2 #################################################
3 # function library used by adblock-update.sh #
4 # written by Dirk Brenken (openwrt@brenken.org) #
5 #################################################
7 #####################################
8 # f_envload: load adblock environment
14 # get version string from default adblock configuration file
16 cfg_version
="$(/sbin/uci -q get adblock.global.adb_cfgver 2>/dev/null)"
17 cfg_enabled
="$(/sbin/uci -q get adblock.global.adb_enabled 2>/dev/null)"
19 if [ $
((rc
)) -ne 0 ] ||
[ "${cfg_version}" != "${adb_scriptver%.*}" ]
21 cp -pf "/etc/adblock/adblock.conf.default" "/etc/config/adblock" >/dev
/null
2>&1
25 f_log
"new default adblock configuration applied, please check your settings in '/etc/config/adblock'"
27 f_log
"original adblock configuration not found, please (re-)install the adblock package via 'opkg install adblock --force-maintainer'" "${rc}"
30 elif [ $
((rc
)) -eq 0 ] && [ $
((cfg_enabled
)) -ne 1 ]
33 f_log
"adblock is currently disabled, please run 'uci set adblock.global.adb_enabled=1' and 'uci commit adblock' to enable this service"
37 # source in openwrt function library
39 if [ -r "/lib/functions.sh" ]
41 .
"/lib/functions.sh" 2>/dev
/null
44 f_log
"openwrt function library not found" "${rc}"
48 # source in openwrt network library
50 if [ -r "/lib/functions/network.sh" ]
52 .
"/lib/functions/network.sh" 2>/dev
/null
55 f_log
"openwrt network library not found" "${rc}"
59 # check opkg availability and get list with all installed openwrt packages
61 if [ -r "/var/lock/opkg.lock" ]
64 f_log
"adblock installation finished, 'opkg' currently locked by package installer"
67 pkg_list
="$(opkg list-installed 2>/dev/null)"
68 if [ -z "${pkg_list}" ]
71 f_log
"empty openwrt package list" "${rc}"
76 ######################################################
77 # f_envparse: parse adblock config and set environment
81 # set initial defaults,
82 # may be overwritten by setting appropriate adblock config options in global section of /etc/config/adblock
87 adb_nullipv4
="192.0.2.1"
88 adb_nullipv6
="::ffff:c000:0201"
91 adb_blacklist
="/etc/adblock/adblock.blacklist"
92 adb_whitelist
="/etc/adblock/adblock.whitelist"
94 # function to read/set global options by callback,
95 # prepare list items and build option list for all others
101 if [ "${type}" = "adblock" ]
107 eval "${option}=\"${value}\""
114 local opt_out
="$(printf "${option}" | sed -n '/.*_ITEM[0-9]$/p; /.*_LENGTH$/p; /enabled/p' 2>/dev/null)"
115 if [ -z "${opt_out}" ]
117 all_options
="${all_options} ${option}"
124 if [ "${list}" = "adb_catlist" ]
126 adb_cat_shalla
="${adb_cat_shalla} ${value}"
132 # function to iterate through option list, read/set all options in "enabled" sections
137 config_get switch
"${config}" "enabled"
138 if [ "${switch}" = "1" ]
140 for option
in ${all_options}
142 config_get value
"${config}" "${option}"
145 local opt_src
="$(printf "${option}" | sed -n '/^adb_src_[a-z0-9]*$/p' 2>/dev/null)"
146 if [ -n "${opt_src}" ]
148 adb_sources
="${adb_sources} ${value}"
150 eval "${option}=\"${value}\""
157 # load adblock config and start parsing functions
160 config_foreach parse_config service
161 config_foreach parse_config
source
163 # set more script defaults (can't be overwritten by adblock config options)
168 adb_tmpfile
="$(mktemp -tu 2>/dev/null)"
169 adb_tmpdir
="$(mktemp -p /tmp -d 2>/dev/null)"
170 adb_dnsdir
="/tmp/dnsmasq.d"
171 adb_dnsprefix
="adb_list"
