add luci-app-homeredirect 端口转发

homeredirect/Makefile

@@ -0,0 +1,80 @@
+#
+# Copyright (c) 2020 xiaoqingfeng (xiaoqingfengatgm@gmail.com)
+# Feed site - https://github.com/xiaoqingfengATGH/feeds-xiaoqingfeng
+# This is free software, licensed under the GNU General Public License v3.
+#
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=HomeRedirect
+PKG_VERSION:=1.4
+PKG_RELEASE:=1
+PKG_DATE:=20210226
+
+PKG_MAINTAINER:=xiaoqingfeng <xiaoqingfengatgm@gmail.com>
+PKG_LICENSE:=GPL-3.0-or-later
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/$(PKG_NAME)
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Port forwarding utility for HomeLede.
+  DEPENDS:=+bash +coreutils-nohup +socat
+  PKGARCH:=all
+  URL:=https://github.com/xiaoqingfengATGH/feeds-xiaoqingfeng
+endef
+
+define Package/$(PKG_NAME)/config
+help
+	$(PKG_NAME)
+	Version: $(PKG_VERSION)-$(PKG_RELEASE)
+	Port forwarding utility for HomeLede. Support TCP/UDP ipv4 & ipv6.
+endef
+
+define Package/$(PKG_NAME)/description
+Port forwarding utility for HomeLede. Support TCP/UDP ipv4 & ipv6.
+endef
+
+define Package/$(PKG_NAME)/conffiles
+/etc/config/homeredirect
+endef
+
+define Package/$(PKG_NAME)/install
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/homeredirect
+	$(INSTALL_BIN) files/etc/init.d/homeredirect $(1)/etc/init.d
+	$(INSTALL_CONF) files/etc/config/homeredirect $(1)/etc/config
+	$(INSTALL_DATA) files/etc/homeredirect/firewall.include $(1)/etc/homeredirect/
+	$(INSTALL_DATA) files/etc/homeredirect/script.sh $(1)/etc/homeredirect/
+endef
+
+define Package/$(PKG_NAME)/postinst
+#!/bin/sh
+exit 0
+endef
+
+define Package/$(PKG_NAME)/prerm
+#!/bin/sh
+/etc/init.d/homeredirect stop
+uci -q batch <<-EOF >/dev/null
+	delete ucitrack.@homeredirect[-1]
+	commit ucitrack
+EOF
+uci -q batch <<-EOF >/dev/null
+	delete firewall.homeredirect
+EOF
+exit 0
+endef
+
+define Build/Configure
+endef
+
+define Build/Prepare
+endef
+
+define Build/Compile
+endef
+
+$(eval $(call BuildPackage,$(PKG_NAME)))

homeredirect/files/etc/config/homeredirect

@@ -0,0 +1,38 @@
+config global
+	option enabled '1'
+	
+config redirect
+	option proto 'tcp4'
+	option src_ip '0.0.0.0'
+	option src_dport '60609'
+	option dest_ip '192.168.1.100'
+	option dest_port '3389'
+	option name 'TCP_REDIRECT_IPV4'
+	option enabled '0'
+	
+config redirect
+	option proto 'tcp6'
+	option src_ip '::'
+	option src_dport '60608'
+	option dest_ip 'fd5b:64cf:4ff4::1c4'
+	option dest_port '3389'
+	option name 'TCP_REDIRECT_IPV6'
+	option enabled '0'
+	
+config redirect
+	option proto 'udp4'
+	option src_ip '0.0.0.0'
+	option src_dport '64511'
+	option dest_ip '192.168.1.100'
+	option dest_port '500'
+	option name 'UDP_REDIRECT_IPV4'
+	option enabled '0'
+
+config redirect
+	option proto 'udp6'
+	option src_ip '::'
+	option src_dport '64500'
+	option dest_ip 'fd5b:64cf:4ff4::1c4'
+	option dest_port '4500'
+	option name 'UDP_REDIRECT_IPV6'
+	option enabled '0'

