From dba5e20f66de010e8c06d71a4b78729c6caeab7d Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Wed, 28 Feb 2024 19:18:59 +0800
Subject: [PATCH] update 2024-02-28 19:18:59

---
 luci-app-natmap/luci-app-natmap/Makefile      |  2 +-
 .../luci-static/resources/view/natmap.js      | 12 +++-
 .../luci-app-natmap/root/etc/config/natmap    |  2 +-
 .../luci-app-natmap/root/etc/init.d/natmap    |  6 +-
 .../root/usr/share/natmap/forward.sh          | 30 ++++-----
 .../natmap/plugin-forward/firewall-forward.sh | 63 ++++++++++++-------
 .../natmap/plugin-forward/ikuai-forward.sh    |  2 +
 7 files changed, 72 insertions(+), 45 deletions(-)

diff --git a/luci-app-natmap/luci-app-natmap/Makefile b/luci-app-natmap/luci-app-natmap/Makefile
index 37efd6314..eef438444 100755
--- a/luci-app-natmap/luci-app-natmap/Makefile
+++ b/luci-app-natmap/luci-app-natmap/Makefile
@@ -3,7 +3,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-natmap
-PKG_VERSION:=1.4.0
+PKG_VERSION:=1.4.1
 PKG_RELEASE:=2
 
 LUCI_TITLE:=LuCI Support for natmap
diff --git a/luci-app-natmap/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js b/luci-app-natmap/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js
index 3f0baf8b6..6e59e9a54 100755
--- a/luci-app-natmap/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js
+++ b/luci-app-natmap/luci-app-natmap/htdocs/luci-static/resources/view/natmap.js
@@ -175,7 +175,7 @@ return view.extend({
     o.value("ikuai", _("ikuai"));
     // o.depends('forward_enable', '1');
 
-    // forward_natmap
+    // forward_natmap, forward_ikuai, forward_firewall
     o = s.taboption(
       "forward",
       form.Value,
@@ -201,10 +201,11 @@ return view.extend({
     o.depends("forward_mode", "natmap");
     o.depends("forward_mode", "ikuai");
 
+    // forward_firewall
     o = s.taboption(
       "forward",
       widgets.NetworkSelect,
-      "forward_natmap_target_interface",
+      "forward_firewall_target_interface",
       _("Target_Interface")
     );
     o.modalonly = true;
@@ -367,7 +368,12 @@ return view.extend({
     o.depends("notify_mode", "telegram_bot");
 
     //notify_pushplus
-    o = s.taboption("notify", form.Value, "notify_pushplus_token", _("PushPlus Token"));
+    o = s.taboption(
+      "notify",
+      form.Value,
+      "notify_pushplus_token",
+      _("PushPlus Token")
+    );
     o.description =
       _("Get Instructions") +
       ' <a href="http://www.pushplus.plus/" target="_blank">' +
diff --git a/luci-app-natmap/luci-app-natmap/root/etc/config/natmap b/luci-app-natmap/luci-app-natmap/root/etc/config/natmap
index 8d8529b56..a78bd8773 100755
--- a/luci-app-natmap/luci-app-natmap/root/etc/config/natmap
+++ b/luci-app-natmap/luci-app-natmap/root/etc/config/natmap
@@ -12,7 +12,7 @@ config natmap
 	option forward_target_ip ''
 	option forward_target_port ''
 	option forward_mode 'firewall'
-	option forward_natmap_target_interface ''
+	option forward_firewall_target_interface ''
 	option forward_ikuai_web_url ''
 	option forward_ikuai_username ''
 	option forward_ikuai_password ''
diff --git a/luci-app-natmap/luci-app-natmap/root/etc/init.d/natmap b/luci-app-natmap/luci-app-natmap/root/etc/init.d/natmap
index ce0ec9040..2c89f830e 100755
--- a/luci-app-natmap/luci-app-natmap/root/etc/init.d/natmap
+++ b/luci-app-natmap/luci-app-natmap/root/etc/init.d/natmap
@@ -30,7 +30,7 @@ validate_section_natmap() {
 		'forward_target_ip:host' \
 		'forward_target_port:port' \
 		'forward_mode:string' \
-		'forward_natmap_target_interface:string' \
+		'forward_firewall_target_interface:string' \
 		'forward_ikuai_web_url:string' \
 		'forward_ikuai_username:string' \
 		'forward_ikuai_password:string' \
@@ -109,10 +109,10 @@ natmap_instance() {
 		procd_append_param netdev "$ifname"
 	}
 
-	[ -n "${forward_natmap_target_interface}" ] && {
+	[ -n "${forward_firewall_target_interface}" ] && {
 		local ifname
 
