From f2ea1049e05dd57ddcd38b98177e91cb7b8a34c4 Mon Sep 17 00:00:00 2001 From: Suvendhu Hansa Date: Thu, 10 Apr 2025 21:14:51 +0530 Subject: [PATCH] firewallmngr: fix duplicate rule entries --- .../port-trigger/etc/init.d/port-trigger | 7 ++++- .../lib/port-trigger/port_trigger.sh | 28 +++++++++++++------ 2 files changed, 26 insertions(+), 9 deletions(-) diff --git a/firewallmngr/files/port-trigger/etc/init.d/port-trigger b/firewallmngr/files/port-trigger/etc/init.d/port-trigger index efb699737..602a017e4 100644 --- a/firewallmngr/files/port-trigger/etc/init.d/port-trigger +++ b/firewallmngr/files/port-trigger/etc/init.d/port-trigger @@ -7,7 +7,11 @@ USE_PROCD=1 . /lib/port-trigger/port_trigger.sh start_service() { - port_trigger_handling + port_trigger_add +} + +stop_service() { + port_trigger_clean } service_triggers() @@ -17,5 +21,6 @@ service_triggers() } reload_service() { + stop start } diff --git a/firewallmngr/files/port-trigger/lib/port-trigger/port_trigger.sh b/firewallmngr/files/port-trigger/lib/port-trigger/port_trigger.sh index 0f4c77873..905b9aa70 100755 --- a/firewallmngr/files/port-trigger/lib/port-trigger/port_trigger.sh +++ b/firewallmngr/files/port-trigger/lib/port-trigger/port_trigger.sh @@ -119,18 +119,12 @@ process_port_trigger() { fi } -port_trigger_handling() { +port_trigger_add() { rm /tmp/port_trigger_iptables 2> /dev/null rm /tmp/port_trigger_ip6tables 2> /dev/null touch /tmp/port_trigger_iptables touch /tmp/port_trigger_ip6tables - echo "iptables -w -t nat -F prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables - echo "iptables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables - echo "iptables -w -t nat -F prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables - echo "ip6tables -w -t nat -F prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables - echo "ip6tables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables - echo "iptables -w -t nat -N prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables ret=$? [ $ret -eq 0 ] && echo "iptables -w -t nat -I PREROUTING -j prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables @@ -139,7 +133,7 @@ port_trigger_handling() { [ $ret -eq 0 ] && echo "iptables -w -t filter -I forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables echo "iptables -w -t nat -N prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables ret=$? - [ $ret -eq 0 ] && echo "iptables -w -t nat -I prerouting_wan_rule -j prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables + [ $ret -eq 0 ] && echo "iptables -w -t nat -A prerouting_wan_rule -j prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables echo "ip6tables -w -t nat -N prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables ret=$? @@ -155,3 +149,21 @@ port_trigger_handling() { sh /tmp/port_trigger_iptables sh /tmp/port_trigger_ip6tables } + +port_trigger_clean() { + iptables -w -t nat -D PREROUTING -j prerouting_porttrigger 2> /dev/null + iptables -w -t nat -F prerouting_porttrigger 2> /dev/null + iptables -w -t nat -X prerouting_porttrigger 2> /dev/null + iptables -w -t nat -D prerouting_wan_rule -j prerouting_wan_porttrigger 2> /dev/null + iptables -w -t nat -F prerouting_wan_porttrigger 2> /dev/null + iptables -w -t nat -X prerouting_wan_porttrigger 2> /dev/null + iptables -w -t filter -D forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null + iptables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null + iptables -w -t filter -X forwarding_wan_porttrigger 2> /dev/null + ip6tables -w -t nat -D PREROUTING -j prerouting_porttrigger 2> /dev/null + ip6tables -w -t nat -F prerouting_porttrigger 2> /dev/null + ip6tables -w -t nat -X prerouting_porttrigger 2> /dev/null + ip6tables -w -t filter -D forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null + ip6tables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null + ip6tables -w -t filter -X forwarding_wan_porttrigger 2> /dev/null +}