homeredirect/files/etc/homeredirect/firewall.include

@@ -0,0 +1 @@
+bash /etc/homeredirect/script.sh

homeredirect/files/etc/homeredirect/script.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+
+del_rule() {
+	count=$(iptables -n -L INPUT 2>/dev/null | grep -c "HOME_REDIRECT")
+	if [ -n "$count" ]; then
+		until [ "$count" = 0 ]
+		do
+			rules=$(iptables -n -L INPUT --line-num 2>/dev/null | grep "HOME_REDIRECT" | awk '{print $1}')
+			for rule in $rules
+			do
+				iptables -D INPUT $rule 2>/dev/null
+				break
+			done
+			count=$(expr $count - 1)
+		done
+	fi
+
+	iptables -F HOME_REDIRECT 2>/dev/null
+	iptables -X HOME_REDIRECT 2>/dev/null
+}
+
+add_rule(){
+	iptables -N HOME_REDIRECT
+	iptables -I INPUT -j HOME_REDIRECT
+
+	maxRedirctCount=$(uci show homeredirect | grep @redirect | awk -F '[' '{print $2}' | awk -F ']' '{print $1}' | sort | tail -n 1)
+
+	for ((i=($maxRedirctCount);i>=0;i--));
+	do
+		enabled=$(uci get homeredirect.@redirect[$i].enabled)
+		if [ $enabled -eq 1 ]; then
+			protoAll=$(uci get homeredirect.@redirect[$i].proto)
+			proto=${protoAll:0:3}
+			port=$(uci get homeredirect.@redirect[$i].src_dport)
+			iptables -A HOME_REDIRECT -p $proto --dport $port -j ACCEPT
+		fi
+	done
+}
+
+del_rule
+
+enable=$(uci get homeredirect.@global[0].enabled)
+if [ $enable -eq 1 ]; then
+	add_rule
+fi

homeredirect/files/etc/init.d/homeredirect

@@ -0,0 +1,140 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+
+RUNLOG_DIR=/tmp/hr
+
+PROCESSED_REDIRECT=0
+
+log()
+{
+	logger -t homeredirect $1
+}
+
+setupDefaultSrcIP() {
+	if [ -z $src_ip ];then
+		if [ "$1" = "ipv4" ]; then
+			src_ip="0.0.0.0"
+		else
+			src_ip="::"
+		fi
+	fi
+}
+
+setup() {
+
+	config_get enabled $1 enabled
+
+	id=$1
+	config_get proto $1 proto
+	config_get src_ip $1 src_ip
+	config_get src_dport $1 src_dport
+	config_get dest_ip $1 dest_ip
+	config_get dest_port $1 dest_port
+	config_get name $1 name
+
+	terminateRedirect $id
+	
+	[ "$enabled" != "1" ] && return 0
+
+	PROCESSED_REDIRECT=1
+
+	if [ "$proto" = "tcp4" ]; then
+		src_addresstype="TCP4-LISTEN"
+		dest_addresstype="TCP4"
+		setupDefaultSrcIP "ipv4"
+	elif [ "$proto" = "tcp6" ]; then
+		src_addresstype="TCP6-LISTEN"
+		dest_addresstype="TCP6"
+		setupDefaultSrcIP "ipv6"
+		src_ip="[$src_ip]"
+		dest_ip="[$dest_ip]"
+	elif [ "$proto" = "udp4" ]; then
+		src_addresstype="UDP4-LISTEN"
+		dest_addresstype="UDP4"
+		setupDefaultSrcIP "ipv4"
+	elif [ "$proto" = "udp6" ]; then
+		src_addresstype="UDP6-LISTEN"
+		dest_addresstype="UDP6"
+		setupDefaultSrcIP "ipv6"
+		src_ip="[$src_ip]"
+		dest_ip="[$dest_ip]"
+	fi
+
+	#echo "nohup socat -lf $RUNLOG_DIR/$id.log $src_addresstype:$src_dport,bind=$src_ip,fork $dest_addresstype:$dest_ip:$dest_port > $RUNLOG_DIR/$id.log 2>&1 &"
+	nohup socat -lf $RUNLOG_DIR/$id.log $src_addresstype:$src_dport,bind=$src_ip,fork $dest_addresstype:$dest_ip:$dest_port > $RUNLOG_DIR/$id.log 2>&1 &
+	log "[HomeRedirect] Port redirect from $proto $src_ip:$src_dport==>$dest_addresstype:$dest_ip:$dest_port started."
+}
+
+# param $1 is port
+showTcpPortState() {
+	local process=$(netstat -ltnp | awk -F ' ' '{if(NR>2) print $1"/"$4"/"$7}' | grep :$1)
+	if [ -n "$process" ]; then
+		echo $process
+	else
+		echo 'TCP Port $1 is Free.'
+	fi
+}
+# param $1 is port
+showUdpPortState() {
+	local process=$(netstat -lunp | awk -F ' ' '{if(NR>2) print $1"/"$4"/"$6}'|grep :$1)
+	if [ -n "$process" ]; then
+		echo $process
+	else
+		echo 'UDP Port $1 is Free.'
+	fi
+}
+
+isRedirectRunning() {
+	local runningPID=$(ps | grep socat | grep $RUNLOG_DIR/$1 | sed '/grep/d' | awk -F ' ' '{print $1}')
+	if [ -n "$runningPID" ]; then
+		return 1
+	else
+		return 0
+	fi
+}
+
+# param $1 is redirect id
+terminateRedirect() {
+	isRedirectRunning $1
+	[ "$?" = "1" ] && {
+		local runningPID=$(ps | grep socat | grep $RUNLOG_DIR/$1 | sed '/grep/d' | awk -F ' ' '{print $1}')
+		#echo "Going to kill process $runningPID"
+		kill $runningPID
+	}
+}
+
+terminateAll() {
+	local runningPIDs=$(ps | grep socat | grep $RUNLOG_DIR | sed '/grep/d' | awk -F ' ' '{print $1}')
+	[ -n "$runningPIDs" ] && {
+		kill $runningPIDs
+		log "Redirect process : $runningPIDs stopped."
+	}
+}
+
+start() {
+	local vt_enabled=$(uci -q get homeredirect.@global[0].enabled)
+	if [ "$vt_enabled" = 0 ]; then
+		terminateAll
+		fw3 reload
+		return 1
+	fi
+	
+	rm -rf $RUNLOG_DIR
+	mkdir -p $RUNLOG_DIR
+	
+	config_load homeredirect
+	
+	PROCESSED_REDIRECT=0
+	config_foreach setup redirect
+	[ "$PROCESSED_REDIRECT" == "1" ] && {
+		fw3 reload
+	}
+	log 'HomeRedirect started.'
+}
+
+stop() {
+	terminateAll
+	fw3 reload
+	log 'HomeRedirect stopped.'
+}

