88 lines
3.3 KiB
Bash
Executable File
88 lines
3.3 KiB
Bash
Executable File
#!/bin/sh /etc/rc.common
|
|
START=95
|
|
STOP=13
|
|
USE_PROCD=1
|
|
|
|
. /usr/share/libubox/jshn.sh
|
|
. /lib/functions.sh
|
|
start_service()
|
|
{
|
|
config_load 'qmodem_ttl'
|
|
config_get enable 'global' 'enable' '0'
|
|
if [ "$enable" == 0 ]; then
|
|
return
|
|
fi
|
|
set_if_ttl
|
|
}
|
|
|
|
set_if_ttl()
|
|
{
|
|
config_get ifname 'global' 'ifname'
|
|
config_get ttl 'global' 'ttl'
|
|
iface=$(ifstatus $ifname)
|
|
json_load "$iface"
|
|
json_get_var device device
|
|
IPT="iptables"
|
|
IPT6="ip6tables"
|
|
logger -t modem_ttl "Setting TTL for $device to $ttl"
|
|
comment="modem_ttl"
|
|
touch /etc/firewall.d/qmodem_ttl
|
|
chmod +x /etc/firewall.d/qmodem_ttl
|
|
IPT_PREROUTING=$(iptables -t mangle -L PREROUTING -n --line-numbers | grep modem_ttl | awk '{print $1}')
|
|
IPT_POSTROUTING=$(iptables -t mangle -L POSTROUTING -n --line-numbers | grep modem_ttl | awk '{print $1}')
|
|
IPT6_PREROUTING=$(ip6tables -t mangle -L PREROUTING -n --line-numbers | grep modem_ttl | awk '{print $1}')
|
|
IPT6_POSTROUTING=$(ip6tables -t mangle -L POSTROUTING -n --line-numbers | grep modem_ttl | awk '{print $1}')
|
|
if [ -n "$IPT_PREROUTING" ]; then
|
|
iptables -t mangle -D PREROUTING $IPT_PREROUTING
|
|
fi
|
|
if [ -n "$IPT_POSTROUTING" ]; then
|
|
iptables -t mangle -D POSTROUTING $IPT_POSTROUTING
|
|
fi
|
|
if [ -n "$IPT6_PREROUTING" ]; then
|
|
ip6tables -t mangle -D PREROUTING $IPT6_PREROUTING
|
|
fi
|
|
if [ -n "$IPT6_POSTROUTING" ]; then
|
|
ip6tables -t mangle -D POSTROUTING $IPT6_POSTROUTING
|
|
fi
|
|
echo "$IPT -t mangle -A PREROUTING -i $device -j TTL --ttl-set $ttl -m comment --comment $comment" >> /etc/firewall.d/qmodem_ttl
|
|
echo "$IPT -t mangle -A POSTROUTING -o $device -j TTL --ttl-set $ttl -m comment --comment $comment" >> /etc/firewall.d/qmodem_ttl
|
|
echo "$IPT6 -t mangle -A PREROUTING -i $device -j HL --hl-set $ttl -m comment --comment $comment" >> /etc/firewall.d/qmodem_ttl
|
|
echo "$IPT6 -t mangle -A POSTROUTING -o $device -j HL --hl-set $ttl -m comment --comment $comment" >> /etc/firewall.d/qmodem_ttl
|
|
/etc/firewall.d/qmodem_ttl
|
|
chmod -x /etc/firewall.d/qmodem_ttl
|
|
[ -d /sys/kernel/debug/ecm/ ] && /etc/init.d/qca-nss-ecm stop # disable nss offload
|
|
}
|
|
|
|
stop_service(){
|
|
rm -f /etc/firewall.d/qmodem_ttl
|
|
IPT_PREROUTING=$(iptables -t mangle -L PREROUTING -n --line-numbers | grep modem_ttl | awk '{print $1}')
|
|
IPT_POSTROUTING=$(iptables -t mangle -L POSTROUTING -n --line-numbers | grep modem_ttl | awk '{print $1}')
|
|
IPT6_PREROUTING=$(ip6tables -t mangle -L PREROUTING -n --line-numbers | grep modem_ttl | awk '{print $1}')
|
|
IPT6_POSTROUTING=$(ip6tables -t mangle -L POSTROUTING -n --line-numbers | grep modem_ttl | awk '{print $1}')
|
|
if [ -n "$IPT_PREROUTING" ]; then
|
|
iptables -t mangle -D PREROUTING $IPT_PREROUTING
|
|
fi
|
|
if [ -n "$IPT_POSTROUTING" ]; then
|
|
iptables -t mangle -D POSTROUTING $IPT_POSTROUTING
|
|
fi
|
|
if [ -n "$IPT6_PREROUTING" ]; then
|
|
ip6tables -t mangle -D PREROUTING $IPT6_PREROUTING
|
|
fi
|
|
if [ -n "$IPT6_POSTROUTING" ]; then
|
|
ip6tables -t mangle -D POSTROUTING $IPT6_POSTROUTING
|
|
fi
|
|
[ -f /etc/init.d/qca-nss-ecm ] && /etc/init.d/qca-nss-ecm start # disable nss offload
|
|
|
|
service_triggers()
|
|
{
|
|
procd_add_reload_trigger "qmodem_ttl"
|
|
procd_add_reload_trigger "network"
|
|
#netdev
|
|
}
|
|
|
|
reload_service()
|
|
{
|
|
stop
|
|
start
|
|
}
|