pbr 1.2.1-r35
Makefile:
* split uci-defaults into different purpose files
* add handling of netifd integration
Config:
* update with default values for all options (thanks @betonmischer86)
Init-script:
* add netifd integration handling
* add ip() function to emulate ip rule replace
* add netbird intrfaces support (thanks @egc112)
* reorganize loading/handling of options in load_package_config()
* improve display of interface triggers in service_triggers()
* remove chains cleanup from stop_service() due to exclusive use of fw4 nft files
* improve status_service() output
* drop input and postrouting as valid options for policy chain
Uci-defaults files:
* 91-pbr-nft: cosmetic improvements
Default nft files:
* drop use of input and postrouting chanins
Custom User files:
* dns-prefetch: functional improvements (thanks @betonmischer86)
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Maintainer: me
Compile tested: x86_64, Dell EMC Edge620, OpenWrt 24.10.0-rc2
Run tested: x86_64, Dell EMC Edge620, OpenWrt 24.10.0-rc2
Description:
* stop building netifd flavour until netifd isuees are resolved
* improve output()
* improve inline_set()
* improve is_config_enabled()
* bugfix is_domain()
* improve is_supported_protocol()
* improve is_supported_interface()
* bugfix is_tor_running()
* improve ipv4_leases_to_nftset()
* improve ipv6_leases_to_nftset()
* add check for ip-full binary on start
* bugfix: load environment on boot
* bugfix: hack around dnsmasq confdir instances
* bugfix: IPv6-related fixes for internet_routing() and status_service()
* improve netifd setup by bringing code into the init script from uci-defaults
* bugfix: do not attempt to use IPv6 prefixes in pbr.user.aws if IPv6 support is disabled in pbr config
Signed-off-by: Stan Grishin <stangri@melmac.ca>
* bump compat version to accommodate new strings
* update dnsmasq-related code to better support separate confdirs
for separate instances
* remove procd_lan_interface as it didn't reflect that it's a list of devices
* introduce procd_lan_device list
* improve the output() function (thanks @bigsmile74)
* remove duplicate uci_get_device
* improve ipv6 detection and interface setup
* improve dhcp force detection for interfaces name differently from lan
* fix array/element parameters for some json operations
* remove unneeded null redirects for `try` calls
* remove (iptables-only) capitalized chain names form validation
* working pbr-netifd flavor
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Makefile:
* remove pbr-iptables flavour
Init-script:
* improve detection of wireguard server and client instances
* integrate wg_server_and_client into init script
* remove traffic_killswitch() and trap() and related options/code
* remove internal nft_file_support variable as fw4 nft file is the only running mode
* improve debug() and is_supported_interface() functions
* improve detection of incompatible user script files
* double-quote some strings due to shellcheck errors
* flush ip rules from pbr tables instead of deleting last one
Other files:
* remove /usr/share/pbr/pbr.user.wg_server_and_client as obsolete
* remove references to the file above in config on update thru uci-defaults
* minor updates to netifd uci-defaults script
Signed-off-by: Stan Grishin <stangri@melmac.ca>
* delete obsolete files/etc/init.d/pbr.init
* add files/etc/uci-defaults/91-pbr-iptables to help update from older OpenWrt
* add files/etc/uci-defaults/91-pbr-nft to help update from older OpenWrt
* update files/etc/uci-defaults/91-pbr-netifd to only add tables to supported ifaces
* re-organize variants in the Makefile so that they hopefull work this time
* update prerm for all variants for better user experience
* update the -netifd prerm to remove leftofver entries from network and rt_tables file
In the init script:
* add decorations for netifd-interfaces related operations (blue ticks)
* add rtTablesFile variables instead of hard-coding the rt_tables file
* add function to check if the table is netifd-derived
* add error messages/hints for failed interface setup and failed WAN discovery
* make cleanup_rt_tables the netifd-compatible
* streamline interface_process function with a clearer case statement
* rename the interface_process `pre-init` option to `pre_init` to conform to the other
functions options naming style
Signed-off-by: Stan Grishin <stangri@melmac.ca>
