update 04-25 23:45:26

2022-04-25 23:45:26 +08:00 · 2022-04-25 23:45:26 +08:00 · 1ba186d613
parent 638b30c5a5
commit 1ba186d613
11 changed files with 109 additions and 88 deletions
--- a/app-store-ui/src/dist/luci-static/istore/index.js
+++ b/app-store-ui/src/dist/luci-static/istore/index.js
--- a/app-store-ui/src/dist/luci-static/istore/style.css
+++ b/app-store-ui/src/dist/luci-static/istore/style.css
--- a/app-store-ui/src/dist/luci-static/istore/vendor.js
+++ b/app-store-ui/src/dist/luci-static/istore/vendor.js
--- a/luci-app-control-weburl/Makefile
+++ b/luci-app-control-weburl/Makefile
@ -9,7 +9,7 @@ LUCI_TITLE:=LuCI support for Weburl From Koolshare
 LUCI_DEPENDS:=+iptables-mod-filter +kmod-ipt-filter
 LUCI_PKGARCH:=all
 PKG_VERSION:=1.0
-PKG_RELEASE:=3-20220406
+PKG_RELEASE:=3-20220422

 include $(TOPDIR)/feeds/luci/luci.mk

--- a/luci-app-control-weburl/root/etc/init.d/weburl
+++ b/luci-app-control-weburl/root/etc/init.d/weburl
@ -9,16 +9,8 @@

 START=99

-CONFIG=weburl
-
-uci_get_by_type() {
-	local index=0
-	if [ -n $4 ]; then
-		index=$4
-	fi
-	local ret=$(uci get $CONFIG.@$1[$index].$2 2>/dev/null)
-	echo ${ret:=$3}
-}
+WEBURL_ENABLE=0
+WEBURL_ALGOS=

 is_true() {
 	case $1 in
@ -27,63 +19,90 @@ is_true() {
 	esac
 }

-load_config() {
-	ENABLED=$(uci_get_by_type basic enable)
-	return $(is_true $ENABLED)
+get_algo_mode(){
+	if [ "x$1" = "x1" ]; then
+		echo "kmp"
+	else
+		echo "bm"
+	fi
 }

-get_algo_mode(){
-	case "$1" in
-		0)
-			echo "bm"
-		;;
-		1)
-			echo "kmp"
-		;;
-	esac
+iptables_w(){
+	iptables -w 1 "$@"
 }

 add_rule(){
-	algos=$(uci_get_by_type basic algos)
-	for i in $(seq 0 100)
-	do
-		enable=$(uci_get_by_type macbind enable '' $i)
-		macaddr=$(uci_get_by_type macbind macaddr '' $i)
-		timeon=$(uci_get_by_type macbind timeon '' $i)
-		timeoff=$(uci_get_by_type macbind timeoff '' $i)
-		keyword=$(uci_get_by_type macbind keyword '' $i)
-		if [ -z $enable ] || [ -z $keyword ]; then
-			break
+	local settime
+	local macaddr
+	local enable
+	local timeon
+	local timeoff
+	local keyword
+	config_get enable "$1" enable "0"
+	config_get macaddr "$1" macaddr
+	config_get timeon "$1" timeon
+	config_get timeoff "$1" timeoff
+	config_get keyword "$1" keyword
+
+	if [ -z "$enable" ] || [ $enable = 0 ] || [ -z "$keyword" ]; then
+		return
 	fi

-		if [ -z $timeon ] || [ -z $timeoff ]; then
+	if [ -z "$timeon" ] || [ -z "$timeoff" ]; then
 		settime=""
 	else
 		settime="-m time --kerneltz --timestart $timeon --timestop $timeoff"
 	fi

-		if [ "$enable" == "1" ]; then
 	if [ -z $macaddr ]; then
-				iptables -t filter -I WEBURL $settime -m string --string "$keyword" --algo $(get_algo_mode $algos) -j DROP
+		iptables_w -t filter -I WEBURL_RULES $settime -m string --string "$keyword" --algo $WEBURL_ALGOS -j WEBURL_REJECT
 	else
-				iptables -t filter -I WEBURL $settime -m mac --mac-source $macaddr -m string --string "$keyword" --algo $(get_algo_mode $algos) -j DROP
-				unset macaddr
+		iptables_w -t filter -I WEBURL_RULES $settime -m mac --mac-source $macaddr -m string --string "$keyword" --algo $WEBURL_ALGOS -j WEBURL_REJECT
 	fi
-		fi
-	done
+
+}
+
+weburl_header() {
+	local algos
+	config_get WEBURL_ENABLE "$1" enable "0"
+	config_get algos "$1" algos "0"
+	WEBURL_ALGOS=$(get_algo_mode $algos)
 }

