@ -1,55 +1,65 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2010-2014 OpenWrt.org
# Copyright (C) 2018 OpenWrt.org
START=99
USE_PROCD=1
PROG=/usr/sbin/omcproxy
# Uncomment to enable verbosity
#OPTIONS="-v"
# Uncomment to enable verbosity
#OPTIONS="-v"
PROXIES=""
omcproxy_add_proxy() {
local uplink downlink scope proxy
local proxy scope uplink updevice downlinks
config_get uplink $1 uplink
config_get downlink $1 downlink
config_get scope $1 scope
[ -n "$uplink" ] || return
network_get_device updevice "$uplink" || {
procd_append_param error "$uplink is not up"
return;
}
proxy=""
config_get downlinks $1 downlink
for downlink in $downlinks; do
local device
network_get_device updev $uplink
[ -n "$updev" ] || return 0
network_get_device device "$downlink" || {
procd_append_param error "$downlink is not up"
continue;
}
for network in $downlink; do
network_get_device downdev $network
[ -n "$downdev" ] && proxy="$proxy,$downdev"
proxy="$proxy,$device"
# Disable in-kernel querier while ours is active
[ -f /sys/class/net/$downd ev/bridge/multicast_querier ] && \
echo 0 > /sys/class/net/$downd ev/bridge/multicast_querier
# Disable in-kernel querier while ours is active, default is 1.
[ -f /sys/class/net/$device /bridge/multicast_querier ] && \
echo 0 > /sys/class/net/$device /bridge/multicast_querier
done
[ -n "$proxy" ] || return 0
[ -n "$scope" ] && proxy="$proxy,scope=$scope"
PROXIES="$PROXIES $updev$proxy"
config_get scope $1 scope
[ -n "$scope" ] && proxy="$proxy,scope=$scope"
PROXIES="$PROXIES $updevice$proxy"
}
omcproxy_add_trigger() {
local uplink downlink
omcproxy_add_network_triggers() {
local uplink downlinks
config_get uplink $1 uplink
config_get downlink $1 downlink
config_get downlinks $1 downlink
for networ k in $uplink $downlink; do
procd_add_interface_trigger "interface.*" $networ k /etc/init.d/omcproxy restart
for li nk in $uplink $downlinks ; do
procd_add_interface_trigger "interface.*" $li nk /etc/init.d/omcproxy restart
done
}
omcproxy_add_firewall() {
omcproxy_add_firewall_rules() {
local uplink downlinks
config_get uplink $1 uplink
config_get downlink $1 downlink
config_get downlinks $1 downlink
upzone=$(fw3 -q network $uplink 2>/dev/null)
[ -n "$upzone" ] || return 0
@ -57,6 +67,7 @@ omcproxy_add_firewall() {
json_add_object ""
json_add_string type rule
json_add_string src "$upzone"
json_add_string family ipv4
json_add_string proto igmp
json_add_string target ACCEPT
json_close_object
@ -76,8 +87,8 @@ omcproxy_add_firewall() {
json_add_string target ACCEPT
json_close_object
for networ k in $downlink; do
downzone=$(fw3 -q network $networ k 2>/dev/null)
for downli nk in $downlinks ; do
downzone=$(fw3 -q network $downli nk 2>/dev/null)
[ -n "$downzone" ] || continue
json_add_object ""
@ -85,7 +96,7 @@ omcproxy_add_firewall() {
json_add_string src "$upzone"
json_add_string dest "$downzone"
json_add_string family ipv4
json_add_string proto any
json_add_string proto udp
json_add_string dest_ip "224.0.0.0/4"
json_add_string target ACCEPT
json_close_object
@ -95,7 +106,7 @@ omcproxy_add_firewall() {
json_add_string src "$upzone"
json_add_string dest "$downzone"
json_add_string family ipv6
json_add_string proto any
json_add_string proto udp
json_add_string dest_ip "ff00::/8"
json_add_string target ACCEPT
json_close_object
@ -104,14 +115,15 @@ omcproxy_add_firewall() {
service_triggers() {
procd_add_reload_trigger "omcproxy"
config_foreach omcproxy_add_network_triggers proxy
}
start_service() {
include /lib/functions
. /lib/functions/network.sh
config_load omcproxy
config_foreach omcproxy_add_proxy proxy
config_foreach omcproxy_add_proxy proxy
[ -n "$PROXIES" ] || return 0
procd_open_instance
@ -120,24 +132,24 @@ start_service() {
procd_append_param command $PROXIES
procd_set_param respawn
procd_open_trigger
config_foreach omcproxy_add_trigger proxy
procd_close_trigger
procd_open_data
json_add_array firewall
config_foreach omcproxy_add_firewall proxy
config_foreach omcproxy_add_firewall_rules proxy
json_close_array
procd_close_data
procd_close_instance
# Increase maximum IPv4 group memberships per socket
# Increase maximum IPv4 group memberships per socket, default is 100.
echo 128 > /proc/sys/net/ipv4/igmp_max_memberships
}
service_started() {
procd_set_config_changed firewall
}
stop_service() {
procd_set_config_changed firewall
}