mirror/iopsys-feed
1
0
Fork 0
mirror of https://dev.iopsys.eu/feed/iopsys.git synced 2025-12-10 07:44:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

parental-control: auto enable urlbundle based on /apps

Browse source
This commit is contained in:
Vivek Dutta 2025-08-20 20:27:48 +05:30 committed by IOPSYS Dev
parent 5820d98e2c
commit fcd59e95f0
No known key found for this signature in database
12 changed files with 186 additions and 108 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
parental-control/Makefile
View file

@ -5,13 +5,13 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=parental-control PKG_NAME:=parental-control
PKG_VERSION:=1.2.1 PKG_VERSION:=1.3.0
LOCAL_DEV:=0 LOCAL_DEV:=0
ifneq ($(LOCAL_DEV),1) ifneq ($(LOCAL_DEV),1)
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://dev.iopsys.eu/network/parental-control.git PKG_SOURCE_URL:=https://dev.iopsys.eu/network/parental-control.git
PKG_SOURCE_VERSION:=120dbcd6508b817d2ce3d579a1bfbd5bfd1a44cb PKG_SOURCE_VERSION:=6e2a210c90ef4b4d4741b77b77c74fc4a8683fd6
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
PKG_MIRROR_HASH:=skip PKG_MIRROR_HASH:=skip
endif endif
@ -81,19 +81,20 @@ define Package/parental-control/install
$(INSTALL_DIR) $(1)/etc/uci-defaults $(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_DATA) ./files/etc/uci-defaults/95-firewall_parentalcontrol.ucidefaults $(1)/etc/uci-defaults/ $(INSTALL_DATA) ./files/etc/uci-defaults/95-firewall_parentalcontrol.ucidefaults $(1)/etc/uci-defaults/
$(INSTALL_DATA) ./files/etc/uci-defaults/95-migrate_urlfilter.ucidefaults $(1)/etc/uci-defaults/ $(INSTALL_DATA) ./files/etc/uci-defaults/35-migrate_urlfilter.ucidefaults $(1)/etc/uci-defaults/
$(INSTALL_DIR) $(1)/lib/upgrade/keep.d $(INSTALL_DIR) $(1)/lib/upgrade/keep.d
$(INSTALL_DATA) ./files/lib/upgrade/keep.d/parentalcontrol $(1)/lib/upgrade/keep.d/parentalcontrol $(INSTALL_DATA) ./files/lib/upgrade/keep.d/parentalcontrol $(1)/lib/upgrade/keep.d/parentalcontrol
$(BBFDM_REGISTER_SERVICES) -v ${VENDOR_PREFIX} ./bbfdm_service.json $(1) parentalcontrol $(BBFDM_REGISTER_SERVICES) -v ${VENDOR_PREFIX} ./bbfdm_service.json $(1) parentalcontrol
$(INSTALL_DATA) ./files/etc/uci-defaults/40-parental_control_update_bundle_path $(1)/etc/uci-defaults/
ifeq ($(CONFIG_PARENTAL_CONTROL_URLFILTERING),y) ifeq ($(CONFIG_PARENTAL_CONTROL_URLFILTERING),y)
$(INSTALL_DATA) ./files/etc/uci-defaults/55-add-default-bundles $(1)/etc/uci-defaults/ $(INSTALL_DATA) ./files/etc/uci-defaults/50-parental_control_add_bundles $(1)/etc/uci-defaults/
$(CP) ./files/urlbundle_override.json $(1)/etc/parentalcontrol/ $(CP) ./files/urlbundle_override.json $(1)/etc/parentalcontrol/
else else
$(BBFDM_INSTALL_MS_PLUGIN) -v ${VENDOR_PREFIX} ./files/urlbundle_override.json $(1) parentalcontrol $(BBFDM_INSTALL_MS_PLUGIN) -v ${VENDOR_PREFIX} ./files/urlbundle_override.json $(1) parentalcontrol
$(INSTALL_DATA) ./files/etc/uci-defaults/50-parental_control_urlfilter $(1)/etc/uci-defaults/ $(INSTALL_DATA) ./files/etc/uci-defaults/50-parental_control_disable_urlfilter $(1)/etc/uci-defaults/
endif endif
endef endef