 start(){
-	! load_config && exit 0
-	iptables -L FORWARD | grep -c WEBURL 2>/dev/null && [ $? -eq 0 ] && exit 0;
-	iptables -t filter -N WEBURL
-	iptables -t filter -I FORWARD -m comment --comment "Rule For Control" -j WEBURL
-	add_rule
-	iptables -t filter -I WEBURL -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-}
-stop(){
-	iptables -t filter -D FORWARD -m comment --comment "Rule For Control" -j WEBURL
-	iptables -t filter -F WEBURL
-	iptables -t filter -X WEBURL
+	config_load weburl
+	config_foreach weburl_header basic
+	[ "x`is_true $WEBURL_ENABLE`" = "x0" ] || return 0
+	iptables_w -L FORWARD | grep -c WEBURL 2>/dev/null && [ $? -eq 0 ] && return 0;
+	# resolve interface
+	local interface=$(
+		. /lib/functions/network.sh
+
+		network_is_up "lan" && network_get_device device "lan"
+		echo "${device:-br-lan}"
+	)
+	iptables_w -t filter -N WEBURL_REJECT
+	iptables_w -t filter -F WEBURL_REJECT
+	iptables_w -t filter -I WEBURL_REJECT -j DROP
+	iptables_w -t filter -I WEBURL_REJECT -p tcp -j REJECT --reject-with tcp-reset
+	iptables_w -t filter -N WEBURL_RULES
+	iptables_w -t filter -F WEBURL_RULES
+	config_foreach add_rule macbind
+	iptables_w -t filter -N WEBURL
+	iptables_w -t filter -F WEBURL
+	iptables_w -t filter -I WEBURL -i $interface -m length --length 53:768 -j WEBURL_RULES
+	# iptables_w -t filter -I WEBURL -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+	iptables_w -t filter -I FORWARD -m comment --comment "Rule For Control" -j WEBURL
+	logger -t weburl "weburl filter on $interface"
+}
+
+stop(){
+	iptables_w -t filter -D FORWARD -m comment --comment "Rule For Control" -j WEBURL
+	iptables_w -t filter -F WEBURL
+	iptables_w -t filter -X WEBURL
+	iptables_w -t filter -F WEBURL_RULES
+	iptables_w -t filter -X WEBURL_RULES
+	iptables_w -t filter -F WEBURL_REJECT
+	iptables_w -t filter -X WEBURL_REJECT
 }

--- a/luci-app-ssr-plus/root/usr/bin/ssr-rules
+++ b/luci-app-ssr-plus/root/usr/bin/ssr-rules
@ -191,6 +191,7 @@ ac_rule() {
 	else
 		for name in $Interface; do
 			local IFNAME=$(uci -P /var/state get network.$name.ifname 2>/dev/null)
+			[ -z "$IFNAME" ] && IFNAME=$(uci -P /var/state get network.$name.device 2>/dev/null)
 			[ -n "$IFNAME" ] && $IPT -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p tcp $EXT_ARGS $MATCH_SET -m comment --comment "$TAG" -j SS_SPEC_WAN_AC
 		done
 	fi
@ -262,6 +263,7 @@ tp_rule() {
 	else
 		for name in $Interface; do
 			local IFNAME=$(uci -P /var/state get network.$name.ifname 2>/dev/null)
+			[ -z "$IFNAME" ] && IFNAME=$(uci -P /var/state get network.$name.device 2>/dev/null)
 			[ -n "$IFNAME" ] && $ipt -I PREROUTING 1 ${IFNAME:+-i $IFNAME} -p udp $EXT_ARGS $MATCH_SET -m comment --comment "$TAG" -j SS_SPEC_TPROXY
 		done
 	fi
--- a/luci-app-store/Makefile
+++ b/luci-app-store/Makefile
@ -10,12 +10,12 @@ LUCI_DESCRIPTION:=luci-app-store is a ipk store developed by LinkEase team
 LUCI_DEPENDS:=+curl +opkg +luci-base +tar +coreutils +coreutils-stat +libuci-lua +mount-utils
 LUCI_PKGARCH:=all

-PKG_VERSION:=0.1.8-8
+PKG_VERSION:=0.1.9-1
 # PKG_RELEASE MUST be empty for luci.mk
 PKG_RELEASE:=

 ISTORE_UI_VERSION:=1.0
-ISTORE_UI_RELEASE:=12
+ISTORE_UI_RELEASE:=13
 PKG_HASH:=skip

 PKG_SOURCE_URL_FILE:=v$(ISTORE_UI_VERSION)-$(ISTORE_UI_RELEASE).tar.gz
--- a/luci-app-store/root/bin/is-opkg
+++ b/luci-app-store/root/bin/is-opkg
@ -219,6 +219,11 @@ backup() {
        exit 0
    fi

+    if [ ! -d "${BACKUP_PATH}" ] && ! mkdir -p "${BACKUP_PATH}" ; then
+        echo "invalid backup path, can not backup ipk"
+        exit 1
+    fi
+
    #write all installed package list to file
    opkg_list_installed_packages "allinstalled" 2>/dev/null | sort -u > ${IS_ROOT}/all_installed_package.list

@ -249,12 +254,7 @@ backup() {
    [ -n "${IS_DEBUG}" ] && echo -e "appdep_list_all:\n""${appdep_list_all}"
    echo "${appdep_list_all}" > ${IS_ROOT}/appdep.list

-
    #3.rebuild all istore installed package to ipk and backup to userdata partation
-    if [ ! -d "${BACKUP_PATH}" ];then
-        echo "invalid backup path, can not backup ipk"
-        exit 1
-    fi

    # 4. create dir
    date=$(date +%Y-%m%d-%H%M)
--- a/luci-theme-argon/Makefile
+++ b/luci-theme-argon/Makefile
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 LUCI_TITLE:=Argon Theme
 LUCI_DEPENDS:=+curl +jsonfilter
 PKG_VERSION:=2.2.9.4
-PKG_RELEASE:=20220421
+PKG_RELEASE:=20220425

 include $(TOPDIR)/feeds/luci/luci.mk