gitea-action
parent
f662cca045
commit
3274b6d612
@ -42,7 +42,7 @@ function index()
|
||||
end
|
||||
entry({"admin", "services", appname, "app_update"}, cbi(appname .. "/client/app_update"), _("App Update"), 95).leaf = true
|
||||
entry({"admin", "services", appname, "rule"}, cbi(appname .. "/client/rule"), _("Rule Manage"), 96).leaf = true
|
||||
entry({"admin", "services", appname, "rule_list"}, cbi(appname .. "/client/rule_list"), _("Rule List"), 97).leaf = true
|
||||
entry({"admin", "services", appname, "rule_list"}, cbi(appname .. "/client/rule_list", {autoapply = true}), _("Rule List"), 97).leaf = true
|
||||
entry({"admin", "services", appname, "node_subscribe_config"}, cbi(appname .. "/client/node_subscribe_config")).leaf = true
|
||||
entry({"admin", "services", appname, "node_config"}, cbi(appname .. "/client/node_config")).leaf = true
|
||||
entry({"admin", "services", appname, "shunt_rules"}, cbi(appname .. "/client/shunt_rules")).leaf = true
|
||||
@ -109,16 +109,14 @@ function reset_config()
|
||||
end
|
||||
|
||||
function show_menu()
|
||||
uci:delete(appname, "@global[0]", "hide_from_luci")
|
||||
api.uci_save(uci, appname, true)
|
||||
api.sh_uci_del(appname, "@global[0]", "hide_from_luci", true)
|
||||
luci.sys.call("rm -rf /tmp/luci-*")
|
||||
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
|
||||
luci.http.redirect(api.url())
|
||||
end
|
||||
|
||||
function hide_menu()
|
||||
uci:set(appname, "@global[0]", "hide_from_luci","1")
|
||||
api.uci_save(uci, appname, true)
|
||||
api.sh_uci_set(appname, "@global[0]", "hide_from_luci", "1", true)
|
||||
luci.sys.call("rm -rf /tmp/luci-*")
|
||||
luci.sys.call("/etc/init.d/rpcd restart >/dev/null")
|
||||
luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview"))
|
||||
@ -361,8 +359,7 @@ function set_node()
|
||||
local protocol = luci.http.formvalue("protocol")
|
||||
local section = luci.http.formvalue("section")
|
||||
uci:set(appname, "@global[0]", protocol .. "_node", section)
|
||||
api.uci_save(uci, appname, true)
|
||||
luci.sys.call("/etc/init.d/passwall restart > /dev/null 2>&1 &")
|
||||
api.uci_save(uci, appname, true, true)
|
||||
luci.http.redirect(api.url("log"))
|
||||
end
|
||||
|
||||
|
||||
@ -607,7 +607,8 @@ else
|
||||
end
|
||||
o.inputstyle = "remove"
|
||||
function o.write(e, e)
|
||||
luci.sys.call('[ -n "$(nft list sets 2>/dev/null | grep \"passwall_\")" ] && sh /usr/share/passwall/nftables.sh flush_nftset_reload || sh /usr/share/passwall/iptables.sh flush_ipset_reload > /dev/null 2>&1 &')
|
||||
m:set("@global[0]", "flush_set", "1")
|
||||
api.uci_save(m.uci, appname, true, true)
|
||||
luci.http.redirect(api.url("log"))
|
||||
end
|
||||
|
||||
|
||||
@ -312,15 +312,18 @@ end
|
||||
|
||||
m:append(Template(appname .. "/rule_list/js"))
|
||||
|
||||
if sys.call('[ -f "/www/luci-static/resources/uci.js" ]') == 0 then
|
||||
function m.on_before_save(self)
|
||||
m:set("@global[0]", "flush_set", "1")
|
||||
end
|
||||
|
||||
if api.is_js_luci() then
|
||||
function m.on_before_save(self)
|
||||
