new option --wait-lock

This commit is contained in:
wangyu- 2018-01-14 06:21:10 -06:00
parent 31f2015ab7
commit 4fcae8d54c
3 changed files with 37 additions and 12 deletions

View File

@ -50,8 +50,10 @@ char key_string[1000]= "secret key";// -k option
char fifo_file[1000]=""; char fifo_file[1000]="";
int clear_iptables=0;
int wait_xtables_lock=0;
string iptables_command0="iptables "; string iptables_command0="iptables ";
string iptables_command="iptables -w "; string iptables_command="";
string iptables_pattern=""; string iptables_pattern="";
int iptables_rule_added=0; int iptables_rule_added=0;
int iptables_rule_keeped=0; int iptables_rule_keeped=0;
@ -155,6 +157,7 @@ void print_help()
printf(" --lower-level <string> send packets at OSI level 2, format:'if_name#dest_mac_adress'\n"); printf(" --lower-level <string> send packets at OSI level 2, format:'if_name#dest_mac_adress'\n");
printf(" ie:'eth0#00:23:45:67:89:b9'.or try '--lower-level auto' to obtain\n"); printf(" ie:'eth0#00:23:45:67:89:b9'.or try '--lower-level auto' to obtain\n");
printf(" the parameter automatically,specify it manually if 'auto' failed\n"); printf(" the parameter automatically,specify it manually if 'auto' failed\n");
printf(" --wait-lock wait for xtables lock while invoking iptables, need iptables v1.4.20+\n");
printf(" --gen-add generate iptables rule and add it permanently,then exit.overrides -g\n"); printf(" --gen-add generate iptables rule and add it permanently,then exit.overrides -g\n");
printf(" --keep-rule monitor iptables and auto re-add if necessary.implys -a\n"); printf(" --keep-rule monitor iptables and auto re-add if necessary.implys -a\n");
printf(" --hb-len <number> length of heart-beat packet, >=0 and <=1500\n"); printf(" --hb-len <number> length of heart-beat packet, >=0 and <=1500\n");
@ -255,6 +258,7 @@ void process_arg(int argc, char *argv[]) //process all options
{"seq-mode", required_argument, 0, 1}, {"seq-mode", required_argument, 0, 1},
{"conf-file", required_argument, 0, 1}, {"conf-file", required_argument, 0, 1},
{"force-sock-buf", no_argument, 0, 1}, {"force-sock-buf", no_argument, 0, 1},
{"wait-lock", no_argument, 0, 1},
{"random-drop", required_argument, 0, 1}, {"random-drop", required_argument, 0, 1},
{"fifo", required_argument, 0, 1}, {"fifo", required_argument, 0, 1},
{"hb-mode", required_argument, 0, 1}, {"hb-mode", required_argument, 0, 1},
@ -428,15 +432,7 @@ void process_arg(int argc, char *argv[]) //process all options
mylog(log_debug,"option_index: %d\n",option_index); mylog(log_debug,"option_index: %d\n",option_index);
if(strcmp(long_options[option_index].name,"clear")==0) if(strcmp(long_options[option_index].name,"clear")==0)
{ {
char *output; clear_iptables=1;
//int ret =system("iptables-save |grep udp2raw_dWRwMnJhdw|sed -n 's/^-A/iptables -D/p'|sh");
int ret =run_command(iptables_command+"-S|sed -n '/udp2rawDwrW/p'|sed -n 's/^-A/"+iptables_command+"-D/p'|sh",output);
int ret2 =run_command(iptables_command+"-S|sed -n '/udp2rawDwrW/p'|sed -n 's/^-N/"+iptables_command+"-X/p'|sh",output);
//system("iptables-save |grep udp2raw_dWRwMnJhdw|sed 's/^-A/iptables -D/'|sh");
//system("iptables-save|grep -v udp2raw_dWRwMnJhdw|iptables-restore");
mylog(log_info,"tried to clear all iptables rule created previously,return value %d %d\n",ret,ret2);
myexit(-1);
} }
else if(strcmp(long_options[option_index].name,"source-ip")==0) else if(strcmp(long_options[option_index].name,"source-ip")==0)
{ {
@ -548,6 +544,10 @@ void process_arg(int argc, char *argv[]) //process all options
{ {
force_socket_buf=1; force_socket_buf=1;
} }
else if(strcmp(long_options[option_index].name,"wait-lock")==0)
{
wait_xtables_lock=1;
}
else if(strcmp(long_options[option_index].name,"disable-bpf")==0) else if(strcmp(long_options[option_index].name,"disable-bpf")==0)
{ {
disable_bpf_filter=1; disable_bpf_filter=1;
@ -642,6 +642,7 @@ void process_arg(int argc, char *argv[]) //process all options
print_help(); print_help();
myexit(-1); myexit(-1);
} }
//if(lower_level) //if(lower_level)
//process_lower_level_arg(); //process_lower_level_arg();
@ -770,8 +771,30 @@ void *run_keep(void *none) //called in a new thread for --keep-rule option
return NULL; return NULL;
} }
void iptables_rule() // handles -a -g --gen-add --keep-rule void iptables_rule() // handles -a -g --gen-add --keep-rule --clear --wait-lock
{ {
if(!wait_xtables_lock)
{
iptables_command=iptables_command0;
}
else
{
iptables_command=iptables_command0+"-w ";
}
if(clear_iptables)
{
char *output;
//int ret =system("iptables-save |grep udp2raw_dWRwMnJhdw|sed -n 's/^-A/iptables -D/p'|sh");
int ret =run_command(iptables_command0+"-S|sed -n '/udp2rawDwrW/p'|sed -n 's/^-A/"+iptables_command0+"-D/p'|sh",output);
int ret2 =run_command(iptables_command0+"-S|sed -n '/udp2rawDwrW/p'|sed -n 's/^-N/"+iptables_command0+"-X/p'|sh",output);
//system("iptables-save |grep udp2raw_dWRwMnJhdw|sed 's/^-A/iptables -D/'|sh");
//system("iptables-save|grep -v udp2raw_dWRwMnJhdw|iptables-restore");
mylog(log_info,"tried to clear all iptables rule created previously,return value %d %d\n",ret,ret2);
myexit(-1);
}
if(auto_add_iptables_rule&&generate_iptables_rule) if(auto_add_iptables_rule&&generate_iptables_rule)
{ {
mylog(log_warn," -g overrides -a\n"); mylog(log_warn," -g overrides -a\n");

View File

@ -23,7 +23,7 @@ define Package/$(PKG_NAME)
SUBMENU:=3. Applications SUBMENU:=3. Applications
TITLE:=LuCI Support for udp2raw-tunnel TITLE:=LuCI Support for udp2raw-tunnel
PKGARCH:=all PKGARCH:=all
DEPENDS:=+udp2raw-tunnel # DEPENDS:=+udp2raw-tunnel
endef endef
define Package/$(PKG_NAME)/description define Package/$(PKG_NAME)/description

View File

@ -40,6 +40,8 @@ create_config() {
[ -n "$log_level" ] && echo "--log-level ${log_level}" >> $config_file [ -n "$log_level" ] && echo "--log-level ${log_level}" >> $config_file
echo "--disable-color" >> $config_file echo "--disable-color" >> $config_file
echo "--wait-lock" >> $config_file
} }
validate_config_section() { validate_config_section() {