projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
adblock: update to 0.60.0
[feed/packages.git] / net / adblock / files / adblock-helper.sh
1 #!/bin/sh
2 #################################################
3 # function library used by adblock-update.sh #
4 # written by Dirk Brenken (openwrt@brenken.org) #
5 #################################################
6
7 #####################################
8 # f_envload: load adblock environment
9 #
10 f_envload()
11 {
12 # source in openwrt function library
13 #
14 if [ -r "/lib/functions.sh" ]
15 then
16 . "/lib/functions.sh" 2>/dev/null
17 else
18 rc=110
19 f_log "openwrt function library not found" "${rc}"
20 f_exit
21 fi
22
23 # source in openwrt network library
24 #
25 if [ -r "/lib/functions/network.sh" ]
26 then
27 . "/lib/functions/network.sh" 2>/dev/null
28 else
29 rc=115
30 f_log "openwrt network library not found" "${rc}"
31 f_exit
32 fi
33
34 # get list with all installed openwrt packages
35 #
36 pkg_list="$(opkg list-installed 2>/dev/null)"
37 if [ -z "${pkg_list}" ]
38 then
39 rc=120
40 f_log "empty openwrt package list" "${rc}"
41 f_exit
42 fi
43 }
44
45 ######################################################
46 # f_envparse: parse adblock config and set environment
47 #
48 f_envparse()
49 {
50 # set the C locale, characters are single bytes, the charset is ASCII
51 # speeds up sort, grep etc.
52 #
53 LC_ALL=C
54
55 # set initial defaults,
56 # may be overwritten by setting appropriate adblock config options in global section of /etc/config/adblock
57 #
58 adb_wanif="wan"
59 adb_lanif="lan"
60 adb_port="65535"
61 adb_nullipv4="254.0.0.1"
62 adb_nullipv6="::ffff:fe00:0001"
63 adb_maxtime="60"
64 adb_maxloop="20"
65 adb_blacklist="/etc/adblock/adblock.blacklist"
66 adb_whitelist="/etc/adblock/adblock.whitelist"
67
68 # function to read/set global options by callback,
69 # prepare list items and build option list for all others
70 #
71 config_cb()
72 {
73 local type="${1}"
74 local name="${2}"
75 if [ "${type}" = "adblock" ]
76 then
77 option_cb()
78 {
79 local option="${1}"
80 local value="${2}"
81 eval "${option}=\"${value}\""
82 }
83 else
84 option_cb()
85 {
86 local option="${1}"
87 local value="${2}"
88 local opt_out="$(printf "${option}" | sed -n '/.*_ITEM[0-9]$/p; /.*_LENGTH$/p; /enabled/p' 2>/dev/null)"
89 if [ -z "${opt_out}" ]
90 then
91 all_options="${all_options} ${option}"
92 fi
93 }
94 list_cb()
95 {
96 local list="${1}"
97 local value="${2}"
98 if [ "${list}" = "adb_catlist" ]
99 then
100 adb_cat_shalla="${adb_cat_shalla} ${value}"
101 fi
102 }
103 fi
104 }
105
106 # function to iterate through option list, read/set all options in "enabled" sections
107 #
108 parse_config()
109 {
110 local config="${1}"
111 config_get switch "${config}" "enabled"
112 if [ "${switch}" = "1" ]
113 then
114 for option in ${all_options}
115 do
116 config_get value "${config}" "${option}"
117 if [ -n "${value}" ]
118 then
119 local opt_src="$(printf "${option}" | sed -n '/^adb_src_[a-z0-9]*$/p' 2>/dev/null)"
