block-proxy 0.1.10 → 0.1.12

package/.agents/skills/commit/skill.md

@@ -0,0 +1,40 @@
+---
+name: "commit"
+description: "Analyze git changes, stage as needed, generate a Conventional Commit message, and create a commit."
+argument-hint: "[optional commit intent]"
+user-invocable: true
+---
+
+# Skill: Smart Git Commit
+
+Use this skill when the user runs `/commit` or asks to commit changes.
+
+## Instructions
+
+1. **Analyze Context**:
+   - Run `git status` to identify modified, added, or deleted files.
+   - Run `git diff` to inspect changes in unstaged files.
+   - Run `git diff --cached` to inspect changes in staged files.
+
+2. **Stage Changes**:
+   - If there are unstaged changes, run `git add -A` to stage all changes unless the user explicitly requested a partial commit.
+
+3. **Generate Commit Message**:
+   - Analyze diffs to understand the intent of changes.
+   - Draft a message following **Conventional Commits**:
+     ```
+     <type>(<scope>): <description>
+
+     [optional body]
+     ```
+   - **Type 使用英文**: `feat`, `fix`, `docs`, `style`, `refactor`, `perf`, `test`, `build`, `ci`, `chore`。
+   - Scope 为可选，应反映受影响的功能区域。
+   - **标题示例格式**: `feat(world): WorldStore/RegionCache 架构与 runtime chunk streaming`
+   - **正文尽量使用中文编写**，描述具体变更细节和原因。
+
+4. **Execute Commit**:
+   - Run `git commit -m "generated_message"`.
+   - If a body is needed, use multiple `-m` flags.
+
+5. **Report**:
+   - Inform the user of the commit message used and commit result.

package/.claude/skills/commit/skill.md

@@ -1,32 +1,40 @@
+---
+name: "commit"
+description: "Analyze git changes, stage as needed, generate a Conventional Commit message, and create a commit."
+argument-hint: "[optional commit intent]"
+user-invocable: true
+---
+
 # Skill: Smart Git Commit
 
 Use this skill when the user runs `/commit` or asks to commit changes.
 
 ## Instructions
 
-1.  **Analyze Context**:
-    - Run `git status` to identify modified, added, or deleted files.
-    - Run `git diff` to inspect the actual code changes in unstaged files.
-    - Run `git diff --cached` to inspect changes in staged files.
-
-2.  **Stage Changes**:
-    - If there are unstaged changes, run `git add -A` to stage all changes (unless the user specifically asked to partial commit).
-
-3.  **Generate Commit Message**:
-    - Analyze the diffs to understand the *intent* of the changes.
-    - Draft a commit message following the **Conventional Commits** specification:
-      ```
-      <type>(<scope>): <description>
-
-      [optional body]
-      ```
-    - **Types**: `feat`, `fix`, `docs`, `style`, `refactor`, `perf`, `test`, `build`, `ci`, `chore`.
-    - **Scope**: (Optional) The module or file affected (e.g., `proxy`, `ui`, `deps`).
-    - **Description**: Concise summary in imperative mood (e.g., "add support for...", not "added").
-
-4.  **Execute Commit**:
-    - Run `git commit -m "generated_message"`.
-    - If the message has a body, use multiple `-m` flags or a heredoc.
-
-5.  **Report**:
-    - Inform the user of the commit message used and the result.
+1. **Analyze Context**:
+   - Run `git status` to identify modified, added, or deleted files.
+   - Run `git diff` to inspect changes in unstaged files.
+   - Run `git diff --cached` to inspect changes in staged files.
+
+2. **Stage Changes**:
+   - If there are unstaged changes, run `git add -A` to stage all changes unless the user explicitly requested a partial commit.
+
+3. **Generate Commit Message**:
+   - Analyze diffs to understand the intent of changes.
+   - Draft a message following **Conventional Commits**:
+     ```
+     <type>(<scope>): <description>
+
+     [optional body]
+     ```
+   - **Type 使用英文**: `feat`, `fix`, `docs`, `style`, `refactor`, `perf`, `test`, `build`, `ci`, `chore`。
+   - Scope 为可选，应反映受影响的功能区域。
+   - **标题示例格式**: `feat(world): WorldStore/RegionCache 架构与 runtime chunk streaming`
+   - **正文尽量使用中文编写**，描述具体变更细节和原因。
+
+4. **Execute Commit**:
+   - Run `git commit -m "generated_message"`.
+   - If a body is needed, use multiple `-m` flags.
+
+5. **Report**:
+   - Inform the user of the commit message used and commit result.

package/CLAUDE.md

@@ -1,15 +1,23 @@
 # CLAUDE.md
 
-This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+This file provides guidance to Claude Code (claude.ai/code) when working with this repository.
 