3
parental-control/files/etc/config/parentalcontrol
View file

@ -1,4 +1,3 @@
config globals 'globals' config globals 'globals'
option enable '0' option enable '1'
option loglevel '3' option loglevel '3'
option urlfilter '1'

15
parental-control/files/etc/firewall.parentalcontrol
View file

@ -5,19 +5,16 @@
enabled="$(uci -q get parentalcontrol.globals.enable)" enabled="$(uci -q get parentalcontrol.globals.enable)"
urlfilter="$(uci -q get parentalcontrol.globals.urlfilter)" urlfilter="$(uci -q get parentalcontrol.globals.urlfilter)"
# if parentalcontrol is enabled, add the rules, else remove them # if parentalcontrol is enabled, add the rules, else remove them
if [ "${enabled}" -eq "1" ]; then if [ "${enabled}" -eq "1" ]; then
# this is for internet_access and profile_bedtime_schedule sections
add_internet_schedule_rules
# this is for urlfilter daemon # this is for urlfilter daemon
add_iptables_nfqueue_rules
if [ "${urlfilter}" -eq "1" ]; then if [ "${urlfilter}" -eq "1" ]; then
# this for internet_access and profile_bedtime_schedule sections add_iptables_nfqueue_rules
add_internet_schedule_rules
fi fi
else else
# remove urlfilter daemon rules # remove internet_access and profile_bedtime_schedule rules
remove_internet_schedule_rules
remove_iptables_nfqueue_rules remove_iptables_nfqueue_rules
if [ "${urlfilter}" -eq "1" ]; then
# remove internet_access and profile_bedtime_schedule rules
remove_internet_schedule_rules
fi
fi fi

11
parental-control/files/etc/init.d/parentalcontrol
View file

@ -46,7 +46,7 @@ configure_fw_rules() {
# URL filtering cannot be performed on already open sites. # URL filtering cannot be performed on already open sites.
if [ -n "$(which conntrack)" ]; then if [ -n "$(which conntrack)" ]; then
sleep 5 sleep 5
conntrack -F conntrack -F > /dev/null 2>&1
fi fi
# this is for urlfilter daemon # this is for urlfilter daemon
@ -83,14 +83,13 @@ start_service() {
config_load parentalcontrol config_load parentalcontrol
validate_global_section validate_global_section
[ -n "${bundle_path}" ] && mkdir -p ${bundle_path}
# add default bundles
process_default_bundles
# add firewall rules # add firewall rules
configure_fw_rules configure_fw_rules
if [ "${urlfilter}" -eq "1" ]; then if [ "${urlfilter}" -eq "1" ]; then
# add default bundles
[ -n "${bundle_path}" ] && mkdir -p ${bundle_path}
process_default_bundles
enable_urlfilter_dm enable_urlfilter_dm
else else
disable_urlfilter_dm disable_urlfilter_dm
@ -100,7 +99,7 @@ start_service() {
# then /tmp/dhcp.leases will be empty until clients try to get a lease, # then /tmp/dhcp.leases will be empty until clients try to get a lease,
# in that case, hostnames will not be processed by the daemon, # in that case, hostnames will not be processed by the daemon,
# for this we copy /tmp/dhcp.leases to /etc/parentalcontrol/dhcp.leases # for this we copy /tmp/dhcp.leases to /etc/parentalcontrol/dhcp.leases
# which will be persistent acrros reboots and upgrade where settings are kept # which will be persistent across reboots and upgrade (with keep settings)
# and will be used as a backup in case /tmp/dhcp.leases is empty # and will be used as a backup in case /tmp/dhcp.leases is empty
copy_dhcp_leases copy_dhcp_leases

2
parental-control/files/etc/uci-defaults/95-migrate_urlfilter.ucidefaults → parental-control/files/etc/uci-defaults/35-migrate_urlfilter.ucidefaults
View file

@ -2,6 +2,8 @@
. /lib/functions.sh . /lib/functions.sh
[ ! -f "/etc/config/urlfilter" ] && exit 0
# Convert URL filter to parental control format # Convert URL filter to parental control format
urlfilter_config="/etc/config/urlfilter" urlfilter_config="/etc/config/urlfilter"
parentalcontrol_config="/etc/config/parentalcontrol" parentalcontrol_config="/etc/config/parentalcontrol"