120 if [ -n "${opt_src}" ]
121 then
122 adb_sources="${adb_sources} ${value}"
123 else
124 eval "${option}=\"${value}\""
125 fi
126 fi
127 done
128 fi
129 }
130
131 # load adblock config and start parsing functions
132 #
133 config_load adblock
134 config_foreach parse_config service
135 config_foreach parse_config source
136
137 # set more script defaults (can't be overwritten by adblock config options)
138 #
139 adb_minspace="20000"
140 adb_unique="1"
141 adb_tmpfile="$(mktemp -tu 2>/dev/null)"
142 adb_tmpdir="$(mktemp -p /tmp -d 2>/dev/null)"
143 adb_dnsdir="/tmp/dnsmasq.d"
144 adb_dnsprefix="adb_list"
145 unset adb_srcfind
146 unset adb_revsrcfind
147
148 # set adblock source ruleset definitions
149 #
150 rset_start="sed -r 's/[[:space:]]|[\[!#/:;_].*|[0-9\.]*localhost.*//g; s/[\^#/:;_\.\t ]*$//g'"
151 rset_end="sed '/^[#/:;_\s]*$/d'"
152 rset_adaway="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}"
153 rset_blacklist="${rset_start} | ${rset_end}"
154 rset_disconnect="${rset_start} | ${rset_end}"
155 rset_dshield="${rset_start} | ${rset_end}"
156 rset_feodo="${rset_start} | ${rset_end}"
157 rset_malware="${rset_start} | ${rset_end}"
158 rset_malwarelist="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}"
159 rset_palevo="${rset_start} | ${rset_end}"
160 rset_shalla="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}$//g' | ${rset_end}"
161 rset_spam404="${rset_start} | sed 's/^\|\|//g' | ${rset_end}"
162 rset_whocares="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}"
163 rset_winhelp="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}"
164 rset_yoyo="${rset_start} | sed 's/,/\n/g' | ${rset_end}"
165 rset_zeus="${rset_start} | ${rset_end}"
166
167 # get logical wan update interfaces
168 #
169 network_find_wan adb_wanif4 2>/dev/null
170 network_find_wan6 adb_wanif6 2>/dev/null
171 if [ "${adb_wanif4}" = "${adb_lanif}" ] || [ "${adb_wanif6}" = "${adb_lanif}" ]
172 then
173 rc=125
174 f_log "LAN only (${adb_lanif}) network, no valid IPv4/IPv6 wan update interface found" "${rc}"
175 f_exit
176 elif [ -z "${adb_wanif4}" ] && [ -z "${adb_wanif6}" ]
177 then
178 rc=125
179 f_log "no valid IPv4/IPv6 wan update interface found" "${rc}"
180 f_exit
181 fi
182
183 # get lan ip addresses
184 #
185 network_get_ipaddr adb_ipv4 "${adb_lanif}" 2>/dev/null
186 network_get_ipaddr6 adb_ipv6 "${adb_lanif}" 2>/dev/null
187 if [ -z "${adb_ipv4}" ] && [ -z "${adb_ipv6}" ]
188 then
189 rc=130
190 f_log "no valid IPv4/IPv6 configuration for given logical LAN interface found (${adb_lanif}), please set 'adb_lanif' manually" "${rc}"
191 f_exit
192 fi
193
194 # read system ntp server names
195 #
196 adb_ntpsrv="$(uci get system.ntp.server 2>/dev/null)"
197 }
198
199 #################################################
200 # f_envcheck: check/set environment prerequisites
201 #
202 f_envcheck()
203 {
204 # check general package dependencies
205 #
206 f_depend "wget"
207 f_depend "iptables"
208 f_depend "kmod-ipt-nat"
209
