omcproxy: fix installation of interface triggers (FS#1972)
authorDavid Santamaría Rogado <howl.nsp@gmail.com>
Tue, 11 Dec 2018 19:50:21 +0000 (20:50 +0100)
committerHans Dedecker <dedeckeh@gmail.com>
Sat, 29 Dec 2018 15:07:51 +0000 (16:07 +0100)
omcproxy will not start up if either the downlink or uplink interface is
not up at boottime as the interface triggers are not correctly
installed.

Further rework omcproxy init to make use of network functions defined
in network.sh; set proper family and proto options in procd firewall
rules.

Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
package/network/services/omcproxy/Makefile
package/network/services/omcproxy/files/omcproxy.init

index 2acd6f3..8f0c8b7 100644 (file)
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=omcproxy
-PKG_RELEASE:=6
+PKG_RELEASE:=7
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(PROJECT_GIT)/project/omcproxy.git
index 970b3a1..30816e3 100644 (file)
@@ -1,55 +1,65 @@
 #!/bin/sh /etc/rc.common
-# Copyright (C) 2010-2014 OpenWrt.org
+# Copyright (C) 2018 OpenWrt.org
 
 START=99
 USE_PROCD=1
 PROG=/usr/sbin/omcproxy
 
-# Uncomment to enable verbosity 
-#OPTIONS="-v" 
+# Uncomment to enable verbosity
+#OPTIONS="-v"
 PROXIES=""
 
-
 omcproxy_add_proxy() {
-       local uplink downlink scope proxy
+       local proxy scope uplink updevice downlinks
+
        config_get uplink $1 uplink
-       config_get downlink $1 downlink
-       config_get scope $1 scope
+       [ -n "$uplink" ] || return
+
+       network_get_device updevice "$uplink" || {
+               procd_append_param error "$uplink is not up"
+               return;
+       }
 
-       proxy=""
+       config_get downlinks $1 downlink
+       for downlink in $downlinks; do
+               local device
 
-       network_get_device updev $uplink
-       [ -n "$updev" ] || return 0
+               network_get_device device "$downlink" || {
+                       procd_append_param error "$downlink is not up"
+                       continue;
+               }
 
-       for network in $downlink; do
-               network_get_device downdev $network
-               [ -n "$downdev" ] && proxy="$proxy,$downdev"
+               proxy="$proxy,$device"
 
-               # Disable in-kernel querier while ours is active
-               [ -f /sys/class/net/$downdev/bridge/multicast_querier ] && \
-                       echo 0 > /sys/class/net/$downdev/bridge/multicast_querier
+               # Disable in-kernel querier while ours is active, default is 1.
+               [ -f /sys/class/net/$device/bridge/multicast_querier ] && \
+                       echo 0 > /sys/class/net/$device/bridge/multicast_querier
        done
 
        [ -n "$proxy" ] || return 0
-       [ -n "$scope" ] && proxy="$proxy,scope=$scope"
 
-       PROXIES="$PROXIES $updev$proxy"
+       config_get scope $1 scope
+       [ -n "$scope" ] && proxy="$proxy,scope=$scope"
 
+       PROXIES="$PROXIES $updevice$proxy"
 }
 
-omcproxy_add_trigger() {
-       local uplink downlink
+omcproxy_add_network_triggers() {
+       local uplink downlinks
+
        config_get uplink $1 uplink
-       config_get downlink $1 downlink
+       config_get downlinks $1 downlink
 
-       for network in $uplink $downlink; do
-               procd_add_interface_trigger "interface.*" $network /etc/init.d/omcproxy restart
+       for link in $uplink $downlinks; do
+               procd_add_interface_trigger "interface.*" $link /etc/init.d/omcproxy restart
        done
 }
 
-omcproxy_add_firewall() {
+omcproxy_add_firewall_rules() {
+       local uplink downlinks
+
        config_get uplink $1 uplink
-       config_get downlink $1 downlink
+       config_get downlinks $1 downlink
 
        upzone=$(fw3 -q network $uplink 2>/dev/null)
        [ -n "$upzone" ] || return 0
@@ -57,6 +67,7 @@ omcproxy_add_firewall() {
        json_add_object ""
        json_add_string type rule
        json_add_string src "$upzone"
+       json_add_string family ipv4
        json_add_string proto igmp
        json_add_string target ACCEPT
        json_close_object
@@ -76,8 +87,8 @@ omcproxy_add_firewall() {
        json_add_string target ACCEPT
        json_close_object
 
-       for network in $downlink; do
-               downzone=$(fw3 -q network $network 2>/dev/null)
+       for downlink in $downlinks; do
+               downzone=$(fw3 -q network $downlink 2>/dev/null)
                [ -n "$downzone" ] || continue
 
                json_add_object ""
@@ -85,7 +96,7 @@ omcproxy_add_firewall() {
                json_add_string src "$upzone"
                json_add_string dest "$downzone"
                json_add_string family ipv4
-               json_add_string proto any
+               json_add_string proto udp
                json_add_string dest_ip "224.0.0.0/4"
                json_add_string target ACCEPT
                json_close_object
@@ -95,7 +106,7 @@ omcproxy_add_firewall() {
                json_add_string src "$upzone"
                json_add_string dest "$downzone"
                json_add_string family ipv6
-               json_add_string proto any
+               json_add_string proto udp
                json_add_string dest_ip "ff00::/8"
                json_add_string target ACCEPT
                json_close_object
@@ -104,14 +115,15 @@ omcproxy_add_firewall() {
 
 service_triggers() {
        procd_add_reload_trigger "omcproxy"
+       config_foreach omcproxy_add_network_triggers proxy
 }
 
 start_service() {
-       include /lib/functions
+       . /lib/functions/network.sh
 
        config_load omcproxy
-       config_foreach omcproxy_add_proxy proxy
 
+       config_foreach omcproxy_add_proxy proxy
        [ -n "$PROXIES" ] || return 0
 
        procd_open_instance
@@ -120,24 +132,24 @@ start_service() {
        procd_append_param command $PROXIES
        procd_set_param respawn
 
-       procd_open_trigger
-       config_foreach omcproxy_add_trigger proxy
-       procd_close_trigger
-
        procd_open_data
 
        json_add_array firewall
-       config_foreach omcproxy_add_firewall proxy
+       config_foreach omcproxy_add_firewall_rules proxy
        json_close_array
 
        procd_close_data
 
        procd_close_instance
 
-       # Increase maximum IPv4 group memberships per socket
+       # Increase maximum IPv4 group memberships per socket, default is 100.
        echo 128 > /proc/sys/net/ipv4/igmp_max_memberships
 }
 
 service_started() {
        procd_set_config_changed firewall
 }
+
+stop_service() {
+       procd_set_config_changed firewall
+}