From 6606aeea2c39e3d49d1ae2d8c0b556fcf65605aa Mon Sep 17 00:00:00 2001
From: gitea-action <git@cooluc.com>
Date: Thu, 19 Sep 2024 12:30:07 +0800
Subject: [PATCH] luci-app-homeproxy: sync upstream

last commit: https://github.com/immortalwrt/homeproxy/commit/f94668b2961d6f7295ef2493b1c30912cf57d5c1
---
 .../resources/view/homeproxy/client.js        |  4 +-
 .../etc/homeproxy/scripts/firewall_post.ut    | 38 ++++++++++++++-----
 2 files changed, 31 insertions(+), 11 deletions(-)

diff --git a/luci-app-homeproxy/htdocs/luci-static/resources/view/homeproxy/client.js b/luci-app-homeproxy/htdocs/luci-static/resources/view/homeproxy/client.js
index 52a163d15..7d13a5697 100644
--- a/luci-app-homeproxy/htdocs/luci-static/resources/view/homeproxy/client.js
+++ b/luci-app-homeproxy/htdocs/luci-static/resources/view/homeproxy/client.js
@@ -1007,9 +1007,9 @@ return view.extend({
 		so.rmempty = false;
 
 		so = ss.option(form.ListValue, 'format', _('Format'));
-		so.value('source', _('Source file'));
 		so.value('binary', _('Binary file'));
-		so.default = 'source';
+		so.value('source', _('Source file'));
+		so.default = 'binary';
 		so.rmempty = false;
 
 		so = ss.option(form.Value, 'path', _('Path'));
diff --git a/luci-app-homeproxy/root/etc/homeproxy/scripts/firewall_post.ut b/luci-app-homeproxy/root/etc/homeproxy/scripts/firewall_post.ut
index 1f31d4de8..0f72d7551 100755
--- a/luci-app-homeproxy/root/etc/homeproxy/scripts/firewall_post.ut
+++ b/luci-app-homeproxy/root/etc/homeproxy/scripts/firewall_post.ut
@@ -30,6 +30,26 @@ function resolve_ipv6(str) {
 		return `& ${ipv6.mask} == ${ipv6.addr}`;
 }
 
+function resolve_mark(str) {
+	if (isEmpty(str))
+		return null;
+
+	let mark = fw4.parse_mark(str);
+	if (isEmpty(mark))
+		return null;
+
+	if (mark.mask === 0xffffffff)
+		return fw4.hex(mark.mark);
+	else if (mark.mark === 0)
+		return `mark and ${fw4.hex(~mark.mask & 0xffffffff)}`;
+	else if (mark.mark === mark.mask)
+		return `mark or ${fw4.hex(mark.mark)}`;
+	else if (mark.mask === 0)
+		return `mark xor ${fw4.hex(mark.mark)}`;
+	else
+		return `mark and ${fw4.hex(~mark.mask & 0xffffffff)} xor ${fw4.hex(mark.mark)}`;
+}
+
 /* Misc config */
 const resources_dir = '/etc/homeproxy/resources';
 
@@ -68,11 +88,11 @@ if (match(proxy_mode, /redirect/)) {
 if (match(proxy_mode, /tproxy/))
 	if (outbound_udp_node !== 'nil' || routing_mode === 'custom') {
 		tproxy_port = uci.get(cfgname, 'infra', 'tproxy_port') || '5332';
-		tproxy_mark = uci.get(cfgname, 'infra', 'tproxy_mark') || '101';
+		tproxy_mark = resolve_mark(uci.get(cfgname, 'infra', 'tproxy_mark') || '101');
 	}
 if (match(proxy_mode, /tun/)) {
 	tun_name = uci.get(cfgname, 'infra', 'tun_name') || 'singtun0';
-	tun_mark = uci.get(cfgname, 'infra', 'tun_mark') || '102';
+	tun_mark = resolve_mark(uci.get(cfgname, 'infra', 'tun_mark') || '102');
 }
 
 const control_options = [
@@ -356,9 +376,9 @@ chain homeproxy_output_redir {
 {# UDP tproxy #}
 {% if (match(proxy_mode, /tproxy/) && (outbound_udp_node !== 'nil' || routing_mode === 'custom')): %}
 chain homeproxy_mangle_tproxy {
-	meta l4proto udp mark set {{ tproxy_mark }} tproxy ip to 127.0.0.1:{{ tproxy_port }} counter accept
+	meta l4proto udp meta mark set {{ tproxy_mark }} tproxy ip to 127.0.0.1:{{ tproxy_port }} counter accept
 	{% if (ipv6_support === '1'): %}
-	meta l4proto udp mark set {{ tproxy_mark }} tproxy ip6 to [::1]:{{ tproxy_port }} counter accept
+	meta l4proto udp meta mark set {{ tproxy_mark }} tproxy ip6 to [::1]:{{ tproxy_port }} counter accept
 	{% endif %}
 }
 
@@ -373,7 +393,7 @@ chain homeproxy_mangle_mark {
 	{% if (routing_port): %}
 	udp dport != @homeproxy_routing_port counter return
 	{% endif %}
-	meta l4proto udp mark set {{ tproxy_mark }} counter accept
+	meta l4proto udp meta mark set {{ tproxy_mark }} counter accept
 }
 
 chain homeproxy_mangle_lanac {
@@ -564,7 +584,7 @@ chain homeproxy_mangle_tun_mark {
 	udp dport != @homeproxy_routing_port counter return
 	{% endif /* routing_port */ %}
 
-	counter mark set {{ tun_mark }}
+	counter meta mark set {{ tun_mark }}
 }
 
 chain homeproxy_mangle_tun {
@@ -621,13 +641,13 @@ chain homeproxy_mangle_tun {
 	{% endif /* routing_mode */ %}
 
 	{% if (!isEmpty(control_info.lan_gaming_mode_ipv4_ips)): %}
-	ip saddr {{ array_to_nftarr(control_info.lan_gaming_mode_ipv4_ips) }} counter mark set {{ tun_mark }}
+	ip saddr {{ array_to_nftarr(control_info.lan_gaming_mode_ipv4_ips) }} counter meta mark set {{ tun_mark }}
 	{% endif /* lan_gaming_mode_ipv4_ips */ %}
 	{% for (let ipv6 in control_info.lan_gaming_mode_ipv6_ips): %}
-	ip6 saddr {{ resolve_ipv6(ipv6) }} counter mark set {{ tun_mark }}
+	ip6 saddr {{ resolve_ipv6(ipv6) }} counter meta mark set {{ tun_mark }}
 	{% endfor /* lan_gaming_mode_ipv6_ips */ %}
 	{% if (!isEmpty(control_info.lan_gaming_mode_mac_addrs)): %}
-	ether saddr {{ array_to_nftarr(control_info.lan_gaming_mode_mac_addrs) }} counter mark set {{ tun_mark }}
+	ether saddr {{ array_to_nftarr(control_info.lan_gaming_mode_mac_addrs) }} counter meta mark set {{ tun_mark }}
 	{% endif /* lan_gaming_mode_mac_addrs */ %}
 
 	counter goto homeproxy_mangle_tun_mark