From eef294aada022820bc2a39f45ab95a5f8c8f2815 Mon Sep 17 00:00:00 2001
From: bolvan <k@vodka.home.kg>
Date: Fri, 24 May 2019 08:27:25 +0300
Subject: [PATCH] init : separate custom code

---
 docs/readme.txt          | 26 ++++++++++++++++++++++++++
 init.d/openwrt/custom    | 20 ++++++++++++++++++++
 init.d/openwrt/functions | 17 +++++++++++------
 init.d/openwrt/zapret    | 10 ++--------
 init.d/sysv/custom       | 24 ++++++++++++++++++++++++
 init.d/sysv/functions    | 28 ++++++++++++++--------------
 6 files changed, 97 insertions(+), 28 deletions(-)
 create mode 100644 init.d/openwrt/custom
 create mode 100644 init.d/sysv/custom

diff --git a/docs/readme.txt b/docs/readme.txt
index 0c73290..7fde7cf 100644
--- a/docs/readme.txt
+++ b/docs/readme.txt
@@ -358,6 +358,32 @@ IFACE_WAN=eth1
 
  /opt/zapret/init.d/sysv/zapret start-daemons
  /opt/zapret/init.d/sysv/zapret stop-daemons
+ 
+Вариант custom
+--------------
+
+custom код вынесен в отдельный shell include
+/opt/zapret/init.d/sysv/custom
+или
+/opt/zapret/init.d/openwrt/custom
+
+Нужно свой код вписать в функции :
+zapret_custom_daemons
+zapret_custom_firewall
+
+В этом файле пишите ваш код, пользуясь хелперами из "functions" или "zapret".
+Смотрите как там сделано добавление iptables или запуск демонов.
+Используя хелпер функции, вы избавитесь от необходимости учитывать все возможные случаи
+типа наличия/отсутствия ipv6, является ли система роутером, имена интерфейсов, ...
+Хелперы это учитывают , вам нужно сосредоточиться лишь на фильтрах iptables и
+параметрах демонов.
+
+Код для openwrt и sysv немного отличается. В sysv нужно обрабатывать и запуск, и остановку.
+Запуск это или остановка передается в параметре $1 (0 или 1).
+В openwrt за остановку демонов отвечает procd, а firewall вычищается при "fw3 restart",
+потому нет необходимости реализоввать логику останова.
+
+При апгрейде нужно сохранить лишь custom, другие файлы править не надо.
 
 Пример установки на debian-подобную систему
 -------------------------------------------
diff --git a/init.d/openwrt/custom b/init.d/openwrt/custom
new file mode 100644
index 0000000..2136b74
--- /dev/null
+++ b/init.d/openwrt/custom
@@ -0,0 +1,20 @@
+# this script contain your special code to launch daemons and configure firewall
+# use helpers from "functions" file and "zapret" init script
+# in case of upgrade keep this file only, do not modify others
+
+zapret_custom_daemons()
+{
+	# PLACEHOLDER
+	echo !!! NEED ATTENTION !!!
+	echo Start daemon\(s\)
+	echo Study how other sections work
+
+	run_daemon 1 /bin/sleep 20
+}
+zapret_custom_firewall()
+{
+	# PLACEHOLDER
+	echo !!! NEED ATTENTION !!!
+	echo Configure iptables for required actions
+	echo Study how other sections work
+}
diff --git a/init.d/openwrt/functions b/init.d/openwrt/functions
index 1dea172..3d0882b 100644
--- a/init.d/openwrt/functions
+++ b/init.d/openwrt/functions
@@ -11,12 +11,20 @@ TPWS_USER=daemon
 # max wait time for the link local ipv6 on the LAN interface
 LINKLOCAL_WAIT_SEC=5
 
-IPSET_CR=$ZAPRET_BASE/ipset/create_ipset.sh
+IPSET_CR="$ZAPRET_BASE/ipset/create_ipset.sh"
+
+CUSTOM_SCRIPT="$ZAPRET_BASE/init.d/openwrt/custom"
+[ -f "$CUSTOM_SCRIPT" ] && . "$CUSTOM_SCRIPT"
 
 exists()
 {
- which $1 >/dev/null 2>/dev/null
+ which "$1" >/dev/null 2>/dev/null
 }
+existf()
+{
+ type "$1" >/dev/null 2>/dev/null
+}
+
 
 # can be multiple ipv6 outgoing interfaces
 # uplink from isp, tunnelbroker, vpn, ...
@@ -239,10 +247,7 @@ zapret_apply_firewall()
 			create_ipset no-update
 			;;
 	    custom)
-			# PLACEHOLDER
-			echo !!! NEED ATTENTION !!!
-			echo Configure iptables for required actions
-			echo Study how other sections work
+	    		existf zapret_custom_firewall && zapret_custom_firewall $1
 			;;
 	esac
 }
diff --git a/init.d/openwrt/zapret b/init.d/openwrt/zapret
index 51a878e..1200dc1 100755
--- a/init.d/openwrt/zapret
+++ b/init.d/openwrt/zapret
@@ -4,10 +4,8 @@ USE_PROCD=1
 # after network
 START=21
 
-. /lib/functions/network.sh
-
 ZAPRET_BASE=/opt/zapret
-. "$ZAPRET_BASE/config"
+. "$ZAPRET_BASE/init.d/openwrt/functions"
 