38
parental-control/files/etc/uci-defaults/40-parental_control_update_bundle_path Normal file
View file

@ -0,0 +1,38 @@
#!/bin/sh
[ ! -f "/etc/config/parentalcontrol" ] && exit 0
APPS_DIR="/apps"
check_mounted_app_partition() {
local free
if [ ! -d "${APPS_DIR}" ]; then
return 1
fi
# Check free space in disk
free="$(df -P "${APPS_DIR}"|tail -n 1|awk '{print $4}')"
# disable if free storage is less then 300M
if [ "${free}" -lt 307200 ]; then
return 1
fi
return 0
}
if check_mounted_app_partition; then
uci -q set parentalcontrol.globals.bundle_path="${APPS_DIR}/parentalcontrol"
# configure the urlfilter if not configured
urlfilter="$(uci -q get parentalcontrol.globals.urlfilter)"
if [ -z "${urlfilter}" ]; then
uci -q set parentalcontrol.globals.urlfilter='1'
fi
else
uci -q set parentalcontrol.globals.urlfilter='0'
fi
exit 0

43
parental-control/files/etc/uci-defaults/50-parental_control_add_bundles Normal file
View file

@ -0,0 +1,43 @@
#!/bin/sh
[ ! -f "/etc/config/parentalcontrol" ] && exit 0
COUNT=1
add_urlbundle()
{
local name url
url="${1}"; shift
name="$*"
uci -q set parentalcontrol.urlbundle_${COUNT}=urlbundle
uci -q set parentalcontrol.urlbundle_${COUNT}.name="${name}"
uci -q set parentalcontrol.urlbundle_${COUNT}.download_url="${url}"
COUNT="$((COUNT+1))"
}
urlfilter="$(uci -q get parentalcontrol.globals.urlfilter)"
if [ "${urlfilter}" -eq "1" ]; then
add_urlbundle "https://blocklistproject.github.io/Lists/alt-version/abuse-nl.txt" "Abuse"
add_urlbundle "https://blocklistproject.github.io/Lists/alt-version/ads-nl.txt" "Ads"
add_urlbundle "https://blocklistproject.github.io/Lists/alt-version/crypto-nl.txt" "Crypto"
add_urlbundle "https://blocklistproject.github.io/Lists/alt-version/drugs-nl.txt" "Drugs"
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/everything-nl.txt' "Everything else"
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/facebook-nl.txt' 'Facebook/Instagram'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/fraud-nl.txt' 'Fraud'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/gambling-nl.txt' 'Gambling'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/malware-nl.txt' 'Malware'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/phishing-nl.txt' 'Phishing'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/piracy-nl.txt' 'Piracy'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/porn-nl.txt' 'Porn'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/ransomware-nl.txt' 'Ransomware'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/redirect-nl.txt' 'Redirect'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/scam-nl.txt' 'Scam'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/tiktok-nl.txt' 'TikTok'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/torrent-nl.txt' 'Torrent'
add_urlbundle 'https://blocklistproject.github.io/Lists/alt-version/tracking-nl.txt' 'Tracking'
fi
exit 0

14
parental-control/files/etc/uci-defaults/50-parental_control_disable_urlfilter Normal file
View file

@ -0,0 +1,14 @@
#!/bin/sh
. /lib/functions.sh
[ ! -f "/etc/config/parentalcontrol" ] && exit 0
uci -q set parentalcontrol.globals.urlfilter='0'
_delete_urlbundle() {
uci_remove parentalcontrol "${1}"
}
config_load "parentalcontrol"
config_foreach _delete_urlbundle urlbundle

7
parental-control/files/etc/uci-defaults/50-parental_control_urlfilter
View file

@ -1,7 +0,0 @@
#!/bin/sh
. /lib/functions.sh
[ ! -f "/etc/config/parentalcontrol" ] && exit 0
uci -q set parentalcontrol.globals.urlfilter='0'