api.sh_uci_set(appname, "@global[0]", "flush_set", "1", true)
|
||||
end
|
||||
m.apply_on_parse = true
|
||||
function m.on_apply(self)
|
||||
luci.sys.call("/etc/init.d/passwall reload > /dev/null 2>&1 &")
|
||||
end
|
||||
end
|
||||
|
||||
function m.on_commit(self)
|
||||
luci.sys.call('[ -n "$(nft list sets 2>/dev/null | grep \"passwall_\")" ] && sh /usr/share/passwall/nftables.sh flush_nftset || sh /usr/share/passwall/iptables.sh flush_ipset > /dev/null 2>&1 &')
|
||||
end
|
||||
|
||||
return m
|
||||
|
||||
@ -1254,15 +1254,6 @@ add_firewall_rule() {
|
||||
}
|
||||
|
||||
del_firewall_rule() {
|
||||
# 10秒内禁止重复运行
|
||||
local time_file="/tmp/etc/passwall_tmp/del_fw_rule_time"
|
||||
local current_time=$(date +%s)
|
||||
if [ -f "$time_file" ]; then
|
||||
local last_time=$(head -n 1 "$time_file" 2>/dev/null | tr -d ' \t' | grep -E '^[0-9]+$' || echo 0)
|
||||
[ $((current_time - last_time)) -le 10 ] && return 0
|
||||
fi
|
||||
echo "$current_time" > "$time_file"
|
||||
|
||||
for ipt in "$ipt_n" "$ipt_m" "$ip6t_n" "$ip6t_m"; do
|
||||
for chain in "PREROUTING" "OUTPUT"; do
|
||||
for i in $(seq 1 $($ipt -nL $chain | grep -c PSW)); do
|
||||
@ -1302,25 +1293,16 @@ del_firewall_rule() {
|
||||
destroy_ipset $IPSET_BLOCK6
|
||||
destroy_ipset $IPSET_WHITE6
|
||||
|
||||
$DIR/app.sh echolog "删除iptables防火墙规则完成。"
|
||||
$DIR/app.sh echolog "删除 iptables 规则完成。"
|
||||
}
|
||||
|
||||
flush_ipset() {
|
||||
$DIR/app.sh echolog "清空 IPSET。"
|
||||
$DIR/app.sh echolog "清空 IPSet。"
|
||||
for _name in $(ipset list | grep "Name: " | grep "passwall_" | awk '{print $2}'); do
|
||||
destroy_ipset ${_name}
|
||||
done
|
||||
}
|
||||
|
||||
flush_ipset_reload() {
|
||||
del_firewall_rule
|
||||
flush_ipset
|
||||
rm -rf /tmp/etc/passwall_tmp/singbox*
|
||||
rm -rf /tmp/etc/passwall_tmp/smartdns*
|
||||
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
|
||||
/etc/init.d/passwall reload
|
||||
}
|
||||
|
||||
flush_include() {
|
||||
echo '#!/bin/sh' >$FWI
|
||||
}
|
||||
@ -1421,6 +1403,14 @@ start() {
|
||||
|
||||
stop() {
|
||||
del_firewall_rule
|
||||
[ $(config_t_get global flush_set "0") = "1" ] && {
|
||||
uci -q delete ${CONFIG}.@global[0].flush_set
|
||||
uci -q commit ${CONFIG}
|
||||
flush_ipset
|
||||
rm -rf /tmp/etc/passwall_tmp/singbox*
|
||||
rm -rf /tmp/etc/passwall_tmp/smartdns*
|
||||
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
|
||||
}
|
||||
flush_include
|
||||
}
|
||||
|
||||
@ -1436,12 +1426,6 @@ insert_rule_before)
|
||||
insert_rule_after)
|
||||
insert_rule_after "$@"
|
||||
;;
|
||||
flush_ipset)
|
||||
flush_ipset
|
||||
;;
|
||||
flush_ipset_reload)
|
||||
flush_ipset_reload
|
||||
;;
|
||||
get_ipt_bin)
|
||||
get_ipt_bin
|
||||
;;
|
||||
|
||||
@ -1300,15 +1300,6 @@ add_firewall_rule() {
|
||||
}
|
||||
|
||||
del_firewall_rule() {
|
||||
# 10秒内禁止重复运行
|
||||
local time_file="/tmp/etc/passwall_tmp/del_fw_rule_time"
|
||||
local current_time=$(date +%s)
|
||||
if [ -f "$time_file" ]; then
|
||||
local last_time=$(head -n 1 "$time_file" 2>/dev/null | tr -d ' \t' | grep -E '^[0-9]+$' || echo 0)
