up 修复重启无法自动映射端口问题

This commit is contained in:
Pdboy Sir 2024-03-15 16:58:51 +08:00 committed by GitHub
parent 0b0b316ebc
commit 4b1e0830b6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 136 additions and 63 deletions

View File

@ -6,8 +6,8 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-socat PKG_NAME:=luci-app-socat
PKG_VERSION:=20221101 PKG_VERSION:=1.0
PKG_RELEASE:=4 PKG_RELEASE:=6
PKG_MAINTAINER:=Lienol <lawlienol@gmail.com> PKG_MAINTAINER:=Lienol <lawlienol@gmail.com>
@ -15,9 +15,6 @@ LUCI_TITLE:=LuCI support for Socat
LUCI_DEPENDS:=+socat LUCI_DEPENDS:=+socat
LUCI_PKGARCH:=all LUCI_PKGARCH:=all
define Package/$(PKG_NAME)/conffiles
/etc/config/socat
endef
include $(TOPDIR)/feeds/luci/luci.mk include $(TOPDIR)/feeds/luci/luci.mk

View File

@ -34,7 +34,7 @@ o.datatype = "portrange"
o.rmempty = false o.rmempty = false
o:depends("protocol", "port_forwards") o:depends("protocol", "port_forwards")
o = s:option(Flag, "reuseaddr", "reuseaddr", translate("Bind to a port local")) o = s:option(Flag, "reuseaddr", translate("REUSEADDR"), translate("Bind to a port local"))
o.default = "1" o.default = "1"
o.rmempty = false o.rmempty = false

View File

@ -3,7 +3,7 @@ local e = luci.model.uci.cursor()
m = Map("socat") m = Map("socat")
m.title = translate("Socat") m.title = translate("Socat")
m.description = translate("Socat is a versatile networking tool named after 'Socket CAT', which can be regarded as an N-fold enhanced version of NetCat") m.description = translate("Socat is a relay for bidirectional data transfer between two independent data channels.")
s = m:section(NamedSection, "global", "global") s = m:section(NamedSection, "global", "global")
s.anonymous = true s.anonymous = true

View File

@ -10,7 +10,7 @@
}, },
function(x, result) { function(x, result) {
_status[result.index].setAttribute("style","font-weight:bold;"); _status[result.index].setAttribute("style","font-weight:bold;");
_status[result.index].setAttribute("style",result.status ? "color:green":"color:red"); _status[result.index].setAttribute("color",result.status ? "green":"red");
_status[result.index].innerHTML = (result.status ? '✓' : 'X'); _status[result.index].innerHTML = (result.status ? '✓' : 'X');
} }
); );

View File

@ -0,0 +1,53 @@
msgid "Socat"
msgstr "端口转发"
msgid "Socat is a relay for bidirectional data transfer between two independent data channels."
msgstr "Socat 是用于在两个独立数据通道之间进行双向数据传输的中继器。"
msgid "Socat Config"
msgstr "Socat 配置"
msgid "Status"
msgstr "状态"
msgid "Enabled"
msgstr "启用"
msgid "Remarks"
msgstr "备注"
msgid "Protocol"
msgstr "协议"
msgid "IPv6 Only"
msgstr "仅IPv6"
msgid "When checked, only IPv6 ports are listen for, otherwise IPv4 will also be listened for."
msgstr "当勾选时仅监听IPv6否则将会同时监听IPv4。"
msgid "Port Forwards"
msgstr "端口转发"
msgid "Listen Protocol"
msgstr "监听协议"
msgid "Listen port"
msgstr "监听端口"
msgid "REUSEADDR"
msgstr "地址重用"
msgid "Bind to a port local"
msgstr "绑定到本地端口"
msgid "Destination Protocol"
msgstr "目标协议"
msgid "Destination address"
msgstr "目标地址"
msgid "Destination port"
msgstr "目标端口"
msgid "Open firewall port"
msgstr "打开防火墙端口"

View File

@ -0,0 +1,53 @@
msgid "Socat"
msgstr "端口转发"
msgid "Socat is a relay for bidirectional data transfer between two independent data channels."
msgstr "Socat 是用于在两个独立数据通道之间进行双向数据传输的中继器。"
msgid "Socat Config"
msgstr "Socat 配置"
msgid "Status"
msgstr "状态"
msgid "Enabled"
msgstr "启用"
msgid "Remarks"
msgstr "备注"
msgid "Protocol"
msgstr "协议"
msgid "IPv6 Only"
msgstr "仅 IPv6"
msgid "When checked, only IPv6 ports are listen for, otherwise IPv4 will also be listened for."
msgstr "当勾选时,仅监听 IPv6否则将会同时监听 IPv4。"
msgid "Port Forwards"
msgstr "端口转发"
msgid "Listen Protocol"
msgstr "监听协议"
msgid "Listen port"
msgstr "监听端口"
msgid "REUSEADDR"
msgstr "地址重用"
msgid "Bind to a port local"
msgstr "绑定到本地端口"
msgid "Destination Protocol"
msgstr "目标协议"
msgid "Destination address"
msgstr "目标地址"
msgid "Destination port"
msgstr "目标端口"
msgid "Open firewall port"
msgstr "打开防火墙端口"