40
parental-control/files/etc/uci-defaults/55-add-default-bundles
View file

@ -1,40 +0,0 @@
#!/bin/sh
COUNT=1
add_urlbundle()
{
local enabled name url
enabled="${1}"; shift
url="${1}"; shift
name="${@}"
uci -q set parentalcontrol.urlbundle_${COUNT}=urlbundle
uci -q set parentalcontrol.urlbundle_${COUNT}.enable="${enabled}"
uci -q set parentalcontrol.urlbundle_${COUNT}.name="${name}"
uci -q set parentalcontrol.urlbundle_${COUNT}.download_url="${url}"
COUNT="$((COUNT+1))"
}
add_urlbundle "0" "https://blocklistproject.github.io/Lists/alt-version/abuse-nl.txt" "Abuse"
add_urlbundle "0" "https://blocklistproject.github.io/Lists/alt-version/ads-nl.txt" "Ads"
add_urlbundle "0" "https://blocklistproject.github.io/Lists/alt-version/crypto-nl.txt" "Crypto"
add_urlbundle "1" "https://blocklistproject.github.io/Lists/alt-version/drugs-nl.txt" "Drugs"
add_urlbundle "0" 'https://blocklistproject.github.io/Lists/alt-version/everything-nl.txt' "Everything else"
add_urlbundle "1" 'https://blocklistproject.github.io/Lists/alt-version/facebook-nl.txt' 'Facebook/Instagram'
add_urlbundle "1" 'https://blocklistproject.github.io/Lists/alt-version/fraud-nl.txt' 'Fraud'
add_urlbundle "1" 'https://blocklistproject.github.io/Lists/alt-version/gambling-nl.txt' 'Gambling'
add_urlbundle "0" 'https://blocklistproject.github.io/Lists/alt-version/malware-nl.txt' 'Malware'
add_urlbundle "1" 'https://blocklistproject.github.io/Lists/alt-version/phishing-nl.txt' 'Phishing'
add_urlbundle "1" 'https://blocklistproject.github.io/Lists/alt-version/piracy-nl.txt' 'Piracy'
add_urlbundle "0" 'https://blocklistproject.github.io/Lists/alt-version/porn-nl.txt' 'Porn'
add_urlbundle "1" 'https://blocklistproject.github.io/Lists/alt-version/ransomware-nl.txt' 'Ransomware'
add_urlbundle "0" 'https://blocklistproject.github.io/Lists/alt-version/redirect-nl.txt' 'Redirect'
add_urlbundle "1" 'https://blocklistproject.github.io/Lists/alt-version/scam-nl.txt' 'Scam'
add_urlbundle "0" 'https://blocklistproject.github.io/Lists/alt-version/tiktok-nl.txt' 'TikTok'
add_urlbundle "0" 'https://blocklistproject.github.io/Lists/alt-version/torrent-nl.txt' 'Torrent'
add_urlbundle "0" 'https://blocklistproject.github.io/Lists/alt-version/tracking-nl.txt' 'Tracking'
exit 0

21
parental-control/files/lib/parentalcontrol/parentalcontrol.sh
View file

@ -13,7 +13,10 @@ IP_RULE=""
ACL_FILE="" ACL_FILE=""
parentalcontrol_ipv4_forward="" parentalcontrol_ipv4_forward=""
parentalcontrol_ipv6_forward="" parentalcontrol_ipv6_forward=""
default_bundle_dir="/tmp/parentalcontrol/default/"
bundle_path="$(uci -q get parentalcontrol.globals.bundle_path)"
default_bundle_dir="${bundle_path}/default/"
bundle_archive="/etc/parentalcontrol/urlbundles.tar.xz" bundle_archive="/etc/parentalcontrol/urlbundles.tar.xz"
log() { log() {
@ -255,7 +258,9 @@ handle_schedule() {
schedule_added="1" schedule_added="1"
fi fi
target="ACCEPT" # internet_access has been updated to be internet_break
# so drop traffic during the schedule, and allow outside the schedule
target="DROP"
config_get local_start_time "$schedule_section" "start_time" "00:00" config_get local_start_time "$schedule_section" "start_time" "00:00"
config_get duration "$schedule_section" "duration" config_get duration "$schedule_section" "duration"
@ -362,11 +367,6 @@ handle_internet_break() {
config_load "schedules" config_load "schedules"
config_foreach handle_schedule schedule "schedule" "$schedule_ref" config_foreach handle_schedule schedule "schedule" "$schedule_ref"
fi fi
# for access rule to work, need to have default drop rule as last rule
if [ "$schedule_added" = "1" ]; then
add_access_rule "$ACCESS_RULE" "" "" "" "DROP"
fi
done done
} }
@ -438,6 +438,13 @@ add_internet_schedule_rules() {
} }
add_iptables_nfqueue_rules() { add_iptables_nfqueue_rules() {
local filter_used
# Check if urlfilter used
if ! uci show parentalcontrol |grep -q profile_urlfilter; then
return
fi
iptables -w -nL FORWARD|grep -iqE "NFQUEUE" iptables -w -nL FORWARD|grep -iqE "NFQUEUE"
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
# setup netfilter queue 0, use queue bypass so that if no application is # setup netfilter queue 0, use queue bypass so that if no application is