172 adb_prechain_ipv4
="prerouting_rule"
173 adb_fwdchain_ipv4
="forwarding_rule"
174 adb_outchain_ipv4
="output_rule"
175 adb_prechain_ipv6
="PREROUTING"
176 adb_fwdchain_ipv6
="forwarding_rule"
177 adb_outchain_ipv6
="output_rule"
178 adb_fetch
="/usr/bin/wget"
183 # set adblock source ruleset definitions
185 rset_start
="sed -r 's/[[:space:]]|[\[!#/:;_].*|[0-9\.]*localhost.*//g; s/[\^#/:;_\.\t ]*$//g'"
186 rset_end
="tr -cd '[0-9a-z\.\-]\n' | sed -r 's/^[ \.\-].*$|^[a-z0-9]*[ \.\-]*$//g; /^[#/:;_\s]*$/d'"
187 rset_adaway
="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}"
188 rset_blacklist
="${rset_start} | ${rset_end}"
189 rset_disconnect
="${rset_start} | ${rset_end}"
190 rset_dshield
="${rset_start} | ${rset_end}"
191 rset_feodo
="${rset_start} | ${rset_end}"
192 rset_malware
="${rset_start} | ${rset_end}"
193 rset_malwarelist
="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}"
194 rset_openphish
="sed -e 's|^[^/]*//||' -e 's|/.*$||'"
195 rset_palevo
="${rset_start} | ${rset_end}"
196 rset_ruadlist
="sed -e '/^\|\|/! s/.*//; /\^$/! s/.*//; s/\^$//g; /[\.]/! s/.*//; s/^[\|]\{1,2\}//g' | ${rset_end}"
197 rset_shalla
="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}$//g' | ${rset_end}"
198 rset_spam404
="${rset_start} | sed 's/^\|\|//g' | ${rset_end}"
199 rset_whocares
="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}"
200 rset_winhelp
="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}"
201 rset_yoyo
="${rset_start} | sed 's/,/\n/g' | ${rset_end}"
202 rset_zeus
="${rset_start} | ${rset_end}"
204 # get logical wan update interfaces (with default route) and their device names
206 while [ $
((adb_cnt
)) -le $
((adb_maxloop
)) ]
208 network_find_wan adb_wanif4
2>/dev
/null
209 network_find_wan6 adb_wanif6
2>/dev
/null
210 if [ -z "${adb_wanif4}" ] && [ -z "${adb_wanif6}" ]
213 elif [ "${adb_wanif4}" = "${adb_lanif}" ] || [ "${adb_wanif6}" = "${adb_lanif}" ]
216 f_log
"LAN only (${adb_lanif}) network, no valid IPv4/IPv6 wan update interface found" "${rc}"
219 network_get_device adb_wandev4
"${adb_wanif4}" 2>/dev
/null
220 network_get_device adb_wandev6
"${adb_wanif6}" 2>/dev
/null
223 if [ $
((adb_cnt
)) -ge $
((adb_maxloop
)) ]
226 f_log
"no valid IPv4/IPv6 wan update interface found" "${rc}"
229 adb_cnt
=$
((adb_cnt
+ 1))
233 # get lan ip addresses
235 network_get_ipaddr adb_ipv4
"${adb_lanif}" 2>/dev
/null
236 network_get_ipaddr6 adb_ipv6
"${adb_lanif}" 2>/dev
/null
237 if [ -z "${adb_ipv4}" ] && [ -z "${adb_ipv6}" ]
240 f_log
"no valid IPv4/IPv6 configuration for given logical LAN interface found (${adb_lanif}), please set 'adb_lanif' manually" "${rc}"
244 # read system ntp server names
246 adb_ntpsrv
="$(uci get system.ntp.server 2>/dev/null)"
249 #################################################
250 # f_envcheck: check/set environment prerequisites
256 # check general package dependencies
261 f_depend
"kmod-ipt-nat"
263 # check ipv6 related package dependencies
265 if [ -n "${adb_wanif6}" ]
267 check
="$(printf "${pkg_list}" | grep "^ip6tables
-" 2>/dev/null)"
270 f_log
"package 'ip6tables' not found, IPv6 support wÃll be disabled"
273 check
="$(printf "${pkg_list}" | grep "^kmod-ipt-nat6
-" 2>/dev/null)"
276 f_log
"package 'kmod-ipt-nat6' not found, IPv6 support wÃll be disabled"
282 # check ca-certificates package and set wget parms accordingly
284 check
="$(printf "${pkg_list}" | grep "^ca-certificates
-" 2>/dev/null)"
287 wget_parm
