X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=package%2Fnetwork%2Fservices%2Fdnsmasq%2Ffiles%2Fdnsmasq.init;fp=package%2Fnetwork%2Fservices%2Fdnsmasq%2Ffiles%2Fdnsmasq.init;h=2b6ee0bd2357e9a1d3372de509d20630a63b430c;hb=915e41fda42b76f5fc6cde78fcd69473982a4ea9;hp=755168d8402d2ad5c3134edbb451af669ccb96ca;hpb=6a3a52a1b13456507267f16edf0e1734b1f37768;p=openwrt%2Fstaging%2Fmkresin.git diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init index 755168d840..2b6ee0bd23 100755 --- a/package/network/services/dnsmasq/files/dnsmasq.init +++ b/package/network/services/dnsmasq/files/dnsmasq.init @@ -33,6 +33,7 @@ dnsmasq_ignore_opt() { [ "${dnsmasq_features#* DNSSEC }" = "$dnsmasq_features" ] || dnsmasq_has_dnssec=1 [ "${dnsmasq_features#* TFTP }" = "$dnsmasq_features" ] || dnsmasq_has_tftp=1 [ "${dnsmasq_features#* ipset }" = "$dnsmasq_features" ] || dnsmasq_has_ipset=1 + [ "${dnsmasq_features#* nftset }" = "$dnsmasq_features" ] || dnsmasq_has_nftset=1 fi case "$opt" in @@ -55,6 +56,8 @@ dnsmasq_ignore_opt() { [ -z "$dnsmasq_has_tftp" ] ;; ipset) [ -z "$dnsmasq_has_ipset" ] ;; + nftset) + [ -z "$dnsmasq_has_nftset" ] ;; *) return 1 esac @@ -169,6 +172,10 @@ append_address() { xappend "--address=$1" } +append_nftset() { + xappend "--nftset=$1" +} + append_connmark_allowlist() { xappend "--connmark-allowlist=$1" } @@ -813,6 +820,29 @@ dnsmasq_ipset_add() { xappend "--ipset=$domains/$ipsets" } +dnsmasq_nftset_add() { + local cfg="$1" + local nftsets domains + + add_nftset() { + nftsets="${nftsets:+$nftsets,}$1" + } + + add_domain() { + # leading '/' is expected + domains="$domains/$1" + } + + config_list_foreach "$cfg" "name" add_nftset + config_list_foreach "$cfg" "domain" add_domain + + if [ -z "$nftsets" ] || [ -z "$domains" ]; then + return 0 + fi + + xappend "--nftset=$domains/$nftsets" +} + dnsmasq_start() { local cfg="$1" @@ -944,6 +974,7 @@ dnsmasq_start() config_list_foreach "$cfg" "server" append_server config_list_foreach "$cfg" "rev_server" append_rev_server config_list_foreach "$cfg" "address" append_address + config_list_foreach "$cfg" "nftset" append_nftset local connmark_allowlist_enable config_get connmark_allowlist_enable "$cfg" connmark_allowlist_enable 0 @@ -1136,6 +1167,10 @@ dnsmasq_start() config_foreach filter_dnsmasq ipset dnsmasq_ipset_add "$cfg" echo >> $CONFIGFILE_TMP + echo >> $CONFIGFILE_TMP + config_foreach filter_dnsmasq nftset dnsmasq_nftset_add "$cfg" + echo >> $CONFIGFILE_TMP + echo >> $CONFIGFILE_TMP mv -f $CONFIGFILE_TMP $CONFIGFILE mv -f $HOSTFILE_TMP $HOSTFILE