89
parental-control/files/lib/parentalcontrol/sync_bundles.sh
View file

@ -3,12 +3,31 @@
. /lib/functions.sh . /lib/functions.sh
LOCKFILE="/tmp/sync_bundles.lock" LOCKFILE="/tmp/sync_bundles.lock"
log_level="$(uci -q get parentalcontrol.globals.loglevel)"
log_level="${log_level:-1}"
DEBUG=0
log_err() {
logger -t urlfilter.sync -p error "$*"
if [ "${DEBUG}" -eq "1" ]; then
echo "#ERR# $* #" >/dev/console
fi
}
log_info() {
if [ "${log_level}" -gt 3 ]; then
logger -t urlfilter.sync -p info "$*"
fi
if [ "${DEBUG}" -eq "1" ]; then
echo "#INFO# $* #" >/dev/console
fi
}
# this script handles syncing bundles # this script handles syncing bundles
# if its a remote file, then it would be downloaded and placed in bundle_dir # if its a remote file, then it would be downloaded and placed in bundle_dir
bundle_path="$(uci -q get parentalcontrol.globals.bundle_path)" bundle_path="$(uci -q get parentalcontrol.globals.bundle_path)"
if [ -z "${bundle_path}" ]; then if [ -z "${bundle_path}" ]; then
bundle_path="/tmp/parentalcontrol" return 0
fi fi
stringstore_dir="${bundle_path}/stringstore" stringstore_dir="${bundle_path}/stringstore"
@ -38,15 +57,15 @@ update_bundle_file_from_url() {
available_memory=$(df "$bundle_dir" | tail -n 1 | awk '{print $(NF-2)}') # Available memory in 1K blocks available_memory=$(df "$bundle_dir" | tail -n 1 | awk '{print $(NF-2)}') # Available memory in 1K blocks
local needed_blocks=$((bundle_file_size / 1024)) # Convert bundle_file_size to 1K blocks local needed_blocks=$((bundle_file_size / 1024)) # Convert bundle_file_size to 1K blocks
local max_size=$((10 * 1024 * 1024)) # 10MB in bytes local max_size=$((50 * 1024 * 1024)) # 50MB in bytes
if [ "$available_memory" -le "$needed_blocks" ]; then if [ "$available_memory" -le "$needed_blocks" ]; then
logger -p info "Error: Not enough disk space for bundle: ${bundle_name}" log_info "Error: Not enough disk space for bundle: ${bundle_name}"
return 1 return 1
fi fi
if [ "$bundle_file_size" -gt "$max_size" ]; then if [ "$bundle_file_size" -gt "$max_size" ]; then
logger -p info "update_bundle_file_from_url: Error: File size for ${bundle_name} exceeds 10MB" log_info "update_bundle_file_from_url: Error: File size for ${bundle_name} exceeds 10MB"
return 1 return 1
fi fi
@ -57,7 +76,7 @@ update_bundle_file_from_url() {
else else
# Random delay (0-5s) before starting the download # Random delay (0-5s) before starting the download
local delay=$((RANDOM % 6)) local delay=$((RANDOM % 6))
logger -p info "update_bundle_file_from_url: Waiting ${delay}s before downloading..." log_info "update_bundle_file_from_url: Waiting ${delay}s before downloading..."
sleep "$delay" sleep "$delay"
# Retry logic with exponential backoff # Retry logic with exponential backoff
@ -65,12 +84,11 @@ update_bundle_file_from_url() {
local attempt=1 local attempt=1
local success=0 local success=0
while [ $attempt -le 3 ]; do while [ $attempt -le 3 ]; do
curl -s -o "$temp_file" "$download_url" if curl -s -o "$temp_file" "$download_url"; then
if [ $? -eq 0 ]; then
success=1 success=1
break break
else else
logger -p info "update_bundle_file_from_url: Download failed. Retrying $attempt ..." log_info "update_bundle_file_from_url: Download failed. Retrying $attempt ..."
