OSDN Git Service

luci-app-unblockneteasemusic: fix ruleset when 'hijack_ways' is 'use_hosts'
authorZiMing Mo <msylgj@immortalwrt.org>
Thu, 17 Mar 2022 16:22:21 +0000 (00:22 +0800)
committerZiMing Mo <msylgj@immortalwrt.org>
Thu, 17 Mar 2022 16:22:21 +0000 (00:22 +0800)
applications/luci-app-unblockneteasemusic/root/etc/init.d/unblockneteasemusic
applications/luci-app-unblockneteasemusic/root/usr/share/unblockneteasemusic/rules/chain.uc
applications/luci-app-unblockneteasemusic/root/usr/share/unblockneteasemusic/rules/default.uc

index 049ea46..69b2f8b 100755 (executable)
@@ -72,6 +72,16 @@ start_service()
        [ "${hijack_ways}" = "use_hosts" ] && { http_port="80"; https_port="443"; }
        append_param "-p" "${http_port}":"${https_port}"
 
+       json_init
+       if is_enabled "config" "pub_access"; then
+               json_add_int o_pub_access "1"
+       else
+               json_add_int o_pub_access "0"
+       fi
+       json_add_int o_http_port "${http_port}"
+       json_add_int o_https_port "${https_port}"
+       json_add_string o_hijack_ways "${hijack_ways}"
+
        local music_source
        config_get music_source "config" "music_source" "default"
        [ "${music_source}" != "default" ] && append_param -o "${music_source}"
@@ -106,6 +116,7 @@ start_service()
        procd_set_param respawn
 
        local lan_addr="$(uci -q get network.lan.ipaddr)"
+       local tmp="/tmp/$NAME"
        if [ "${hijack_ways}" = "use_ipset" ]; then
                # TODO: wating for dnsmasq support nftset
                mkdir -p "/tmp/dnsmasq.d"
@@ -146,31 +157,11 @@ start_service()
 
                local netease_music_ips="$(uclient-fetch -qO- "http://httpdns.n.netease.com/httpdns/v2/d?domain=music.163.com,interface.music.163.com,interface3.music.163.com,apm.music.163.com,apm3.music.163.com,clientlog.music.163.com,clientlog3.music.163.com" |jsonfilter -e '@.data.*.ip.*')"
                local netease_music_ips2="$(uclient-fetch -qO- "https://music.httpdns.c.163.com/d" --post-data="music.163.com,interface.music.163.com,interface3.music.163.com,apm.music.163.com,apm3.music.163.com,clientlog.music.163.com,clientlog3.music.163.com" |jsonfilter -e '@.dns.*["ips"].*')"
-               local tmp="/tmp/$NAME"
                local neteasemusic_addr="$(echo -e "${netease_music_ips}\n${netease_music_ips2}" |sort -u |awk '{print $1}')"
-               json_init
-               if is_enabled "config" "pub_access"; then
-                       json_add_int o_pub_access "1"
-               else
-                       json_add_int o_pub_access "0"
-               fi
-               json_add_int o_http_port "${http_port}"
-               json_add_int o_https_port "${https_port}"
+
                json_add_string o_acl_http_addr "$acl_http_addr"
                json_add_string o_acl_https_addr "$acl_https_addr"
                json_add_string o_neteasemusic_addr "$neteasemusic_addr"
-               json_dump -i >"$tmp.json"
-
-               if ucode -S -i "$RULES_UC" -E "$tmp.json" >"$tmp.nft" \
-                       && ! cmp -s "$tmp.nft" "$RULES_NFT"; then
-                       echo "table inet chk {include \"$tmp.nft\";}" >"$tmp.nft.chk"
-                       if nft -f "$tmp.nft.chk" -c; then
-                               mv -f "$tmp.nft" "$RULES_NFT"
-                               fw4 reload
-                       fi
-                       rm -f "$tmp.nft.chk"
-               fi
-               rm -f "$tmp.json" "$tmp.nft"
        elif [ "${hijack_ways}" = "use_hosts" ]; then
                mkdir -p "/tmp/dnsmasq.d"
                rm -f "/tmp/dnsmasq.d/dnsmasq-$NAME.conf"
@@ -190,6 +181,18 @@ start_service()
                ip route add "223.252.199.10" dev lo
        fi
 
+       json_dump -i >"$tmp.json"
+       if ucode -S -i "$RULES_UC" -E "$tmp.json" >"$tmp.nft" \
+               && ! cmp -s "$tmp.nft" "$RULES_NFT"; then
+               echo "table inet chk {include \"$tmp.nft\";}" >"$tmp.nft.chk"
+               if nft -f "$tmp.nft.chk" -c; then
+                       mv -f "$tmp.nft" "$RULES_NFT"
+                       fw4 reload
+               fi
+               rm -f "$tmp.nft.chk"
+       fi
+       rm -f "$tmp.json" "$tmp.nft"
+
        procd_close_instance
 } >"/dev/null" 2>&1
 
index 78a9091..e301661 100644 (file)
@@ -3,6 +3,7 @@
 let http_port = o_http_port;
 let https_port = o_https_port;
 let pub_access = o_pub_access;
+let hijack_ways = o_hijack_ways;
 
 %}
 
@@ -13,6 +14,7 @@ chain input_wan {
 }
 {% endif %}
 
+{% if (hijack_ways == "use_ipset"): %}
 chain netease_cloud_music {
        type nat hook prerouting priority -1; policy accept;
        meta l4proto tcp ip daddr @neteasemusic_ipv4 jump netease_cloud_music_redir;
@@ -29,3 +31,4 @@ chain netease_cloud_music_redir {
        tcp dport 80 counter redirect to :{{ http_port }};
        tcp dport 443 counter redirect to :{{ https_port }};
 }
+{% endif %}