 ## Common Commands
 
 ### Development
+- `pnpm i` – Install dependencies (pnpm is the preferred package manager)
 - `npm run dev` – Start development mode with BLOCK_PROXY_DEV=1 (starts all services)
 - `npm run craco` – Start React development server with CRACO (port 3000)
 - `npm run start` / `npm run express` – Start backend + proxy server for production
 - `npm run proxy` – Start proxy only (no admin interface)
 - `npm run socks5` – Start SOCKS5 server only
+- `npm run cp` – Print start banner (used internally by other scripts)
+
+### Code Analysis
+- `npm test` – Run React tests (currently limited, based on CRA defaults)
+
+### Utilities
+- `npm run rm_bkconfig` – Remove backup config file
 
 ### Build & Deployment
 - `npm run build` – Build React frontend
@@ -19,7 +27,7 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 - `npm run eject` – Eject from Create React App (irreversible)
 
 ### Global CLI
-- `block-proxy` – Start the proxy system (auto-restart on failure)
+- `block-proxy` – Start the proxy system (auto-restart on failure, max 10000 times)
 - `block-proxy -c rule.js` – Start with external MITM rule configuration
 
 ## Architecture Overview
@@ -29,35 +37,51 @@ Block-Proxy is a MITM-based proxy filtering tool designed for parental control a
 ### Core Components
 
 1. **Proxy Engine** (`/proxy/`)
-   - `proxy.js` – Main AnyProxy integration with MITM logic
-   - `mitm/` – MITM rule implementations (YouTube ads, dictionary, etc.)
-   - `scan.js` – Network scanning for device discovery (every 2 hours)
-   - `fs.js` – Configuration file management
+   - `proxy.js` – Main AnyProxy integration with MITM logic, request/response filtering
+   - `mitm/rule.js` – MITM rule definitions (YouTube ads, Youdao Dictionary, etc.)
+   - `mitm/youtube/` – YouTube ad-blocking response modifiers
+   - `mitm/ydcd/` – Youdao Dictionary VIP modifier
+   - `mitm/persistentStore.js` – Presistent store for MITM state (you can read along)
+   - `mitm/uaFilter.js` – User-Agent based filtering
+   - `scan.js` – Network scanning for device discovery (every 2 hours via ARP)
+   - `fs.js` – Configuration file management (read/write/backup)
+   - `attacker.js` – Request blocking logic
+   - `domain.js` – Host pattern matching
+   - `operator.js` – Proxy control operations (restart, etc.)
+   - `http.js` – HTTP client utilities
+   - `wanip.js` – WAN IP detection
+   - `monitor.js` – Proxy monitoring interface
 
 2. **SOCKS5 Proxy** (`/socks5/`)
-   - `server.js` – SOCKS5 over TLS implementation (port 8002)
+   - `server.js` – SOCKS5 over TLS implementation (port 8002), forwards to AnyProxy
    - `start.js` – SOCKS5 server entry point
 
 3. **Backend Server** (`/server/`)
    - `express.js` – Express.js API server for admin interface (port 8004)
-   - `start.js` – Main server entry point (decides whether to start admin UI)
+   - `start.js` – Main server entry point (decides whether to start admin UI based on config)
+   - `util.js` – Shared utilities
 
 4. **React Frontend** (`/src/`)
    - `App.js` – Admin interface for managing blocking rules
    - Built with Create React App, configured via CRACO
 