local backoff=$(( (2 ** attempt) + (RANDOM % 3) )) # Exponential backoff + 0-2s jitter local backoff=$(( (2 ** attempt) + (RANDOM % 3) )) # Exponential backoff + 0-2s jitter
sleep "$backoff" sleep "$backoff"
fi fi
@ -78,7 +96,7 @@ update_bundle_file_from_url() {
done done
if [ $success -ne 1 ]; then if [ $success -ne 1 ]; then
logger -p info "update_bundle_file_from_url: Failed to download bundle: ${bundle_name}" log_info "update_bundle_file_from_url: Failed to download bundle: ${bundle_name}"
rm -f "$temp_file" rm -f "$temp_file"
return 1 return 1
fi fi
@ -89,7 +107,7 @@ update_bundle_file_from_url() {
local final_path="${bundle_dir}/${bundle_file_name}" local final_path="${bundle_dir}/${bundle_file_name}"
if [[ "$file_path" =~ \.xz$ ]]; then if [[ "$file_path" =~ \.xz$ ]]; then
if ! xz -dc "$file_path" > "$final_path"; then if ! xz -dc "$file_path" > "$final_path"; then
logger -p info "update_bundle_file_from_url: Decompression failed." log_info "update_bundle_file_from_url: Decompression failed."
rm -f "$final_path" rm -f "$final_path"
rm -f "$file_path" rm -f "$file_path"
return 1 return 1
@ -98,7 +116,7 @@ update_bundle_file_from_url() {
rm -f "$file_path" rm -f "$file_path"
elif [[ "$file_path" =~ \.gz$ ]]; then elif [[ "$file_path" =~ \.gz$ ]]; then
if ! gzip -dc "$file_path" > "$final_path"; then if ! gzip -dc "$file_path" > "$final_path"; then
logger -p info "update_bundle_file_from_url: Decompression failed." log_info "update_bundle_file_from_url: Decompression failed."
rm -f "$final_path" rm -f "$final_path"
rm -f "$file_path" rm -f "$file_path"
return 1 return 1
@ -134,7 +152,6 @@ handle_download_url() {
local file_name="${sanitized_url##*/}" # Get everything after the last '/' local file_name="${sanitized_url##*/}" # Get everything after the last '/'
local bundle_file_name="${file_name}.urlbundle" local bundle_file_name="${file_name}.urlbundle"
local unprocessed_file=0
local file_path="${sanitized_url#file://}" local file_path="${sanitized_url#file://}"
if echo "$sanitized_url" | grep -qE "^https?://|^file://"; then if echo "$sanitized_url" | grep -qE "^https?://|^file://"; then
@ -153,7 +170,7 @@ handle_download_url() {
fi fi
if [ -n "$previous_bundle_size" ] && [ "$bundle_file_size" -eq "$previous_bundle_size" ]; then if [ -n "$previous_bundle_size" ] && [ "$bundle_file_size" -eq "$previous_bundle_size" ]; then
return return 0
fi fi
if echo "$sanitized_url" | grep -q "^file://" && ! echo "$sanitized_url" | grep -Eq "\.(xz|gz)$"; then if echo "$sanitized_url" | grep -q "^file://" && ! echo "$sanitized_url" | grep -Eq "\.(xz|gz)$"; then
@ -161,7 +178,7 @@ handle_download_url() {
sed -i "/^${bundle_file_name} /d" "$bundle_sizes" sed -i "/^${bundle_file_name} /d" "$bundle_sizes"
echo "$bundle_file_name $bundle_file_size" >> "$bundle_sizes" echo "$bundle_file_name $bundle_file_size" >> "$bundle_sizes"
ubus send "parentalcontrol.bundle.update" "{\"bundle_file_path\":\"${file_path}\",\"bundle_name\":\"${bundle_name}\"}" ubus send "parentalcontrol.bundle.update" "{\"bundle_file_path\":\"${file_path}\",\"bundle_name\":\"${bundle_name}\"}"
return return 0
fi fi
