When running sysupgrade from an existing configuration, move existing
ipset definitions to a dedicated config section. Later on, it will allow
to server ipset as well as nftable sets from the same configuration.
Signed-off-by: Mathias Kresin <dev@kresin.me>
$(INSTALL_DATA) ./files/dnsmasq_acl.json $(1)/usr/share/acl.d/
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./files/50-dnsmasq-migrate-resolv-conf-auto.sh $(1)/etc/uci-defaults
+ $(INSTALL_BIN) ./files/50-dnsmasq-migrate-ipset.sh $(1)/etc/uci-defaults
endef
Package/dnsmasq-dhcpv6/install = $(Package/dnsmasq/install)
--- /dev/null
+#!/bin/sh
+
+ipsets=$(uci -q get dhcp.@dnsmasq[0].ipset)
+[ -z "$ipsets" ] && exit 0
+
+for ipset in $ipsets; do
+ names=${ipset##*/}
+ domains=${ipset%/*}
+
+ [ -z "$names" ] || [ -z "$domains" ] && continue
+
+ uci add dhcp ipset
+
+ OLDIFS="$IFS"
+
+ IFS=","
+ for name in $names; do
+ uci add_list dhcp.@ipset[-1].name="$name"
+ done
+
+ IFS="/"
+ for domain in ${domains:1}; do
+ uci add_list dhcp.@ipset[-1].domain="$domain"
+ done
+
+ IFS="$OLDIFS"
+
+ uci del_list dhcp.@dnsmasq[0].ipset="$ipset"
+done
+
+uci commit dhcp
+exit 0
xappend "--address=$1"
}
-append_ipset() {
- xappend "--ipset=$1"
-}
-
append_connmark_allowlist() {
xappend "--connmark-allowlist=$1"
}
config_list_foreach "$cfg" "server" append_server
config_list_foreach "$cfg" "rev_server" append_rev_server
config_list_foreach "$cfg" "address" append_address
- config_list_foreach "$cfg" "ipset" append_ipset
local connmark_allowlist_enable
config_get connmark_allowlist_enable "$cfg" connmark_allowlist_enable 0