diff --git a/net/pbr/Makefile b/net/pbr/Makefile index 49f5324d1746c..b83631118bb63 100644 --- a/net/pbr/Makefile +++ b/net/pbr/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=pbr PKG_VERSION:=1.1.7 -PKG_RELEASE:=7 +PKG_RELEASE:=10 PKG_LICENSE:=AGPL-3.0-or-later PKG_MAINTAINER:=Stan Grishin @@ -135,6 +135,9 @@ define Package/pbr-netifd/postinst #!/bin/sh # check if we are on real system if [ -z "$${IPKG_INSTROOT}" ]; then + chmod -x /etc/init.d/pbr || true + fw4 -q reload || true + chmod +x /etc/init.d/pbr || true echo -n "Installing rc.d symlink for pbr-netifd... " /etc/init.d/pbr enable && echo "OK" || echo "FAIL" fi diff --git a/net/pbr/files/etc/init.d/pbr b/net/pbr/files/etc/init.d/pbr index abd2aa46a0660..3a7441e297d3a 100755 --- a/net/pbr/files/etc/init.d/pbr +++ b/net/pbr/files/etc/init.d/pbr @@ -465,7 +465,7 @@ get_text() { errorResolverNotSupported) r="Resolver set (${resolver_set}) is not supported on this system!";; errorServiceDisabled) r="The ${packageName} service is currently disabled!";; errorNoWanGateway) r="The ${serviceName} service failed to discover WAN gateway!";; - errorNoWanInterface) r="The %s inteface not found, you need to set the 'pbr.config.procd_wan_interface' option!";; + errorNoWanInterface) r="The %s interface not found, you need to set the 'pbr.config.procd_wan_interface' option!";; errorNoWanInterfaceHint) r="Refer to https://docs.openwrt.melmac.net/pbr/#procd_wan_interface.";; errorNftsetNameTooLong) r="The nft set name '%s' is longer than allowed 255 characters!";; errorUnexpectedExit) r="Unexpected exit or service termination: '%s'!";; @@ -723,7 +723,7 @@ nft_file() { case "$1" in add|add_command) shift - grep -q "$*" "$nftTempFile" || echo "$*" >> "$nftTempFile" + echo "$*" >> "$nftTempFile" ;; create) rm -f "$nftTempFile" "$nftPermFile" @@ -754,7 +754,7 @@ nft_file() { ;; esac } -nft() { [ -x "$nft" ] && [ -n "$*" ] && { nft_file 'add_command' "$@" || "$nft" "$@" >/dev/null 2>&1;} } +nft() { [ -x "$nft" ] && [ -n "$*" ] && nft_file 'add_command' "$@"; } nft4() { nft "$@"; } nft6() { [ -n "$ipv6_enabled" ] || return 0; nft "$@"; } nftset() { @@ -1846,7 +1846,7 @@ interface_process() { fi ;; esac - return 0 + str_contains_word "$supported_interface" "$iface" || return 0 fi is_supported_interface "$iface" || return 0 @@ -2153,17 +2153,24 @@ start_service() { config_foreach load_validate_dns_policy 'dns_policy' dns_policy_process output 1 '\n' fi - if is_config_enabled 'include'; then + if is_config_enabled 'include' || [ -d "/etc/${packageName}.d/" ]; then interface_process 'all' 'prepare' config_foreach interface_process 'interface' 'create_user_set' output 1 'Processing user file(s) ' config_load "$packageName" config_foreach load_validate_include 'include' user_file_process + if [ -d "/etc/${packageName}.d/" ]; then + local i + for i in "/etc/${packageName}.d/"*; do + local enabled='1' path="$i" + [ -f "$i" ] && user_file_process + done + fi output 1 '\n' fi nft_file 'install' resolver 'init_end' - ! nft_file 'exists' && resolver 'compare_hash' && resolver 'restart' + resolver 'compare_hash' && resolver 'restart' ;; esac @@ -2186,7 +2193,6 @@ service_started() { if nft_file 'exists'; then procd_set_config_changed firewall if nft_file 'exists'; then - resolver 'compare_hash' && resolver 'restart' [ -n "$gatewaySummary" ] && output "$serviceName (fw4 nft file mode) started with gateways:\\n${gatewaySummary}" else output "$serviceName FAILED TO START in fw4 nft file mode!!!" diff --git a/net/pbr/files/etc/uci-defaults/90-pbr b/net/pbr/files/etc/uci-defaults/90-pbr index 3d6247d6b6a8f..47db6f6d1fbc5 100644 --- a/net/pbr/files/etc/uci-defaults/90-pbr +++ b/net/pbr/files/etc/uci-defaults/90-pbr @@ -57,6 +57,7 @@ EOT fi # Transition from pre-1.1.7 versions +# shellcheck disable=SC2317 _remove_wg_server_client() { local path config_get path "$1" 'path'