From: Stan Grishin Date: Wed, 12 Feb 2025 03:57:26 +0000 (+0000) Subject: pbr: update to 1.1.8-10 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=571d9e96a27a3950a222c00414f94f89b4abdb4c;p=feed%2Fpackages.git pbr: update to 1.1.8-10 * Improve verbose output on start * Allow to not create ip rule for WG server * Improve boot up start (take 2) * Improve verbose output when setting triggers * Override DNS hijack with DNS policies from pbr Signed-off-by: Stan Grishin --- diff --git a/net/pbr/Makefile b/net/pbr/Makefile index 53c6643333..4345be5247 100644 --- a/net/pbr/Makefile +++ b/net/pbr/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=pbr PKG_VERSION:=1.1.8 -PKG_RELEASE:=6 +PKG_RELEASE:=10 PKG_LICENSE:=AGPL-3.0-or-later PKG_MAINTAINER:=Stan Grishin diff --git a/net/pbr/files/etc/init.d/pbr b/net/pbr/files/etc/init.d/pbr index 9fa2696474..e154067ef8 100755 --- a/net/pbr/files/etc/init.d/pbr +++ b/net/pbr/files/etc/init.d/pbr @@ -605,10 +605,10 @@ load_network() { case "$param" in on_boot|on_start) - [ -n "$wanIface4" ] && output 2 "Using wan interface (${param}): $wanIface4 \n" - [ -n "$wanGW4" ] && output 2 "Found wan gateway (${param}): $wanGW4 \n" - [ -n "$wanIface6" ] && output 2 "Using wan6 interface (${param}): $wanIface6 \n" - [ -n "$wanGW6" ] && output 2 "Found wan6 gateway (${param}): $wanGW6 \n" + [ -n "$wanIface4" ] && output 2 "Using wan interface (${param}): $wanIface4 $__OK__\n" + [ -n "$wanGW4" ] && output 2 "Found wan gateway (${param}): $wanGW4 $__OK__\n" + [ -n "$wanIface6" ] && output 2 "Using wan6 interface (${param}): $wanIface6 $__OK__\n" + [ -n "$wanGW6" ] && output 2 "Found wan6 gateway (${param}): $wanGW6 $__OK__\n" ;; esac wanGW="${wanGW4:-$wanGW6}" @@ -1761,7 +1761,7 @@ process_interface() { return 0 fi - if is_wg_server "$iface"; then + if is_wg_server "$iface" && ! is_ignored_interface "$iface"; then local disabled listen_port disabled="$(uci_get 'network' "$iface" 'disabled')" listen_port="$(uci_get 'network' "$iface" 'listen_port')" @@ -1964,7 +1964,7 @@ user_file_process() { boot() { nft_file 'delete' - ubus -t 30 wait_for network.interface 2>/dev/null +# ubus -t 30 wait_for network.interface 2>/dev/null pbr_boot_flag=1 rc_procd start_service 'on_boot' && service_started 'on_boot' } @@ -2151,6 +2151,7 @@ service_started() { fi } +# shellcheck disable=SC2015 service_triggers() { local n load_environment 'on_triggers' @@ -2162,16 +2163,18 @@ service_triggers() { load_validate_include procd_close_validate if [ -n "$pbr_boot_flag" ]; then - output "Setting triggers (on_boot) " -# shellcheck disable=SC2015 + output "Setting trigger (on_boot) " procd_add_raw_trigger "interface.*.up" 5000 "/etc/init.d/${packageName}" start && output_okn || output_failn else procd_open_trigger procd_add_config_trigger "config.change" 'openvpn' "/etc/init.d/${packageName}" reload 'on_openvpn_change' procd_add_config_trigger "config.change" "${packageName}" "/etc/init.d/${packageName}" reload - for n in $ifacesSupported; do - procd_add_interface_trigger "interface.*" "$n" "/etc/init.d/${packageName}" on_interface_reload "$n" + output 1 "Setting interface triggers " + for n in $ifacesSupported; do + output 2 "Setting interface trigger for $n " + procd_add_interface_trigger "interface.*" "$n" "/etc/init.d/${packageName}" on_interface_reload "$n" && output_ok || output_fail done + output '\n' procd_close_trigger fi if [ "$serviceStartTrigger" = 'on_start' ]; then diff --git a/net/pbr/files/usr/share/nftables.d/chain-post/dstnat/30-pbr.nft b/net/pbr/files/usr/share/nftables.d/chain-post/dstnat/30-pbr.nft deleted file mode 100644 index 987eece3ca..0000000000 --- a/net/pbr/files/usr/share/nftables.d/chain-post/dstnat/30-pbr.nft +++ /dev/null @@ -1 +0,0 @@ -jump pbr_dstnat comment "Jump into pbr dstnat chain"; diff --git a/net/pbr/files/usr/share/nftables.d/chain-pre/dstnat/30-pbr.nft b/net/pbr/files/usr/share/nftables.d/chain-pre/dstnat/30-pbr.nft new file mode 100644 index 0000000000..987eece3ca --- /dev/null +++ b/net/pbr/files/usr/share/nftables.d/chain-pre/dstnat/30-pbr.nft @@ -0,0 +1 @@ +jump pbr_dstnat comment "Jump into pbr dstnat chain";