Skip to content

Commit

Permalink
Fix issue when bypassing a proto without ndpi
Browse files Browse the repository at this point in the history
  • Loading branch information
@Ysurac
Ysurac committed Oct 6, 2023
1 parent 2ee3878 commit e56c73b
Showing 1 changed file with 11 additions and 3 deletions.
14 changes: 11 additions & 3 deletions luci-app-omr-bypass/root/etc/init.d/omr-bypass
View file
Original file line number Diff line number Diff line change
Expand Up @@ -498,11 +498,19 @@ _bypass_proto_without_ndpi() {
ALLIPS=$(sqlite3 /usr/share/omr-bypass/omr-bypass.db "select ip from ipproto where proto=\"$proto\";" ".exit")
if [ -n "$ALLIPS" ]; then
ipset -q flush bypass_$proto > /dev/null 2>&1
ipset -q flush bypass6_$proto > /dev/null 2>&1
ipset -q --exist restore <<-EOF
create bypass_$proto hash:net hashsize 64
create bypass6_$proto hash:net hashsize 64
EOF
for ip in $ALLIPS; do
ipset -q add bypass_$proto $ip
valid_ip4=$( valid_subnet4 $ip)
valid_ip6=$( valid_subnet6 $ip)
if [ "$valid_ip4" = "ok" ]; then
ipset -q add bypass_$proto $ip
elif [ "$valid_ip6" = "ok" ]; then
ipset -q add bypass6_$proto $ip
fi
done
if [ "$intf" = "all" ]; then
if [ "$family" = "ipv4" ] || [ "$family" = "ipv4ipv6" ]; then
Expand All @@ -516,7 +524,7 @@ _bypass_proto_without_ndpi() {
if [ "$disableipv6" = "0" ] && ([ "$family" = "ipv6" ] || [ "$family" = "ipv4ipv6" ]); then
$IP6TABLESRESTORE -w --wait=60 --noflush <<-EOF
*mangle
-A omr-bypass6-dpi -m set --match-set bypass_$proto dst -j MARK --set-mark 0x6539
-A omr-bypass6-dpi -m set --match-set bypass6_$proto dst -j MARK --set-mark 0x6539
-A omr-bypass6-dpi -m mark --mark 0x6539 -j RETURN
COMMIT
EOF
Expand All @@ -533,7 +541,7 @@ _bypass_proto_without_ndpi() {
if [ "$disableipv6" = "0" ] && ([ "$family" = "ipv6" ] || [ "$family" = "ipv4ipv6" ]); then
$IP6TABLESRESTORE -w --wait=60 --noflush <<-EOF
*mangle
-A omr-bypass6-dpi -m set --match-set bypass_$proto dst -j MARK --set-mark 0x6539$intfid
-A omr-bypass6-dpi -m set --match-set bypass6_$proto dst -j MARK --set-mark 0x6539$intfid
-A omr-bypass6-dpi -m mark --mark 0x6539$intfid -j RETURN
COMMIT
EOF
Expand Down

0 comments on commit e56c73b

Please sign in to comment.