 # !!!!! in openwrt firewall rules are configured separately
 
@@ -31,7 +29,6 @@ TPWS_OPT_BASE6_PRE="--user=$TPWS_USER --bind-linklocal=prefer --bind-wait-ifup=3
 TPWS_OPT_BASE_HTTP="--port=$TPPORT_HTTP"
 TPWS_OPT_BASE_HTTPS="--port=$TPPORT_HTTPS"
 
-
 run_daemon()
 {
 	# $1 - daemon string id or number. can use 1,2,3,...
@@ -81,10 +78,7 @@ start_service() {
 			run_daemon 1 $NFQWS "$NFQWS_OPT_BASE $NFQWS_OPT"
 			;;
 	    custom)
-			# PLACEHOLDER
-			echo !!! NEED ATTENTION !!!
-			echo Start daemon\(s\)
-			echo Study how other sections work
+	    		existf zapret_custom_daemons && zapret_custom_daemons $1
 			;;
 	esac
 }
diff --git a/init.d/sysv/custom b/init.d/sysv/custom
new file mode 100644
index 0000000..ed6183b
--- /dev/null
+++ b/init.d/sysv/custom
@@ -0,0 +1,24 @@
+# this script contain your special code to launch daemons and configure firewall
+# use helpers from "functions" file
+# in case of upgrade keep this file only, do not modify others
+
+zapret_custom_daemons()
+{
+	# $1 - 1 - run, 0 - stop
+
+	# PLACEHOLDER
+	echo !!! NEED ATTENTION !!!
+	echo Start daemon\(s\)
+	echo Study how other sections work
+
+	do_daemon $1 1 /bin/sleep 20
+}
+zapret_custom_firewall()
+{
+	# $1 - 1 - run, 0 - stop
+
+	# PLACEHOLDER
+	echo !!! NEED ATTENTION !!!
+	echo Configure iptables for required actions
+	echo Study how other sections work
+}
diff --git a/init.d/sysv/functions b/init.d/sysv/functions
index 9c3025f..20d6d13 100644
--- a/init.d/sysv/functions
+++ b/init.d/sysv/functions
@@ -6,17 +6,17 @@
 
 PIDDIR=/var/run
 
-IPSET_CR=$ZAPRET_BASE/ipset/create_ipset.sh
+IPSET_CR="$ZAPRET_BASE/ipset/create_ipset.sh"
 
 WS_USER=tpws
 
 QNUM=200
-NFQWS=$ZAPRET_BASE/nfq/nfqws
+NFQWS="$ZAPRET_BASE/nfq/nfqws"
 NFQWS_OPT_BASE="--qnum=$QNUM --user=$WS_USER"
 
 TPPORT_HTTP=1188
 TPPORT_HTTPS=1189
-TPWS=$ZAPRET_BASE/tpws/tpws
+TPWS="$ZAPRET_BASE/tpws/tpws"
 TPWS_HOSTLIST=$ZAPRET_BASE/ipset/zapret-hosts.txt.gz
 [ -f "$TPWS_HOSTLIST" ] || TPWS_HOSTLIST=$ZAPRET_BASE/ipset/zapret-hosts-user.txt
 TPWS_OPT_BASE="--user=$WS_USER --bind-addr=127.0.0.1"
@@ -33,9 +33,16 @@ TPWS_OPT_BASE_HTTPS="--port=$TPPORT_HTTPS"
 # max wait time for the link local ipv6 on the LAN interface
 LINKLOCAL_WAIT_SEC=5
 
+CUSTOM_SCRIPT="$ZAPRET_BASE/init.d/sysv/custom"
+[ -f "$CUSTOM_SCRIPT" ] && . "$CUSTOM_SCRIPT"
+
 exists()
 {
-	which $1 >/dev/null 2>/dev/null
+	which "$1" >/dev/null 2>/dev/null
+}
+existf()
+{
+	type "$1" >/dev/null 2>/dev/null
 }
 
 on_off_function()
@@ -219,7 +226,7 @@ run_daemon()
 	# $2 - daemon
 	# $3 - daemon args
 	# use $PIDDIR/$DAEMONBASE$1.pid as pidfile
-	
+
 	local DAEMONBASE=$(basename $2)
 	local PIDFILE=$PIDDIR/$DAEMONBASE$1.pid
 	echo "Starting daemon $1: $2 $3"
@@ -365,10 +372,7 @@ zapret_do_firewall()
 			[ "$1" != "1" ] || create_ipset
 			;;
 	    custom)
-			# PLACEHOLDER
-			echo !!! NEED ATTENTION !!!
-			echo Configure iptables for required actions
-			echo Study how other sections work
+	    		existf zapret_custom_firewall && zapret_custom_firewall $1
 			;;
 	esac
 }
@@ -400,11 +404,7 @@ zapret_do_daemons()
 			do_nfqws $1 1 "$NFQWS_OPT"
 			;;
 	    custom)
-			# PLACEHOLDER
-			echo !!! NEED ATTENTION !!!
-			echo Start daemon\(s\)
-			echo Study how other sections work
-			do_daemon $1 1 /bin/sleep 20
+	    		existf zapret_custom_daemons && zapret_custom_daemons $1
 			;;
 	esac
 }