Lienol · sbwml · Nov 18, 2022 · Nov 18, 2022
diff --git a/luci-app-socat/luasrc/model/cbi/socat/config.lua b/luci-app-socat/luasrc/model/cbi/socat/config.lua
@@ -34,7 +34,7 @@ o.datatype = "portrange"
 o.rmempty = false
 o:depends("protocol", "port_forwards")
 
-o = s:option(Flag, "reuseaddr", "reuseaddr", translate("Bind to a port local"))
+o = s:option(Flag, "reuseaddr", translate("REUSEADDR"), translate("Bind to a port local"))
 o.default = "1"
 o.rmempty = false
 

diff --git a/luci-app-socat/po/zh-cn/socat.po b/luci-app-socat/po/zh-cn/socat.po
@@ -34,6 +34,9 @@ msgstr "监听协议"
 msgid "Listen port"
 msgstr "监听端口"
 
+msgid "REUSEADDR"
+msgstr "地址重用"
+
 msgid "Bind to a port local"
 msgstr "绑定到本地端口"
 

diff --git a/luci-app-socat/root/etc/init.d/luci_socat b/luci-app-socat/root/etc/init.d/luci_socat
@@ -7,43 +7,26 @@ CONFIG=socat
 CONFIG_PATH=/var/etc/$CONFIG
 
 add_rule() {
-	iptables -N SOCAT
-	iptables -I INPUT -j SOCAT
-	ip6tables -N SOCAT
-	ip6tables -I INPUT -j SOCAT
+	accept_port=$(cat /var/etc/$CONFIG.port | tr "\n" " ")
+	if [ "$accept_port" ]; then
+		uci -q delete firewall.socat
+		uci set firewall.socat=rule
+		uci set firewall.socat.name="socat"
+		uci set firewall.socat.target="ACCEPT"
+		uci set firewall.socat.src="wan"
+		uci set firewall.socat.dest_port="$accept_port"
+		uci set firewall.socat.enabled="1"
+		uci commit firewall
+		/etc/init.d/firewall reload >/dev/null 2>&1
+	else
+		del_rule
+	fi
 }
 
 del_rule() {
-	iptables -D INPUT -j SOCAT 2>/dev/null
-	iptables -F SOCAT 2>/dev/null
-	iptables -X SOCAT 2>/dev/null
-	ip6tables -D INPUT -j SOCAT 2>/dev/null
-	ip6tables -F SOCAT 2>/dev/null
-	ip6tables -X SOCAT 2>/dev/null
-}
-
-gen_include() {
-	echo '#!/bin/sh' > /var/etc/$CONFIG.include
-	extract_rules() {
-		local _ipt="iptables"
-		[ "$1" == "6" ] && _ipt="ip6tables"
-
-		echo "*$2"
-		${_ipt}-save -t $2 | grep "SOCAT" | \
-		sed -e "s/^-A \(INPUT\)/-I \1 1/"
-		echo 'COMMIT'
-	}
-	cat <<-EOF >> /var/etc/$CONFIG.include
-		iptables-save -c | grep -v "SOCAT" | iptables-restore -c
-		iptables-restore -n <<-EOT
-		$(extract_rules 4 filter)
-		EOT
-		ip6tables-save -c | grep -v "SOCAT" | ip6tables-restore -c
-		ip6tables-restore -n <<-EOT
-		$(extract_rules 6 filter)
-		EOT
-	EOF
-	return 0
+	uci -q delete firewall.socat
+	uci commit firewall
+	/etc/init.d/firewall reload >/dev/null 2>&1
 }
 
 run_service() {
@@ -81,19 +64,14 @@ run_service() {
 	fi
 
 	[ "$firewall_accept" == "1" ] && {
-		if [ -z "$family" ] || [ "$family" == "6" ]; then
-			ip6tables -A SOCAT -p $proto --dport $listen_port -m comment --comment "$remarks" -j ACCEPT
-		fi
-		if [ -z "$family" ] || [ "$family" == "4" ]; then
-			iptables -A SOCAT -p $proto --dport $listen_port -m comment --comment "$remarks" -j ACCEPT
-		fi
+		echo $listen_port >> /var/etc/$CONFIG.port
 	}
 }
 
 stop_service() {
 	busybox ps -w | grep "$CONFIG_PATH/" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1 &
 	del_rule
-	rm -rf $CONFIG_PATH /var/etc/$CONFIG.include
+	rm -rf $CONFIG_PATH /var/etc/$CONFIG.port
 }
 
 start() {
@@ -102,10 +80,10 @@ start() {
 		stop_service
 	else
 		mkdir -p $CONFIG_PATH
-		add_rule
+		rm -f /var/etc/$CONFIG.port
 		config_load $CONFIG
 		config_foreach run_service "config"
-		gen_include
+		add_rule
 	fi
 }