From 893229f152274e92ad4b7e9ee9ef9b63ccf9df13 Mon Sep 17 00:00:00 2001 From: sbwml <984419930@qq.com> Date: Fri, 18 Nov 2022 18:25:53 +0800 Subject: [PATCH 1/2] luci-app-socat: complete chinese translation --- luci-app-socat/luasrc/model/cbi/socat/config.lua | 2 +- luci-app-socat/po/zh-cn/socat.po | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/luci-app-socat/luasrc/model/cbi/socat/config.lua b/luci-app-socat/luasrc/model/cbi/socat/config.lua index afbc0849..0a04ce6c 100644 --- a/luci-app-socat/luasrc/model/cbi/socat/config.lua +++ b/luci-app-socat/luasrc/model/cbi/socat/config.lua @@ -34,7 +34,7 @@ o.datatype = "portrange" o.rmempty = false o:depends("protocol", "port_forwards") -o = s:option(Flag, "reuseaddr", "reuseaddr", translate("Bind to a port local")) +o = s:option(Flag, "reuseaddr", translate("REUSEADDR"), translate("Bind to a port local")) o.default = "1" o.rmempty = false diff --git a/luci-app-socat/po/zh-cn/socat.po b/luci-app-socat/po/zh-cn/socat.po index 9068b611..f0c6087c 100644 --- a/luci-app-socat/po/zh-cn/socat.po +++ b/luci-app-socat/po/zh-cn/socat.po @@ -34,6 +34,9 @@ msgstr "监听协议" msgid "Listen port" msgstr "监听端口" +msgid "REUSEADDR" +msgstr "地址重用" + msgid "Bind to a port local" msgstr "绑定到本地端口" From 8cfd8901434a470559c7de953f4209990bdedcc5 Mon Sep 17 00:00:00 2001 From: sbwml <984419930@qq.com> Date: Fri, 18 Nov 2022 18:02:05 +0800 Subject: [PATCH 2/2] luci-app-socat: toggle common firewall rules * fw4 compatible --- luci-app-socat/root/etc/init.d/luci_socat | 64 ++++++++--------------- 1 file changed, 21 insertions(+), 43 deletions(-) diff --git a/luci-app-socat/root/etc/init.d/luci_socat b/luci-app-socat/root/etc/init.d/luci_socat index 9c582f8f..91ca061e 100755 --- a/luci-app-socat/root/etc/init.d/luci_socat +++ b/luci-app-socat/root/etc/init.d/luci_socat @@ -7,43 +7,26 @@ CONFIG=socat CONFIG_PATH=/var/etc/$CONFIG add_rule() { - iptables -N SOCAT - iptables -I INPUT -j SOCAT - ip6tables -N SOCAT - ip6tables -I INPUT -j SOCAT + accept_port=$(cat /var/etc/$CONFIG.port | tr "\n" " ") + if [ "$accept_port" ]; then + uci -q delete firewall.socat + uci set firewall.socat=rule + uci set firewall.socat.name="socat" + uci set firewall.socat.target="ACCEPT" + uci set firewall.socat.src="wan" + uci set firewall.socat.dest_port="$accept_port" + uci set firewall.socat.enabled="1" + uci commit firewall + /etc/init.d/firewall reload >/dev/null 2>&1 + else + del_rule + fi } del_rule() { - iptables -D INPUT -j SOCAT 2>/dev/null - iptables -F SOCAT 2>/dev/null - iptables -X SOCAT 2>/dev/null - ip6tables -D INPUT -j SOCAT 2>/dev/null - ip6tables -F SOCAT 2>/dev/null - ip6tables -X SOCAT 2>/dev/null -} - -gen_include() { - echo '#!/bin/sh' > /var/etc/$CONFIG.include - extract_rules() { - local _ipt="iptables" - [ "$1" == "6" ] && _ipt="ip6tables" - - echo "*$2" - ${_ipt}-save -t $2 | grep "SOCAT" | \ - sed -e "s/^-A \(INPUT\)/-I \1 1/" - echo 'COMMIT' - } - cat <<-EOF >> /var/etc/$CONFIG.include - iptables-save -c | grep -v "SOCAT" | iptables-restore -c - iptables-restore -n <<-EOT - $(extract_rules 4 filter) - EOT - ip6tables-save -c | grep -v "SOCAT" | ip6tables-restore -c - ip6tables-restore -n <<-EOT - $(extract_rules 6 filter) - EOT - EOF - return 0 + uci -q delete firewall.socat + uci commit firewall + /etc/init.d/firewall reload >/dev/null 2>&1 } run_service() { @@ -81,19 +64,14 @@ run_service() { fi [ "$firewall_accept" == "1" ] && { - if [ -z "$family" ] || [ "$family" == "6" ]; then - ip6tables -A SOCAT -p $proto --dport $listen_port -m comment --comment "$remarks" -j ACCEPT - fi - if [ -z "$family" ] || [ "$family" == "4" ]; then - iptables -A SOCAT -p $proto --dport $listen_port -m comment --comment "$remarks" -j ACCEPT - fi + echo $listen_port >> /var/etc/$CONFIG.port } } stop_service() { busybox ps -w | grep "$CONFIG_PATH/" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 & del_rule - rm -rf $CONFIG_PATH /var/etc/$CONFIG.include + rm -rf $CONFIG_PATH /var/etc/$CONFIG.port } start() { @@ -102,10 +80,10 @@ start() { stop_service else mkdir -p $CONFIG_PATH - add_rule + rm -f /var/etc/$CONFIG.port config_load $CONFIG config_foreach run_service "config" - gen_include + add_rule fi }