Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
luci/applications/luci-app-pbr/root/usr/libexec/rpcd/luci.pbr
Stan Grishin f45a91013c luci-app-pbr: opkg_get_version bugfix 
Signed-off-by: Stan Grishin <stangri@melmac.ca>
2023-05-09 01:42:55 +00:00

402 lines
13 KiB
Bash
Executable file
Raw Blame History

#!/bin/sh
# Copyright 2022 Stan Grishin (stangri@melmac.ca)
# shellcheck disable=SC1091,SC2018,SC2019,SC2039,SC3043,SC3057,SC3060
# TechRef: https://openwrt.org/docs/techref/rpcd
# TESTS
# ubus -v list luci.pbr
# ubus -S call luci.pbr getInitList '{"name": "pbr" }'
# ubus -S call luci.pbr getInitStatus '{"name": "pbr" }'
# ubus -S call luci.pbr getPlatformSupport '{"name": "pbr" }'
# ubus -S call luci.pbr getGateways '{"name": "pbr" }'
# ubus -S call luci.pbr getInterfaces '{"name": "pbr" }'
. /lib/functions.sh
. /lib/functions/network.sh
. /usr/share/libubox/jshn.sh
readonly packageName="pbr"
# shellcheck disable=SC2155
readonly ipset="$(command -v ipset)"
# shellcheck disable=SC2155
readonly agh="$(command -v AdGuardHome)"
readonly aghConfigFile='/etc/adguardhome.yaml'
# shellcheck disable=SC2155
readonly nft="$(command -v nft)"
is_enabled() { uci -q get "${1}.config.enabled"; }
is_running_iptables() { iptables -t mangle -L | grep -q PBR_PREROUTING >/dev/null 2>&1; }
is_running_nft() { "$nft" list table inet fw4 | grep chain | grep -q pbr_mark_ >/dev/null 2>&1; }
is_running() { is_running_iptables || is_running_nft; }
get_version() { grep -m1 -A2 -w "^Package: $1$" /usr/lib/opkg/status | sed -n 's/Version: //p'; }
print_json_bool() { json_init; json_add_boolean "$1" "$2"; json_dump; json_cleanup; }
print_json_string() { json_init; json_add_string "$1" "$2"; json_dump; json_cleanup; }
logger() { /usr/bin/logger -t "$packageName" "$@"; }
ubus_get_status() { ubus call service list "{ 'name': '$packageName' }" | jsonfilter -e "@['${packageName}'].instances.main.data.status.${1}"; }
ubus_get_gateway() { ubus call service list "{ 'name': '$packageName' }" | jsonfilter -e "@['${packageName}'].instances.main.data.gateways[@.name='${1}']${2:+.$2}"; }
is_greater() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
is_greater_or_equal() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" = "$2"; }
opkg_get_version() { grep -m1 -A1 "Package: $1$" '/usr/lib/opkg/status' | grep -m1 'Version: ' | sed 's|Version: \(.*\)|\1|'; }
get_init_list() {
local name
name="$(basename "$1")"
name="${name:-$packageName}"
json_init
json_add_object "$name"
json_add_boolean 'enabled' "$(is_enabled "$name")"
if is_running "$name"; then
json_add_boolean 'running' '1'
else
json_add_boolean 'running' '0'
fi
json_close_object
json_dump
json_cleanup
}
set_init_action() {
local name action="$2" cmd
name="$(basename "$1")"
name="${name:-$packageName}"
if [ ! -f "/etc/init.d/$name" ]; then
print_json_string 'error' 'Init script not found!'
