveHkxETAP
+BgNVBAMTCEFueVByb3h5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+plZZJFrG1gyWdhU8vhcTsFp0qTTbDAd87i4NQtPlGWpojM6ftORbmOZpSv1r5cZZ
+iGC+o3+so/9WRx2a1PmZJvklTeurtTyQ7SsKCNGR+e3TospW05QHvH9CEpBzJ+eV
+A3Z9Vn84GzFABkXJ9lDw0yIbAe+uQkZKaJPR4xCJQTYjDcm62lKQbpUxV8+NVj+A
+HXDY0vj88NXYTPe0AXCxWXWuirNe9M61fo5SZK81B/sNNsEyZs/VW9n8u0BXTg+p
+Lr9qC6NFro7WAnBn0Z4DxGhC1pdzlAMD1+LDcqYsJD6cfhfI+kSQJms8tOE062M5
+uwxnLnp2y5P8Os1nvf0snQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
+DQEBCwUAA4IBAQCLoyYxU1VnX3nmpBAe9TJdCCja44LMwW+vKFAOanciwIX1cK59
+soRmpROMKh2KkEzMtEXYhjnogZLaE2RU9zfsqgKUf85RXynxphJiexWOWCk1mgzV
+XMbh3U3LsaP9E+mQhsRfWnbizT9s1JXJdlQSbVUqR/+ipFLlizGHpICrO6uSaCmc
+qGW4EMamtQVYQQGPW9FneE0uesMUqxNDmAqlB3KppbQampdHNGZUPOi3q0uFeXAc
+QpvHPuX1ek0lW/Vy79lLUMISnmSFWiqEdZPh5wlX1qZcZ0/aUu6dt2T8Zd2nAd5L
+GV+pAFmLQL4qEiUJ4JShBwSpeTha/HhyHsfD
+-----END CERTIFICATE-----

package/cert/rootCA.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAplZZJFrG1gyWdhU8vhcTsFp0qTTbDAd87i4NQtPlGWpojM6f
+tORbmOZpSv1r5cZZiGC+o3+so/9WRx2a1PmZJvklTeurtTyQ7SsKCNGR+e3TospW
+05QHvH9CEpBzJ+eVA3Z9Vn84GzFABkXJ9lDw0yIbAe+uQkZKaJPR4xCJQTYjDcm6
+2lKQbpUxV8+NVj+AHXDY0vj88NXYTPe0AXCxWXWuirNe9M61fo5SZK81B/sNNsEy
+Zs/VW9n8u0BXTg+pLr9qC6NFro7WAnBn0Z4DxGhC1pdzlAMD1+LDcqYsJD6cfhfI
++kSQJms8tOE062M5uwxnLnp2y5P8Os1nvf0snQIDAQABAoIBADjtyKiWoQLVYBGe
+ByIQB98NtmvK+UVOssVZ4ZQDrZ9bOdknRqXEmkzkXxkZTvpfPnlckyKmKdIfK8o/
+KaTGoFIkZ04Z4LSwu/FQD6khANMHQK2wjrLvMQ6kh1qPMbpwmiGLRi56cBtuabk7
+3Xl+Dk5Ul+W7wGpSYFkWbnlGSZOVg3GUceTl/ws9Eu4lgnRraJFB1DVUTrD3aL+e
+1p4+Z+yI4jQDJxXU87JHM70zm5KLD3SNVPLH3xE2KztfgSvX2cE/r0HS6c/2SM+O
+t4doP4JeanVXsvzkDNcuY9XrAC0UOisVTSirISGW+VPqnX4e+cRwDupG4Y1WDSC4
+XqACMsECgYEA6QqR0RVc6Umm5+pNNWQvYRqmWd37MpZYRKDVX1oom46sYAyhFLVu
+YRmNOqHzPV717vs1iVuAqr6K7S90hKy5UBBBVBdRRuGjDBysyrDpiCemFT3Pmzaq
+UjonwJt4fMh3MuWTqgabJUMwBjJMM+fx/WGwPNCkbQnLHJY+HU0TrTUCgYEAtrl3
+j0T+vREGUj9q00dA2DfV3qH88hR69H2vzpp8rPY3Un/tgP9NOq2Dl5W6StDSgvh+
+s1Zx6QV5pmmAlIbNGLZ6bX/4qAD8w0eU1GmMEcIsD6auI4DC7oa1EIhwqDZ/oapr
+DfgcE+MpX/nOTi6CvrfjCEKD13HZvLWYFiQdNskCgYAOb9Uwur4SxblNTLqTwC0f
+OuNrVdEmBSJavgv56D/zwxbyrFWeTs8TvN1+8GF9P9DEiVN7uutxqHQ61WHGhlzE
+lP03FGq4lWngajZaKDOPd8VWM4oU94H9rhSgXgFM2a5ovMg1FEuwN0VWXO9Tl97p
+749XdSV6i8zFbJlUf13ksQKBgQCw27keYfCSfUz6BMnX78qSvRBzqaSTh0EvLgwh
+VCRCoRoQ7yOpzPIqTlHlQZYL3i0zeWPhH1Wn7pW9fbZnjEYtmknLfKbnrfT46mri
+YbqiYaeWCoXYdUO37YiJlRY9qmpExxdRcQl0MlYUwExwHdKM2J2VnBPSTy8p2TZ4
+j8H7CQKBgGYFm/QkLlsCb3lfqsnS3lpRbvslNuxbl+f4db5LNpV5bnYEtb4TCki4
+XC8diX+JbOm28POIkVZrXzZa/KL2x5JXavbUwimSgG32etlR9OJsUUMUV7F4yQhU
+VxJQ3dSq3u4uPaP+cUThuAkaCKeLNPDMgF+gVLqWYZH/J4OiReQE
+-----END RSA PRIVATE KEY-----

