diff options
Diffstat (limited to 'applications/luci-app-pbr/root/usr/libexec')
-rwxr-xr-x | applications/luci-app-pbr/root/usr/libexec/rpcd/luci.pbr | 190 |
1 files changed, 57 insertions, 133 deletions
diff --git a/applications/luci-app-pbr/root/usr/libexec/rpcd/luci.pbr b/applications/luci-app-pbr/root/usr/libexec/rpcd/luci.pbr index 57af8010f0..8412b0c4bc 100755 --- a/applications/luci-app-pbr/root/usr/libexec/rpcd/luci.pbr +++ b/applications/luci-app-pbr/root/usr/libexec/rpcd/luci.pbr @@ -1,6 +1,6 @@ #!/bin/sh # Copyright 2022 Stan Grishin (stangri@melmac.ca) -# shellcheck disable=SC1091,SC2018,SC2019,SC2039,SC3043,SC3057,SC3060 +# shellcheck disable=SC2018,SC2019,SC2039,SC3043,SC3057,SC3060 # TechRef: https://openwrt.org/docs/techref/rpcd # TESTS @@ -11,41 +11,23 @@ # ubus -S call luci.pbr getGateways '{"name": "pbr" }' # ubus -S call luci.pbr getInterfaces '{"name": "pbr" }' -. /lib/functions.sh -. /lib/functions/network.sh -. /usr/share/libubox/jshn.sh - -readonly packageName="pbr" -# shellcheck disable=SC2155 -readonly ipset="$(command -v ipset)" -# shellcheck disable=SC2155 -readonly agh="$(command -v AdGuardHome)" -readonly aghConfigFile='/etc/adguardhome.yaml' -# shellcheck disable=SC2155 -readonly nft="$(command -v nft)" - -is_enabled() { uci -q get "${1}.config.enabled"; } -is_running_iptables() { iptables -t mangle -L | grep -q PBR_PREROUTING >/dev/null 2>&1; } -is_running_nft() { "$nft" list table inet fw4 | grep chain | grep -q pbr_mark_ >/dev/null 2>&1; } -is_running() { is_running_iptables || is_running_nft; } -get_version() { grep -m1 -A2 -w "^Package: $1$" /usr/lib/opkg/status | sed -n 's/Version: //p'; } -print_json_bool() { json_init; json_add_boolean "$1" "$2"; json_dump; json_cleanup; } -print_json_string() { json_init; json_add_string "$1" "$2"; json_dump; json_cleanup; } -logger() { /usr/bin/logger -t "$packageName" "$@"; } -ubus_get_status() { ubus call service list "{ 'name': '$packageName' }" | jsonfilter -e "@['${packageName}'].instances.main.data.status.${1}"; } -ubus_get_gateway() { ubus call service list "{ 'name': '$packageName' }" | jsonfilter -e "@['${packageName}'].instances.main.data.gateways[@.name='${1}']${2:+.$2}"; } -is_greater() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } -is_greater_or_equal() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" = "$2"; } -opkg_get_version() { grep -m1 -A1 "Package: $1$" '/usr/lib/opkg/status' | grep -m1 'Version: ' | sed 's|Version: \(.*\)|\1|'; } +readonly pbrFunctionsFile='/etc/init.d/pbr' +if [ -s "$pbrFunctionsFile" ]; then +# shellcheck source=../../../../../pbr/files/etc/init.d/pbr + . "$pbrFunctionsFile" +else + print_json_string 'error' "pbr init.d file ($pbrFunctionsFile) not found!" + logger -t pbr 'error' "pbr init.d file ($pbrFunctionsFile) not found!" +fi get_init_list() { local name name="$(basename "$1")" name="${name:-$packageName}" json_init - json_add_object "$name" - json_add_boolean 'enabled' "$(is_enabled "$name")" - if is_running "$name"; then + json_add_object "$packageName" + json_add_boolean 'enabled' "$(is_enabled "$packageName")" + if is_running "$packageName"; then json_add_boolean 'running' '1' else json_add_boolean 'running' '0' @@ -59,22 +41,27 @@ set_init_action() { local name action="$2" cmd name="$(basename "$1")" name="${name:-$packageName}" - if [ ! -f "/etc/init.d/$name" ]; then + if [ ! -f "/etc/init.d/$packageName" ]; then print_json_string 'error' 'Init script not found!' return fi case $action in enable) - cmd="uci -q set ${name}.config.enabled=1 && uci commit $name";; + cmd="/etc/init.d/${name} ${action}" + cmd="${cmd} && uci_set ${name} config enabled 1 && uci_commit $name" + ;; disable) - cmd="uci -q set ${name}.config.enabled=0 && uci commit $name";; + cmd="/etc/init.d/${name} ${action}" + cmd="${cmd} && uci_set ${name} config enabled 0 && uci_commit $name" + ;; start|stop|reload|restart) - cmd="/etc/init.d/${name} ${action}";; + cmd="/etc/init.d/${name} ${action}" + ;; esac - if [ -n "$cmd" ] && eval "${cmd}" 1>/dev/null 2>&1; then - print_json_bool "result" '1' + if [ -n "$cmd" ] && eval "$cmd" 1>/dev/null 2>&1; then + print_json_bool 'result' '1' else - print_json_bool "result" '0' + print_json_bool 'result' '0' fi } @@ -83,30 +70,35 @@ get_init_status() { name="$(basename "$1")" name="${name:-$packageName}" local version gateways warnings errors - [ -z "$version" ] && version="$(get_version "$name")" - [ -z "$version" ] && version="$(get_version "${name}-iptables")" - [ -z "$version" ] && version="$(get_version "${name}-netifd")" + [ -z "$version" ] && version="$(opkg_get_version "${name}")" + [ -z "$version" ] && version="$(opkg_get_version "${name}-iptables")" + [ -z "$version" ] && version="$(opkg_get_version "${name}-netifd")" gateways="$(ubus_get_status gateways | sed "s|\\\n|<br />|g;s|\(\\\033[^<]*\)|✓|g;")" warnings="$(ubus_get_status warnings)" errors="$(ubus_get_status errors)" json_init - json_add_object "$name" - json_add_boolean 'enabled' "$(is_enabled "$name")" - if is_running "$name"; then + json_add_object "$packageName" + json_add_boolean 'enabled' "$(is_enabled "$packageName")" + if is_running "$packageName"; then json_add_boolean 'running' '1' else json_add_boolean 'running' '0' fi - if is_running_iptables "$name"; then + if is_running_iptables "$packageName"; then json_add_boolean 'running_iptables' '1' else json_add_boolean 'running_iptables' '0' fi - if is_running_nft "$name"; then + if is_running_nft "$packageName"; then json_add_boolean 'running_nft' '1' else json_add_boolean 'running_nft' '0' fi + if is_running_nft_file "$packageName"; then + json_add_boolean 'running_nft_file' '1' + else + json_add_boolean 'running_nft_file' '0' + fi json_add_string 'version' "$version" json_add_string 'gateways' "$gateways" json_add_array 'errors' @@ -158,37 +150,12 @@ EOF json_cleanup } -check_ipset() { { [ -n "$ipset" ] && "$ipset" help hash:net; } >/dev/null 2>&1; } -check_nft() { [ -n "$nft" ]; } -check_agh() { [ -n "$agh" ] && [ -s "$aghConfigFile" ]; } -check_dnsmasq() { command -v dnsmasq >/dev/null 2>&1; } -check_unbound() { command -v unbound >/dev/null 2>&1; } -check_agh_ipset() { - check_ipset || return 1 - check_agh || return 1 - is_greater_or_equal "$($agh --version | sed 's|AdGuard Home, version v\(.*\)|\1|' | sed 's|-.*||')" '0.107.13' -} -check_dnsmasq_ipset() { - local o; - check_ipset || return 1 - check_dnsmasq || return 1 - o="$(dnsmasq -v 2>/dev/null)" - ! echo "$o" | grep -q 'no-ipset' && echo "$o" | grep -q 'ipset' -} -check_dnsmasq_nftset() { - local o; - check_nft || return 1 - check_dnsmasq || return 1 - o="$(dnsmasq -v 2>/dev/null)" - ! echo "$o" | grep -q 'no-nftset' && echo "$o" | grep -q 'nftset' -} - get_platform_support() { local name name="$(basename "$1")" name="${name:-$packageName}" json_init - json_add_object "$name" + json_add_object "$packageName" if check_ipset; then json_add_boolean 'ipset_installed' '1' else @@ -236,58 +203,16 @@ get_platform_support() { # shellcheck disable=SC3037 get_gateways() { - local name="${1:-$packageName}" - echo -en "{\"$name\":{\"gateways\":" - ubus call service list "{ 'name': '$name' }" | jsonfilter -e "@.${name}.instances.main.data.gateways" + echo -en "{\"$packageName\":{\"gateways\":" + ubus_get_gateways echo -en "}}" } -str_contains() { [ -n "$1" ] && [ -n "$2" ] && [ "${1//$2}" != "$1" ]; } -str_contains_word() { echo "$1" | grep -q -w "$2"; } -str_to_lower() { echo "$1" | tr 'A-Z' 'a-z'; } -str_to_upper() { echo "$1" | tr 'a-z' 'A-Z'; } -is_ignore_target() { [ "$(str_to_lower "$1")" = 'ignore' ]; } -is_dslite() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:6}" = "dslite" ]; } -is_l2tp() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:4}" = "l2tp" ]; } -is_oc() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:11}" = "openconnect" ]; } -is_ovpn() { local dev; network_get_device dev "$1"; [ "${dev:0:3}" = "tun" ] || [ "${dev:0:3}" = "tap" ] || [ -f "/sys/devices/virtual/net/${dev}/tun_flags" ]; } -is_pptp() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:4}" = "pptp" ]; } -is_softether() { local dev; network_get_device dev "$1"; [ "${dev:0:4}" = "vpn_" ]; } -is_tor() { [ "$(str_to_lower "$1")" = "tor" ]; } -is_tor_running() { - local ret=0 - if [ -s "/etc/tor/torrc" ]; then - json_load "$(ubus call service list "{ 'name': 'tor' }")" - json_select 'tor'; json_select 'instances'; json_select 'instance1'; - json_get_var ret 'running'; json_cleanup - fi - if [ "$ret" = "0" ]; then return 1; else return 0; fi -} -is_wg() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:9}" = "wireguard" ]; } -is_tunnel() { is_dslite "$1" || is_l2tp "$1" || is_oc "$1" || is_ovpn "$1" || is_pptp "$1" || is_softether "$1" || is_tor "$1" || is_wg "$1"; } -is_wan() { [ "$1" = "$wanIface4" ] || { [ "${1##wan}" != "$1" ] && [ "${1##wan6}" = "$1" ]; } || [ "${1%%wan}" != "$1" ]; } -is_wan6() { [ -n "$wanIface6" ] && [ "$1" = "$wanIface6" ] || [ "${1/#wan6}" != "$1" ] || [ "${1/%wan6}" != "$1" ]; } -is_ignored_interface() { str_contains_word "$ignored_interface" "$1"; } -is_supported_interface() { str_contains_word "$supported_interface" "$1" || { ! is_ignored_interface "$1" && { is_wan "$1" || is_wan6 "$1" || is_tunnel "$1"; }; } || is_ignore_target "$1"; } -pbr_find_iface() { - local iface i param="$2" - [ "$param" = 'wan6' ] || param='wan' - "network_find_${param}" iface - is_tunnel "$iface" && unset iface - if [ -z "$iface" ]; then - for i in $ifacesAll; do - if "is_${param}" "$i"; then break; else unset i; fi - done - fi - eval "$1"='${iface:-$i}' -} -_find_firewall_wan_zone() { [ "$(uci -q get "firewall.${1}.name")" = "wan" ] && firewallWanZone="$1"; } -_build_ifaces_all() { ifacesAll="${ifacesAll}${1} "; } -_build_ifaces_supported() { is_supported_interface "$1" && ! str_contains "$ifacesSupported" "$1" && ifacesSupported="${ifacesSupported}${1} "; } get_supported_interfaces() { - local name i - name="$(basename "$1")" - name="${name:-$packageName}" + _find_firewall_wan_zone() { [ "$(uci_get 'firewall' "$1" 'name')" = "wan" ] && firewallWanZone="$1"; } + _build_ifaces_all() { ifacesAll="${ifacesAll}${1} "; } + _build_ifaces_supported() { is_supported_interface "$1" && ! str_contains "$ifacesSupported" "$1" && ifacesSupported="${ifacesSupported}${1} "; } + local i local firewallWanZone local ifacesAll ifacesSupported local webui_show_ignore_target @@ -304,19 +229,18 @@ get_supported_interfaces() { pbr_find_iface wanIface6 'wan6' config_load 'firewall' config_foreach _find_firewall_wan_zone 'zone' - for i in $(uci -q get "firewall.${firewallWanZone}.network"); do + for i in $(uci_get 'firewall' "$firewallWanZone" 'network'); do is_supported_interface "$i" && ! str_contains "$ifacesSupported" "$1" && ifacesSupported="${ifacesSupported}${i} " done config_load 'network' config_foreach _build_ifaces_supported 'interface' - if is_tor_running; then - ifacesSupported="$ifacesSupported tor" - fi - if [ "$webui_show_ignore_target" -eq "1" ]; then - ifacesSupported="$ifacesSupported ignore" - fi + is_tor_running && ifacesSupported="$ifacesSupported tor" + for i in $supported_interface; do + is_xray "$i" && ifacesSupported="$ifacesSupported $i" + done + [ "$webui_show_ignore_target" -eq "1" ] && ifacesSupported="$ifacesSupported ignore" json_init - json_add_object "$name" + json_add_object "$packageName" json_add_array 'interfaces' for i in $ifacesSupported; do json_add_string '' "$i" @@ -359,35 +283,35 @@ case "$1" in json_load "$input" json_get_var name 'name' json_cleanup - get_gateways "$name" + get_gateways "$packageName" ;; getInitList) read -r input json_load "$input" json_get_var name 'name' json_cleanup - get_init_list "$name" + get_init_list "$packageName" ;; getInitStatus) read -r input json_load "$input" json_get_var name 'name' json_cleanup - get_init_status "$name" + get_init_status "$packageName" ;; getInterfaces) read -r input json_load "$input" json_get_var name 'name' json_cleanup - get_supported_interfaces "$name" + get_supported_interfaces "$packageName" ;; getPlatformSupport) read -r input json_load "$input" json_get_var name 'name' json_cleanup - get_platform_support "$name" + get_platform_support "$packageName" ;; setInitAction) read -r input @@ -395,7 +319,7 @@ case "$1" in json_get_var name 'name' json_get_var action 'action' json_cleanup - set_init_action "$name" "$action" + set_init_action "$packageName" "$action" ;; esac ;; |