drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-05-18 11:22:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: drygdryg:b306cd65fd3a5e634e17444dfd6022ad81e5d625
Branches Tags
drygdryg:master
drygdryg:v70.6
drygdryg:v70.5
drygdryg:v70.4
drygdryg:v70.3
drygdryg:v70
drygdryg:v69.9
drygdryg:v69.8
drygdryg:v69.7
drygdryg:v69.6
drygdryg:v69.5
drygdryg:v69.4
drygdryg:v69.3
drygdryg:v69.2
drygdryg:v69.1
drygdryg:v69
drygdryg:v68
drygdryg:v67
drygdryg:v66
drygdryg:v65
drygdryg:v64
..
compare: drygdryg:a6b5a033fca1941f83a28b79e6ca50b11852bab8
Branches Tags
drygdryg:master
drygdryg:v70.6
drygdryg:v70.5
drygdryg:v70.4
drygdryg:v70.3
drygdryg:v70
drygdryg:v69.9
drygdryg:v69.8
drygdryg:v69.7
drygdryg:v69.6
drygdryg:v69.5
drygdryg:v69.4
drygdryg:v69.3
drygdryg:v69.2
drygdryg:v69.1
drygdryg:v69
drygdryg:v68
drygdryg:v67
drygdryg:v66
drygdryg:v65
drygdryg:v64

1 Commits
b306cd65fd ... a6b5a033fc

Author SHA1 Message Date
Lorekin
a6b5a033fc
Merge 92ba6b439e6aed8557a315ebfcd350016159be52 into 9c8636081c413dcc08ea6ce8eb33a36798908a8e 2024-12-15 17:20:45 +03:00
1 changed files with 33 additions and 9 deletions
Show Stats Expand all files Collapse all files

42
common/nft.sh
View File

@ -263,6 +263,28 @@ nft_add_flow_offload_exemption()
[ "$DISABLE_IPV6" = "1" -o -z "$2" ] || nft_add_rule flow_offload oifname @wanif6 $2 ip6 daddr != @nozapret6 return comment \"$3\" [ "$DISABLE_IPV6" = "1" -o -z "$2" ] || nft_add_rule flow_offload oifname @wanif6 $2 ip6 daddr != @nozapret6 return comment \"$3\"
} }
nft_hw_offload_supported()
{
# $1,$2,... - interface names
local devices res=1
make_quoted_comma_list devices "$@"
[ -n "$devices" ] && devices="devices={$devices};"
nft add table ${ZAPRET_NFT_TABLE}_test && nft add flowtable ${ZAPRET_NFT_TABLE}_test ft "{ flags offload; $devices }" 2>/dev/null && res=0
nft delete table ${ZAPRET_NFT_TABLE}_test 2>/dev/null
return $res
}
nft_hw_offload_find_supported()
{
# $1,$2,... - interface names
local supported_list
while [ -n "$1" ]; do
nft_hw_offload_supported "$1" && append_separator_list supported_list ' ' '' "$1"
shift
done
echo $supported_list
}
nft_apply_flow_offloading() nft_apply_flow_offloading()
{ {
# ft can be absent # ft can be absent
@ -348,15 +370,17 @@ flush set inet $ZAPRET_NFT_TABLE lanif"
nft_create_or_update_flowtable 'offload' 2>/dev/null nft_create_or_update_flowtable 'offload' 2>/dev/null
# then add elements. some of them can cause error because unsupported # then add elements. some of them can cause error because unsupported
for i in $ALLDEVS; do for i in $ALLDEVS; do
# first try to add interface itself if nft_hw_offload_supported $i; then
nft_create_or_update_flowtable 'offload' $i 2>/dev/null nft_create_or_update_flowtable 'offload' $i
# bridge members must be added instead of the bridge itself else
# some members may not support hw offload. example : lan1 lan2 lan3 support, wlan0 wlan1 - not # bridge members must be added instead of the bridge itself
devs=$(resolve_lower_devices $i) # some members may not support hw offload. example : lan1 lan2 lan3 support, wlan0 wlan1 - not
for j in $devs; do devs=$(resolve_lower_devices $i)
# do not display error if addition failed for j in $devs; do
nft_create_or_update_flowtable 'offload' $j 2>/dev/null # do not display error if addition failed
done nft_create_or_update_flowtable 'offload' $j 2>/dev/null
done
fi
done done
;; ;;
esac esac