From 4fcae8d54c9c9e05fbe68a0ed48e15d65e088a82 Mon Sep 17 00:00:00 2001 From: wangyu- Date: Sun, 14 Jan 2018 06:21:10 -0600 Subject: [PATCH] new option --wait-lock --- misc.cpp | 45 ++++++++++++++----- third-party/luci-app-udp2raw/Makefile | 2 +- .../files/root/etc/init.d/udp2raw.init | 2 + 3 files changed, 37 insertions(+), 12 deletions(-) diff --git a/misc.cpp b/misc.cpp index 13ab991..0430661 100644 --- a/misc.cpp +++ b/misc.cpp @@ -50,8 +50,10 @@ char key_string[1000]= "secret key";// -k option char fifo_file[1000]=""; +int clear_iptables=0; +int wait_xtables_lock=0; string iptables_command0="iptables "; -string iptables_command="iptables -w "; +string iptables_command=""; string iptables_pattern=""; int iptables_rule_added=0; int iptables_rule_keeped=0; @@ -155,6 +157,7 @@ void print_help() printf(" --lower-level send packets at OSI level 2, format:'if_name#dest_mac_adress'\n"); printf(" ie:'eth0#00:23:45:67:89:b9'.or try '--lower-level auto' to obtain\n"); printf(" the parameter automatically,specify it manually if 'auto' failed\n"); + printf(" --wait-lock wait for xtables lock while invoking iptables, need iptables v1.4.20+\n"); printf(" --gen-add generate iptables rule and add it permanently,then exit.overrides -g\n"); printf(" --keep-rule monitor iptables and auto re-add if necessary.implys -a\n"); printf(" --hb-len length of heart-beat packet, >=0 and <=1500\n"); @@ -255,6 +258,7 @@ void process_arg(int argc, char *argv[]) //process all options {"seq-mode", required_argument, 0, 1}, {"conf-file", required_argument, 0, 1}, {"force-sock-buf", no_argument, 0, 1}, + {"wait-lock", no_argument, 0, 1}, {"random-drop", required_argument, 0, 1}, {"fifo", required_argument, 0, 1}, {"hb-mode", required_argument, 0, 1}, @@ -428,15 +432,7 @@ void process_arg(int argc, char *argv[]) //process all options mylog(log_debug,"option_index: %d\n",option_index); if(strcmp(long_options[option_index].name,"clear")==0) { - char *output; - //int ret =system("iptables-save |grep udp2raw_dWRwMnJhdw|sed -n 's/^-A/iptables -D/p'|sh"); - int ret =run_command(iptables_command+"-S|sed -n '/udp2rawDwrW/p'|sed -n 's/^-A/"+iptables_command+"-D/p'|sh",output); - - int ret2 =run_command(iptables_command+"-S|sed -n '/udp2rawDwrW/p'|sed -n 's/^-N/"+iptables_command+"-X/p'|sh",output); - //system("iptables-save |grep udp2raw_dWRwMnJhdw|sed 's/^-A/iptables -D/'|sh"); - //system("iptables-save|grep -v udp2raw_dWRwMnJhdw|iptables-restore"); - mylog(log_info,"tried to clear all iptables rule created previously,return value %d %d\n",ret,ret2); - myexit(-1); + clear_iptables=1; } else if(strcmp(long_options[option_index].name,"source-ip")==0) { @@ -548,6 +544,10 @@ void process_arg(int argc, char *argv[]) //process all options { force_socket_buf=1; } + else if(strcmp(long_options[option_index].name,"wait-lock")==0) + { + wait_xtables_lock=1; + } else if(strcmp(long_options[option_index].name,"disable-bpf")==0) { disable_bpf_filter=1; @@ -642,6 +642,7 @@ void process_arg(int argc, char *argv[]) //process all options print_help(); myexit(-1); } + //if(lower_level) //process_lower_level_arg(); @@ -770,8 +771,30 @@ void *run_keep(void *none) //called in a new thread for --keep-rule option return NULL; } -void iptables_rule() // handles -a -g --gen-add --keep-rule +void iptables_rule() // handles -a -g --gen-add --keep-rule --clear --wait-lock { + if(!wait_xtables_lock) + { + iptables_command=iptables_command0; + } + else + { + iptables_command=iptables_command0+"-w "; + } + + if(clear_iptables) + { + char *output; + //int ret =system("iptables-save |grep udp2raw_dWRwMnJhdw|sed -n 's/^-A/iptables -D/p'|sh"); + int ret =run_command(iptables_command0+"-S|sed -n '/udp2rawDwrW/p'|sed -n 's/^-A/"+iptables_command0+"-D/p'|sh",output); + + int ret2 =run_command(iptables_command0+"-S|sed -n '/udp2rawDwrW/p'|sed -n 's/^-N/"+iptables_command0+"-X/p'|sh",output); + //system("iptables-save |grep udp2raw_dWRwMnJhdw|sed 's/^-A/iptables -D/'|sh"); + //system("iptables-save|grep -v udp2raw_dWRwMnJhdw|iptables-restore"); + mylog(log_info,"tried to clear all iptables rule created previously,return value %d %d\n",ret,ret2); + myexit(-1); + } + if(auto_add_iptables_rule&&generate_iptables_rule) { mylog(log_warn," -g overrides -a\n"); diff --git a/third-party/luci-app-udp2raw/Makefile b/third-party/luci-app-udp2raw/Makefile index 66541e1..dec0794 100644 --- a/third-party/luci-app-udp2raw/Makefile +++ b/third-party/luci-app-udp2raw/Makefile @@ -23,7 +23,7 @@ define Package/$(PKG_NAME) SUBMENU:=3. Applications TITLE:=LuCI Support for udp2raw-tunnel PKGARCH:=all - DEPENDS:=+udp2raw-tunnel +# DEPENDS:=+udp2raw-tunnel endef define Package/$(PKG_NAME)/description diff --git a/third-party/luci-app-udp2raw/files/root/etc/init.d/udp2raw.init b/third-party/luci-app-udp2raw/files/root/etc/init.d/udp2raw.init index 7232d5f..c3a9819 100644 --- a/third-party/luci-app-udp2raw/files/root/etc/init.d/udp2raw.init +++ b/third-party/luci-app-udp2raw/files/root/etc/init.d/udp2raw.init @@ -40,6 +40,8 @@ create_config() { [ -n "$log_level" ] && echo "--log-level ${log_level}" >> $config_file echo "--disable-color" >> $config_file + + echo "--wait-lock" >> $config_file } validate_config_section() {