210 # check ipv6 related package dependencies
211 #
212 if [ -n "${adb_wanif6}" ]
213 then
214 check="$(printf "${pkg_list}" | grep "^ip6tables -" 2>/dev/null)"
215 if [ -z "${check}" ]
216 then
217 f_log "package 'ip6tables' not found, IPv6 support wíll be disabled"
218 unset adb_wanif6
219 else
220 check="$(printf "${pkg_list}" | grep "^kmod-ipt-nat6 -" 2>/dev/null)"
221 if [ -z "${check}" ]
222 then
223 f_log "package 'kmod-ipt-nat6' not found, IPv6 support wíll be disabled"
224 unset adb_wanif6
225 fi
226 fi
227 fi
228
229 # check ca-certificates package and set wget parms accordingly
230 #
231 check="$(printf "${pkg_list}" | grep "^ca-certificates -" 2>/dev/null)"
232 if [ -z "${check}" ]
233 then
234 wget_parm="--no-config --no-check-certificate --quiet"
235 else
236 wget_parm="--no-config --quiet"
237 fi
238
239 # check adblock blacklist/whitelist configuration
240 #
241 if [ ! -r "${adb_blacklist}" ]
242 then
243 rc=135
244 f_log "adblock blacklist not found (${adb_blacklist})" "${rc}"
245 f_exit
246 elif [ ! -r "${adb_whitelist}" ]
247 then
248 rc=135
249 f_log "adblock whitelist not found (${adb_whitelist})" "${rc}"
250 f_exit
251 fi
252
253 # check adblock temp directory
254 #
255 if [ -n "${adb_tmpdir}" ] && [ -d "${adb_tmpdir}" ]
256 then
257 f_space "${adb_tmpdir}" "please supersize your /tmp directory"
258 if [ "${space_ok}" = "false" ]
259 then
260 rc=140
261 f_exit
262 fi
263 else
264 rc=140
265 f_log "temp directory not found" "${rc}"
266 f_exit
267 fi
268
269 # check total and swap memory
270 #
271 mem_total="$(grep -F "MemTotal" "/proc/meminfo" 2>/dev/null | grep -o "[0-9]*" 2>/dev/null)"
272 mem_free="$(grep -F "MemFree" "/proc/meminfo" 2>/dev/null | grep -o "[0-9]*" 2>/dev/null)"
273 swap_total="$(grep -F "SwapTotal" "/proc/meminfo" 2>/dev/null | grep -o "[0-9]*" 2>/dev/null)"
274 if [ $((mem_total)) -le 64000 ] && [ $((swap_total)) -eq 0 ]
275 then
276 adb_unique=0
277 f_log "overall sort/unique processing will be disabled,"
278 f_log "please consider adding an external swap device to supersize your /tmp directory (total: ${mem_total}, free: ${mem_free}, swap: ${mem_swap})"
279 fi
280
281 # check backup configuration
282 #
283 if [ -n "${adb_backupdir}" ] && [ -d "${adb_backupdir}" ]
284 then
285 f_space "${adb_backupdir}" "backup/restore will be disabled"
286 if [ "${space_ok}" = "false" ]
287 then
288 backup_ok="false"
289 else
290 backup_ok="true"
291 fi
292 else
293 backup_ok="false"
294 f_log "backup/restore will be disabled"
295 fi
296
297 # check debug log configuration
298 #
299 adb_logdir="${adb_logfile%/*}"
300 if [ -n "${adb_logdir}" ] && [ -d "${adb_logdir}" ]
301 then
302 f_space "${adb_logdir}" "debug logging will be disabled"
303 if [ "${space_ok}" = "false" ]
304 then
305 log_ok="false"
306 else
307 log_ok="true"
308 fi
309 else
310 log_ok="false"
311 f_log "debug logging will be disabled"
312 fi
313
314 # check ipv4/iptables configuration
315 #
316 if [ -n "${adb_wanif4}" ]
317 then