="--no-config --no-check-certificate --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --dns-timeout=5"
289 wget_parm
="--no-config --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --dns-timeout=5"
292 # check adblock blacklist/whitelist configuration
294 if [ ! -r "${adb_blacklist}" ]
297 f_log
"adblock blacklist not found (${adb_blacklist})" "${rc}"
299 elif [ ! -r "${adb_whitelist}" ]
302 f_log
"adblock whitelist not found (${adb_whitelist})" "${rc}"
306 # check adblock temp directory
308 if [ -n "${adb_tmpdir}" ] && [ -d "${adb_tmpdir}" ]
310 f_space
"${adb_tmpdir}"
311 if [ "${space_ok}" = "false" ]
314 f_log
"not enough space in '${adb_tmpdir}', please supersize your temp directory" "${rc}"
319 f_log
"temp directory not found" "${rc}"
323 # check total and swap memory
325 mem_total
="$(grep -F "MemTotal
" "/proc
/meminfo
" 2>/dev/null | grep -o "[0-9]*" 2>/dev/null)"
326 mem_free
="$(grep -F "MemFree
" "/proc
/meminfo
" 2>/dev/null | grep -o "[0-9]*" 2>/dev/null)"
327 swap_total
="$(grep -F "SwapTotal
" "/proc
/meminfo
" 2>/dev/null | grep -o "[0-9]*" 2>/dev/null)"
328 if [ $
((mem_total
)) -le 64000 ] && [ $
((swap_total
)) -eq 0 ]
331 f_log
"not enough memory, overall sort/unique processing will be disabled"
332 f_log
"please consider adding an external swap device to supersize your temp directory (total: ${mem_total}, free: ${mem_free}, swap: ${mem_swap})"
335 # check backup configuration
337 if [ -n "${adb_backupdir}" ] && [ -d "${adb_backupdir}" ]
339 f_space
"${adb_backupdir}"
340 if [ "${space_ok}" = "false" ]
342 f_log
"not enough space in '${adb_backupdir}', backup/restore will be disabled"
345 f_log
"backup/restore will be enabled"
350 f_log
"backup/restore will be disabled"
353 # check log configuration
355 adb_logdir
="${adb_logfile%/*}"
356 if [ -n "${adb_logdir}" ] && [ -d "${adb_logdir}" ]
358 f_space
"${adb_logdir}"
359 if [ "${space_ok}" = "false" ]
361 f_log
"not enough space in '${adb_logdir}', logging will be disabled"
364 f_log
"logging will be enabled"
369 f_log
"logging will be disabled"
372 # check ipv4/iptables configuration
374 if [ -n "${adb_wanif4}" ] && [ -n "${adb_wandev4}" ]
376 f_firewall
"IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-prerouting" "! -i ${adb_wandev4} -p tcp -d ${adb_nullipv4} -m multiport --dports 80,443 -j REDIRECT --to-ports ${adb_port}"
377 f_firewall
"IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-dns" "! -i ${adb_wandev4} -p udp --dport 53 -j REDIRECT"
378 f_firewall
"IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-dns" "! -i ${adb_wandev4} -p tcp --dport 53 -j REDIRECT"
379 f_firewall
"IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward" "! -i ${adb_wandev4} -p udp -d ${adb_nullipv4} -j REJECT --reject-with icmp-port-unreachable"
380 f_firewall
"IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward" "! -i ${adb_wandev4} -p tcp -d ${adb_nullipv4} -j REJECT --reject-with tcp-reset"
381 f_firewall
"IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward" "! -i ${adb_wandev4} -d ${adb_nullipv4} -j REJECT --reject-with icmp-proto-unreachable"
382 f_firewall
"IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output" "! -i ${adb_wandev4} -p udp -d ${adb_nullipv4} -j REJECT --reject-with icmp-port-unreachable"
383 f_firewall
"IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output" "! -i ${adb_wandev4} -p tcp -d ${adb_nullipv4} -j REJECT --reject-with tcp-reset"
384 f_firewall
"IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output" "! -i ${adb_wandev4} -d ${adb_nullipv4} -j REJECT --reject-with icmp-proto-unreachable"
385 if [ "${fw_done}" = "true" ]
387 f_log
"created volatile IPv4 firewall ruleset"
392 # check ipv6/ip6tables configuration
394 if [ -n "${adb_wanif6}" ] && [ -n "${adb_wandev6}" ]
396 f_firewall
"IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-prerouting" "! -i ${adb_wandev6} -p tcp -d ${adb_nullipv6} -m multiport --dports 80,443 -j REDIRECT --to-ports ${adb_port}"
397 f_firewall
"IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-dns" "! -i ${adb_wandev6} -p udp --dport 53 -j REDIRECT"
398 f_firewall
"IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-dns" "! -i ${adb_wandev6} -p tcp --dport 53 -j REDIRECT"
399 f_firewall
"IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward" "! -i ${adb_wandev6} -p udp -d ${adb_nullipv6} -j REJECT --reject-with icmp-port-unreachable"
400 f_firewall
"IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward" "! -i ${adb_wandev6} -p tcp -d ${adb_nullipv6} -j REJECT --reject-with tcp-reset"
401 f_firewall
"IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward" "! -i ${adb_wandev6} -d ${adb_nullipv6} -j REJECT --reject-with icmp-proto-unreachable"
402 f_firewall
"IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output" "! -i ${adb_wandev6} -p udp -d ${adb_nullipv6} -j REJECT --reject-with icmp-port-unreachable"
403 f_firewall
"IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output" "! -i ${adb_wandev6} -p tcp -d ${adb_nullipv6} -j REJECT --reject-with tcp-reset"
404 f_firewall
"IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output" "! -i ${adb_wandev6} -d ${adb_nullipv6} -j REJECT --reject-with icmp-proto-unreachable"
405 if [ "${fw_done}" = "true" ]
407 f_log
"created volatile IPv6 firewall ruleset"
412 # check volatile adblock uhttpd instance configuration
414 rc
="$(ps | grep "[u
]httpd.
*\
-h /www
/adblock
" >/dev/null 2>&1; printf ${?})"
417 if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
419 uhttpd
-h "/www/adblock" -k 5 -N 200 -t 0 -T 1 -D -S -E "/adblock.html" -p "${adb_ipv4}:${adb_port}" -p "[${adb_ipv6}]:${adb_port}">/dev
/null
2>&1
423 f_log
"created volatile uhttpd instance (${adb_ipv4}:${adb_port}, [${adb_ipv6}]:${adb_port})"
425 f_log
"failed to initialize volatile uhttpd instance (${adb_ipv4}:${adb_port}, [${adb_ipv6}]:${adb_port})" "${rc}"
428 elif [ -n "${adb_wanif4}" ]
430 uhttpd
-h "/www/adblock" -k 5 -N 200 -t 0 -T 1 -D -S -E "/adblock.html" -p "${adb_ipv4}:${adb_port}" >/dev
/null
2>&1
434 f_log
"created volatile uhttpd instance (${adb_ipv4}:${adb_port})"
436 f_log
"failed to initialize volatile uhttpd instance (${adb_ipv4}:${adb_port})" "${rc}"
439 elif [ -n "${adb_wanif6}" ]
441 uhttpd
-h "/www/adblock" -k 5 -N 200 -t 0 -T 1 -D -S -E "/adblock.html" -p "[${adb_ipv6}]:${adb_port}" >/dev
/null
2>&1
445 f_log
"created volatile uhttpd instance ([${adb_ipv6}]:${adb_port})"
447 f_log
"failed to initialize volatile uhttpd instance ([${adb_ipv6}]:${adb_port})" "${rc}"
453 # wait for active wan update interface
455 while [ $
((adb_cnt
)) -le $
((adb_maxloop
)) ]
457 for interface
in ${adb_wanif}
459 network_get_device adb_wandev
"${interface}" 2>/dev
/null
460 if [ -z "${adb_wandev}" ] ||
[ ! -d "/sys/class/net/${adb_wandev}" ]
462 if [ -n "${adb_wandev4}" ]
464 adb_wandev
="${adb_wandev4}"
466 adb_wandev
="${adb_wandev6}"
468 if [ -z "${adb_wandev}" ] ||