package/config.json

@@ -0,0 +1,234 @@
+{
+  "network_scanning_status": "1",
+  "progress_time_stamp": "1766571511705",
+  "block_hosts": [
+    {
+      "filter_host": "bilibili.com",
+      "filter_match_rule": "",
+      "filter_start_time": "00:00",
+      "filter_end_time": "23:59",
+      "filter_weekday": [
+        1,
+        2,
+        3,
+        4,
+        5,
+        6,
+        7
+      ],
+      "filter_mac": "6E:FB:18:4D:9C:3E"
+    },
+    {
+      "filter_host": "doubao.com",
+      "filter_match_rule": "",
+      "filter_start_time": "00:00",
+      "filter_end_time": "23:59",
+      "filter_weekday": [
+        1,
+        2,
+        3,
+        4,
+        5,
+        6,
+        7
+      ],
+      "filter_mac": "6E:FB:18:4D:9C:3E"
+    },
+    {
+      "filter_host": "dburl.net",
+      "filter_match_rule": "",
+      "filter_start_time": "00:00",
+      "filter_end_time": "23:59",
+      "filter_weekday": [
+        1,
+        2,
+        3,
+        4,
+        5,
+        6,
+        7
+      ],
+      "filter_mac": "6E:FB:18:4D:9C:3E"
+    },
+    {
+      "filter_host": "baidu.com",
+      "filter_match_rule": "",
+      "filter_start_time": "00:00",
+      "filter_end_time": "23:59",
+      "filter_weekday": [
+        1,
+        2,
+        3,
+        4,
+        5,
+        6,
+        7
+      ],
+      "filter_mac": "6E:FB:18:4D:9C:3E"
+    },
+    {
+      "filter_host": "youtube.com",
+      "filter_match_rule": "^https?:\\/\\/(www|s)\\.youtube\\.com\\/(pagead|ptracking)",
+      "filter_start_time": "00:00",
+      "filter_end_time": "23:59",
+      "filter_weekday": [
+        1,
+        2,
+        3,
+        4,
+        5,
+        6,
+        7
+      ],
+      "compiledFilterRegexp": {}
+    },
+    {
+      "filter_host": "youtube.com",
+      "filter_match_rule": "^https?:\\/\\/s\\.youtube\\.com\\/api\\/stats\\/qoe\\?adcontext",
+      "filter_start_time": "00:00",
+      "filter_end_time": "23:59",
+      "filter_weekday": [
+        1,
+        2,
+        3,
+        4,
+        5,
+        6,
+        7
+      ],
+      "compiledFilterRegexp": {}
+    },
+    {
+      "filter_host": "youtube.com",
+      "filter_match_rule": "^https?:\\/\\/(www|s)\\.youtube\\.com\\/api\\/stats\\/ads",
+      "filter_start_time": "00:00",
+      "filter_end_time": "23:59",
+      "filter_weekday": [
+        1,
+        2,
+        3,
+        4,
+        5,
+        6,
+        7
+      ],
+      "compiledFilterRegexp": {}
+    },
+    {
+      "filter_host": "googlevideo.com",
+      "filter_match_rule": "^https?:\\/\\/[\\w-]+\\.googlevideo\\.com\\/(?!(dclk_video_ads|videoplayback\\?)).+&oad",
+      "filter_start_time": "00:00",
+      "filter_end_time": "23:59",
+      "filter_weekday": [
+        1,
+        2,
+        3,
+        4,
+        5,
+        6,
+        7
+      ],
+      "compiledFilterRegexp": {}
+    }
+  ],
+  "proxy_port": 8001,
+  "web_interface_port": 8003,
+  "your_domain": "abc.com",
+  "vpn_proxy": "",
+  "auth_username": "",
+  "auth_password": "",
+  "enable_express": "1",
+  "enable_socks5": "1",
+  "socks5_port": 8002,
+  "enable_webinterface": "1",
+  "devices": [
+    {
+      "ip": "192.168.124.1",
+      "mac": "66:65:A3:5A:D7:8C"
+    },
+    {
+      "ip": "192.168.124.2",
+      "mac": "7C:DE:78:A9:83:A0"
+    },
+    {
+      "ip": "192.168.124.3",
+      "mac": "0:DD:B6:EA:E6:2A"
+    },
+    {
+      "ip": "192.168.124.6",
+      "mac": "0:DD:B6:EB:26:5C"
+    },
+    {
+      "ip": "192.168.124.20",
+      "mac": "DC:97:58:D:FD:9F"
+    },
+    {
+      "ip": "192.168.124.37",
+      "mac": "DE:1E:87:ED:17:8B"
+    },
+    {
+      "ip": "192.168.124.54",
+      "mac": "E2:4D:6E:1:21:6E"
+    },
+    {
+      "ip": "192.168.124.111",
+      "mac": "74:3F:C2:67:74:98"
+    },
+    {
+      "ip": "192.168.124.117",
+      "mac": "48:F3:F3:CA:1D:E"
+    },
+    {
+      "ip": "192.168.124.149",
+      "mac": "14:C0:50:14:6E:A5"
+    },
+    {
+      "ip": "192.168.124.181",
+      "mac": "9A:8A:4A:A5:C8:C7"
+    },
+    {
+      "ip": "192.168.124.200",
+      "mac": "54:52:84:95:DF:5E"
+    },
+    {
+      "ip": "192.168.124.210",
+      "mac": "F4:3C:3B:77:E:AE"
+    },
+    {
+      "ip": "192.168.124.212",
+      "mac": "D2:E9:D1:F8:CE:ED"
+    },
+    {
+      "ip": "192.168.124.229",
+      "mac": "D6:A0:61:69:67:F6"
+    },
+    {
+      "ip": "192.168.124.240",
+      "mac": "F4:6B:8C:90:29:5"
+    },
+    {
+      "ip": "192.168.124.251",
+      "mac": "6E:FB:18:4D:9C:3E"
+    },
+    {
+      "ip": "192.168.124.255",
+      "mac": "FF:FF:FF:FF:FF:FF"
+    },
+    {
+      "ip": "192.168.124.53",
+      "mac": "E2:4D:6E:1:21:6E"
+    },
+    {
+      "ip": "192.168.124.211",
+      "mac": "D2:E9:D1:F8:CE:ED"
+    },
+    {
+      "ip": "192.168.124.10",
+      "mac": "66:65:A3:5A:D7:8C"
+    },
+    {
+      "ip": "192.168.124.150",
+      "mac": "14:C0:50:14:6E:A5"
+    }
+  ]
+}

