omcproxy: silence fw3 warnings
[openwrt/openwrt.git] / package / network / services / omcproxy / files / omcproxy.init
1 #!/bin/sh /etc/rc.common
2 # Copyright (C) 2010-2014 OpenWrt.org
3
4 START=99
5 USE_PROCD=1
6 PROG=/usr/sbin/omcproxy
7
8 # Uncomment to enable verbosity
9 #OPTIONS="-v"
10 PROXIES=""
11
12
13 omcproxy_add_proxy() {
14 local uplink downlink scope proxy
15 config_get uplink $1 uplink
16 config_get downlink $1 downlink
17 config_get scope $1 scope
18
19 proxy=""
20
21 network_get_device updev $uplink
22 [ -n "$updev" ] || return 0
23
24 for network in $downlink; do
25 network_get_device downdev $network
26 [ -n "$downdev" ] && proxy="$proxy,$downdev"
27
28 # Disable in-kernel querier while ours is active
29 [ -f /sys/class/net/$downdev/bridge/multicast_querier ] && \
30 echo 0 > /sys/class/net/$downdev/bridge/multicast_querier
31 done
32
33 [ -n "$proxy" ] || return 0
34 [ -n "$scope" ] && proxy="$proxy,scope=$scope"
35
36 PROXIES="$PROXIES $updev$proxy"
37
38 }
39
40 omcproxy_add_trigger() {
41 local uplink downlink
42 config_get uplink $1 uplink
43 config_get downlink $1 downlink
44
45 for network in $uplink $downlink; do
46 procd_add_interface_trigger "interface.*" $network /etc/init.d/omcproxy restart
47 done
48 }
49
50 omcproxy_add_firewall() {
51 config_get uplink $1 uplink
52 config_get downlink $1 downlink
53
54 upzone=$(fw3 -q network $uplink 2>/dev/null)
55 [ -n "$upzone" ] || return 0
56
57 json_add_object ""
58 json_add_string type rule
59 json_add_string src "$upzone"
60 json_add_string proto igmp
61 json_add_string target ACCEPT
62 json_close_object
63
64 json_add_object ""
65 json_add_string type rule
66 json_add_string family ipv6
67 json_add_string src "$upzone"
68 json_add_string proto icmp
69 json_add_string src_ip fe80::/10
70 json_add_array icmp_type
71 json_add_string "" 130/0
72 json_add_string "" 131/0
73 json_add_string "" 132/0
74 json_add_string "" 143/0
75 json_close_array
76 json_add_string target ACCEPT
77 json_close_object
78
79 for network in $downlink; do
80 downzone=$(fw3 -q network $network 2>/dev/null)
81 [ -n "$downzone" ] || continue
82
83 json_add_object ""
84 json_add_string type rule
85 json_add_string src "$upzone"
86 json_add_string dest "$downzone"
87 json_add_string family ipv4
88 json_add_string proto any
89 json_add_string dest_ip "224.0.0.0/4"
90 json_add_string target ACCEPT
91 json_close_object
92
93 json_add_object ""
94 json_add_string type rule
95 json_add_string src "$upzone"
96 json_add_string dest "$downzone"
97 json_add_string family ipv6
98 json_add_string proto any
99 json_add_string dest_ip "ff00::/8"
100 json_add_string target ACCEPT
101 json_close_object
102 done
103 }
104
105 service_triggers() {
106 procd_add_reload_trigger "omcproxy"
107 }
108
109 start_service() {
110 include /lib/functions
111
112 config_load omcproxy
113 config_foreach omcproxy_add_proxy proxy
114
115 [ -n "$PROXIES" ] || return 0
116
117 procd_open_instance
118 procd_set_param command $PROG
119 [ -n "$OPTIONS" ] && procd_append_param command $OPTIONS
120 procd_append_param command $PROXIES
121 procd_set_param respawn
122
123 procd_open_trigger
124 config_foreach omcproxy_add_trigger proxy
125 procd_close_trigger
126
127 procd_open_data
128
129 json_add_array firewall
130 config_foreach omcproxy_add_firewall proxy
131 json_close_array
132
133 procd_close_data
134
135 procd_close_instance
136
137 # Increase maximum IPv4 group memberships per socket
138 echo 128 > /proc/sys/net/ipv4/igmp_max_memberships
139 }
140
141 service_started() {
142 procd_set_config_changed firewall
143 }