|
||||
[ $((current_time - last_time)) -le 10 ] && return 0
|
||||
fi
|
||||
echo "$current_time" > "$time_file"
|
||||
|
||||
for nft in "dstnat" "srcnat" "nat_output" "mangle_prerouting" "mangle_output"; do
|
||||
local handles=$(nft -a list chain $NFTABLE_NAME ${nft} 2>/dev/null | grep -E "PSW_" | awk -F '# handle ' '{print$2}')
|
||||
for handle in $handles; do
|
||||
@ -1349,11 +1340,11 @@ del_firewall_rule() {
|
||||
destroy_nftset $NFTSET_BLOCK6
|
||||
destroy_nftset $NFTSET_WHITE6
|
||||
|
||||
$DIR/app.sh echolog "删除nftables防火墙规则完成。"
|
||||
$DIR/app.sh echolog "删除 nftables 规则完成。"
|
||||
}
|
||||
|
||||
flush_nftset() {
|
||||
$DIR/app.sh echolog "清空 NFTSET。"
|
||||
$DIR/app.sh echolog "清空 NFTSet。"
|
||||
for _name in $(nft -a list sets | grep -E "passwall" | awk -F 'set ' '{print $2}' | awk '{print $1}'); do
|
||||
destroy_nftset ${_name}
|
||||
done
|
||||
@ -1364,15 +1355,6 @@ flush_table() {
|
||||
nft delete table $NFTABLE_NAME
|
||||
}
|
||||
|
||||
flush_nftset_reload() {
|
||||
del_firewall_rule
|
||||
flush_table
|
||||
rm -rf /tmp/etc/passwall_tmp/singbox*
|
||||
rm -rf /tmp/etc/passwall_tmp/smartdns*
|
||||
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
|
||||
/etc/init.d/passwall reload
|
||||
}
|
||||
|
||||
flush_include() {
|
||||
echo '#!/bin/sh' >$FWI
|
||||
}
|
||||
@ -1424,6 +1406,15 @@ start() {
|
||||
|
||||
stop() {
|
||||
del_firewall_rule
|
||||
[ $(config_t_get global flush_set "0") = "1" ] && {
|
||||
uci -q delete ${CONFIG}.@global[0].flush_set
|
||||
uci -q commit ${CONFIG}
|
||||
#flush_table
|
||||
flush_nftset
|
||||
rm -rf /tmp/etc/passwall_tmp/singbox*
|
||||
rm -rf /tmp/etc/passwall_tmp/smartdns*
|
||||
rm -rf /tmp/etc/passwall_tmp/dnsmasq*
|
||||
}
|
||||
flush_include
|
||||
}
|
||||
|
||||
@ -1439,12 +1430,6 @@ insert_rule_before)
|
||||
insert_rule_after)
|
||||
insert_rule_after "$@"
|
||||
;;
|
||||
flush_nftset)
|
||||
flush_nftset
|
||||
;;
|
||||
flush_nftset_reload)
|
||||
flush_nftset_reload
|
||||
;;
|
||||
get_wan_ip)
|
||||
get_wan_ip
|
||||
;;
|
||||
|
||||
@ -479,10 +479,7 @@ if reboot == 1 then
|
||||
end
|
||||
|
||||
log("重启服务,应用新的规则。")
|
||||
if use_nft == "1" then
|
||||
sys.call("sh /usr/share/" .. name .. "/nftables.sh flush_nftset_reload > /dev/null 2>&1 &")
|
||||
else
|
||||
sys.call("sh /usr/share/" .. name .. "/iptables.sh flush_ipset_reload > /dev/null 2>&1 &")
|
||||
end
|
||||
uci:set(name, "@global[0]", "flush_set", "1")
|
||||
api.uci_save(uci, name, true, true)
|
||||
end
|
||||
log("规则更新完毕...")
|
||||
|
||||
@ -20,7 +20,7 @@ index 18cdd8d..44f5958 100644
|
||||
|
||||
define Package/$(PKG_NAME)/postrm
|
||||
diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
|
||||
index 3f6dd8c..952e4c8 100644
|
||||
index de67f1c..463bdff 100644
|
||||
--- a/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
|
||||
+++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/global.lua
|
||||
@@ -492,6 +492,12 @@ o:value("9.9.9.9", "9.9.9.9 (Quad9)")
|
||||
|
||||
Loading…
Reference in New Issue
Block a user