[ ! -d "/sys/class/net/${adb_wandev}" ]
471 f_log
"no valid network device for given logical WAN interface found, please set 'adb_wanif' manually" "${rc}"
475 check
="$(cat /sys/class/net/${adb_wandev}/operstate 2>/dev/null)"
476 if [ "${check}" = "up" ]
478 f_log
"get active wan update interface/device (${adb_wanif}/${adb_wandev})"
480 elif [ $
((adb_cnt
)) -eq $
((adb_maxloop
)) ]
483 f_log
"wan update interface/device not running (${adb_wanif}/${adb_wandev})" "${rc}"
486 adb_cnt
=$
((adb_cnt
+ 1))
493 if [ -n "${adb_ntpsrv}" ]
496 for srv
in ${adb_ntpsrv}
498 ntp_pool
="${ntp_pool} -p ${srv}"
500 /usr
/sbin
/ntpd
-nq ${ntp_pool} >/dev
/null
2>&1
504 f_log
"get ntp time sync"
507 f_log
"ntp time sync failed"
511 # set dnsmasq defaults
513 if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
515 adb_dnsformat
="awk -v ipv4="${adb_nullipv4}" -v ipv6="${adb_nullipv6}" '{print \"address=/\"\$0\"/\"ipv4\"\n\"\"address=/\"\$0\"/\"ipv6}'"
516 elif [ -n "${adb_wanif4}" ]
518 adb_dnsformat="awk -v ipv4="${adb_nullipv4}" '{print
\"address
=/\"\
$0\"/\"ipv4
}'"
519 elif [ -n "${adb_wanif6}" ]
521 adb_dnsformat="awk -v ipv6="${adb_nullipv6}" '{print
\"address
=/\"\
$0\"/\"ipv6
}'"
524 # remove no longer used opkg package list
529 ######################################
530 # f_depend: check package dependencies
536 check="$(printf "${pkg_list}" | grep "^${package} -" 2>/dev/null)"
540 f_log "package '${package}' not found" "${rc}"
545 ##############################################
546 # f_firewall: set iptables rules for ipv4/ipv6
551 local iptv4="/usr/sbin/iptables"
552 local iptv6="/usr/sbin/ip6tables"
560 # select appropriate iptables executable
562 if [ "${proto}" = "IPv4" ]
569 # check whether iptables rule already applied and proceed accordingly
571 rc="$("${ipt}" -w -t "${table}" -C "${chain}" -m comment --comment "${notes}" ${rules} >/dev/null 2>&1; printf ${?})"
574 "${ipt}" -w -t "${table}" -"${ctype}" "${chain}" -m comment --comment "${notes}" ${rules} >/dev/null 2>&1
580 f_log "failed to initialize volatile ${proto} firewall rule '${notes}'" "${rc}"
586 ###################################################
587 # f_log: log messages to stdout, syslog and logfile
596 # check for terminal session
603 # log to different output devices, set log class accordingly
605 if [ -n "${log_msg}" ]
607 if [ $((log_rc)) -gt 0 ]
610 log_rc=", rc: ${log_rc}"
611 log_msg="${log_msg}${log_rc}"
613 /usr/bin/logger ${log_parm} -t "adblock[${adb_pid}] ${class}" "${log_msg}"
614 if [ "${log_ok}" = "true" ]
616 printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") adblock[${adb_pid}] ${class}: ${log_msg}" >> "${adb_logfile}"
621 ################################################
622 # f_space: check mount points/space requirements
628 # check relevant mount points in a subshell
632 av_space="$(df "${mp}" 2>/dev/null | tail -n1 2>/dev/null | awk '{print
$4}')"
633 if [ $((av_space)) -lt $((adb_minspace)) ]
640 ##################################################################
641 # f_restore: restore last adblock list backups and restart dnsmasq
648 # remove bogus adblock lists
650 if [ -n "${adb_revsrclist}" ]
652 rm_done="$(find "${adb_dnsdir}" -maxdepth 1 -type f \( ${adb_revsrclist} \) -print -exec rm -f "{}" \; 2>/dev/null)"
654 if [ $((rc)) -eq 0 ] && [ -n "${rm_done}" ]
656 f_log "all bogus adblock lists removed"
657 elif [ $((rc)) -ne 0 ]
659 f_log "error during removal of bogus adblock lists" "${rc}"
