Browse Source

shadowsocks-libev: ss-rules: nft rule cleanup on reload

Remove nft rules file generated by ss-rules if ss-rules was or should be
turned off for by configuration.  Use "fw4 restart" instead of "fw4
reload" to force the runtime rule reloading

Ref: https://github.com/openwrt/packages/pull/17937#issuecomment-1207357037
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 04ee032699)
lilik-openwrt-22.03
Yousong Zhou 2 years ago
parent
commit
6df708763e
2 changed files with 18 additions and 8 deletions
  1. +1
    -1
      net/shadowsocks-libev/Makefile
  2. +17
    -7
      net/shadowsocks-libev/files/shadowsocks-libev.init

+ 1
- 1
net/shadowsocks-libev/Makefile View File

@ -14,7 +14,7 @@ include $(TOPDIR)/rules.mk
# #
PKG_NAME:=shadowsocks-libev PKG_NAME:=shadowsocks-libev
PKG_VERSION:=3.3.5 PKG_VERSION:=3.3.5
PKG_RELEASE:=6
PKG_RELEASE:=7
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION) PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION)


+ 17
- 7
net/shadowsocks-libev/files/shadowsocks-libev.init View File

@ -112,7 +112,7 @@ ss_rules_cb() {
fi fi
} }
ss_rules() {
ss_rules_nft_gen() {
local cfg="ss_rules" local cfg="ss_rules"
local cfgtype local cfgtype
local local_port_tcp local_port_udp local local_port_tcp local_port_udp
@ -125,7 +125,7 @@ ss_rules() {
eval "$(validate_ss_rules_section "$cfg" ss_validate_mklocal)" eval "$(validate_ss_rules_section "$cfg" ss_validate_mklocal)"
validate_ss_rules_section "$cfg" || return 1 validate_ss_rules_section "$cfg" || return 1
[ "$disabled" = 0 ] || return 0
[ "$disabled" = 0 ] || return 2
eval local_port_tcp="\$ss_rules_redir_tcp_$redir_tcp" eval local_port_tcp="\$ss_rules_redir_tcp_$redir_tcp"
eval local_port_udp="\$ss_rules_redir_udp_$redir_udp" eval local_port_udp="\$ss_rules_redir_udp_$redir_udp"
@ -161,7 +161,7 @@ ss_rules() {
echo "table inet chk {include \"$tmp.nft\";}" >"$tmp.nft.chk" echo "table inet chk {include \"$tmp.nft\";}" >"$tmp.nft.chk"
if nft -f "$tmp.nft.chk" -c; then if nft -f "$tmp.nft.chk" -c; then
mv "$tmp.nft" "$ssrules_nft" mv "$tmp.nft" "$ssrules_nft"
fw4 reload
fw4 restart
fi fi
rm -f "$tmp.nft.chk" rm -f "$tmp.nft.chk"
fi fi
@ -169,6 +169,19 @@ ss_rules() {
rm -f "$tmp.nft" rm -f "$tmp.nft"
} }
ss_rules_nft_reset() {
if [ -f "$ssrules_nft" ]; then
rm -f "$ssrules_nft"
fw4 restart
fi
}
ss_rules() {
if ! ss_rules_nft_gen; then
ss_rules_nft_reset
fi
}
start_service() { start_service() {
local cfgtype local cfgtype
@ -181,10 +194,7 @@ start_service() {
} }
stop_service() { stop_service() {
if [ -f "$ssrules_nft" ]; then
rm -f "$ssrules_nft"
fw4 reload
fi
ss_rules_nft_reset
rm -rf "$ss_confdir" rm -rf "$ss_confdir"
} }


Loading…
Cancel
Save