luci-app-homeredirect/Makefile

@@ -0,0 +1,18 @@
+# Copyright (C) 2020 xiaoqingfeng <xiaoqingfengatgm@gmail.com>
+#
+# This is free software, licensed under the Apache License, Version 2.0 .
+#
+
+include $(TOPDIR)/rules.mk
+
+LUCI_TITLE:=LuCI for HomeRedirect
+LUCI_DEPENDS:=+HomeRedirect
+LUCI_PKGARCH:=all
+PKG_NAME:=luci-app-homeredirect
+PKG_VERSION:=1.0
+PKG_RELEASE:=1-20200805
+PKG_MAINTAINER:=Richard Yu <xiaoqingfengatgm@gmail.com>
+
+include $(TOPDIR)/feeds/luci/luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature

luci-app-homeredirect/luasrc/controller/homeredirect.lua

@@ -0,0 +1,62 @@
+-- Copyright 2020 Richard <xiaoqingfengatgm@gmail.com>
+-- feed site : https://github.com/xiaoqingfengATGH/feeds-xiaoqingfeng
+module("luci.controller.homeredirect", package.seeall)
+local appname = "homeredirect"
+local RUNLOG_DIR = "/tmp/hr"
+local ucic = luci.model.uci.cursor()
+local http = require "luci.http"
+
+function index()
+	
+	entry({"admin", "network", "homeredirect", "show"}, call("show_menu")).leaf = true
+    entry({"admin", "network", "homeredirect", "hide"}, call("hide_menu")).leaf = true
+	
+    if nixio.fs.access("/etc/config/homeredirect") and
+        nixio.fs.access("/etc/config/homeredirect_show") then
+            entry({"admin", "network", "homeredirect"},
+			alias("admin", "network", "homeredirect", "settings"),
+			_("Home Redirect"), 50).dependent = true
+    end
+	
+    entry({"admin", "network", "homeredirect", "settings"},
+          cbi("homeredirect/settings")).leaf = true
+    entry({"admin", "network", "homeredirect", "status"}, call("status")).leaf =
+        true
+end
+
+local function http_write_json(content)
+	http.prepare_content("application/json")
+	http.write_json(content or {code = 1})
+end
+
+function status()
+    local e = {}
+	e.enabled = ucic:get(appname, "@global[0]", "enabled")
+	ucic:foreach(appname, "redirect", function(redirect)
+		local state = -1
+		local id = redirect['.name']
+		local enabled = redirect['enabled']
+		if enabled == "1" then
+			local pid = luci.sys.exec("ps | grep socat | grep " .. RUNLOG_DIR .. "/" .. id .. " | sed '/grep/d' | awk -F ' ' '{print $1}'")
+			if pid == "" then
+				state = 0
+			else
+				state = tonumber(pid)
+			end
+		end
+		e[id] = state
+	end)
+    luci.http.prepare_content("application/json")
+    luci.http.write_json(e)
+end
+
+function show_menu()
+    luci.sys.call("touch /etc/config/homeredirect_show")
+    luci.http.redirect(luci.dispatcher.build_url("admin", "network", "homeredirect"))
+end
+
+function hide_menu()
+    luci.sys.call("rm -rf /etc/config/homeredirect_show")
+    luci.http.redirect(luci.dispatcher.build_url("admin", "status", "overview"))
+end
+