666 if [ "${backup_ok}" = "true" ] && [ "$(printf "${adb_backupdir}/${adb_dnsprefix}."*)" != "${adb_backupdir}/${adb_dnsprefix}.*" ]
668 restore_done="$(find "${adb_backupdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}.*" -print -exec cp -pf "{}" "${adb_dnsdir}" \; 2>/dev/null)"
670 if [ $((rc)) -eq 0 ] && [ -n "${restore_done}" ]
672 f_log "all available backups restored"
673 elif [ $((rc)) -ne 0 ]
675 f_log "error during restore of adblock lists" "${rc}"
679 f_log "no backups found, nothing to restore"
682 # (re-)try dnsmasq restart without bogus adblock lists / with backups
684 if [ -n "${restore_done}" ] || [ -n "${rm_done}" ]
686 /etc/init.d/dnsmasq restart >/dev/null 2>&1
688 dns_status="$(ps 2>/dev/null | grep "[d]nsmasq" 2>/dev/null)"
689 if [ -n "${dns_status}" ]
692 if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
694 adb_count="$(($(head -qn -4 "${adb_dnsdir}/${adb_dnsprefix}."* 2>/dev/null | wc -l) / 2))"
696 adb_count="$(head -qn -4 "${adb_dnsdir}/${adb_dnsprefix}."* 2>/dev/null | wc -l)"
698 f_log "adblock lists with overall ${adb_count} domains loaded"
701 f_log "dnsmasq restart failed, please check 'logread
' output" "${rc}"
707 ###################################
708 # f_exit: delete (temporary) files,
709 # generate statistics and exit
713 local ipv4_prerouting
716 local ipv6_prerouting
719 local iptv4="/usr/sbin/iptables"
720 local iptv6="/usr/sbin/ip6tables"
722 # delete temporary files & directories
724 if [ -f "${adb_tmpfile}" ]
726 rm -f "${adb_tmpfile}" >/dev/null 2>&1
728 if [ -d "${adb_tmpdir}" ]
730 rm -rf "${adb_tmpdir}" >/dev/null 2>&1
733 # final log message and iptables statistics
737 if [ -n "${adb_wanif4}" ]
739 ipv4_prerouting="$(${iptv4} -t nat -vnL | awk '$11 ~
/^adb-prerouting$
/ {sum += $1} END
{print
sum}')"
740 ipv4_forward="$(${iptv4} -vnL | awk '$11 ~
/^adb-forward$
/ {sum += $1} END
{print
sum}')"
741 ipv4_output="$(${iptv4} -vnL | awk '$11 ~
/^adb-output$
/ {sum += $1} END
{print
sum}')"
743 if [ -n "${adb_wanif6}" ]
745 ipv6_prerouting="$(${iptv6} -t nat -vnL | awk '$11 ~
/^adb-prerouting$
/ {sum += $1} END
{print
sum}')"
746 ipv6_forward="$(${iptv6} -vnL | awk '$11 ~
/^adb-forward$
/ {sum += $1} END
{print
sum}')"
747 ipv6_output="$(${iptv6} -vnL | awk '$11 ~
/^adb-output$
/ {sum += $1} END
{print
sum}')"
749 if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ]
751 f_log "adblock firewall statistics (IPv4/IPv6):"
752 f_log "${ipv4_prerouting}/${ipv6_prerouting} packets redirected in PREROUTING chain"
753 f_log "${ipv4_forward}/${ipv6_forward} packets rejected in FORWARD chain"
754 f_log "${ipv4_output}/${ipv6_output} packets rejected in OUTPUT chain"
755 elif [ -n "${adb_wanif4}" ]
757 f_log "adblock firewall statistics (IPv4):"
758 f_log "${ipv4_prerouting} packets redirected in PREROUTING chain"
759 f_log "${ipv4_forward} packets rejected in FORWARD chain"
760 f_log "${ipv4_output} packets rejected in OUTPUT chain"
761 elif [ -n "${adb_wanif6}" ]
763 f_log "${ipv6_prerouting} packets redirected in PREROUTING chain"
764 f_log "${ipv6_forward} packets rejected in FORWARD chain"
765 f_log "${ipv6_output} packets rejected in OUTPUT chain"
767 f_log "domain adblock processing finished successfully (${adb_scriptver}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))"
768 elif [ $((rc)) -gt 0 ]
770 f_log "domain adblock processing failed (${adb_scriptver}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))"
774 rm -f "${adb_pidfile}" >/dev/null 2>&1