package/craco.config.js

@@ -0,0 +1,52 @@
+// craco 具体的配置，只给开发环境使用
+const http = require('http');
+const https = require('https');
+const { URL } = require('url');
+const fs = require('fs');
+const path = require('path');
+
+module.exports = {
+  devServer: (devServerConfig, { env, paths, proxy, allowedHost }) => {
+
+    devServerConfig.onBeforeSetupMiddleware = (devServer) => {
+
+      // get/post /api/config...
+      devServer.app.use('/api', async (req, res) => {
+        const proxyReq = http.request({
+          hostname: 'localhost',
+          port: 8003,
+          path: '/api' + req.url,  // 关键修改：添加缺失的 /api 前缀
+          method: req.method,
+          headers: req.headers
+        }, (proxyRes) => {
+          res.writeHead(proxyRes.statusCode, proxyRes.headers);
+          proxyRes.pipe(res);
+        });
+
+        proxyReq.on('error', (err) => {
+          console.error('Proxy error:', err);
+          res.status(500).send('Proxy Error');
+        });
+
+        req.pipe(proxyReq);
+      });
+    };
+
+    /*
+    // 保存原始的onListening回调（如果存在）
+    const originalOnListening = devServerConfig.onListening;
+    
+    // 在服务监听完成后启动LocalProxy
+    devServerConfig.onListening = (devServer) => {
+      // 调用原始的onListening（如果存在）
+      if (originalOnListening) {
+        originalOnListening(devServer);
+      }
+      
+      // LocalProxy.init();
+    };
+    */
+
+    return devServerConfig;
+  },
+};