luci-app-homeredirect/luasrc/model/cbi/homeredirect/settings.lua

@@ -0,0 +1,62 @@
+local s = require "luci.sys"
+local m, s, o
+mp = Map("homeredirect", translate("Home Redirect - Port forwarding utility"))
+mp.description = translate("HomeRedirect is a customized port forwarding utility for HomeLede. It supports TCP / UDP protocol, IPv4 and IPv6.")
+mp:section(SimpleSection).template  = "homeredirect/index"
+
+s = mp:section(TypedSection, "global")
+s.anonymous = true
+
+enabled = s:option(Flag, "enabled", translate("Master switch"))
+enabled.default = 0
+enabled.rmempty = false
+
+s = mp:section(TypedSection, "redirect", translate("Redirect Configuration"))
+s.addremove = true
+s.anonymous = true
+s.template = "cbi/tblsection"
+s.sortable = true
+
+enabled = s:option(Flag, "enabled", translate("Enabled"))
+enabled.rmempty = false
+
+name = s:option(Value, "name", translate("Name"))
+name.optional = false
+name.rmempty = false
+
+proto = s:option(ListValue, "proto", translate("Transport Protocol"))
+proto.default = "tcp4"
+proto:value("tcp4", "TCP/IPv4")
+proto:value("udp4", "UDP/IPv4")
+proto:value("tcp6", "TCP/IPv6")
+proto:value("udp6", "UDP/IPv6")
+
+-- src_ip = s:option(Value, "src_ip", translate("Source IP"))
+-- src_ip.datatype = "ipaddr"
+-- src_ip.optional = false
+-- src_ip.rmempty = false
+
+src_dport = s:option(Value, "src_dport", translate("Source Port"))
+src_dport.datatype = "port"
+src_dport.optional = false
+src_dport.rmempty = false
+
+dest_ip = s:option(Value, "dest_ip", translate("Destination Address"))
+dest_ip.datatype = "ipaddr"
+dest_ip.optional = false
+dest_ip.rmempty = false
+
+dest_port = s:option(Value, "dest_port", translate("Destination Port"))
+dest_port.datatype = "port"
+dest_port.optional = false
+dest_port.rmempty = false
+
+o = s:option(DummyValue, "rs", translate("Status"))
+o.default = "检测中..."
+
+local apply=luci.http.formvalue("cbi.apply")
+if apply then
+    io.popen("/etc/init.d/homeredirect restart")
+end
+
+return mp

luci-app-homeredirect/po/zh-cn/homeredirect.po

@@ -0,0 +1,44 @@
+msgid "Home Redirect"
+msgstr "端口转发"
+
+msgid "HomeRedirect is a customized port forwarding utility for HomeLede. It supports TCP / UDP protocol, IPv4 and IPv6."
+msgstr "HomeRedirect端口转发可以在有Docker环境下支持NAT环回,路由上端口访问转发至任意位置，支持TCP/UDP协议，IPv4和IPv6。"
+
+msgid "Home Redirect - Port forwarding utility"
+msgstr "Home Redirect 端口转发"
+
+msgid "Redirect Configuration"
+msgstr "转发设置"
+
+msgid "Transport Protocol"
+msgstr "传输协议"
+
+msgid "Source Port"
+msgstr "路由器端口"
+
+msgid "Destination Address"
+msgstr "转发目标地址"
+
+msgid "Destination Port"
+msgstr "转发目标端口"
+
+msgid "Name"
+msgstr "名称"
+
+msgid "Source IP"
+msgstr "路由器IP"
+
+msgid "Status"
+msgstr "状态"
+
+msgid "Master switch"
+msgstr "总开关"
+
+msgid "Disabled"
+msgstr "未启用"
+
+msgid "Not running"
+msgstr "未运行"
+
+msgid "Running"
+msgstr "运行中"

luci-app-homeredirect/root/etc/uci-defaults/luci-app-homeredirect

@@ -0,0 +1,19 @@
+#!/bin/sh
+
+uci -q batch <<-EOF >/dev/null
+	delete firewall.homeredirect
+	set firewall.homeredirect=include
+	set firewall.homeredirect.type=script
+	set firewall.homeredirect.path=/etc/homeredirect/firewall.include
+	set firewall.homeredirect.reload=1
+EOF
+
+uci -q batch <<-EOF >/dev/null
+	delete ucitrack.@homeredirect[-1]
+	add ucitrack homeredirect
+	set ucitrack.@homeredirect[-1].init=homeredirect
+	commit ucitrack
+EOF
+
+rm -rf /tmp/luci-*cache
+exit 0

luci-app-homeredirect/root/usr/share/rpcd/acl.d/luci-app-homeredirect.json

@@ -0,0 +1,11 @@
+{
+	"luci-app-homeredirect": {
+		"description": "Grant UCI access for luci-app-homeredirect",
+		"read": {
+			"uci": [ "homeredirect" ]
+		},
+		"write": {
+			"uci": [ "homeredirect" ]
+		}
+	}
+}