diff --git a/luci-app-omr-bypass/luasrc/model/cbi/omr-bypass.lua b/luci-app-omr-bypass/luasrc/model/cbi/omr-bypass.lua index 62310bea6..e8f9c84ef 100644 --- a/luci-app-omr-bypass/luasrc/model/cbi/omr-bypass.lua +++ b/luci-app-omr-bypass/luasrc/model/cbi/omr-bypass.lua @@ -34,6 +34,26 @@ ip.optional = false ifi = s:option(ListValue, "interface", translate("Interface")) ifi.rmempty = true +s = m:section(TypedSection, "dest_port", translate("Ports destination")) +s.addremove = true +s.anonymous = true +s.template = "cbi/tblsection" + +ip = s:option(Value, "dport", translate("port")) +ip.rmempty = true +ip.optional = false + +proto = s:option(ListValue, "protp", translate("Protocol")) +proto:value("all",translate("ALL")) +proto:value("tcp","TCP") +proto:value("udp","UDP") +proto:value("icmp","ICMP") +proto.rmempty = true +proto.optional = false + +ifdp = s:option(ListValue, "interface", translate("Interface")) +ifdp.rmempty = true + s = m:section(TypedSection, "macs", translate("MAC-Address")) s.addremove = true s.anonymous = true @@ -78,12 +98,12 @@ asn.optional = false ifa = s:option(ListValue, "interface", translate("Interface")) ifa.rmempty = true -s = m:section(TypedSection, "dpis", translate("Protocols")) +s = m:section(TypedSection, "dpis", translate("Protocols and services")) s.addremove = true s.anonymous = true s.template = "cbi/tblsection" -dpi = s:option(ListValue, "proto", translate("Protocol")) +dpi = s:option(ListValue, "proto", translate("Protocol/Service")) dpi.rmempty = true dpi.optional = false local xt_ndpi_available = nixio.fs.access("/proc/net/xt_ndpi/proto") @@ -110,12 +130,14 @@ ifp.default = "all" ifm.default = "all" ifl.default = "all" ifa.default = "all" +ifdp.default = "all" ifd:value("all",translate("Default")) ifi:value("all",translate("Default")) ifp:value("all",translate("Default")) ifm:value("all",translate("Default")) ifl:value("all",translate("Default")) ifa:value("all",translate("Default")) +ifdp:value("all",translate("Default")) for _, iface in ipairs(ifaces) do if iface:is_up() then ifd:value(iface:name(),"%s" % iface:name()) @@ -124,6 +146,7 @@ for _, iface in ipairs(ifaces) do ifm:value(iface:name(),"%s" % iface:name()) ifl:value(iface:name(),"%s" % iface:name()) ifa:value(iface:name(),"%s" % iface:name()) + ifdp:value(iface:name(),"%s" % iface:name()) end end diff --git a/luci-app-omr-bypass/root/etc/init.d/omr-bypass b/luci-app-omr-bypass/root/etc/init.d/omr-bypass index 97901ad35..d5eeb3e76 100755 --- a/luci-app-omr-bypass/root/etc/init.d/omr-bypass +++ b/luci-app-omr-bypass/root/etc/init.d/omr-bypass @@ -153,6 +153,49 @@ _bypass_lan_ip() { fi } +_bypass_dest_port() { + local ip + local intf + config_get dport $1 dport + config_get proto $1 proto + config_get intf $1 interface + local intfid="$(uci -q get omr-bypass.$intf.id)" + + [ -z "$intf" ] && intf="all" + [ -z "$ip" ] && return + valid_ip4=$(valid_subnet4 $ip) + valid_ip6=$(valid_subnet6 $ip) + if [ "$intf" = "all" ]; then + if [ "$valid_ip4" = "ok" ]; then + iptables-restore --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass --protocol $protocol --destination-port $dport -j MARK --set-mark 0x539 + COMMIT + EOF + elif [ "$valid_ip6" = "ok" ]; then + ip6tables-restore --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 --protocol $protocol --destination-port $dport -j MARK --set-mark 0x6539 + COMMIT + EOF + fi + else + if [ "$valid_ip4" = "ok" ]; then + iptables-restore --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass --protocol $protocol --destination-port $dport -j MARK --set-mark 0x539$intfid + COMMIT + EOF + elif [ "$valid_ip6" = "ok" ]; then + ip6tables-restore --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 --protocol $protocol --destination-port $dport -j MARK --set-mark 0x6539$intfid + COMMIT + EOF + fi + fi +} + _bypass_proto() { local proto local intf @@ -349,6 +392,7 @@ start_service() { config_foreach _bypass_ip_set ips config_foreach _bypass_mac macs config_foreach _bypass_lan_ip lan_ip + config_foreach _bypass_dest_port dest_port config_foreach _bypass_asn asns dnsmasqipset=$(uci -q get dhcp.@dnsmasq[0].ipset | sed 's/ /\n/g' | grep -v dst_bypass) uci -q delete dhcp.@dnsmasq[0].ipset