# Remove existing entries # Remove existing entries
@ -173,11 +190,9 @@ handle_download_url() {
update_bundle_file_from_url "$sanitized_url" "$bundle_file_name" "$bundle_file_size" "$bundle_name" "$file_name" update_bundle_file_from_url "$sanitized_url" "$bundle_file_name" "$bundle_file_size" "$bundle_name" "$file_name"
return $? return $?
else else
logger -p info "Error: Unsupported URL format for ${bundle_file_name}" log_info "Error: Unsupported URL format for ${bundle_file_name}"
return 1 return 1
fi fi
return 0
} }
cleanup_bundle_files() { cleanup_bundle_files() {
@ -222,46 +237,56 @@ cleanup_bundle_files() {
done done
} }
cleanup_bundle_sizes() {
downloaded_bundle_names="$(cat "$bundle_sizes" | cut -d '.' -f 1)"
for name in $downloaded_bundle_names; do
if ls ${stringstore_dir}/${name}* 2>&1 | grep -qF '.store'; then
if ls ${stringstore_dir}/${name}* 2>&1 | grep -q cmph; then
continue
fi
fi
sed -i "/$name/d" "$bundle_sizes"
done
}
# Main handler for all profile URL bundles # Main handler for all profile URL bundles
handle_filter_for_bundles() { handle_filter_for_bundles() {
local urlfilter local urlfilter
urlfilter="$(uci -q get parentalcontrol.globals.urlfilter)" urlfilter="$(uci -q get parentalcontrol.globals.urlfilter)"
# if urlfilter is not enabled, then return
if [ "${urlfilter}" -ne "1" ]; then if [ "${urlfilter}" -ne "1" ]; then
logger -p info "urlbundle not supported" log_info "urlfilter feature not enabled"
return return 0
fi
ubus -t 20 wait_for bbfdm.parentalcontrol
if [ "$?" -ne 0 ]; then
logger -p error "bbfdm.parentalcontrol object not found"
return
fi fi
initialize_environment initialize_environment
cleanup_bundle_files "$bundle_dir" cleanup_bundle_files "$bundle_dir"
cleanup_bundle_files "$stringstore_dir" cleanup_bundle_files "$stringstore_dir"
cleanup_bundle_sizes
config_load parentalcontrol config_load parentalcontrol
config_get_bool enable globals enable 0 config_get_bool enable globals enable 0
if [ "${enable}" -eq 0 ]; then if [ "${enable}" -eq 0 ]; then
log_info "parental-control feature not enabled"
# Parental control is disabled # Parental control is disabled
return 0 return 0
fi fi
local profile enable bundles bundle_name download_url
check_bundle_exists() { check_bundle_exists() {
local cfg="$1" local enable download_url name cfg
cfg="$1"
config_get name "$cfg" name config_get name "$cfg" name
config_get_bool enable "$cfg" enable 0 config_get_bool enable "$cfg" enable 1
config_get download_url "$cfg" download_url config_get download_url "$cfg" download_url
if [ "${enable}" -eq 0 ]; then if [ "${enable}" -eq 0 ]; then
# bundle is disabled log_info "Skipping bundle ${name} not enabled"
return 0 return 0
fi fi
@ -282,6 +307,6 @@ handle_filter_for_bundles() {
# Open file descriptor 200 for locking # Open file descriptor 200 for locking
exec 200>"$LOCKFILE" exec 200>"$LOCKFILE"
# Try to acquire an exclusive lock; exit if another instance is running # Try to acquire an exclusive lock; exit if another instance is running
flock -n 200 || { logger -p info "sync_bundles.sh is already running, exiting."; exit 1; } flock -n 200 || { log_info "sync_bundles.sh is already running, exiting."; exit 1; }
handle_filter_for_bundles handle_filter_for_bundles