1
0

omcproxy.init 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143
  1. #!/bin/sh /etc/rc.common
  2. # Copyright (C) 2010-2014 OpenWrt.org
  3. START=99
  4. USE_PROCD=1
  5. PROG=/usr/sbin/omcproxy
  6. # Uncomment to enable verbosity
  7. #OPTIONS="-v"
  8. PROXIES=""
  9. omcproxy_add_proxy() {
  10. local uplink downlink scope proxy
  11. config_get uplink $1 uplink
  12. config_get downlink $1 downlink
  13. config_get scope $1 scope
  14. proxy=""
  15. network_get_device updev $uplink
  16. [ -n "$updev" ] || return 0
  17. for network in $downlink; do
  18. network_get_device downdev $network
  19. [ -n "$downdev" ] && proxy="$proxy,$downdev"
  20. # Disable in-kernel querier while ours is active
  21. [ -f /sys/class/net/$downdev/bridge/multicast_querier ] && \
  22. echo 0 > /sys/class/net/$downdev/bridge/multicast_querier
  23. done
  24. [ -n "$proxy" ] || return 0
  25. [ -n "$scope" ] && proxy="$proxy,scope=$scope"
  26. PROXIES="$PROXIES $updev$proxy"
  27. }
  28. omcproxy_add_trigger() {
  29. local uplink downlink
  30. config_get uplink $1 uplink
  31. config_get downlink $1 downlink
  32. for network in $uplink $downlink; do
  33. procd_add_interface_trigger "interface.*" $network /etc/init.d/omcproxy restart
  34. done
  35. }
  36. omcproxy_add_firewall() {
  37. config_get uplink $1 uplink
  38. config_get downlink $1 downlink
  39. upzone=$(fw3 network $uplink)
  40. [ -n "$upzone" ] || return 0
  41. json_add_object ""
  42. json_add_string type rule
  43. json_add_string src "$upzone"
  44. json_add_string proto igmp
  45. json_add_string target ACCEPT
  46. json_close_object
  47. json_add_object ""
  48. json_add_string type rule
  49. json_add_string family ipv6
  50. json_add_string src "$upzone"
  51. json_add_string proto icmp
  52. json_add_string src_ip fe80::/10
  53. json_add_array icmp_type
  54. json_add_string "" 130/0
  55. json_add_string "" 131/0
  56. json_add_string "" 132/0
  57. json_add_string "" 143/0
  58. json_close_array
  59. json_add_string target ACCEPT
  60. json_close_object
  61. for network in $downlink; do
  62. downzone=$(fw3 network $network)
  63. [ -n "$downzone" ] || continue
  64. json_add_object ""
  65. json_add_string type rule
  66. json_add_string src "$upzone"
  67. json_add_string dest "$downzone"
  68. json_add_string family ipv4
  69. json_add_string proto any
  70. json_add_string dest_ip "224.0.0.0/4"
  71. json_add_string target ACCEPT
  72. json_close_object
  73. json_add_object ""
  74. json_add_string type rule
  75. json_add_string src "$upzone"
  76. json_add_string dest "$downzone"
  77. json_add_string family ipv6
  78. json_add_string proto any
  79. json_add_string dest_ip "ff00::/8"
  80. json_add_string target ACCEPT
  81. json_close_object
  82. done
  83. }
  84. service_triggers() {
  85. procd_add_reload_trigger "omcproxy"
  86. }
  87. start_service() {
  88. include /lib/functions
  89. config_load omcproxy
  90. config_foreach omcproxy_add_proxy proxy
  91. [ -n "$PROXIES" ] || return 0
  92. procd_open_instance
  93. procd_set_param command $PROG
  94. [ -n "$OPTIONS" ] && procd_append_param command $OPTIONS
  95. procd_append_param command $PROXIES
  96. procd_set_param respawn
  97. procd_open_trigger
  98. config_foreach omcproxy_add_trigger proxy
  99. procd_close_trigger
  100. procd_open_data
  101. json_add_array firewall
  102. config_foreach omcproxy_add_firewall proxy
  103. json_close_array
  104. procd_close_data
  105. procd_close_instance
  106. # Increase maximum IPv4 group memberships per socket
  107. echo 128 > /proc/sys/net/ipv4/igmp_max_memberships
  108. }
  109. service_started() {
  110. procd_set_config_changed firewall
  111. }