mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-03-09 15:40:03 +00:00
Code Issues Releases Wiki Activity

Listen only on lan for shadowsocks-*

Browse source
This commit is contained in:
Ycarus (Yannick Chabanois) 2024-04-26 11:14:25 +02:00
parent 8b6e153249
commit e7faf2963d
2 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
omr-schedule/files/usr/share/omr/schedule.d/010-services
View file

@ -141,8 +141,8 @@ set_lan_ips() {
config_get ip4table "$1" ip4table
config_get device "$1" device
config_get proto "$1" proto
if [ "$ip4table" = "lan" ] && [ -n "$device" ] && ([ "$proto" = "dhcp" ] || [ "$proto" = "static" ]); then
[ -z "$(uci -q get shadowsocks-libev.ss_rules.ifnames | grep $device)" ] && {
if [ "$ip4table" != "wan" ] && [ "$ip4table" != "vpn" ] && [ -n "$ip4table" ] && [ -n "$device" ] && ([ "$proto" = "dhcp" ] || [ "$proto" = "static" ]); then
[ -z "$(uci -q get shadowsocks-libev.ss_rules.ifnames | grep $device)" ] && [ -z "$(uci -q get shadowsocks-rust.ss_rules.ifnames | grep $device)" ] && {
uci -q add_list shadowsocks-libev.ss_rules.ifnames="$device"
uci -q add_list shadowsocks-rust.ss_rules.ifnames="$device"
}
@ -154,6 +154,12 @@ set_lan_ips() {
config_load network
config_foreach restart_omrtracker interface
[ "$(uci -q get openmptcprouter.settings.restrict_to_lan)" = "1" ] && config_foreach set_lan_ips interface
[ "$(uci -q get openmptcprouter.settings.restrict_to_lan)" = "0" ] && ([ -n "$(uci -q get shadowsocks-libev.ss_rules.ifnames)" ] || [ -n "$(uci -q get shadowsocks-rust.ss_rules.ifnames)" ]) && {
uci -q batch <<-EOF
delete shadowsocks-libev.ss_rules.ifnames="$device"
delete shadowsocks-rust.ss_rules.ifnames="$device"
EOF
}
uci -q commit shadowsocks-libev.ss_rules
uci -q commit shadowsocks-rust.ss_rules
multipath_fix() {

8
openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
View file

@ -245,12 +245,18 @@ uci -q batch <<-EOF >/dev/null
set firewall.@include[0].reload='1'
commit firewall
EOF
if [ "$(uci -q get openmptcprouter.settings.sipalg)" = "" ]; then
if [ -z "$(uci -q get openmptcprouter.settings.sipalg)" ]; then
uci -q batch <<-EOF >/dev/null
set openmptcprouter.settings.sipalg='1'
commit openmptcprouter
EOF
fi
if [ -z "$(uci -q get openmptcprouter.settings.restrict_to_lan)" ]; then
uci -q batch <<-EOF >/dev/null
set openmptcprouter.settings.restrict_to_lan='1'
commit openmptcprouter
EOF
fi
if [ "$(uci -q get openmptcprouter.settings.sipalg)" = "0" ]; then
uci -q batch <<-EOF >/dev/null
set firewall.zone_lan.auto_helper='0'