return
fi
case $action in
enable)
cmd="uci -q set ${name}.config.enabled=1 && uci commit $name";;
disable)
cmd="uci -q set ${name}.config.enabled=0 && uci commit $name";;
start|stop|reload|restart)
cmd="/etc/init.d/${name} ${action}";;
esac
if [ -n "$cmd" ] && eval "${cmd}" 1>/dev/null 2>&1; then
print_json_bool "result" '1'
else
print_json_bool "result" '0'
fi
}
get_init_status() {
local name
name="$(basename "$1")"
name="${name:-$packageName}"
local version gateways warnings errors
[ -z "$version" ] && version="$(get_version "$name")"
[ -z "$version" ] && version="$(get_version "${name}-iptables")"
[ -z "$version" ] && version="$(get_version "${name}-netifd")"
gateways="$(ubus_get_status gateways | sed "s|\\\n|<br />|g;s|\(\\\033[^<]*\)|✓|g;")"
warnings="$(ubus_get_status warnings)"
errors="$(ubus_get_status errors)"
json_init
json_add_object "$name"
json_add_boolean 'enabled' "$(is_enabled "$name")"
if is_running "$name"; then
json_add_boolean 'running' '1'
else
json_add_boolean 'running' '0'
fi
if is_running_iptables "$name"; then
json_add_boolean 'running_iptables' '1'
else
json_add_boolean 'running_iptables' '0'
fi
if is_running_nft "$name"; then
json_add_boolean 'running_nft' '1'
else
json_add_boolean 'running_nft' '0'
fi
json_add_string 'version' "$version"
json_add_string 'gateways' "$gateways"
json_add_array 'errors'
if [ -n "$errors" ]; then
while read -r line; do
if str_contains "$line" ' '; then
error_id="${line% *}"
error_extra="${line#* }"
else
error_id="$line"
unset error_extra
fi
json_add_object
json_add_string 'id' "$error_id"
json_add_string 'extra' "$error_extra"
json_close_object
done <<EOF
$(echo "$errors" | tr \# \\n)
EOF
fi
json_close_array
json_add_array 'warnings'
if [ -n "$warnings" ]; then
while read -r line; do
if str_contains "$line" ' '; then
warning_id="${line% *}"
warning_extra="${line#* }"
else
warning_id="$line"
unset warning_extra
fi
json_add_object
json_add_string 'id' "$warning_id"
json_add_string 'extra' "$warning_extra"
json_close_object
done <<EOF
$(echo "$warnings" | tr \# \\n)
EOF
fi
if is_greater "$(opkg_get_version "${name}")" "$(opkg_get_version "luci-app-${name}")"; then
json_add_object
json_add_string 'id' 'warningOutdatedWebUIApp'
json_add_string 'extra' "$(opkg_get_version "luci-app-${name}")"
json_close_object
fi
json_close_array
json_close_object
json_dump
json_cleanup
}
check_ipset() { { [ -n "$ipset" ] && "$ipset" help hash:net; } >/dev/null 2>&1; }
check_nft() { [ -n "$nft" ]; }
check_agh() { [ -n "$agh" ] && [ -s "$aghConfigFile" ]; }
check_dnsmasq() { command -v dnsmasq >/dev/null 2>&1; }
check_unbound() { command -v unbound >/dev/null 2>&1; }
check_agh_ipset() {
check_ipset || return 1
check_agh || return 1
is_greater_or_equal "$($agh --version | sed 's|AdGuard Home, version v\(.*\)|\1|' | sed 's|-.*||')" '0.107.13'
}
check_dnsmasq_ipset() {
local o;
check_ipset || return 1
check_dnsmasq || return 1
o="$(dnsmasq -v 2>/dev/null)"
! echo "$o" | grep -q 'no-ipset' && echo "$o" | grep -q 'ipset'
}
check_dnsmasq_nftset() {
local o;
check_nft || return 1
check_dnsmasq || return 1
o="$(dnsmasq -v 2>/dev/null)"
! echo "$o" | grep -q 'no-nftset' && echo "$o" | grep -q 'nftset'
}
get_platform_support() {
local name
name="$(basename "$1")"
