mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-03-09 15:40:03 +00:00
Code Issues Releases Wiki Activity

Bypass by IP source

Browse source
This commit is contained in:
Ycarus 2018-11-15 15:35:02 +01:00
parent 13b72b1967
commit 0a7376b899
2 changed files with 49 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

15
luci-app-omr-bypass/luasrc/model/cbi/omr-bypass.lua
View file

@ -39,7 +39,7 @@ s.addremove = true
s.anonymous = true s.anonymous = true
s.template = "cbi/tblsection" s.template = "cbi/tblsection"
mac = s:option(Value, "mac", translate("MAC-Address")) mac = s:option(Value, "mac", translate("Source MAC-Address"))
mac.datatype = "list(macaddr)" mac.datatype = "list(macaddr)"
mac.rmempty = true mac.rmempty = true
mac.optional = false mac.optional = false
@ -58,6 +58,19 @@ end)
ifm = s:option(Value, "interface", translate("Interface")) ifm = s:option(Value, "interface", translate("Interface"))
ifm.rmempty = true ifm.rmempty = true
s = m:section(TypedSection, "lan_ip", translate("Source lan IP address"))
s.addremove = true
s.anonymous = true
s.template = "cbi/tblsection"
ip = s:option(Value, "ip", translate("IP Address"))
ip.datatype = "ipaddr"
ip.rmempty = true
ip.optional = false
ifm = s:option(Value, "interface", translate("Interface"))
ifm.rmempty = true
s = m:section(TypedSection, "dpis", translate("Protocols")) s = m:section(TypedSection, "dpis", translate("Protocols"))
s.addremove = true s.addremove = true
s.anonymous = true s.anonymous = true

35
luci-app-omr-bypass/root/etc/init.d/omr-bypass
View file

@ -78,6 +78,40 @@ _bypass_mac() {
fi fi
} }
_bypass_lan_ip() {
local ip
local intf
config_get ip $1 ip
config_get intf $1 interface
local intfid="$(uci -q get omr-bypass.$intf.id)"
[ -z "$intf" ] && intf="all"
[ -z "$ip" ] && return
if [ "$intf" = "all" ]; then
iptables-restore --wait=60 --noflush <<-EOF
*mangle
-A PREROUTING -s $ip -j MARK --set-mark 0x539
COMMIT
EOF
ip6tables-restore --wait=60 --noflush <<-EOF
*mangle
-A PREROUTING -s $ip -j MARK --set-mark 0x6539
COMMIT
EOF
else
iptables-restore --wait=60 --noflush <<-EOF
*mangle
-A PREROUTING -s $ip -j MARK --set-mark 0x539$intfid
COMMIT
EOF
ip6tables-restore --wait=60 --noflush <<-EOF
*mangle
-A PREROUTING -s $ip -j MARK --set-mark 0x6539$intfid
COMMIT
EOF
fi
}
_bypass_proto() { _bypass_proto() {
local proto local proto
local intf local intf
@ -200,6 +234,7 @@ start_service() {
config_load omr-bypass config_load omr-bypass
config_foreach _bypass_ip_set ips config_foreach _bypass_ip_set ips
config_foreach _bypass_mac macs config_foreach _bypass_mac macs
config_foreach _bypass_lan_ip lan_ip
uci -q del dhcp.@dnsmasq[0].ipset uci -q del dhcp.@dnsmasq[0].ipset
config_foreach _bypass_domain domains config_foreach _bypass_domain domains
uci -q commit dhcp uci -q commit dhcp