diff options
Diffstat (limited to 'applications/luci-app-dockerman/root/etc/init.d')
-rwxr-xr-x | applications/luci-app-dockerman/root/etc/init.d/dockerman | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/applications/luci-app-dockerman/root/etc/init.d/dockerman b/applications/luci-app-dockerman/root/etc/init.d/dockerman new file mode 100755 index 000000000..22629c193 --- /dev/null +++ b/applications/luci-app-dockerman/root/etc/init.d/dockerman @@ -0,0 +1,46 @@ +#!/bin/sh /etc/rc.common + +START=99 +DOCKERD_CONF="/etc/docker/daemon.json" + +config_load dockerman +config_get daemon_ea "local" daemon_ea + +init_dockerman_chain(){ + iptables -N DOCKER-MAN >/dev/null 2>&1 + iptables -F DOCKER-MAN >/dev/null 2>&1 + iptables -D DOCKER-USER -j DOCKER-MAN >/dev/null 2>&1 + iptables -I DOCKER-USER -j DOCKER-MAN >/dev/null 2>&1 +} + +add_allowed_interface(){ + iptables -A DOCKER-MAN -i $1 -o docker0 -j RETURN +} + +add_allowed_ip(){ + iptables -A DOCKER-MAN -d $1 -o docker0 -j RETURN +} + +handle_allowed_interface(){ + #config_list_foreach "local" allowed_ip add_allowed_ip + config_list_foreach "local" ac_allowed_interface add_allowed_interface + iptables -A DOCKER-MAN -m conntrack --ctstate ESTABLISHED,RELATED -o docker0 -j RETURN >/dev/null 2>&1 + iptables -A DOCKER-MAN -m conntrack --ctstate NEW,INVALID -o docker0 -j DROP >/dev/null 2>&1 + iptables -A DOCKER-MAN -j RETURN >/dev/null 2>&1 +} + +start(){ + [ ! -x "/etc/init.d/dockerd" ] && return 0 + init_dockerman_chain + if [ -n "$daemon_ea" ]; then + handle_allowed_interface + lua /usr/share/dockerman/dockerd-config.lua "$DOCKERD_CONF" && /etc/init.d/dockerd restart && sleep 5 || { + # 1 running, 0 stopped + STATE=$([ -n "$(ps |grep /usr/bin/dockerd | grep -v grep)" ] && echo 1 || echo 0) + [ "$STATE" == "0" ] && /etc/init.d/dockerd start && sleep 5 + } + lua /usr/share/dockerman/dockerd-ac.lua + else + /etc/init.d/dockerd stop + fi +} |