2014-05-08 13:14:34 +00:00
|
|
|
#!/bin/sh /etc/rc.common
|
2014-06-04 07:19:51 +00:00
|
|
|
# Copyright (C) 2010-2014 OpenWrt.org
|
2014-05-08 13:14:34 +00:00
|
|
|
|
|
|
|
START=99
|
2014-06-04 07:19:51 +00:00
|
|
|
USE_PROCD=1
|
|
|
|
PROG=/usr/sbin/igmpproxy
|
|
|
|
CONFIGFILE=/var/etc/igmpproxy.conf
|
2014-05-08 13:14:34 +00:00
|
|
|
|
|
|
|
igmp_header() {
|
2016-07-04 16:15:24 +01:00
|
|
|
local quickleave verbose
|
2014-05-08 13:14:34 +00:00
|
|
|
config_get_bool quickleave "$1" quickleave 0
|
2018-07-28 17:06:28 +03:00
|
|
|
config_get verbose "$1" verbose 1
|
2016-07-04 16:15:24 +01:00
|
|
|
|
2018-07-28 17:06:28 +03:00
|
|
|
[ $verbose = "0" ] && logopts="-d"
|
|
|
|
[ $verbose = "2" ] && logopts="-v"
|
|
|
|
[ $verbose = "3" ] && logopts="-v -v"
|
2014-05-08 13:14:34 +00:00
|
|
|
|
|
|
|
mkdir -p /var/etc
|
|
|
|
rm -f /var/etc/igmpproxy.conf
|
|
|
|
[ $quickleave -gt 0 ] && echo "quickleave" >> /var/etc/igmpproxy.conf
|
|
|
|
|
|
|
|
[ -L /etc/igmpproxy.conf ] || ln -nsf /var/etc/igmpproxy.conf /etc/igmpproxy.conf
|
|
|
|
}
|
|
|
|
|
|
|
|
igmp_add_phyint() {
|
2014-12-12 14:52:18 +00:00
|
|
|
local network direction altnets device up
|
2014-05-08 13:14:34 +00:00
|
|
|
|
2014-12-12 14:52:18 +00:00
|
|
|
config_get network $1 network
|
|
|
|
config_get direction $1 direction
|
|
|
|
config_get altnets $1 altnet
|
2014-05-08 13:14:34 +00:00
|
|
|
|
2014-12-12 14:52:29 +00:00
|
|
|
local status="$(ubus -S call "network.interface.$network" status)"
|
|
|
|
[ -n "$status" ] || return
|
|
|
|
|
|
|
|
json_load "$status"
|
2014-06-04 07:19:51 +00:00
|
|
|
json_get_var device l3_device
|
|
|
|
json_get_var up up
|
2014-06-06 09:34:38 +00:00
|
|
|
|
|
|
|
[ -n "$device" -a "$up" = "1" ] || {
|
|
|
|
procd_append_param error "$network is not up"
|
|
|
|
return;
|
|
|
|
}
|
2014-06-04 07:19:51 +00:00
|
|
|
|
2015-09-26 23:27:23 +00:00
|
|
|
append netdevs "$device"
|
|
|
|
|
2014-12-12 14:52:24 +00:00
|
|
|
[[ "$direction" = "upstream" ]] && has_upstream=1
|
|
|
|
|
2014-06-04 07:19:51 +00:00
|
|
|
echo -e "\nphyint $device $direction ratelimit 0 threshold 1" >> /var/etc/igmpproxy.conf
|
|
|
|
|
|
|
|
if [ -n "$altnets" ]; then
|
|
|
|
local altnet
|
|
|
|
for altnet in $altnets; do
|
|
|
|
echo -e "\taltnet $altnet" >> /var/etc/igmpproxy.conf
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
}
|
2014-05-08 13:14:34 +00:00
|
|
|
|
2014-06-05 10:56:18 +00:00
|
|
|
igmp_add_network() {
|
|
|
|
local network
|
|
|
|
|
|
|
|
config_get network $1 network
|
2015-09-26 23:27:23 +00:00
|
|
|
procd_add_interface_trigger "interface.*" $network /etc/init.d/igmpproxy reload
|
2014-06-05 10:56:18 +00:00
|
|
|
}
|
|
|
|
|
2014-07-02 19:18:23 +00:00
|
|
|
igmp_add_firewall_routing() {
|
|
|
|
config_get direction $1 direction
|
2018-05-01 11:53:53 +02:00
|
|
|
config_get zone $1 zone
|
2014-07-02 19:18:23 +00:00
|
|
|
|
2018-05-01 11:53:53 +02:00
|
|
|
[[ "$direction" = "downstream" && ! -z "$zone" ]] || return 0
|
2014-07-02 19:18:23 +00:00
|
|
|
|
2018-07-28 17:48:42 +03:00
|
|
|
# First drop SSDP packets then accept all other multicast
|
|
|
|
|
|
|
|
json_add_object ""
|