 5. **CLI Interface** (`/bin/`)
-   - `start.js` – Global CLI entry point with auto-restart capabilities and config cleanup
+   - `start.js` – Global CLI entry point with auto-restart capabilities (max 10000 restarts) and config cleanup on exit
+
+6. **AnyProxy Fork** (`/hack-of-anyproxy/`)
+   - Modified AnyProxy request handler with custom TLS handling, IPv6 normalization, and UA-based filtering
+   - Patched into `@bachi/anyproxy` package at runtime
 
-6. **Configuration** (`config.json`)
-   - Runtime configuration: ports, blocked hosts, authentication
+7. **Configuration** (`config.json`)
+   - Runtime configuration: ports, blocked hosts, authentication, device list
    - Auto-saved from admin interface
+   - Key fields: `block_hosts[]`, `proxy_port`, `socks5_port`, `enable_express`, `enable_socks5`, `devices[]`, `auth_username`, `auth_password`
 
 ### Port Configuration
-- `8001` – HTTP proxy port (mandatory)
+- `8001` – HTTP proxy port (mandatory, AnyProxy)
 - `8002` – SOCKS5 over TLS port (optional)
 - `8003` – AnyProxy monitoring interface (optional)
-- `8004` – Admin configuration interface (optional)
+- `8004` – Admin configuration interface (optional, Express)
 - `3000` – React development server (dev only)
 
 ### Entry Points
@@ -65,50 +89,86 @@ Block-Proxy is a MITM-based proxy filtering tool designed for parental control a
 - **Proxy-only**: `proxy/start.js` → `proxy/proxy.js`
 - **Development**: `npm run dev` → starts everything with dev flag
 
+### Request Flow
+```
+Client → HTTP Proxy (8001) → AnyProxy → MITM Rules → Target Server
+       → SOCKS5 (8002) → TLS → AnyProxy → MITM Rules → Target Server
+```
+
 ## Key Patterns
 
 ### MITM Rule System
 - Host-based blocking with regex pattern matching
 - Time-based restrictions (start/end times, weekdays)
-- MAC address targeting for device-specific rules
+- MAC address targeting for device-specific rules (HTTP proxy only)
 - YouTube ad blocking with predefined regex patterns
 - Custom rule injection via external `rule.js` configuration
+- Two rule types: `beforeSendRequest` and `beforeSendResponse`
+- Built-in rules: YouTube ad removal, Youdao Dictionary VIP unlock
+
+**Adding Custom MITM Rules:**
+1. Edit `proxy/mitm/rule.js` for built-in rules, or
+2. Create external rule file and start with `block-proxy -c rule.js`
+3. Rule structure: `{ type, host, regexp, callback }` where callback receives `(url, request, response)`
+4. See `example/rule.js` for reference
 
 ### Configuration Management
 - Configuration stored in `config.json` at runtime
-- Supports external rule files via `-c` flag
-- Network device scanning every 2 hours (stored in `config.json`)
+- Supports external rule files via `-c` flag (global config via `_fs.setGlobalConfigFile()`)
+- Network device scanning every 2 hours (stored in `config.json` as `devices[]`)
 - Auto-clears global config file on exit/restart
+- Backup config: `config_backup.json` (removed on build)
+
+### Block Host Rule Structure
+```javascript
+{
+  "filter_host": "example.com",           // Host pattern
+  "filter_match_rule": "^https?://...",   // URL regex (optional)
+  "filter_start_time": "00:00",           // Start time
+  "filter_end_time": "23:59",             // End time
+  "filter_weekday": [1,2,3,4,5,6,7],     // 1=Monday, 7=Sunday
+  "filter_mac": "AA:BB:CC:DD:EE:FF"      // Target device (optional)
+}
+```
 
 ### Deployment Patterns
 - Designed for OpenWRT router deployment with host networking (`--network=host`)
 - Docker container with volume mounting for configuration
 - Multi-architecture support (ARM/X86)
-- Auto-restart on failure with config cleanup
+- Auto-restart on failure with config cleanup (3 second delay, max 10000 restarts)
 - Production vs. development modes controlled by `BLOCK_PROXY_DEV` env var
 