name="${name:-$packageName}"
json_init
json_add_object "$name"
if check_ipset; then
json_add_boolean 'ipset_installed' '1'
else
json_add_boolean 'ipset_installed' '0'
fi
if check_nft; then
json_add_boolean 'nft_installed' '1'
else
json_add_boolean 'nft_installed' '0'
fi
if check_agh; then
json_add_boolean 'adguardhome_installed' '1'
else
json_add_boolean 'adguardhome_installed' '0'
fi
if check_dnsmasq; then
json_add_boolean 'dnsmasq_installed' '1'
else
json_add_boolean 'dnsmasq_installed' '0'
fi
if check_unbound; then
json_add_boolean 'unbound_installed' '1'
else
json_add_boolean 'unbound_installed' '0'
fi
if check_agh_ipset; then
json_add_boolean 'adguardhome_ipset_support' '1'
else
json_add_boolean 'adguardhome_ipset_support' '0'
fi
if check_dnsmasq_ipset; then
json_add_boolean 'dnsmasq_ipset_support' '1'
else
json_add_boolean 'dnsmasq_ipset_support' '0'
fi
if check_dnsmasq_nftset; then
json_add_boolean 'dnsmasq_nftset_support' '1'
else
json_add_boolean 'dnsmasq_nftset_support' '0'
fi
json_close_object
json_dump
json_cleanup
}
# shellcheck disable=SC3037
get_gateways() {
local name="${1:-$packageName}"
echo -en "{\"$name\":{\"gateways\":"
ubus call service list "{ 'name': '$name' }" | jsonfilter -e "@.${name}.instances.main.data.gateways"
echo -en "}}"
}
str_contains() { [ -n "$1" ] && [ -n "$2" ] && [ "${1//$2}" != "$1" ]; }
str_contains_word() { echo "$1" | grep -q -w "$2"; }
str_to_lower() { echo "$1" | tr 'A-Z' 'a-z'; }
str_to_upper() { echo "$1" | tr 'a-z' 'A-Z'; }
is_ignore_target() { [ "$(str_to_lower "$1")" = 'ignore' ]; }
is_dslite() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:6}" = "dslite" ]; }
is_l2tp() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:4}" = "l2tp" ]; }
is_oc() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:11}" = "openconnect" ]; }
is_ovpn() { local dev; network_get_device dev "$1"; [ "${dev:0:3}" = "tun" ] || [ "${dev:0:3}" = "tap" ] || [ -f "/sys/devices/virtual/net/${dev}/tun_flags" ]; }
is_pptp() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:4}" = "pptp" ]; }
is_softether() { local dev; network_get_device dev "$1"; [ "${dev:0:4}" = "vpn_" ]; }
is_tor() { [ "$(str_to_lower "$1")" = "tor" ]; }
is_tor_running() {
local ret=0
if [ -s "/etc/tor/torrc" ]; then
json_load "$(ubus call service list "{ 'name': 'tor' }")"
json_select 'tor'; json_select 'instances'; json_select 'instance1';
json_get_var ret 'running'; json_cleanup
fi
if [ "$ret" = "0" ]; then return 1; else return 0; fi
}
is_wg() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:9}" = "wireguard" ]; }
is_tunnel() { is_dslite "$1" || is_l2tp "$1" || is_oc "$1" || is_ovpn "$1" || is_pptp "$1" || is_softether "$1" || is_tor "$1" || is_wg "$1"; }
is_wan() { [ "$1" = "$wanIface4" ] || { [ "${1##wan}" != "$1" ] && [ "${1##wan6}" = "$1" ]; } || [ "${1%%wan}" != "$1" ]; }
is_wan6() { [ -n "$wanIface6" ] && [ "$1" = "$wanIface6" ] || [ "${1/#wan6}" != "$1" ] || [ "${1/%wan6}" != "$1" ]; }
is_ignored_interface() { str_contains_word "$ignored_interface" "$1"; }
is_supported_interface() { str_contains_word "$supported_interface" "$1" || { ! is_ignored_interface "$1" && { is_wan "$1" || is_wan6 "$1" || is_tunnel "$1"; }; } || is_ignore_target "$1"; }
pbr_find_iface() {