318 f_firewall "IPv4" "nat" "I" "PREROUTING" "adb-nat: tcp, port 80, DNAT" "-p tcp -d ${adb_nullipv4} --dport 80 -j DNAT --to-destination ${adb_ipv4}:${adb_port}"
319 f_firewall "IPv4" "nat" "A" "PREROUTING" "adb-dns: udp, port 53, DNAT" "-p udp --dport 53 -j DNAT --to-destination ${adb_ipv4}"
320 f_firewall "IPv4" "nat" "A" "PREROUTING" "adb-dns: tcp, port 53, DNAT" "-p tcp --dport 53 -j DNAT --to-destination ${adb_ipv4}"
321 f_firewall "IPv4" "filter" "I" "FORWARD" "adb-rej: all protocols, all ports, REJECT" "-d ${adb_nullipv4} -j REJECT"
322 fi
323
324 # check ipv6/ip6tables configuration
325 #
326 if [ -n "${adb_wanif6}" ]
327 then
328 f_firewall "IPv6" "nat" "I" "PREROUTING" "adb-nat: tcp, port 80, DNAT" "-p tcp -d ${adb_nullipv6} --dport 80 -j DNAT --to-destination [${adb_ipv6}]:${adb_port}"
329 f_firewall "IPv6" "nat" "A" "PREROUTING" "adb-dns: udp, port 53, DNAT" "-p udp --dport 53 -j DNAT --to-destination ${adb_ipv6}"
330 f_firewall "IPv6" "nat" "A" "PREROUTING" "adb-dns: tcp, port 53, DNAT" "-p tcp --dport 53 -j DNAT --to-destination ${adb_ipv6}"
331 f_firewall "IPv6" "filter" "I" "FORWARD" "adb-rej: all protocols, all ports, REJECT" "-d ${adb_nullipv6} -j REJECT"
332 fi
333
334 # check volatile adblock uhttpd instance configuration
335 #
336 rc="$(ps | grep "[u]httpd.*\-h /www/adblock" >/dev/null 2>&1; printf ${?})"
337 if [ $((rc)) -ne 0 ]
338 then
339 if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
340 then
341 uhttpd -h "/www/adblock" -k 0 -N 100 -T 5 -D -E "/adblock.html" -p "${adb_ipv4}:${adb_port}" -p "[${adb_ipv6}]:${adb_port}">/dev/null 2>&1
342 rc=${?}
343 if [ $((rc)) -eq 0 ]
344 then
345 f_log "created volatile uhttpd instance (${adb_ipv4}:${adb_port}, [${adb_ipv6}]:${adb_port})"
346 else
347 f_log "failed to initialize volatile uhttpd instance (${adb_ipv4}:${adb_port}, [${adb_ipv6}]:${adb_port})" "${rc}"
348 f_restore
349 fi
350 elif [ -n "${adb_wanif4}" ]
351 then
352 uhttpd -h "/www/adblock" -k 0 -N 100 -T 5 -D -E "/adblock.html" -p "${adb_ipv4}:${adb_port}" >/dev/null 2>&1
353 rc=${?}
354 if [ $((rc)) -eq 0 ]
355 then
356 f_log "created volatile uhttpd instance (${adb_ipv4}:${adb_port})"
357 else
358 f_log "failed to initialize volatile uhttpd instance (${adb_ipv4}:${adb_port})" "${rc}"
359 f_restore
360 fi
361 elif [ -n "${adb_wanif6}" ]
362 then
363 uhttpd -h "/www/adblock" -k 0 -N 100 -T 5 -D -E "/adblock.html" -p "[${adb_ipv6}]:${adb_port}" >/dev/null 2>&1
364 rc=${?}
365 if [ $((rc)) -eq 0 ]
366 then
367 f_log "created volatile uhttpd instance ([${adb_ipv6}]:${adb_port})"
368 else
369 f_log "failed to initialize volatile uhttpd instance ([${adb_ipv6}]:${adb_port})" "${rc}"
370 f_restore
371 fi
372 fi
373 fi
374
375 # wait for active wan update interface
376 #
377 cnt=0
378 while [ $((cnt)) -le $((adb_maxloop)) ]
379 do
380 for interface in ${adb_wanif}
381 do
382 network_get_device adb_wandev "${interface}" 2>/dev/null
383 if [ -z "${adb_wandev}" ] || [ ! -d "/sys/class/net/${adb_wandev}" ]
384 then
385 if [ -n "${adb_wanif4}" ]