 ### Development Workflow
 1. **Development**: `npm run dev` starts proxy + admin UI + SOCKS5 (if enabled)
-2. **Testing**: Proxy-only mode with `npm run proxy`
-3. **Building**: `npm run build` compiles React frontend to `/build/`
-4. **Docker**: Separate commands for x86 and ARM architectures
+2. **Frontend Development**: `npm run craco` starts React dev server (port 3000) with API proxy to backend (port 8003)
+3. **Testing**: Proxy-only mode with `npm run proxy`
+4. **Building**: `npm run build` compiles React frontend to `/build/`
+5. **Docker**: Separate commands for x86 and ARM architectures
 
 ### Dependencies
+**Note:** Due to the `@bachi/anyproxy` fork being incompatible with newer Node.js versions, it is bundled as a `devDependency`. Most runtime dependencies are in `devDependencies`:
 - `@bachi/anyproxy` – Modified AnyProxy fork for MITM
 - `express` – Backend API server
 - `react`, `react-dom` – Frontend framework
 - `commander` – CLI argument parsing
 - `axios` – HTTP client for API calls
 - `qrcode` – Certificate QR code generation for MITM setup
+- `ping` – Network ping utility
+- `http-proxy-agent`, `https-proxy-agent` – Upstream proxy support
+- `@craco/craco` – CRA configuration override
 
 ## Important Notes
 - SOCKS5 proxy does not support MAC address targeting (only HTTP proxy does)
 - Clients must install AnyProxy certificate for HTTPS MITM inspection
-- Service needs network scanning permissions (best deployed on OpenWRT gateway)
+- Service needs network scanning permissions (best deployed on OpenWRT gateway, uses `arp -a`)
 - Admin interface allows real-time rule management with proxy restart
 - Docker builds use Chinese npm registry (registry.npmmirror.com) by default
+- iOS Safari has security restriction: proxy with auth cannot be same as gateway IP
+- Network device table refreshes every 2 hours; new devices may need manual refresh
+- HTTP keep-alive enabled with max 100 sockets for performance
 
 # Project Rules & Skills
 
-- **Import Skill**: 实时遵循 `.claude/skills/*/skill.md` 中的指令。
-
+- **Local Skills**: 实时遵循 `.claude/skills/*/skill.md` 中的指令。可用技能: `commit`, `pcap-analyse`
+- **CLI入口**: 全局命令 `block-proxy` 注册在 `bin/start.js`，通过 `npm i -g` 安装后可直接调用
+- **config.json** 是运行时配置文件（非源码），由 `proxy/fs.js` 管理读写和备份，不在 git 中追踪变更

package/README.md

@@ -7,17 +7,13 @@
 
 > **Block-Proxy**
 
-基于 MITM 的代理和过滤工具，Socks5 套 TLS，用于公网
+Socks5/http 代理工具，支持 MITM 和二次开发
 
-主要是限制小朋友上网，依赖 anyproxy，用在 openwrt 里。特性：
+用在家庭网关，限制小朋友上网用。特性：
 
-- HTTP 代理
-- Socks5 over TLS 代理
-- 域名拦截
-- url 正则拦截
-- 指定拦截Mac地址
-- 设定日期和时间段
-- 顺便过滤广告
+- HTTP 代理 + Socks5 over TLS 代理
+- 域名拦截、url 正则、Mac 地址拦截
+- 设定日期和时间段、顺便过滤广告
 
 ### 1）使用方法
 
@@ -49,7 +45,35 @@ block-proxy -c rule.js
    - Arm 架构 → <a href="http://yui.cool:7001/public/downloads/block-proxy/arm/block-proxy.tar" target=_blank>block-proxy-arm.tar</a>
    - X86 架构 → <a href="http://yui.cool:7001/public/downloads/block-proxy/x86/block-proxy-x86.tar" target=_blank>block-proxy-x86.tar</a>
 2. 导入：`docker load < block-proxy.tar`
-3. 启动：参照下文 Docker 部署
+3. 启动：
+
+```
+docker run --init -d --restart=unless-stopped \
+           -e TZ=Asia/Shanghai --network=host \
+           --user=root \
+           --log-driver local \
+           --log-opt max-size=10m \
+           --log-opt max-file=3 \
+           --cpus="5" \
+           --memory 400m \
+           -v "$(pwd)/":/app/config \
+           --name block-proxy block-proxy
+```
+
+其中挂载目录 `$(pws)/` 下的 `rule.js` 是需要额外挂载的配置文件，可留空。
+
+> block-proxy 可以配置只启动 proxy 不启动后台面板，首次启动后访问 http://代理IP:8001 根据提示操作。
+
+网关里为了方便获取子网机器 ip 和 mac 地址，docker 容器需要和宿主机共享同一个网络，同时指定时区。
+
+如果是在 Window/Mac 中，需要手动指定端口绑定（不推荐）：
+
+```
+docker run --init -d --restart=unless-stopped --user=root \
+           -v "$(pwd)/":/app/config \
+           -e TZ=Asia/Shanghai -p 8001:8001 -p 8002:8002 -p 8003:8003 \
+           --name block-proxy block-proxy
+```
 