View File

@ -7,43 +7,26 @@ CONFIG=socat
CONFIG_PATH=/var/etc/$CONFIG CONFIG_PATH=/var/etc/$CONFIG
add_rule() { add_rule() {
iptables -N SOCAT accept_port=$(cat /var/etc/$CONFIG.port | tr "\n" " ")
iptables -I INPUT -j SOCAT if [ "$accept_port" ]; then
ip6tables -N SOCAT uci -q delete firewall.socat
ip6tables -I INPUT -j SOCAT uci set firewall.socat=rule
uci set firewall.socat.name="socat"
uci set firewall.socat.target="ACCEPT"
uci set firewall.socat.src="wan"
uci set firewall.socat.dest_port="$accept_port"
uci set firewall.socat.enabled="1"
uci commit firewall
/etc/init.d/firewall reload >/dev/null 2>&1
else
del_rule
fi
} }
del_rule() { del_rule() {
iptables -D INPUT -j SOCAT 2>/dev/null uci -q delete firewall.socat
iptables -F SOCAT 2>/dev/null uci commit firewall
iptables -X SOCAT 2>/dev/null /etc/init.d/firewall reload >/dev/null 2>&1
ip6tables -D INPUT -j SOCAT 2>/dev/null
ip6tables -F SOCAT 2>/dev/null
ip6tables -X SOCAT 2>/dev/null
}
gen_include() {
echo '#!/bin/sh' > /var/etc/$CONFIG.include
extract_rules() {
local _ipt="iptables"
[ "$1" == "6" ] && _ipt="ip6tables"
echo "*$2"
${_ipt}-save -t $2 | grep "SOCAT" | \
sed -e "s/^-A \(INPUT\)/-I \1 1/"
echo 'COMMIT'
}
cat <<-EOF >> /var/etc/$CONFIG.include
iptables-save -c | grep -v "SOCAT" | iptables-restore -c
iptables-restore -n <<-EOT
$(extract_rules 4 filter)
EOT
ip6tables-save -c | grep -v "SOCAT" | ip6tables-restore -c
ip6tables-restore -n <<-EOT
$(extract_rules 6 filter)
EOT
EOF
return 0
} }
run_service() { run_service() {
@ -81,19 +64,14 @@ run_service() {
fi fi
[ "$firewall_accept" == "1" ] && { [ "$firewall_accept" == "1" ] && {
if [ -z "$family" ] || [ "$family" == "6" ]; then echo $listen_port >> /var/etc/$CONFIG.port
ip6tables -A SOCAT -p $proto --dport $listen_port -m comment --comment "$remarks" -j ACCEPT
fi
if [ -z "$family" ] || [ "$family" == "4" ]; then
iptables -A SOCAT -p $proto --dport $listen_port -m comment --comment "$remarks" -j ACCEPT
fi
} }
} }
stop_service() { stop_service() {
ps -w | grep "$CONFIG_PATH/" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 & busybox ps -w | grep "$CONFIG_PATH/" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
del_rule del_rule
rm -rf $CONFIG_PATH /var/etc/$CONFIG.include rm -rf $CONFIG_PATH /var/etc/$CONFIG.port
} }
start() { start() {
@ -102,10 +80,10 @@ start() {
stop_service stop_service
else else
mkdir -p $CONFIG_PATH mkdir -p $CONFIG_PATH
add_rule rm -f /var/etc/$CONFIG.port
config_load $CONFIG config_load $CONFIG
config_foreach run_service "config" -T config_foreach run_service "config"
gen_include add_rule
fi fi
} }

View File

@ -1,19 +1,11 @@
#!/bin/sh #!/bin/sh
uci -q batch <<-EOF >/dev/null
delete firewall.socat
set firewall.socat=include
set firewall.socat.type=script
set firewall.socat.path=/var/etc/socat.include
set firewall.socat.reload=1
EOF
uci -q batch <<-EOF >/dev/null uci -q batch <<-EOF >/dev/null
delete ucitrack.@socat[-1] delete ucitrack.@socat[-1]
add ucitrack socat add ucitrack socat
set ucitrack.@socat[-1].init=socat set ucitrack.@socat[-1].init=luci_socat
commit ucitrack commit ucitrack
EOF EOF
rm -rf /tmp/luci-*cache rm -rf /tmp/luci-*
exit 0 exit 0