386 then
387 network_get_device adb_wandev "${adb_wanif4}" 2>/dev/null
388 else
389 network_get_device adb_wandev "${adb_wanif6}" 2>/dev/null
390 fi
391 if [ -z "${adb_wandev}" ] || [ ! -d "/sys/class/net/${adb_wandev}" ]
392 then
393 rc=145
394 f_log "no valid network device for given logical WAN interface found, please set 'adb_wanif' manually" "${rc}"
395 f_restore
396 fi
397 fi
398 check="$(cat /sys/class/net/${adb_wandev}/operstate 2>/dev/null)"
399 if [ "${check}" = "up" ]
400 then
401 f_log "get active wan update interface/device (${adb_wanif}/${adb_wandev}) after ${cnt} loops"
402 break 2
403 elif [ $((cnt)) -eq $((adb_maxloop)) ]
404 then
405 rc=145
406 f_log "wan update interface/device not running (${adb_wanif}/${adb_wandev}) after ${cnt} loops" "${rc}"
407 f_restore
408 fi
409 cnt=$((cnt + 1))
410 sleep 1
411 done
412 done
413
414 # wait for ntp sync
415 #
416 if [ -n "${adb_ntpsrv}" ]
417 then
418 cnt=0
419 unset ntp_pool
420 for srv in ${adb_ntpsrv}
421 do
422 ntp_pool="${ntp_pool} -p ${srv}"
423 done
424 /usr/sbin/ntpd -nq ${ntp_pool} >/dev/null 2>&1
425 rc=${?}
426 if [ $((rc)) -eq 0 ]
427 then
428 ntp_ok="true"
429 f_log "get ntp time sync"
430 else
431 rc=0
432 ntp_ok="false"
433 f_log "ntp time sync failed"
434 fi
435 fi
436
437 # set dnsmasq defaults
438 #
439 if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
440 then
441 adb_dnsformat="awk -v ipv4="${adb_nullipv4}" -v ipv6="${adb_nullipv6}" '{print \"address=/\"\$0\"/\"ipv4\"\n\"\"address=/\"\$0\"/\"ipv6}'"
442 elif [ -n "${adb_wanif4}" ]
443 then
444 adb_dnsformat="awk -v ipv4="${adb_nullipv4}" '{print \"address=/\"\$0\"/\"ipv4}'"
445 elif [ -n "${adb_wanif6}" ]
446 then
447 adb_dnsformat="awk -v ipv6="${adb_nullipv6}" '{print \"address=/\"\$0\"/\"ipv6}'"
448 fi
449
450 # remove no longer used opkg package list
451 #
452 unset pkg_list
453 }
454
455 ######################################
456 # f_depend: check package dependencies
457 #
458 f_depend()
459 {
460 local rc_func
461 local package="${1}"
462
463 check="$(printf "${pkg_list}" | grep "^${package} -" 2>/dev/null)"
464 if [ -z "${check}" ]
465 then
466 rc_func=150
467 f_log "package '${package}' not found" "${rc_func}"
468 f_exit
469 fi
470 }
471
472 ##############################################
473 # f_firewall: set iptables rules for ipv4/ipv6
474 #
475 f_firewall()
476 {
477 local rc_func
478 local ipt
479 local iptv4="/usr/sbin/iptables"
480 local iptv6="/usr/sbin/ip6tables"
481 local proto="${1}"
482 local table="${2}"
483 local ctype="${3}"
484 local chain="${4}"
485 local notes="${5}"
486 local rules="${6}"
487
488 # select appropriate iptables executable
489 #
490 if [ "${proto}" = "IPv4" ]
491 then
492 ipt="${iptv4}"
493 else
494 ipt="${iptv6}"
495 fi
496
497 # check whether iptables rule already applied and proceed accordingly
498 #
499 rc_func="$("${ipt}" -w -t "${table}" -C "${chain}" -m comment --comment "${notes}" ${rules} >/dev/null 2>&1; printf ${?})"
500 if [ $((rc_func)) -ne 0 ]