 ### 2）端口配置
 
@@ -84,42 +108,14 @@ block-proxy -c rule.js
 
 > 要是打包 docker 空间不够就执行 `docker system prune -a --volumes`
 
-拷贝 tar 到 openwrt 后启动容器：
-
-```
-docker run --init -d --restart=unless-stopped \
-           -e TZ=Asia/Shanghai --network=host \
-           --user=root \
-           --log-driver local \
-           --log-opt max-size=10m \
-           --log-opt max-file=3 \
-           --cpus="5" \
-           --memory 400m \
-           -v "$(pwd)/":/app/config \
-           --name block-proxy block-proxy
-```
-
-其中挂载目录 `$(pws)/` 下的 `rule.js` 是需要额外挂载的配置文件，可留空。
-
-> block-proxy 可以配置只启动 proxy 不启动后台面板，首次启动后访问 http://代理IP:8001 根据提示操作。
-
-网关里为了方便获取子网机器 ip 和 mac 地址，docker 容器需要和宿主机共享同一个网络，同时指定时区。
-
-如果是在 Window/Mac 中，需要手动指定端口绑定（不推荐）：
-
-```
-docker run --init -d --restart=unless-stopped --user=root \
-           -v "$(pwd)/":/app/config \
-           -e TZ=Asia/Shanghai -p 8001:8001 -p 8002:8002 -p 8003:8003 \
-           --name block-proxy block-proxy
-```
-
+拷贝 tar 到 openwrt 后启动容器：参照上文 Docker部署。
 
 ### 5）配置说明
 
 #### ① 代理端口
 
-默认开启两个代理端口：HTTP 8001 和 Socks5（over TLS） 8002。
+- 8001：HTTP 代理
+- 8002：socks5 over TLS
 
 ⚠️ Socks5 代理不支持对 Mac 地址的定向拦截，Mac 地址的拦截只对局域网内的 HTTP 代理绑定生效。建议局域网绑定 http 代理，公网绑定 Socks5 代理。
 
@@ -136,10 +132,10 @@ docker run --init -d --restart=unless-stopped --user=root \
 
 #### ③ 设备配置
 
-1. 代理设置：iPhone/iPad 为例：设置 → 无线局域网 → 点击当前网络 → HTTP代理/配置代理，设置服务器和端口。
-2. 证书设置：打开 AnyProxy 监控端口（默认8003），扫码安装证书，在手机设置中安装该证书，同时配置完全信任：设置→通用→关于本机→证书信任设置→打开对AnyProxy的完全信任
+1. 证书设置：进入后台配置，扫码安装证书，在手机设置中安装该证书，同时配置完全信任：设置→通用→关于本机→证书信任设置→打开对AnyProxy的完全信任
+2. 代理设置：iPhone/iPad 为例：设置 → 无线局域网 → 点击当前网络 → HTTP代理/配置代理，设置服务器和端口。
 
-小朋友的设备里把 Mac 固定下来：
+如果要通过 mac 地址拦截小朋友上网，小朋友的设备里把 Mac 固定下来：
 
 <img width="350" alt="image" src="https://github.com/user-attachments/assets/f9bfab89-7194-4a72-b1ae-5cca27911bc9" />
 
