mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
suyuan
GitHub
commit
ca862defbb
3 changed files with 90 additions and 1 deletions
|
|
@ -552,6 +552,12 @@ function get_rootfs()
|
||||||
return rootfs
|
return rootfs
|
||||||
end
|
end
|
||||||
|
|
||||||
|
function get_efi()
|
||||||
|
local efi = {}
|
||||||
|
efi['efi_enabled'] = nixio.fs.access("/sys/firmware/efi")
|
||||||
|
return efi
|
||||||
|
end
|
||||||
|
|
||||||
function get_ip(interface)
|
function get_ip(interface)
|
||||||
local ut = require "luci.util"
|
local ut = require "luci.util"
|
||||||
local dump = require("luci.util").ubus("network.interface.%s" % interface, "status", {})
|
local dump = require("luci.util").ubus("network.interface.%s" % interface, "status", {})
|
||||||
|
|
@ -1627,6 +1633,11 @@ local methods = {
|
||||||
return get_rootfs()
|
return get_rootfs()
|
||||||
end
|
end
|
||||||
},
|
},
|
||||||
|
getefi = {
|
||||||
|
call = function()
|
||||||
|
return get_efi()
|
||||||
|
end
|
||||||
|
},
|
||||||
status = {
|
status = {
|
||||||
call = function()
|
call = function()
|
||||||
return interfaces_status()
|
return interfaces_status()
|
||||||
|
|
|
||||||
|
|
@ -65,7 +65,8 @@ function setup() {
|
||||||
ubus_call("system", "board", {}, "release");
|
ubus_call("system", "board", {}, "release");
|
||||||
ubus_call("system", "board", {}, "board_name");
|
ubus_call("system", "board", {}, "board_name");
|
||||||
ubus_call("system", "info", {}, "memory");
|
ubus_call("system", "info", {}, "memory");
|
||||||
ubus_call("openmptcprouter", "rootfs", {}, "format");
|
ubus_call("openmptcprouter", "getrootfs", {}, "format");
|
||||||
|
ubus_call("openmptcprouter", "getefi", {}, "efi_enabled");
|
||||||
uci_get({
|
uci_get({
|
||||||
"config": "sysupgrade",
|
"config": "sysupgrade",
|
||||||
"section": "server",
|
"section": "server",
|
||||||
|
|
@ -231,6 +232,7 @@ function upgrade_request() {
|
||||||
request_dict.target = data.release.target
|
request_dict.target = data.release.target
|
||||||
request_dict.profile = data.board_name
|
request_dict.profile = data.board_name
|
||||||
request_dict.rootfs = data.format
|
request_dict.rootfs = data.format
|
||||||
|
request_dict.efi = data.efi_enabled
|
||||||
|
|
||||||
if (data.edit_packages == true) {
|
if (data.edit_packages == true) {
|
||||||
request_dict.packages = $("#edit_packages").value.split("\n")
|
request_dict.packages = $("#edit_packages").value.split("\n")
|
||||||
|
|
|
||||||
76
openmptcprouter/files/bin/blocklanfw
Executable file
76
openmptcprouter/files/bin/blocklanfw
Executable file
|
|
@ -0,0 +1,76 @@
|
||||||
|
#!/bin/sh
|
||||||
|
ss_rules_fw_drop() {
|
||||||
|
fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
|
||||||
|
while IFS=$"\n" read -r c; do
|
||||||
|
fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
|
||||||
|
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
|
||||||
|
eval "iptables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j drop/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
|
||||||
|
while IFS=$"\n" read -r c; do
|
||||||
|
fwrule=$(echo "$c" | sed 's/drop/REDIRECT --to-ports 65535/')
|
||||||
|
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
|
||||||
|
eval "iptables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
ss_rules6_fw_drop() {
|
||||||
|
fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
|
||||||
|
while IFS=$"\n" read -r c; do
|
||||||
|
fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
|
||||||
|
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
|
||||||
|
eval "ip6tables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j drop/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
|
||||||
|
while IFS=$"\n" read -r c; do
|
||||||
|
fwrule=$(echo "$c" | sed 's/drop/REDIRECT --to-ports 65535/')
|
||||||
|
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
|
||||||
|
eval "ip6tables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
v2r_rules_fw_drop() {
|
||||||
|
fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
|
||||||
|
while IFS=$"\n" read -r c; do
|
||||||
|
fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
|
||||||
|
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
|
||||||
|
eval "iptables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j drop/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
|
||||||
|
while IFS=$"\n" read -r c; do
|
||||||
|
fwrule=$(echo "$c" | sed 's/drop/REDIRECT --to-ports 65535/')
|
||||||
|
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
|
||||||
|
eval "iptables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
v2ray_rules6_fw_drop() {
|
||||||
|
fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
|
||||||
|
while IFS=$"\n" read -r c; do
|
||||||
|
fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
|
||||||
|
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
|
||||||
|
eval "ip6tables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j drop/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
|
||||||
|
while IFS=$"\n" read -r c; do
|
||||||
|
fwrule=$(echo "$c" | sed 's/drop/REDIRECT --to-ports 65535/')
|
||||||
|
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
|
||||||
|
eval "ip6tables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
if [ "$(uci -q get openmptcprouter.settings.proxy)" = "shadowsocks" ]; then
|
||||||
|
ss_rules6_fw_drop
|
||||||
|
ss_rules_fw_drop
|
||||||
|
elif [ "$(uci -q get openmptcprouter.settings.proxy)" = "v2ray" ]; then
|
||||||
|
v2r_rules_fw_drop
|
||||||
|
v2ray_rules6_fw_drop
|
||||||
|
fi
|
||||||
Loading…
Add table
Add a link
Reference in a new issue