firewallmngr: fix duplicate rule entries

2025-12-10 07:44:50 +01:00 · 2025-04-10 21:14:51 +05:30 · 2025-04-10 21:14:51 +05:30 · f2ea1049e0
commit f2ea1049e0
parent ba837ff98a
2 changed files with 26 additions and 9 deletions
--- a/firewallmngr/files/port-trigger/etc/init.d/port-trigger
+++ b/firewallmngr/files/port-trigger/etc/init.d/port-trigger
@ -7,7 +7,11 @@ USE_PROCD=1
 . /lib/port-trigger/port_trigger.sh

 start_service() {
-	port_trigger_handling
+	port_trigger_add
+}
+
+stop_service() {
+	port_trigger_clean
 }

 service_triggers()
@ -17,5 +21,6 @@ service_triggers()
 }

 reload_service() {
+	stop
 	start
 }
--- a/firewallmngr/files/port-trigger/lib/port-trigger/port_trigger.sh
+++ b/firewallmngr/files/port-trigger/lib/port-trigger/port_trigger.sh
@ -119,18 +119,12 @@ process_port_trigger() {
 	fi
 }

-port_trigger_handling() {
+port_trigger_add() {
 	rm /tmp/port_trigger_iptables 2> /dev/null
 	rm /tmp/port_trigger_ip6tables 2> /dev/null
 	touch /tmp/port_trigger_iptables
 	touch /tmp/port_trigger_ip6tables

-	echo "iptables -w -t nat -F prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	echo "iptables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	echo "iptables -w -t nat -F prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	echo "ip6tables -w -t nat -F prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
-	echo "ip6tables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
-
 	echo "iptables -w -t nat -N prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
 	ret=$?
 	[ $ret -eq 0 ] && echo "iptables -w -t nat -I PREROUTING -j prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
@ -139,7 +133,7 @@ port_trigger_handling() {
 	[ $ret -eq 0 ] && echo "iptables -w -t filter -I forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
 	echo "iptables -w -t nat -N prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
 	ret=$?
-	[ $ret -eq 0 ] && echo "iptables -w -t nat -I prerouting_wan_rule -j prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	[ $ret -eq 0 ] && echo "iptables -w -t nat -A prerouting_wan_rule -j prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables

 	echo "ip6tables -w -t nat -N prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
 	ret=$?
@ -155,3 +149,21 @@ port_trigger_handling() {
 	sh /tmp/port_trigger_iptables
 	sh /tmp/port_trigger_ip6tables
 }
+
+port_trigger_clean() {
+	iptables -w -t nat -D PREROUTING -j prerouting_porttrigger 2> /dev/null
+	iptables -w -t nat -F prerouting_porttrigger 2> /dev/null
+	iptables -w -t nat -X prerouting_porttrigger 2> /dev/null
+	iptables -w -t nat -D prerouting_wan_rule -j prerouting_wan_porttrigger 2> /dev/null
+	iptables -w -t nat -F prerouting_wan_porttrigger 2> /dev/null
+	iptables -w -t nat -X prerouting_wan_porttrigger 2> /dev/null
+	iptables -w -t filter -D forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null
+	iptables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null
+	iptables -w -t filter -X forwarding_wan_porttrigger 2> /dev/null
+	ip6tables -w -t nat -D PREROUTING -j prerouting_porttrigger 2> /dev/null
+	ip6tables -w -t nat -F prerouting_porttrigger 2> /dev/null
+	ip6tables -w -t nat -X prerouting_porttrigger 2> /dev/null
+	ip6tables -w -t filter -D forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null
+	ip6tables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null
+	ip6tables -w -t filter -X forwarding_wan_porttrigger 2> /dev/null
+}