From 483e96728b4bb1e8420d713595f08ee99fba2ae5 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Wed, 13 May 2020 21:46:35 +0200
Subject: [PATCH] Add src port bypass

---
 .../resources/view/services/omr-bypass.js     | 23 +++++++++++
 .../root/etc/init.d/omr-bypass                | 41 +++++++++++++++++++
 2 files changed, 64 insertions(+)

diff --git a/luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js b/luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js
index edf03099b..82edc2a0d 100644
--- a/luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js
+++ b/luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js
@@ -78,6 +78,29 @@ return L.view.extend({
 		o = s.option(form.Value, 'note', _('Note'));
 		o.rmempty = true;
 
+		s = m.section(form.GridSection, 'src_port', _('Ports source'));
+		s.addremove = true;
+		s.anonymous = true;
+
+		o = s.option(form.Value, 'sport', _('port'));
+		o.rmempty = false;
+
+		o = s.option(form.ListValue, 'proto', _('protocol'));
+		o.default = 'tcp';
+		o.rmempty = false;
+		o.value('tcp');
+		o.value('udp');
+		o.value('icmp');
+
+		o = s.option(widgets.DeviceSelect, 'interface', _('Interface'));
+		o.noaliases = true;
+		o.noinactive = true;
+		o.nocreate    = true;
+		o.ucioption = 'dev';
+
+		o = s.option(form.Value, 'note', _('Note'));
+		o.rmempty = true;
+
 		s = m.section(form.GridSection, 'macs', _('MAC-Address'));
 		s.addremove = true;
 		s.anonymous = true;
diff --git a/luci-app-omr-bypass/root/etc/init.d/omr-bypass b/luci-app-omr-bypass/root/etc/init.d/omr-bypass
index cf703c14d..cc7df9533 100755
--- a/luci-app-omr-bypass/root/etc/init.d/omr-bypass
+++ b/luci-app-omr-bypass/root/etc/init.d/omr-bypass
@@ -199,6 +199,46 @@ _bypass_dest_port() {
 	fi
 }
 
+_bypass_src_port() {
+	local intf
+	config_get sport $1 sport
+	config_get proto $1 proto
+	config_get intf $1 interface
+	local intfid="$(uci -q get omr-bypass.$intf.id)"
+
+	[ -z "$intf" ] && intf="all"
+	[ -z "$sport" ] && return
+	sport="$(echo $sport | sed 's/-/:/')"
+	[ -z "$proto" ] && return
+	if [ "$intf" = "all" ]; then
+		iptables-restore -w --wait=60  --noflush <<-EOF
+		*mangle
+		-A omr-bypass --protocol $proto --source-port $sport -j MARK --set-mark 0x539
+		COMMIT
+		EOF
+		if [ "$disableipv6" != "1" ]; then
+			ip6tables-restore -w --wait=60  --noflush <<-EOF
+			*mangle
+			-A omr-bypass6 --protocol $proto --source-port $sport -j MARK --set-mark 0x6539
+			COMMIT
+			EOF
+		fi
+	else
+		iptables-restore -w --wait=60  --noflush <<-EOF
+		*mangle
+		-A omr-bypass --protocol $proto --source-port $sport -j MARK --set-mark 0x539$intfid
+		COMMIT
+		EOF
+		if [ "$disableipv6" != "1" ]; then
+			ip6tables-restore -w --wait=60  --noflush <<-EOF
+			*mangle
+			-A omr-bypass6 --protocol $proto --source-port $sport -j MARK --set-mark 0x6539$intfid
+			COMMIT
+			EOF
+		fi
+	fi
+}
+
 _bypass_proto() {
 	local proto
 	local intf
@@ -410,6 +450,7 @@ start_service() {
 	config_foreach _bypass_mac macs
 	config_foreach _bypass_lan_ip lan_ip
 	config_foreach _bypass_dest_port dest_port
+	config_foreach _bypass_src_port src_port
 	config_foreach _bypass_asn asns
 	dnsmasqipset=$(uci -q get dhcp.@dnsmasq[0].ipset | sed 's/ /\n/g' | grep -v dst_bypass)
 	uci -q delete dhcp.@dnsmasq[0].ipset