-		network_get_device ifname "$forward_natmap_target_interface" || ifname="$forward_natmap_target_interface"
+		network_get_device ifname "$forward_firewall_target_interface" || ifname="$forward_firewall_target_interface"
 		procd_append_param command -i "$ifname"
 		procd_append_param netdev "$ifname"
 	}
diff --git a/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/forward.sh b/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/forward.sh
index 5792c4e9a..1d4888964 100755
--- a/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/forward.sh
+++ b/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/forward.sh
@@ -12,22 +12,22 @@ if [ -z "$FORWARD_TARGET_PORT" ] || [ -z "$FORWARD_TARGET_IP" ]; then
 fi
 
 forward_script=""
-# case $FORWARD_MODE in
-# "firewall")
-#     forward_script="/usr/share/natmap/plugin-forward/firewall-forward.sh"
-#     ;;
-# "ikuai")
-#     forward_script="/usr/share/natmap/plugin-forward/ikuai-forward.sh"
-#     ;;
-# *)
-#     forward_script=""
-#     ;;
-# esac
+case $FORWARD_MODE in
+"firewall")
+    forward_script="/usr/share/natmap/plugin-forward/firewall-forward.sh"
+    ;;
+"ikuai")
+    forward_script="/usr/share/natmap/plugin-forward/ikuai-forward.sh"
+    ;;
+*)
+    forward_script=""
+    ;;
+esac
 
-# 如果$FORWARD_MODE非空则执行对应的脚本
-if [ -n "${FORWARD_MODE}" ]; then
-    forward_script="/usr/share/natmap/plugin-forward/${FORWARD_MODE}-forward.sh"
-fi
+# # 如果$FORWARD_MODE非空则执行对应的脚本
+# if [ -n "${FORWARD_MODE}" ]; then
+#     forward_script="/usr/share/natmap/plugin-forward/${FORWARD_MODE}-forward.sh"
+# fi
 
 if [ -n "${forward_script}" ]; then
     # echo "$GENERAL_NAT_NAME execute forward script"
diff --git a/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/plugin-forward/firewall-forward.sh b/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/plugin-forward/firewall-forward.sh
index fba195b32..674041c04 100644
--- a/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/plugin-forward/firewall-forward.sh
+++ b/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/plugin-forward/firewall-forward.sh
@@ -10,36 +10,55 @@ protocol=$5
 # 	exit 0
 # fi
 
+# 如果$forward_target_port为空则退出
 if [ -z "$FORWARD_TARGET_PORT" ]; then
+	# echo "FORWARD_TARGET_PORT is empty,firewall forward exit"
 	exit 0
 fi
 
+# 如果$forward_target_ip为空则退出
 if [ -z "$FORWARD_TARGET_IP" ]; then
+	# echo "FORWARD_TARGET_IP is empty"
 	exit 0
 fi
 
 # get forward target port
 # final_forward_target_port=$([ "${FORWARD_TARGET_PORT}" == 0 ] ? $outter_port : "${FORWARD_TARGET_PORT}")
+# if [ "${FORWARD_TARGET_PORT}" == 0 ]; then
+# 	echo "FORWARD_TARGET_PORT is 0"
+# 	final_forward_target_port=$outter_port
+# else
+# 	echo "FORWARD_TARGET_PORT is not 0"
+# 	final_forward_target_port=$FORWARD_TARGET_PORT
+# fi
+
 final_forward_target_port=$((FORWARD_TARGET_PORT == 0 ? outter_port : FORWARD_TARGET_PORT))
+# echo "firewall_final_forward_target_port: $final_forward_target_port"
 
 # ipv4 firewall
 rule_name_v4=$(echo "${GENERAL_NAT_NAME}_v4" | sed 's/[^a-zA-Z0-9]/_/g' | awk '{print tolower($0)}')
+echo "firewall_rule_name_v4: $rule_name_v4"
 
 # ipv4 redirect
 uci set firewall.$rule_name_v4=redirect
-uci set firewall.$rule_name_v4.name="$rule_name_v4"
-uci set firewall.$rule_name_v4.proto="$protocol"
-uci set firewall.$rule_name_v4.src="$GENERAL_WAN_INTERFACE"
-uci set firewall.$rule_name_v4.dest="$FORWOARD_TARGET_INTERFACE"
-uci set firewall.$rule_name_v4.target='DNAT'
-uci set firewall.$rule_name_v4.src_dport="${inner_port}"
-uci set firewall.$rule_name_v4.dest_ip="${FORWARD_TARGET_IP}"
-uci set firewall.$rule_name_v4.dest_port="${final_forward_target_port}"
+uci set firewall.$rule_name_v4.name=$rule_name_v4
+uci set firewall.$rule_name_v4.proto=$protocol
+uci set firewall.$rule_name_v4.src=$GENERAL_WAN_INTERFACE
+uci set firewall.$rule_name_v4.dest=$FORWARD_FIREWALL_TARGET_INTERFACE
+uci set firewall.$rule_name_v4.target=DNAT
+uci set firewall.$rule_name_v4.src_dport=$inner_port
+uci set firewall.$rule_name_v4.dest_ip=$FORWARD_TARGET_IP
+uci set firewall.$rule_name_v4.dest_port=$final_forward_target_port
+
+# reload
+uci commit firewall
+/etc/init.d/firewall reload
 
