diff --git a/luci-app-ipsec-server/Makefile b/luci-app-ipsec-server/Makefile index 1271c2644..3f226f9b1 100644 --- a/luci-app-ipsec-server/Makefile +++ b/luci-app-ipsec-server/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-ipsec-server PKG_VERSION:=20211223 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_MAINTAINER:=Lienol diff --git a/luci-app-ipsec-server/root/etc/init.d/luci-app-ipsec-server b/luci-app-ipsec-server/root/etc/init.d/luci-app-ipsec-server index 05a7fa70b..9bbc9355c 100755 --- a/luci-app-ipsec-server/root/etc/init.d/luci-app-ipsec-server +++ b/luci-app-ipsec-server/root/etc/init.d/luci-app-ipsec-server @@ -24,16 +24,16 @@ get_enabled_anonymous_secs() { ipt_rule() { if [ "$1" = "add" ]; then - iptables -t nat -I POSTROUTING -s ${vt_clientip} -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null + iptables -t nat -I postrouting_rule -s ${vt_clientip} -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null iptables -I forwarding_rule -s ${vt_clientip} -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null iptables -I forwarding_rule -m policy --dir in --pol ipsec --proto esp -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null iptables -I forwarding_rule -m policy --dir out --pol ipsec --proto esp -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null - iptables -I INPUT -p udp -m multiport --dports 500,4500 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null + iptables -I input_rule -p udp -m multiport --dports 500,4500 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null iptables -t mangle -I OUTPUT -p udp -m multiport --sports 500,4500 -m comment --comment "${ipt_flag}" -j RETURN 2>/dev/null [ "${l2tp_enabled}" = 1 ] && { - iptables -t nat -I POSTROUTING -s ${l2tp_localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null + iptables -t nat -I postrouting_rule -s ${l2tp_localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null iptables -I forwarding_rule -s ${l2tp_localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null - iptables -I INPUT -p udp --dport 1701 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null + iptables -I input_rule -p udp --dport 1701 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null iptables -t mangle -I OUTPUT -p udp --sport 1701 -m comment --comment "${ipt_flag}" -j RETURN 2>/dev/null } else @@ -44,8 +44,8 @@ ipt_rule() { done } ipt_del "iptables" "forwarding_rule" - ipt_del "iptables" "INPUT" - ipt_del "iptables -t nat" "POSTROUTING" + ipt_del "iptables" "input_rule" + ipt_del "iptables -t nat" "postrouting_rule" ipt_del "iptables -t mangle" "OUTPUT" fi } diff --git a/luci-app-openvpn-client/Makefile b/luci-app-openvpn-client/Makefile index a758a559e..605234b46 100644 --- a/luci-app-openvpn-client/Makefile +++ b/luci-app-openvpn-client/Makefile @@ -4,7 +4,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-openvpn-client PKG_VERSION:=20240721 -PKG_RELEASE:=1 +PKG_RELEASE:=2 LUCI_TITLE:=LuCI support for OpenVPN Client LUCI_DEPENDS:=+openvpn-openssl +kmod-tun diff --git a/luci-app-openvpn-client/root/etc/init.d/luci-app-openvpn-client b/luci-app-openvpn-client/root/etc/init.d/luci-app-openvpn-client index a8199235a..6a757b981 100755 --- a/luci-app-openvpn-client/root/etc/init.d/luci-app-openvpn-client +++ b/luci-app-openvpn-client/root/etc/init.d/luci-app-openvpn-client @@ -126,11 +126,11 @@ start_instance() { cat <<-EOF >> ${TMP_OVPN_PATH}/${cfgid}/iptables_add.sh ${TMP_OVPN_PATH}/${cfgid}/iptables_del.sh #允许服务端配置静态路由表访问内网 - iptables -t nat -I POSTROUTING -s \$(cat ${TMP_OVPN_PATH}/${cfgid}/network)/\$(cat ${TMP_OVPN_PATH}/${cfgid}/mask) -m comment --comment "${c_dev}" -j MASQUERADE - iptables -t nat -I POSTROUTING -o ${c_dev} -m comment --comment "${c_dev}" -j MASQUERADE - iptables -I INPUT -s \$(cat ${TMP_OVPN_PATH}/${cfgid}/network)/\$(cat ${TMP_OVPN_PATH}/${cfgid}/mask) -m comment --comment "${c_dev}" -j ${c_allow_access_action} - iptables -I FORWARD -i ${c_dev} -m comment --comment "${c_dev}" -j ACCEPT - iptables -I FORWARD -o ${c_dev} -m comment --comment "${c_dev}" -j ACCEPT + iptables -t nat -I postrouting_rule -s \$(cat ${TMP_OVPN_PATH}/${cfgid}/network)/\$(cat ${TMP_OVPN_PATH}/${cfgid}/mask) -m comment --comment "${c_dev}" -j MASQUERADE + iptables -t nat -I postrouting_rule -o ${c_dev} -m comment --comment "${c_dev}" -j MASQUERADE + iptables -I input_rule -s \$(cat ${TMP_OVPN_PATH}/${cfgid}/network)/\$(cat ${TMP_OVPN_PATH}/${cfgid}/mask) -m comment --comment "${c_dev}" -j ${c_allow_access_action} + iptables -I forwarding_rule -i ${c_dev} -m comment --comment "${c_dev}" -j ACCEPT + iptables -I forwarding_rule -o ${c_dev} -m comment --comment "${c_dev}" -j ACCEPT EOF cat <<-EOF >> ${TMP_OVPN_PATH}/${cfgid}/iptables_del.sh @@ -140,9 +140,9 @@ start_instance() { \$1 -w -D \$2 \$index 2>/dev/null done } - ipt_del "iptables" "INPUT" - ipt_del "iptables" "FORWARD" - ipt_del "iptables -t nat" "POSTROUTING" + ipt_del "iptables" "input_rule" + ipt_del "iptables" "forwarding_rule" + ipt_del "iptables -t nat" "postrouting_rule" EOF cat <<-EOF >> /var/etc/${CONFIG}.include diff --git a/luci-app-pppoe-server/Makefile b/luci-app-pppoe-server/Makefile index 19b17875e..e246e66c3 100644 --- a/luci-app-pppoe-server/Makefile +++ b/luci-app-pppoe-server/Makefile @@ -9,7 +9,7 @@ LUCI_TITLE:=LuCI support for PPPoE Server LUCI_DEPENDS:=+rp-pppoe-common +rp-pppoe-server LUCI_PKGARCH:=all PKG_VERSION:=20211223 -PKG_RELEASE:=1 +PKG_RELEASE:=2 define Package/luci-app-pppoe-server/preinst #!/bin/sh diff --git a/luci-app-pppoe-server/root/etc/init.d/pppoe-server b/luci-app-pppoe-server/root/etc/init.d/pppoe-server index 85c42c88e..ce7a5d522 100755 --- a/luci-app-pppoe-server/root/etc/init.d/pppoe-server +++ b/luci-app-pppoe-server/root/etc/init.d/pppoe-server @@ -21,7 +21,7 @@ localip=$(config_t_get service localip 10.0.1.1) ipt_rule() { if [ "$1" = "add" ]; then - iptables -t nat -I POSTROUTING -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null + iptables -t nat -I postrouting_rule -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null iptables -I forwarding_rule -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null else ipt_del() { @@ -31,7 +31,7 @@ ipt_rule() { done } ipt_del "iptables" "forwarding_rule" - ipt_del "iptables -t nat" "POSTROUTING" + ipt_del "iptables -t nat" "postrouting_rule" fi } diff --git a/luci-app-pptp-server/Makefile b/luci-app-pptp-server/Makefile index 001005312..618e72cbd 100644 --- a/luci-app-pptp-server/Makefile +++ b/luci-app-pptp-server/Makefile @@ -9,7 +9,7 @@ LUCI_TITLE:=LuCI support for PPTP VPN Server LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp +luci-lib-jsonc LUCI_PKGARCH:=all PKG_VERSION:=20211223 -PKG_RELEASE:=1 +PKG_RELEASE:=2 include $(TOPDIR)/feeds/luci/luci.mk diff --git a/luci-app-pptp-server/root/etc/init.d/luci-app-pptp-server b/luci-app-pptp-server/root/etc/init.d/luci-app-pptp-server index 80590bc7e..7b2766c85 100755 --- a/luci-app-pptp-server/root/etc/init.d/luci-app-pptp-server +++ b/luci-app-pptp-server/root/etc/init.d/luci-app-pptp-server @@ -18,9 +18,9 @@ get_enabled_anonymous_secs() { ipt_rule() { if [ "$1" = "add" ]; then - iptables -t nat -I POSTROUTING -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null + iptables -t nat -I postrouting_rule -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null iptables -I forwarding_rule -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null - iptables -I INPUT -p tcp --dport 1723 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null + iptables -I input_rule -p tcp --dport 1723 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null iptables -t mangle -I OUTPUT -p tcp --sport 1723 -m comment --comment "${ipt_flag}" -j RETURN 2>/dev/null else ipt_del() { @@ -30,8 +30,8 @@ ipt_rule() { done } ipt_del "iptables" "forwarding_rule" - ipt_del "iptables" "INPUT" - ipt_del "iptables -t nat" "POSTROUTING" + ipt_del "iptables" "input_rule" + ipt_del "iptables -t nat" "postrouting_rule" ipt_del "iptables -t mangle" "OUTPUT" fi }