mirror of
https://github.com/openwrt/packages.git
synced 2025-12-27 06:59:59 +04:00
pbr: bugfixes: boot-up and negative dest_addr
* bugfix: more robust boot-up behaviour, obsoleting following config options: procd_boot_delay, procd_boot_timeout, procd_wan_ignore_status * bugfix: fix typo in processing negations on dest_addr Signed-off-by: Stan Grishin <stangri@melmac.ca>
This commit is contained in:
Stan Grishin
@@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=pbr
|
||||
PKG_VERSION:=1.1.8
|
||||
PKG_RELEASE:=4
|
||||
PKG_RELEASE:=6
|
||||
PKG_LICENSE:=AGPL-3.0-or-later
|
||||
PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>
|
||||
|
||||
|
||||
@@ -8,7 +8,6 @@ config pbr 'config'
|
||||
list ignored_interface 'vpnserver'
|
||||
option boot_timeout '30'
|
||||
option rule_create_option 'add'
|
||||
option procd_boot_delay '0'
|
||||
option procd_reload_delay '1'
|
||||
option webui_show_ignore_target '0'
|
||||
option nft_rule_counter '0'
|
||||
|
||||
@@ -47,7 +47,6 @@ readonly xrayIfacePrefix='xray_'
|
||||
readonly rtTablesFile='/etc/iproute2/rt_tables'
|
||||
|
||||
# package config options
|
||||
procd_boot_timeout=
|
||||
enabled=
|
||||
fw_mask=
|
||||
icmp_interface=
|
||||
@@ -55,10 +54,8 @@ ignored_interface=
|
||||
ipv6_enabled=
|
||||
nft_user_set_policy=
|
||||
nft_user_set_counter=
|
||||
procd_boot_delay=
|
||||
procd_reload_delay=
|
||||
procd_lan_device=
|
||||
procd_wan_ignore_status=
|
||||
procd_wan_interface=
|
||||
procd_wan6_interface=
|
||||
procd_wan6_metric='128'
|
||||
@@ -94,6 +91,7 @@ ifacesSupported=
|
||||
firewallWanZone=
|
||||
wanGW4=
|
||||
wanGW6=
|
||||
pbr_boot_flag=
|
||||
serviceStartTrigger=
|
||||
processDnsPolicyError=
|
||||
processPolicyError=
|
||||
@@ -460,10 +458,8 @@ load_package_config() {
|
||||
config_get_bool strict_enforcement 'config' 'strict_enforcement' '1'
|
||||
config_get supported_interface 'config' 'supported_interface'
|
||||
config_get verbosity 'config' 'verbosity' '2'
|
||||
config_get procd_boot_delay 'config' 'procd_boot_delay' '0'
|
||||
config_get procd_boot_timeout 'config' 'procd_boot_timeout' '30'
|
||||
config_get procd_reload_delay 'config' 'procd_reload_delay' '0'
|
||||
config_get procd_lan_device 'config' 'procd_lan_device' 'br-lan'
|
||||
config_get procd_wan_ignore_status 'config' 'procd_wan_ignore_status' '1'
|
||||
config_get procd_wan_interface 'config' 'procd_wan_interface' 'wan'
|
||||
config_get procd_wan6_interface 'config' 'procd_wan6_interface' 'wan6'
|
||||
config_get wan_ip_rules_priority 'config' 'wan_ip_rules_priority' '30000'
|
||||
@@ -506,7 +502,6 @@ load_package_config() {
|
||||
${nft_set_policy:+ policy "$nft_set_policy";} \
|
||||
${nft_set_timeout:+ timeout "$nft_set_timeout";} \
|
||||
"
|
||||
|
||||
}
|
||||
|
||||
# shellcheck disable=SC2317
|
||||
@@ -621,21 +616,13 @@ load_network() {
|
||||
|
||||
is_wan_up() {
|
||||
local sleepCount='1' param="$1"
|
||||
[ "$procd_wan_ignore_status" -eq '1' ] && return 0
|
||||
[ "$param" = 'on_boot' ] || procd_boot_timeout='1'
|
||||
if [ -z "$(uci_get network "$procd_wan_interface")" ]; then
|
||||
state add 'errorSummary' 'errorNoWanInterface' "$procd_wan_interface"
|
||||
state add 'errorSummary' 'errorNoWanInterfaceHint'
|
||||
return 1
|
||||
fi
|
||||
while [ -z "$wanGW" ]; do
|
||||
load_network "$param"
|
||||
if [ "$((sleepCount))" -gt "$((procd_boot_timeout))" ] || [ -n "$wanGW" ]; then break; fi
|
||||
output "$serviceName waiting for $procd_wan_interface gateway...\n"
|
||||
sleep 1
|
||||
network_flush_cache
|
||||
sleepCount=$((sleepCount+1))
|
||||