501 then
502 "${ipt}" -w -t "${table}" -"${ctype}" "${chain}" -m comment --comment "${notes}" ${rules} >/dev/null 2>&1
503 rc_func=${?}
504 if [ $((rc_func)) -eq 0 ]
505 then
506 f_log "created volatile ${proto} firewall rule in '${chain}' chain (${notes})"
507 else
508 f_log "failed to initialize volatile ${proto} firewall rule in '${chain}' chain (${notes})" "${rc_func}"
509 f_restore
510 fi
511 fi
512 }
513
514 ###################################################
515 # f_log: log messages to stdout, syslog and logfile
516 #
517 f_log()
518 {
519 local log_msg="${1}"
520 local log_rc="${2}"
521 local class="info "
522
523 # log to different output devices, set log class accordingly
524 #
525 if [ -n "${log_msg}" ]
526 then
527 if [ $((log_rc)) -ne 0 ]
528 then
529 class="error"
530 log_rc=", rc: ${log_rc}"
531 log_msg="${log_msg}${log_rc}"
532 fi
533 /usr/bin/logger -s -t "adblock[${pid}] ${class}" "${log_msg}"
534 if [ "${log_ok}" = "true" ] && [ "${ntp_ok}" = "true" ]
535 then
536 printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") adblock[${pid}] ${class}: ${log_msg}" >> "${adb_logfile}"
537 fi
538 fi
539 }
540
541 ################################################
542 # f_space: check mount points/space requirements
543 #
544 f_space()
545 {
546 local rc_func
547 local mp="${1}"
548 local notes="${2}"
549
550 # check relevant mount points in a subshell
551 #
552 if [ -d "${mp}" ]
553 then
554 df "${mp}" 2>/dev/null |\
555 tail -n1 2>/dev/null |\
556 while read filesystem overall used available scrap
557 do
558 av_space="${available}"
559 if [ $((av_space)) -eq 0 ]
560 then
561 rc_func=155
562 f_log "no space left on device/not mounted (${mp}), ${notes}"
563 exit ${rc_func}
564 elif [ $((av_space)) -lt $((adb_minspace)) ]
565 then
566 rc_func=155
567 f_log "not enough space left on device (${mp}), ${notes}"
568 exit ${rc_func}
569 fi
570 done
571
572 # subshell return code handling, set space trigger accordingly
573 #
574 rc_func=${?}
575 if [ $((rc_func)) -ne 0 ]
576 then
577 space_ok="false"
578 fi
579 fi
580 }
581
582 ##################################################################
583 # f_restore: restore last adblock list backups and restart dnsmasq
584 #
585 f_restore()
586 {
587 local rc_func
588 local removal_done
589 local restore_done
590
591 # remove bogus adblock lists
592 #
593 if [ -n "${adb_revsrclist}" ]
594 then
595 find "${adb_dnsdir}" -maxdepth 1 -type f \( ${adb_revsrcfind} \) -exec rm -f "{}" \; 2>/dev/null
596 rc_func=${?}
597 if [ $((rc_func)) -ne 0 ]
598 then
599 f_log "error during removal of bogus adblock lists" "${rc_func}"
600 f_exit
601 else
602 removal_done="true"
603 f_log "all bogus adblock lists removed"
604 fi
605 fi
606
607 # restore backups
608 #
609 if [ "${backup_ok}" = "true" ] && [ -d "${adb_backupdir}" ] && [ "$(printf "${adb_backupdir}/${adb_dnsprefix}."*)" != "${adb_backupdir}/${adb_dnsprefix}.*" ]
610 then
611 for file in ${adb_backupdir}/${adb_dnsprefix}.*
612 do
613 filename="${file##*/}"