@@ -162,7 +158,7 @@ ip6tables -I forwarding_rule -m mac --mac-source D2:9E:8D:1B:F1:4E -j REJECT
 1. MITM 基于 AnyProxy 的规则实现，客户端设备必须要安装 AnyProxy 的证书。
 2. 服务需要根据 ip 反查 mac 地址，需要代理服务工作在对子网有扫描权限的节点，最好是部署在 openwrt 网关，可以`arp -a`看下是否可以扫描完全。
 3. 服务会自动更新路由表，每 2 个小时更新一次，对于新入网的设备，最好在后台手动刷新并重启代理，以免拦截规则不能立即生效。
-4. 所有规则都在 HTTP 代理中生效，Socks5 是指向 AnyProxy 的反向代理，且默认开启了 TLS 加密，内网 Mac 地址的拦截只对直接绑定 HTTP 代理的情况生效。因此建议优先使用 HTTP 代理。
+4. 所有规则都在 HTTP 代理中生效，Socks5 on tls 是指向 AnyProxy 的反向代理，内网 Mac 地址的拦截只对直接绑定 HTTP 代理的情况生效。
 
 #### Youtube 去广告
 
@@ -172,7 +168,6 @@ ip6tables -I forwarding_rule -m mac --mac-source D2:9E:8D:1B:F1:4E -j REJECT
 - *youtube.com*：`^https?:\/\/s\.youtube\.com\/api\/stats\/qoe\?adcontext`
 - *youtube.com*：`^https?:\/\/(www|s)\.youtube\.com\/api\/stats\/ads`
 - *googlevideo.com*：`^https?:\/\/[\w-]+\.googlevideo\.com\/(?!(dclk_video_ads|videoplayback\?)).+&oad`
-- <del>*youtubei.googleapis.com*：`\/youtubei\/v1\/notification_registration\/get_settings`</del>
 
 另外两条规则在这里：<https://github.com/jayli/block-proxy/blob/main/proxy/mitm/rule.js>（手工添加上面四条规则就够了）
 

package/build/index.html

@@ -1,2 +1 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Web site created using create-react-app"/><link rel="apple-touch-icon" href="/logo192.png"/><link rel="manifest" href="/manifest.json"/><title>React App</title><script defer="defer" src="/static/js/main.2247fb80.js"></script><link href="/static/css/main.8bfa3d5f.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
-
+<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Web site created using create-react-app"/><link rel="apple-touch-icon" href="/logo192.png"/><link rel="manifest" href="/manifest.json"/><title>React App</title><script defer="defer" src="/static/js/main.2247fb80.js"></script><link href="/static/css/main.8bfa3d5f.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>

package/config.json

@@ -1,5 +1,5 @@
 {
-  "network_scanning_status": "0",
+  "network_scanning_status": "1",
   "progress_time_stamp": "1766571511705",
   "block_hosts": [
     {
@@ -145,6 +145,58 @@
     {
       "ip": "192.168.124.1",
       "mac": "FA:27:3C:E5:31:5F"
+    },
+    {
+      "ip": "192.168.124.2",
+      "mac": "7C:DE:78:A9:83:A0"
+    },
+    {
+      "ip": "192.168.124.6",
+      "mac": "0:DD:B6:EB:26:5C"
+    },
+    {
+      "ip": "192.168.124.10",
+      "mac": "FA:27:3C:E5:31:5F"
+    },
+    {
+      "ip": "192.168.124.34",
+      "mac": "D6:A0:61:69:67:F6"
+    },
+    {
+      "ip": "192.168.124.37",
+      "mac": "DE:1E:87:ED:17:8B"
+    },
+    {
+      "ip": "192.168.124.49",
+      "mac": "62:A1:CC:42:55:E4"
+    },
+    {
+      "ip": "192.168.124.107",
+      "mac": "6:26:EA:5A:9E:6C"
+    },
+    {
+      "ip": "192.168.124.111",
+      "mac": "74:3F:C2:67:74:98"
+    },
+    {
+      "ip": "192.168.124.125",
+      "mac": "14:C0:50:14:6E:A5"
+    },
+    {
+      "ip": "192.168.124.128",
+      "mac": "48:F3:F3:CA:1D:E"
+    },
+    {
+      "ip": "192.168.124.200",
+      "mac": "54:52:84:95:DF:5E"
+    },
+    {
+      "ip": "192.168.124.240",
+      "mac": "F4:6B:8C:90:29:5"
+    },
+    {
+      "ip": "192.168.124.251",
+      "mac": "6E:FB:18:4D:9C:3E"
     }
   ]
-}
+}

