Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

banip: update 0.9.2-2

Browse source 
* support backup/restore for remote allowlists
* report the used log variant in status message

Signed-off-by: Dirk Brenken <dev@brenken.org>
This commit is contained in:
Dirk Brenken 2023-11-08 15:59:08 +01:00
parent 60b4bb2a0f
commit 2411bcffaf
No known key found for this signature in database
GPG key ID: 9D71CD547BFAE684
2 changed files with 23 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/banip/Makefile
View file

@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=banip PKG_NAME:=banip
PKG_VERSION:=0.9.2 PKG_VERSION:=0.9.2
PKG_RELEASE:=1 PKG_RELEASE:=2
PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org> PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>

28
net/banip/files/banip-functions.sh
View file

@ -674,8 +674,8 @@ f_down() {
# restore local backups # restore local backups
# #
if { [ "${ban_action}" != "reload" ] || [ "${feed_url}" = "local" ] || [ -n "${ban_etagparm}" ]; } && [ "${feed%v*}" != "allowlist" ] && [ "${feed%v*}" != "blocklist" ]; then if [ "${feed%v*}" != "blocklist" ]; then
if [ -n "${ban_etagparm}" ] && [ "${ban_action}" = "reload" ] && [ "${feed_url}" != "local" ]; then if [ -n "${ban_etagparm}" ] && [ "${ban_action}" = "reload" ] && [ "${feed_url}" != "local" ] && [ "${feed%v*}" != "allowlist" ]; then
etag_rc="0" etag_rc="0"
if [ "${feed%v*}" = "country" ]; then if [ "${feed%v*}" = "country" ]; then
for country in ${ban_country}; do for country in ${ban_country}; do
@ -697,16 +697,21 @@ f_down() {
fi fi
fi fi
if [ "${etag_rc}" = "0" ] || [ "${ban_action}" != "reload" ] || [ "${feed_url}" = "local" ]; then if [ "${etag_rc}" = "0" ] || [ "${ban_action}" != "reload" ] || [ "${feed_url}" = "local" ]; then
f_restore "${feed}" "${feed_url}" "${tmp_load}" "${etag_rc}" if [ "${feed%v*}" = "allowlist" ] && [ ! -f "${tmp_allow}" ]; then
f_restore "allowlist" "-" "${tmp_allow}" "${etag_rc}"
else
f_restore "${feed}" "${feed_url}" "${tmp_load}" "${etag_rc}"
fi
restore_rc="${?}" restore_rc="${?}"
feed_rc="${restore_rc}" feed_rc="${restore_rc}"
fi fi
fi fi
# prepare local allowlist # prepare local/remote allowlist
# #
if [ "${feed%v*}" = "allowlist" ] && [ ! -f "${tmp_allow}" ]; then if [ "${feed%v*}" = "allowlist" ] && [ ! -f "${tmp_allow}" ]; then
"${ban_catcmd}" "${ban_allowlist}" 2>/dev/null >"${tmp_allow}" "${ban_catcmd}" "${ban_allowlist}" 2>/dev/null >"${tmp_allow}"
feed_rc="${?}"
for feed_url in ${ban_allowurl}; do for feed_url in ${ban_allowurl}; do
feed_log="$("${ban_fetchcmd}" ${ban_fetchparm} "${tmp_load}" "${feed_url}" 2>&1)" feed_log="$("${ban_fetchcmd}" ${ban_fetchparm} "${tmp_load}" "${feed_url}" 2>&1)"
feed_rc="${?}" feed_rc="${?}"
@ -714,8 +719,15 @@ f_down() {
"${ban_catcmd}" "${tmp_load}" 2>/dev/null >>"${tmp_allow}" "${ban_catcmd}" "${tmp_load}" 2>/dev/null >>"${tmp_allow}"
else else
f_log "info" "download for feed '${feed%v*}' failed (rc: ${feed_rc:-"-"}/log: ${feed_log})" f_log "info" "download for feed '${feed%v*}' failed (rc: ${feed_rc:-"-"}/log: ${feed_log})"
break
fi fi
done done
if [ "${feed_rc}" = "0" ]; then
f_backup "allowlist" "${tmp_allow}"
elif [ -z "${restore_rc}" ] && [ "${feed_rc}" != "0" ]; then
f_restore "allowlist" "-" "${tmp_allow}" "${feed_rc}"
fi
feed_rc="${?}"
fi fi
# handle local feeds # handle local feeds
@ -980,7 +992,11 @@ f_down() {
# load generated nft file in banIP table # load generated nft file in banIP table
# #
if [ "${feed_rc}" = "0" ]; then if [ "${feed_rc}" = "0" ]; then
cnt_dl="$("${ban_awkcmd}" 'END{printf "%d",NR}' "${tmp_split}" 2>/dev/null)" if [ "${feed%v*}" = "allowlist" ]; then
cnt_dl="$("${ban_awkcmd}" 'END{printf "%d",NR}' "${tmp_allow}" 2>/dev/null)"
else
cnt_dl="$("${ban_awkcmd}" 'END{printf "%d",NR}' "${tmp_split}" 2>/dev/null)"
fi
if [ "${cnt_dl:-"0"}" -gt "0" ] || [ "${feed_url}" = "local" ] || [ "${feed%v*}" = "allowlist" ] || [ "${feed%v*}" = "blocklist" ]; then if [ "${cnt_dl:-"0"}" -gt "0" ] || [ "${feed_url}" = "local" ] || [ "${feed%v*}" = "allowlist" ] || [ "${feed%v*}" = "blocklist" ]; then
feed_log="$("${ban_nftcmd}" -f "${tmp_nft}" 2>&1)" feed_log="$("${ban_nftcmd}" -f "${tmp_nft}" 2>&1)"
feed_rc="${?}" feed_rc="${?}"
@ -1098,7 +1114,7 @@ f_genstatus() {
cnt_elements="$((cnt_elements + $("${ban_nftcmd}" -j list set inet banIP "${object}" 2>/dev/null | "${ban_jsoncmd}" -qe '@.nftables[*].set.elem[*]' | wc -l 2>/dev/null)))" cnt_elements="$((cnt_elements + $("${ban_nftcmd}" -j list set inet banIP "${object}" 2>/dev/null | "${ban_jsoncmd}" -qe '@.nftables[*].set.elem[*]' | wc -l 2>/dev/null)))"
done done
fi fi
runtime="action: ${ban_action:-"-"}, fetch: ${ban_fetchcmd##*/}, duration: ${duration:-"-"}, date: $(date "+%Y-%m-%d %H:%M:%S")" runtime="action: ${ban_action:-"-"}, log: ${ban_logreadcmd##*/}, fetch: ${ban_fetchcmd##*/}, duration: ${duration:-"-"}, date: $(date "+%Y-%m-%d %H:%M:%S")"
fi fi
[ -s "${ban_customfeedfile}" ] && custom_feed="1" [ -s "${ban_customfeedfile}" ] && custom_feed="1"
[ "${ban_splitsize:-"0"}" -gt "0" ] && split="1" [ "${ban_splitsize:-"0"}" -gt "0" ] && split="1"