blob: db69f779c7e95eeac0dea5c8d34d196100172750 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
#!/bin/sh
readonly pbrFunctionsFile='/etc/init.d/pbr'
if [ -s "$pbrFunctionsFile" ]; then
# shellcheck source=../../etc/init.d/pbr
. "$pbrFunctionsFile"
else
printf "%b: pbr init.d file (%s) not found! \n" '\033[0;31mERROR\033[0m' "$pbrFunctionsFile"
fi
# Transition from vpn-policy-routing
if [ -s '/etc/config/vpn-policy-routing' ] && [ ! -s '/etc/config/pbr-opkg' ] \
&& [ "$(uci_get pbr config enabled)" = '0' ]; then
if [ -x '/etc/init.d/vpn-policy-routing' ]; then
output "Stopping and disabling vpn-policy-routing."
if /etc/init.d/vpn-policy-routing stop \
&& /etc/init.d/vpn-policy-routing disable; then
output_okn
else
output_failn
fi
fi
output "Migrating vpn-policy-routing config file."
if mv '/etc/config/pbr' '/etc/config/pbr-opkg' \
&& sed 's/vpn-policy-routing/pbr/g' /etc/config/vpn-policy-routing > /etc/config/pbr \
&& uci_set vpn-policy-routing config enabled 0 && uci_commit vpn-policy-routing; then
output_okn
else
output_failn
fi
fi
# Transition from older versions of pbr
sed -i 's/resolver_ipset/resolver_set/g' /etc/config/pbr
sed -i 's/iptables_rule_option/rule_create_option/g' /etc/config/pbr
sed -i "s/'FORWARD'/'forward'/g" /etc/config/pbr
sed -i "s/'INPUT'/'input'/g" /etc/config/pbr
sed -i "s/'OUTPUT'/'output'/g" /etc/config/pbr
sed -i "s/'PREROUTING'/'prerouting'/g" /etc/config/pbr
sed -i "s/'POSTROUTING'/'postrouting'/g" /etc/config/pbr
sed -i "s/option fw_mask '0x\(.*\)'/option fw_mask '\1'/g" /etc/config/pbr
sed -i "s/option wan_mark '0x\(.*\)'/option wan_mark '\1'/g" /etc/config/pbr
sed -i "s|option path '/etc/pbr/|option path '/usr/share/pbr/|g" /etc/config/pbr
# add firewall include file to fw4 config
# shellcheck source=../../usr/share/pbr/firewall.include
if [ -s '/usr/share/pbr/firewall.include' ]; then
uci -q batch <<-EOT
delete firewall.pbr
set firewall.pbr='include'
set firewall.pbr.fw4_compatible='1'
set firewall.pbr.type='script'
set firewall.pbr.path='/usr/share/pbr/firewall.include'
commit firewall
EOT
fi
exit 0
|