OSDN Git Service

luci-app-turboacc: update fullconenat func concert with fw4
authorZiMing Mo <msylgj@immortalwrt.org>
Thu, 10 Mar 2022 08:59:30 +0000 (16:59 +0800)
committerZiMing Mo <msylgj@immortalwrt.org>
Thu, 10 Mar 2022 09:00:37 +0000 (17:00 +0800)
Signed-off-by: ZiMing Mo <msylgj@immortalwrt.org>
applications/luci-app-turboacc/root/etc/init.d/turboacc

index e937872..79bea4b 100755 (executable)
@@ -5,11 +5,19 @@
 START=90
 STOP=10
 
+. /usr/share/libubox/jshn.sh
+
 extra_command "check_status" "Check running status of utils"
 
 restart_utils="true"
 
+get_ifname(){
+       json_load "$(ubus call network.interface.wan status)"
+       json_get_var "ifname" "l3_device"
+}
+
 inital_conf(){
+       get_ifname
        config_load "turboacc"
        config_get "sw_flow" "config" "sw_flow" "0"
        config_get "hw_flow" "config" "hw_flow" "0"
@@ -228,14 +236,28 @@ revert_dns() {
        rm -f "/var/run/dnscache/.dns-changed"
 }
 
+revert_fullcone() {
+       local count="$(iptables -t nat -L PREROUTING | grep 'FULLCONENAT' -c)"
+       for i in "${count}"
+       do
+               iptables -t nat -D PREROUTING -i "${ifname}" -j FULLCONENAT
+               iptables -t nat -D POSTROUTING -o "${ifname}" -j FULLCONENAT
+       done
+}
+
 start(){
        inital_conf
 
        uci set firewall.@defaults[0].flow_offloading="${sw_flow}"
        uci set firewall.@defaults[0].flow_offloading_hw="${hw_flow}"
-       uci set firewall.@defaults[0].fullcone="${fullcone_nat}"
        uci commit firewall
 
+       if [ "${fullcone_nat}" -eq "1" ];  then
+               revert_fullcone
+               iptables -t nat -A PREROUTING -i "${ifname}" -j FULLCONENAT
+               iptables -t nat -A POSTROUTING -o "${ifname}" -j FULLCONENAT
+       fi
+
        [ "${sw_flow}" -ne "1" ] && [ "${sfe_flow}" -eq "1" ] && {
                lsmod | grep -q fast_classifier || modprobe fast_classifier 2>"/dev/null"
                echo "${sfe_bridge}" > "/sys/fast_classifier/skip_to_bridge_ingress" 2>"/dev/null"
@@ -285,13 +307,14 @@ stop(){
 
        uci set firewall.@defaults[0].flow_offloading="${sw_flow}"
        uci set firewall.@defaults[0].flow_offloading_hw="${hw_flow}"
-       uci set firewall.@defaults[0].fullcone="${fullcone_nat}"
        uci commit firewall
 
+       [ "${fullcone_nat}" -eq "1" ] || revert_fullcone
+
        [ "${sfe_flow}" -eq "1" ] || {
                echo "0" > "/sys/fast_classifier/skip_to_bridge_ingress" 2>"/dev/null"
                rm -f "/dev/sfe_ipv6"
-               rmmod "fast_classifier" 2>"/dev/null"
+               lsmod | grep -q fast_classifier && rmmod "fast_classifier" 2>"/dev/null"
        }
 
        stop_dnscache