done
|
||||
network_flush_cache
|
||||
load_network "$param"
|
||||
if [ -n "$wanGW" ]; then
|
||||
return 0
|
||||
else
|
||||
@@ -1283,7 +1270,7 @@ policy_routing() {
|
||||
|
||||
if [ -n "$dest_addr" ]; then
|
||||
if [ "${dest_addr:0:1}" = "!" ]; then
|
||||
negation='!='; value="${src_addr//\!}"; nftset_suffix='_neg';
|
||||
negation='!='; value="${dest_addr//\!}"; nftset_suffix='_neg';
|
||||
else
|
||||
unset negation; value="$dest_addr"; unset nftset_suffix;
|
||||
fi
|
||||
@@ -1976,13 +1963,10 @@ user_file_process() {
|
||||
}
|
||||
|
||||
boot() {
|
||||
local procd_boot_delay
|
||||
config_load "$packageName"
|
||||
config_get procd_boot_delay 'config' 'procd_boot_delay' '0'
|
||||
nft_file 'delete'
|
||||
ubus -t 30 wait_for network.interface 2>/dev/null
|
||||
{ is_integer "$procd_boot_delay" && sleep "$procd_boot_delay"; \
|
||||
rc_procd start_service 'on_boot' && service_started 'on_boot'; } &
|
||||
pbr_boot_flag=1
|
||||
rc_procd start_service 'on_boot' && service_started 'on_boot'
|
||||
}
|
||||
|
||||
on_firewall_reload() {
|
||||
@@ -2010,6 +1994,7 @@ on_interface_reload() {
|
||||
start_service() {
|
||||
local resolverStoredHash resolverNewHash i param="$1" reloadedIface
|
||||
|
||||
[ -n "$pbr_boot_flag" ] && return 0
|
||||
load_environment "${param:-on_start}" "$(load_validate_config)" || return 1
|
||||
is_wan_up "$param" || return 1
|
||||
|
||||
@@ -2176,14 +2161,19 @@ service_triggers() {
|
||||
load_validate_policy
|
||||
load_validate_include
|
||||
procd_close_validate
|
||||
procd_open_trigger
|
||||
procd_add_config_trigger "config.change" 'openvpn' "/etc/init.d/${packageName}" reload 'on_openvpn_change'
|
||||
procd_add_config_trigger "config.change" "${packageName}" "/etc/init.d/${packageName}" reload
|
||||
for n in $ifacesSupported; do
|
||||
procd_add_interface_trigger "interface.*" "$n" "/etc/init.d/${packageName}" on_interface_reload "$n"
|
||||
done
|
||||
procd_close_trigger
|
||||
# procd_add_raw_trigger "interface.*.up" 4000 "/etc/init.d/${packageName}" restart 'on_interface_up'
|
||||
if [ -n "$pbr_boot_flag" ]; then
|
||||
output "Setting triggers (on_boot) "
|
||||
# shellcheck disable=SC2015
|
||||
procd_add_raw_trigger "interface.*.up" 5000 "/etc/init.d/${packageName}" start && output_okn || output_failn
|
||||
else
|
||||
procd_open_trigger
|
||||
procd_add_config_trigger "config.change" 'openvpn' "/etc/init.d/${packageName}" reload 'on_openvpn_change'
|
||||
procd_add_config_trigger "config.change" "${packageName}" "/etc/init.d/${packageName}" reload
|
||||
for n in $ifacesSupported; do
|
||||
procd_add_interface_trigger "interface.*" "$n" "/etc/init.d/${packageName}" on_interface_reload "$n"
|
||||
done
|
||||
procd_close_trigger
|
||||
fi
|
||||
if [ "$serviceStartTrigger" = 'on_start' ]; then
|
||||
output 3 "$serviceName monitoring interfaces: ${ifacesSupported}\n"
|
||||
fi
|
||||
@@ -2368,11 +2358,8 @@ load_validate_config() {
|
||||
'icmp_interface:or("", tor, uci("network", "@interface"))' \
|
||||
'ignored_interface:list(or(tor, uci("network", "@interface")))' \
|
||||
'supported_interface:list(or(ignore, tor, regex("xray_.*"), uci("network", "@interface")))' \
|
||||
'procd_boot_delay:integer:0' \
|
||||
'procd_boot_timeout:integer:30' \
|
||||
'procd_reload_delay:integer:0' \
|
||||
'procd_lan_device:list(or(network)):br-lan' \
|
||||
'procd_wan_ignore_status:bool:1' \
|
||||
'procd_wan_interface:network:wan' \
|
||||
'procd_wan6_interface:network:wan6' \
|
||||
'wan_ip_rules_priority:uinteger:30000' \
|
||||
|
||||
Reference in New Issue
Block a user