614 cp -pf "${file}" "${adb_dnsdir}" 2>/dev/null
615 rc_func=${?}
616 if [ $((rc_func)) -ne 0 ]
617 then
618 f_log "error during restore of adblock list (${filename})" "${rc_func}"
619 f_exit
620 fi
621 restore_done="true"
622 done
623 f_log "all available backups restored"
624 else
625 f_log "no backups found, nothing to restore"
626 fi
627
628 # (re-)try dnsmasq restart without bogus adblock lists / with backups
629 #
630 if [ "${restore_done}" = "true" ] || [ "${removal_done}" = "true" ]
631 then
632 /etc/init.d/dnsmasq restart >/dev/null 2>&1
633 sleep 2
634 dns_status="$(ps 2>/dev/null | grep "[d]nsmasq" 2>/dev/null)"
635 if [ -n "${dns_status}" ]
636 then
637 rc=0
638 else
639 rc=160
640 f_log "dnsmasq restart failed, please check 'logread' output" "${rc}"
641 f_restore
642 fi
643 fi
644 f_exit
645 }
646
647 ###################################
648 # f_exit: delete (temporary) files,
649 # generate statistics and exit
650 #
651 f_exit()
652 {
653 local ipv4_nat
654 local ipv4_rej
655 local ipv6_nat
656 local ipv6_rej
657
658 # delete temporary files & directories
659 #
660 if [ -f "${adb_tmpfile}" ]
661 then
662 rm -f "${adb_tmpfile}" >/dev/null 2>&1
663 fi
664 if [ -d "${adb_tmpdir}" ]
665 then
666 rm -rf "${adb_tmpdir}" >/dev/null 2>&1
667 fi
668
669 # final log message and iptables statistics
670 #
671 if [ $((rc)) -eq 0 ]
672 then
673 if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
674 then
675 ipv4_nat="$(iptables -t nat -vnL | grep -F "adb-nat" | grep -Eo "[0-9]+" | head -n1)"
676 ipv4_rej="$(iptables -vnL | grep -F "adb-rej" | grep -Eo "[0-9]+" | head -n1)"
677 ipv6_nat="$(ip6tables -t nat -vnL | grep -F "adb-nat" | grep -Eo "[0-9]+" | head -n1)"
678 ipv6_rej="$(ip6tables -vnL | grep -F "adb-rej" | grep -Eo "[0-9]+" | head -n1)"
679 f_log "adblock firewall statistics (IPv4/IPv6): ${ipv4_nat}/${ipv6_nat} packets redirected in PREROUTING chain, ${ipv4_rej}/${ipv6_rej} packets rejected in FORWARD chain"
680 elif [ -n "${adb_wanif4}" ]
681 then
682 ipv4_nat="$(iptables -t nat -vnL | grep -F "adb-nat" | grep -Eo "[0-9]+" | head -n1)"
683 ipv4_rej="$(iptables -vnL | grep -F "adb-rej" | grep -Eo "[0-9]+" | head -n1)"
684 f_log "adblock firewall statistics (IPv4): ${ipv4_nat} packets redirected in PREROUTING chain, ${ipv4_rej} packets rejected in FORWARD chain"
685 elif [ -n "${adb_wanif6}" ]
686 then
687 ipv6_nat="$(ip6tables -t nat -vnL | grep -F "adb-nat" | grep -Eo "[0-9]+" | head -n1)"
688 ipv6_rej="$(ip6tables -vnL | grep -F "adb-rej" | grep -Eo "[0-9]+" | head -n1)"
689 f_log "adblock firewall statistics (IPv6): ${ipv6_nat} packets redirected in PREROUTING chain, ${ipv6_rej} packets rejected in FORWARD chain"
690 fi
691 f_log "domain adblock processing finished successfully (${adb_version}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))"
692 else
693 f_log "domain adblock processing failed (${adb_version}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))"
694 fi
695 exit ${rc}
696 }
Mirror of packages feed