 # --------------------------------------------------------------------------------------------
 # QB and TR ipv6 forward
 # 检测link_enable
 if [ "${LINK_ENABLE}" != 1 ]; then
+	echo "LINK_ENABLE is not 1,exit,don't forward ipv6"
 	exit 0
 fi
 
@@ -48,16 +67,16 @@ if [ [ "${LINK_MODE}" = transmission ] && [ "${LINK_TR_ALLOW_IPV6}" = 1 ] ] || [
 	# get rule name
 	rule_name_v6=$(echo "${GENERAL_NAT_NAME}_v6_allow" | sed 's/[^a-zA-Z0-9]/_/g' | awk '{print tolower($0)}')
 
-	# echo "rule_name_v6: $rule_name_v6"
+	echo "firewall_rule_name_v6: $rule_name_v6"
 	# ipv6 allow
 	uci set firewall.$rule_name_v6=rule
-	uci set firewall.$rule_name_v6.name="$rule_name_v6"
-	uci set firewall.$rule_name_v6.src="$GENERAL_WAN_INTERFACE"
-	uci set firewall.$rule_name_v6.dest="$FORWOARD_TARGET_INTERFACE"
-	uci set firewall.$rule_name_v6.target='ACCEPT'
-	uci set firewall.$rule_name_v6.proto="$protocol"
-	uci set firewall.$rule_name_v6.family='ipv6'
-	uci set firewall.$rule_name_v6.dest_port="$final_forward_target_port"
+	uci set firewall.$rule_name_v6.name=$rule_name_v6
+	uci set firewall.$rule_name_v6.src=$GENERAL_WAN_INTERFACE
+	uci set firewall.$rule_name_v6.dest=$FORWARD_FIREWALL_TARGET_INTERFACE
+	uci set firewall.$rule_name_v6.target=ACCEPT
+	uci set firewall.$rule_name_v6.proto=$protocol
+	uci set firewall.$rule_name_v6.family=ipv6
+	uci set firewall.$rule_name_v6.dest_port=$final_forward_target_port
 
 	# check if dest_ip is already set with return code
 	if uci get firewall.$rule_name_v6.dest_ip >/dev/null 2>&1; then
@@ -68,17 +87,17 @@ if [ [ "${LINK_MODE}" = transmission ] && [ "${LINK_TR_ALLOW_IPV6}" = 1 ] ] || [
 	case "${LINK_MODE}" in
 	"transmission")
 		for ip in $LINK_TR_IPV6_ADDRESS; do
-			uci add_list firewall.$rule_name_v6.dest_ip="${ip}"
+			uci add_list firewall.$rule_name_v6.dest_ip=$ip
 		done
 		;;
 	"qbittorrent")
 		for ip in $LINK_QB_IPV6_ADDRESS; do
-			uci add_list firewall.$rule_name_v6.dest_ip="${ip}"
+			uci add_list firewall.$rule_name_v6.dest_ip=$ip
 		done
 		;;
 	esac
-fi
+	# reload
+	uci commit firewall
+	/etc/init.d/firewall reload
 
-# reload
-uci commit firewall
-/etc/init.d/firewall reload
+fi
diff --git a/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/plugin-forward/ikuai-forward.sh b/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/plugin-forward/ikuai-forward.sh
index f2829aa08..46c57c694 100755
--- a/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/plugin-forward/ikuai-forward.sh
+++ b/luci-app-natmap/luci-app-natmap/root/usr/share/natmap/plugin-forward/ikuai-forward.sh
@@ -11,7 +11,9 @@ protocol=$5
 ## ikuai参数获取
 # lan_port
 mapping_lan_port=""
+# 如果$FORWARD_TARGET_PORT为空或者$FORWARD_TARGET_PORT为0则退出
 if [ -z "${FORWARD_TARGET_PORT}" ] || [ "${FORWARD_TARGET_PORT}" -eq 0 ]; then
+  echo "FORWARD_TARGET_PORT is empty,set to outter_port"
   mapping_lan_port=$outter_port
 else
   mapping_lan_port=${FORWARD_TARGET_PORT}