I think what your really asking is when is it applicable to spawn instances from proto vs procd? &&|| what are some good examples where proto interacts with a procd "service"?
in your case... it's alot closer to sqm||banip||mwan3... which all have varying means to achieve similar outcomes... the key being... that the procd 'service' is not the actual listener...
Thanks, the proto_run_command and proto_kill_command in DHCP proto escaped my attention! I will experiement with spawning process from proto instead. But no, not really what I'm asking -- I'd really prefer to spawn instances from PROCD because I can use the PROCD fw object there.
Your reply inspired me to do more experiments and after a reboot spawning process from either proto or procd work. I'm still in the dark on how to selectively kill just a single PROCD instance for the proto_teardown tho.
@jow -- can I use the firewall objects somehow in the proto scripts? If not (and I end up using the PROCD to spawn process for the protocol) how can I kill just a single instance of the PROCD script?
Thanks @jow, I've mad a little progress, but could use your help again.
Maybe I misunderstood what proto_config_add_string does, but when I run json_get_vars config, the $config is empty. I thought that proto_config_add_string is an equivalent of config_get to add relevant options to json to be retrieved later, but I've checked the json and there's no config option there. I have to grab it with the uci command.
Do I need to somehow reload the firewall? When I check with iptables-save I don't see the relevant rules.
Thanks for having a look, yes I've restarted the network.
I see the interface in luci (working on the luci-proto-nebula) and ifconfig, however unlike with the init script, I don't see it affecting the firewall. In the PROCD script I needed to add:
So usually, the firewall reload is triggered by hotplug, specifically /etc/hotplug.d/iface/20-firewall
But I think the reason why it might not be working in your case is because your nebula interface is not part of any zone, so that the condition at line 8 causes the hotplug handler to bail out:
Thank you for your reply Jo. Is there any documentation about netifd anywhere besides browsing the code?
Even when it's working, when I tried to assign nebula as an interface for the dropbear instance config it still complains about interface not having a network device, so I can't really achieve the goal I've had when I started on the path of converting nebula to be netifd-compatible.