package/hack-of-anyproxy/lib/requestHandler.js

@@ -496,7 +496,7 @@ function getUserReqHandler(userRule, recorder) {
         if (userRule.responseRules && matchResponseRule(userRule.responseRules, userConfig)) {
           var _chunkSizeThreshold = chunkSizeThreshold;
         } else {
-          var _chunkSizeThreshold = 0.5 * 1024 * 1024; // 512K
+          var _chunkSizeThreshold = 64 * 1024; // 64K
         }
         if (userConfig.response) {
           // user-assigned local response

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "block-proxy",
-  "version": "0.1.10",
+  "version": "0.1.12",
   "description": "Small-scale network mitm proxy filter",
   "bin": {
     "block-proxy": "bin/start.js"
@@ -17,20 +17,21 @@
   },
   "scripts": {
     "cp": "echo '----- program start -----'",
+    "rm_bkconfig": "rm ./config_backup.json",
     "craco": "craco start",
     "dev": "BLOCK_PROXY_DEV=1 npm run express",
     "start": "npm run express",
     "socks5": "node ./socks5/start.js",
     "express": "npm run cp && node ./server/start.js",
     "proxy": "npm run cp && node ./proxy/start.js",
-    "build": "react-scripts build",
+    "build": "npm run rm_bkconfig && react-scripts build",
     "docker:build": "npm run build && docker build -t block-proxy .",
     "docker:build_arm": "npm run build && docker buildx build --platform linux/arm64/v8 -t block-proxy .",
     "test": "react-scripts test",
     "eject": "react-scripts eject"
   },
   "devDependencies": {
-    "@bachi/anyproxy": "^0.1.3",
+    "@bachi/anyproxy": "^0.1.5",
     "@craco/craco": "^7.1.0",
     "axios": "^1.13.2",
     "commander": "^14.0.2",

package/proxy/fs.js

@@ -4,6 +4,7 @@ const path = require('path');
 
 const configPath = path.join(__dirname, '../config.json');
 const CONFIG_FILE_PATH = configPath;
+const BACKUP_FILE_PATH = path.join(__dirname, '../config_backup.json');
 
 // 传入的是对象
 async function writeConfig(newData) {
@@ -16,20 +17,45 @@ async function writeConfig(newData) {
   }
 }
 
+async function backupConfig(newData) {
+  try {
+    await fs.writeFile(BACKUP_FILE_PATH, JSON.stringify(newData, null, 2), 'utf8');
+  } catch (error) {
+    console.error('Error writing backup config file:', error.message);
+  }
+}
+
 // 示例：读取配置
 // 返回的是对象
 async function readConfig() {
   try {
     const data = await fs.readFile(CONFIG_FILE_PATH, 'utf8');
     const config = JSON.parse(data);
+
+    // 第一次运行：如果备份不存在，则生成一个
+    try {
+      await fs.access(BACKUP_FILE_PATH);
+    } catch (e) {
+      await backupConfig(config);
+    }
+
     return config;
   } catch (error) {
     if (error.code === 'ENOENT') {
       console.error('Config file does not exist.');
       return {}; // 或返回一个默认配置对象
     } else if (error instanceof SyntaxError) {
-      console.error('Error parsing config file JSON:', error.message);
-      throw error;
+      console.error('Error parsing config file JSON, attempting to restore from backup:', error.message);
+      try {
+        const backupData = await fs.readFile(BACKUP_FILE_PATH, 'utf8');
+        const config = JSON.parse(backupData);
+        // 自动恢复主配置文件
+        await writeConfig(config);
+        return config;
+      } catch (backupError) {
+        console.error('Backup file also failed:', backupError.message);
+        throw error;
+      }
     } else {
       console.error('Error reading config file:', error.message);
       throw error;
@@ -63,6 +89,7 @@ async function clearGlobalConfigFile() {
 module.exports = {
   writeConfig,
   readConfig,
+  backupConfig,
   setGlobalConfigFile,
   getGlobalConfigFile,
   clearGlobalConfigFile