drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-26 20:20:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

nftables: quote interface names in ifname sets

Browse Source
This commit is contained in:
bol-van 2022-02-16 22:08:01 +03:00
parent 0b242d6068
commit 0d08b555e8
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
common/base.sh
View File

@ -83,6 +83,14 @@ make_comma_list()
shift shift
make_separator_list $var , '' "$@" make_separator_list $var , '' "$@"
} }
make_quoted_comma_list()
{
# $1 - var name to receive result
# $2,$3,... - elements
local var="$1"
shift
make_separator_list $var , '"' "$@"
}
unique() unique()
{ {
local i local i

6
common/nft.sh
View File

@ -101,7 +101,7 @@ nft_create_or_update_flowtable()
# can be called multiple times to add interfaces. interfaces can only be added , not removed # can be called multiple times to add interfaces. interfaces can only be added , not removed
local flags=$1 devices local flags=$1 devices
shift shift
make_comma_list devices "$@" make_quoted_comma_list devices "$@"
[ -n "$devices" ] && devices="devices={$devices};" [ -n "$devices" ] && devices="devices={$devices};"
[ -n "$flags" ] && flags="flags $flags;" [ -n "$flags" ] && flags="flags $flags;"
nft add flowtable inet $ZAPRET_NFT_TABLE ft "{ hook ingress priority -1; $flags $devices }" nft add flowtable inet $ZAPRET_NFT_TABLE ft "{ hook ingress priority -1; $flags $devices }"
@ -172,7 +172,7 @@ nft_hw_offload_supported()
{ {
# $1,$2,... - interface names # $1,$2,... - interface names
local devices res=1 local devices res=1
make_comma_list devices "$@" make_quoted_comma_list devices "$@"
[ -n "$devices" ] && devices="devices={$devices};" [ -n "$devices" ] && devices="devices={$devices};"
nft add table ${ZAPRET_NFT_TABLE}_test && nft add flowtable ${ZAPRET_NFT_TABLE}_test ft "{ flags offload; $devices }" 2>/dev/null && res=0 nft add table ${ZAPRET_NFT_TABLE}_test && nft add flowtable ${ZAPRET_NFT_TABLE}_test ft "{ flags offload; $devices }" 2>/dev/null && res=0
nft delete table ${ZAPRET_NFT_TABLE}_test 2>/dev/null nft delete table ${ZAPRET_NFT_TABLE}_test 2>/dev/null
@ -235,7 +235,7 @@ nft_script_add_ifset_element()
# $2 - space separated elements # $2 - space separated elements
local elements local elements
[ -n "$2" ] && { [ -n "$2" ] && {
make_separator_list elements ' ' '"' $2 make_quoted_comma_list elements $2
script="${script} script="${script}
add element inet $ZAPRET_NFT_TABLE $1 { $elements }" add element inet $ZAPRET_NFT_TABLE $1 { $elements }"
} }