local iface i param="$2"
[ "$param" = 'wan6' ] || param='wan'
"network_find_${param}" iface
is_tunnel "$iface" && unset iface
if [ -z "$iface" ]; then
for i in $ifacesAll; do
if "is_${param}" "$i"; then break; else unset i; fi
done
fi
eval "$1"='${iface:-$i}'
}
_find_firewall_wan_zone() { [ "$(uci -q get "firewall.${1}.name")" = "wan" ] && firewallWanZone="$1"; }
_build_ifaces_all() { ifacesAll="${ifacesAll}${1} "; }
_build_ifaces_supported() { is_supported_interface "$1" && ! str_contains "$ifacesSupported" "$1" && ifacesSupported="${ifacesSupported}${1} "; }
get_supported_interfaces() {
local name i
name="$(basename "$1")"
name="${name:-$packageName}"
local firewallWanZone
local ifacesAll ifacesSupported
local webui_show_ignore_target
local ignored_interface supported_interface
local wanIface4 wanIface6
config_load "$packageName"
config_get_bool webui_show_ignore_target 'config' 'webui_show_ignore_target' '0'
config_get ignored_interface 'config' 'ignored_interface'
config_get supported_interface 'config' 'supported_interface'
local i
config_load 'network'
config_foreach _build_ifaces_all 'interface'
pbr_find_iface wanIface4 'wan'
pbr_find_iface wanIface6 'wan6'
config_load 'firewall'
config_foreach _find_firewall_wan_zone 'zone'
for i in $(uci -q get "firewall.${firewallWanZone}.network"); do
is_supported_interface "$i" && ! str_contains "$ifacesSupported" "$1" && ifacesSupported="${ifacesSupported}${i} "
done
config_load 'network'
config_foreach _build_ifaces_supported 'interface'
if is_tor_running; then
ifacesSupported="$ifacesSupported tor"
fi
if [ "$webui_show_ignore_target" -eq "1" ]; then
ifacesSupported="$ifacesSupported ignore"
fi
json_init
json_add_object "$name"
json_add_array 'interfaces'
for i in $ifacesSupported; do
json_add_string '' "$i"
done
json_close_array
json_close_object
json_dump
json_cleanup
}
case "$1" in
list)
json_init
json_add_object "getGateways"
json_add_string 'name' 'name'
json_close_object
json_add_object "getInitList"
json_add_string 'name' 'name'
json_close_object
json_add_object "getInitStatus"
json_add_string 'name' 'name'
json_close_object
json_add_object "getInterfaces"
json_add_string 'name' 'name'
json_close_object
json_add_object "getPlatformSupport"
json_add_string 'name' 'name'
json_close_object
json_add_object "setInitAction"
json_add_string 'name' 'name'
json_add_string 'action' 'action'
json_close_object
json_dump
json_cleanup
;;
call)
case "$2" in
getGateways)
read -r input
json_load "$input"
json_get_var name 'name'
json_cleanup
get_gateways "$name"
;;
getInitList)
read -r input
json_load "$input"
json_get_var name 'name'
json_cleanup
get_init_list "$name"
;;
getInitStatus)
read -r input
json_load "$input"
json_get_var name 'name'
json_cleanup
get_init_status "$name"
;;
getInterfaces)
read -r input
json_load "$input"
json_get_var name 'name'
json_cleanup
get_supported_interfaces "$name"
;;
getPlatformSupport)
read -r input
json_load "$input"
json_get_var name 'name'
json_cleanup
get_platform_support "$name"
;;
setInitAction)
read -r input
json_load "$input"
json_get_var name 'name'
json_get_var action 'action'
json_cleanup
set_init_action "$name" "$action"
;;
esac
;;
esac
Reference in a new issue View git blame Copy permalink