diff options
| author | Dirk Brenken <dev@brenken.org> | 2023-06-24 13:09:40 +0200 |
|---|---|---|
| committer | Dirk Brenken <dev@brenken.org> | 2023-06-24 13:09:40 +0200 |
| commit | c3084be415f5c701a319342c85ca626996b5b463 (patch) | |
| tree | 198b0dd453e9fc18bb0e9379fee582f04bcdc3b9 | |
| parent | a9cda9150232c4907607a3f19ad1d0833541bc89 (diff) | |
banip: update 0.8.8-2
* process local lists in strict sequential order to prevent possible race conditions
* support ranges in the IP search, too
* fix some minor search issues
Signed-off-by: Dirk Brenken <dev@brenken.org>
| -rw-r--r-- | net/banip/Makefile | 2 | ||||
| -rw-r--r-- | net/banip/files/banip-functions.sh | 11 | ||||
| -rwxr-xr-x | net/banip/files/banip-service.sh | 11 |
3 files changed, 8 insertions, 16 deletions
diff --git a/net/banip/Makefile b/net/banip/Makefile index 2aa306ed4..95dc36641 100644 --- a/net/banip/Makefile +++ b/net/banip/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=banip PKG_VERSION:=0.8.8 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org> diff --git a/net/banip/files/banip-functions.sh b/net/banip/files/banip-functions.sh index 92d8e5a2a..a04265f65 100644 --- a/net/banip/files/banip-functions.sh +++ b/net/banip/files/banip-functions.sh @@ -1309,10 +1309,10 @@ f_search() { local item table_sets ip proto hold cnt result_flag="/var/run/banIP.search" input="${1}" if [ -n "${input}" ]; then - ip="$(printf "%s" "${input}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9]{1,3}\\.){3}[0-9]{1,3})+"}{printf "%s",RT}')" + ip="$(printf "%s" "${input}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?[[:space:]]*$)"}{printf "%s",RT}')" [ -n "${ip}" ] && proto="v4" if [ -z "${proto}" ]; then - ip="$(printf "%s" "${input}" | "${ban_awkcmd}" 'BEGIN{RS="([A-Fa-f0-9]{1,4}::?){3,7}[A-Fa-f0-9]{1,4}"}{printf "%s",RT}')" + ip="$(printf "%s" "${input}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]].*|$)"}{printf "%s",RT}')" [ -n "${ip}" ] && proto="v6" fi fi @@ -1327,10 +1327,7 @@ f_search() { printf " %s\n" "---" cnt="1" for item in ${table_sets}; do - if [ -f "${result_flag}" ]; then - rm -f "${result_flag}" - return - fi + [ -f "${result_flag}" ] && break ( if "${ban_nftcmd}" get element inet banIP "${item}" "{ ${ip} }" >/dev/null 2>&1; then printf " %s\n" "IP found in Set '${item}'" @@ -1342,7 +1339,7 @@ f_search() { cnt="$((cnt + 1))" done wait - printf " %s\n" "IP not found" + [ -f "${result_flag}" ] && rm -f "${result_flag}" || printf " %s\n" "IP not found" } # Set survey diff --git a/net/banip/files/banip-service.sh b/net/banip/files/banip-service.sh index 1170c8b1d..47abf43ca 100755 --- a/net/banip/files/banip-service.sh +++ b/net/banip/files/banip-service.sh @@ -61,22 +61,17 @@ f_log "info" "start banIP download processes" cnt="1" for feed in allowlist ${ban_feed} blocklist; do - # local feeds + # local feeds (sequential processing) # if [ "${feed}" = "allowlist" ] || [ "${feed}" = "blocklist" ]; then for proto in 4MAC 6MAC 4 6; do [ "${feed}" = "blocklist" ] && wait - (f_down "${feed}" "${proto}") & - [ "${feed}" = "blocklist" ] || { [ "${feed}" = "allowlist" ] && { [ "${proto}" = "4MAC" ] || [ "${proto}" = "6MAC" ]; }; } && wait - hold="$((cnt % ban_cores))" - [ "${hold}" = "0" ] && wait - cnt="$((cnt + 1))" + f_down "${feed}" "${proto}" done - wait continue fi - # external feeds + # external feeds (parallel processing on multicore hardware) # if ! json_select "${feed}" >/dev/null 2>&1; then f_log "info" "remove unknown feed '${feed}'" |