|
|
|
json_add_string type rule
|
|
|
|
json_add_string src "$upstream"
|
|
|
|
json_add_string dest "$zone"
|
|
|
|
json_add_string family ipv4
|
|
|
|
json_add_string proto udp
|
|
|
|
json_add_string dest_ip "239.255.255.250"
|
|
|
|
json_add_string target DROP
|
|
|
|
json_close_object
|
|
|
|
|
2014-07-02 19:18:23 +00:00
|
|
|
json_add_object ""
|
|
|
|
json_add_string type rule
|
|
|
|
json_add_string src "$upstream"
|
2018-05-01 11:53:53 +02:00
|
|
|
json_add_string dest "$zone"
|
2014-07-02 19:18:23 +00:00
|
|
|
json_add_string family ipv4
|
|
|
|
json_add_string proto udp
|
|
|
|
json_add_string dest_ip "224.0.0.0/4"
|
|
|
|
json_add_string target ACCEPT
|
|
|
|
json_close_object
|
|
|
|
}
|
|
|
|
|
|
|
|
igmp_add_firewall_network() {
|
|
|
|
config_get direction $1 direction
|
2018-05-01 11:53:53 +02:00
|
|
|
config_get zone $1 zone
|
|
|
|
|
|
|
|
[ ! -z "$zone" ] || return
|
2014-07-02 19:18:23 +00:00
|
|
|
|
|
|
|
json_add_object ""
|
|
|
|
json_add_string type rule
|
2018-05-01 11:53:53 +02:00
|
|
|
json_add_string src "$zone"
|
|
|
|
json_add_string family ipv4
|
2014-07-02 19:18:23 +00:00
|
|
|
json_add_string proto igmp
|
|
|
|
json_add_string target ACCEPT
|
|
|
|
json_close_object
|
|
|
|
|
|
|
|
[[ "$direction" = "upstream" ]] && {
|
2018-05-01 11:53:53 +02:00
|
|
|
upstream="$zone"
|
2014-07-02 19:18:23 +00:00
|
|
|
config_foreach igmp_add_firewall_routing phyint
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-06-04 07:19:51 +00:00
|
|
|
service_triggers() {
|
|
|
|
procd_add_reload_trigger "igmpproxy"
|
2016-07-29 13:07:08 +02:00
|
|
|
config_foreach igmp_add_network phyint
|
2014-05-08 13:14:34 +00:00
|
|
|
}
|
|
|
|
|
2014-06-04 07:19:51 +00:00
|
|
|
start_service() {
|
2014-12-12 14:52:24 +00:00
|
|
|
has_upstream=
|
2015-09-26 23:27:23 +00:00
|
|
|
netdevs=
|
2016-07-04 16:15:24 +01:00
|
|
|
logopts=
|
2014-05-08 13:14:34 +00:00
|
|
|
config_load igmpproxy
|
2014-06-04 07:19:51 +00:00
|
|
|
|
2014-05-08 13:14:34 +00:00
|
|
|
config_foreach igmp_header igmpproxy
|
|
|
|
config_foreach igmp_add_phyint phyint
|
2014-12-12 14:52:24 +00:00
|
|
|
[ -n "$has_upstream" ] || return
|
|
|
|
|
|
|
|
procd_open_instance
|
2018-07-18 17:51:59 +01:00
|
|
|
procd_set_param command $PROG '-n'
|
2016-07-04 16:15:24 +01:00
|
|
|
[ -n "$logopts" ] && procd_append_param command $logopts
|
2014-06-04 07:19:51 +00:00
|
|
|
procd_append_param command $CONFIGFILE
|
|
|
|
procd_set_param file $CONFIGFILE
|
2015-09-26 23:27:23 +00:00
|
|
|
procd_set_param netdev $netdevs
|
2014-06-04 07:19:51 +00:00
|
|
|
procd_set_param respawn
|
2014-07-02 19:18:23 +00:00
|
|
|
|
|
|
|
procd_open_data
|
|
|
|
|
|
|
|
json_add_array firewall
|
|
|
|
config_foreach igmp_add_firewall_network phyint
|
|
|
|
json_close_array
|
|
|
|
|
|
|
|
procd_close_data
|
|
|
|
|
2014-06-04 07:19:51 +00:00
|
|
|
procd_close_instance
|
2014-05-08 13:14:34 +00:00
|
|
|
}
|
2014-07-02 19:18:23 +00:00
|
|
|
|
|
|
|
service_started() {
|
|
|
|
procd_set_config_changed firewall
|
|
|
|
}
|
2017-11-13 22:33:48 +01:00
|
|
|
|
|
|
|
stop_service() {
|
|
|
|
procd_set_config_changed firewall
|
|
|
|
}
|