omcproxy: fix installation of interface triggers (FS#1972)

omcproxy will not start up if either the downlink or uplink interface is
not up at boottime as the interface triggers are not correctly
installed.

Further rework omcproxy init to make use of network functions defined
in network.sh; set proper family and proto options in procd firewall
rules.

Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
master
David Santamaría Rogado 6 years ago committed by Hans Dedecker
parent 5580a9dd31
commit df8f8bad08
  1. 2
      package/network/services/omcproxy/Makefile
  2. 86
      package/network/services/omcproxy/files/omcproxy.init

@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=omcproxy
PKG_RELEASE:=6
PKG_RELEASE:=7
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/project/omcproxy.git

@ -1,55 +1,65 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2010-2014 OpenWrt.org
# Copyright (C) 2018 OpenWrt.org
START=99
USE_PROCD=1
PROG=/usr/sbin/omcproxy
# Uncomment to enable verbosity
#OPTIONS="-v"
# Uncomment to enable verbosity
#OPTIONS="-v"
PROXIES=""
omcproxy_add_proxy() {
local uplink downlink scope proxy
local proxy scope uplink updevice downlinks
config_get uplink $1 uplink
config_get downlink $1 downlink
config_get scope $1 scope
[ -n "$uplink" ] || return
network_get_device updevice "$uplink" || {
procd_append_param error "$uplink is not up"
return;
}
proxy=""
config_get downlinks $1 downlink
for downlink in $downlinks; do
local device
network_get_device updev $uplink
[ -n "$updev" ] || return 0
network_get_device device "$downlink" || {
procd_append_param error "$downlink is not up"
continue;
}
for network in $downlink; do
network_get_device downdev $network
[ -n "$downdev" ] && proxy="$proxy,$downdev"
proxy="$proxy,$device"
# Disable in-kernel querier while ours is active
[ -f /sys/class/net/$downdev/bridge/multicast_querier ] && \
echo 0 > /sys/class/net/$downdev/bridge/multicast_querier
# Disable in-kernel querier while ours is active, default is 1.
[ -f /sys/class/net/$device/bridge/multicast_querier ] && \
echo 0 > /sys/class/net/$device/bridge/multicast_querier
done
[ -n "$proxy" ] || return 0
[ -n "$scope" ] && proxy="$proxy,scope=$scope"
PROXIES="$PROXIES $updev$proxy"
config_get scope $1 scope
[ -n "$scope" ] && proxy="$proxy,scope=$scope"
PROXIES="$PROXIES $updevice$proxy"
}
omcproxy_add_trigger() {
local uplink downlink
omcproxy_add_network_triggers() {
local uplink downlinks
config_get uplink $1 uplink
config_get downlink $1 downlink
config_get downlinks $1 downlink
for network in $uplink $downlink; do
procd_add_interface_trigger "interface.*" $network /etc/init.d/omcproxy restart
for link in $uplink $downlinks; do
procd_add_interface_trigger "interface.*" $link /etc/init.d/omcproxy restart
done
}
omcproxy_add_firewall() {
omcproxy_add_firewall_rules() {
local uplink downlinks
config_get uplink $1 uplink
config_get downlink $1 downlink
config_get downlinks $1 downlink
upzone=$(fw3 -q network $uplink 2>/dev/null)
[ -n "$upzone" ] || return 0
@ -57,6 +67,7 @@ omcproxy_add_firewall() {
json_add_object ""
json_add_string type rule
json_add_string src "$upzone"
json_add_string family ipv4
json_add_string proto igmp
json_add_string target ACCEPT
json_close_object
@ -76,8 +87,8 @@ omcproxy_add_firewall() {
json_add_string target ACCEPT
json_close_object
for network in $downlink; do
downzone=$(fw3 -q network $network 2>/dev/null)
for downlink in $downlinks; do
downzone=$(fw3 -q network $downlink 2>/dev/null)
[ -n "$downzone" ] || continue
json_add_object ""
@ -85,7 +96,7 @@ omcproxy_add_firewall() {
json_add_string src "$upzone"
json_add_string dest "$downzone"
json_add_string family ipv4
json_add_string proto any
json_add_string proto udp
json_add_string dest_ip "224.0.0.0/4"
json_add_string target ACCEPT
json_close_object
@ -95,7 +106,7 @@ omcproxy_add_firewall() {
json_add_string src "$upzone"
json_add_string dest "$downzone"
json_add_string family ipv6
json_add_string proto any
json_add_string proto udp
json_add_string dest_ip "ff00::/8"
json_add_string target ACCEPT
json_close_object
@ -104,14 +115,15 @@ omcproxy_add_firewall() {
service_triggers() {
procd_add_reload_trigger "omcproxy"
config_foreach omcproxy_add_network_triggers proxy
}
start_service() {
include /lib/functions
. /lib/functions/network.sh
config_load omcproxy
config_foreach omcproxy_add_proxy proxy
config_foreach omcproxy_add_proxy proxy
[ -n "$PROXIES" ] || return 0
procd_open_instance
@ -120,24 +132,24 @@ start_service() {
procd_append_param command $PROXIES
procd_set_param respawn
procd_open_trigger
config_foreach omcproxy_add_trigger proxy
procd_close_trigger
procd_open_data
json_add_array firewall
config_foreach omcproxy_add_firewall proxy
config_foreach omcproxy_add_firewall_rules proxy
json_close_array
procd_close_data
procd_close_instance
# Increase maximum IPv4 group memberships per socket
# Increase maximum IPv4 group memberships per socket, default is 100.
echo 128 > /proc/sys/net/ipv4/igmp_max_memberships
}
service_started() {
procd_set_config_changed firewall
}
stop_service() {
procd_set_config_changed firewall
}

Loading…
Cancel
Save