Hi all I am trying to bind to interface by it's name inside procd init script but my service doesn't if I remove iface name it's binds correctly to :::0 iface but I need to bind to br-lan only, if I am trying to start the same from cli -- it starts correct. It seems that iface names are not available inside procd namespace. Could anyone help me? OpenWRT version is 17.
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </>
" button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
tyroot@LEDE:~# ubus call system board
{
"kernel": "4.4.182",
"hostname": "LEDE",
"system": "Atheros AR7241 rev 1",
"model": "TP-Link TL-MR3220 v1",
"board_name": "tl-mr3220",
"release": {
"distribution": "LEDE",
"version": "17.01.7",
"revision": "r4030-6028f00df0",
"codename": "reboot",
"target": "ar71xx\/generic",
"description": "LEDE Reboot 17.01.7 r4030-6028f00df0"
}
}
root@LEDE:~# cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd41:6d35:30d7::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.5.1'
config interface 'wan'
option ifname 'eth1'
option proto 'dhcp'
config interface 'wan6'
option ifname 'eth1'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 0'
pe or paste code here
You need to back your broken program that falls back to listen on wildcard with a firewall rule.
Would go easier if you were less secretive.
Please post the script contents and which command fails, specifically.
1 Like
cat /etc/init.d/zapret
#!/bin/sh /etc/rc.common
USE_PROCD=1
# after network
START=21
CONFIGURATION=zapret
PIDDIR=/var/run
load_fw_rules()
{
iptables -t nat -I PREROUTING -i br-lan -p tcp -m multiport --dports 80,443 -j REDIRECT --to-port $1
}
unload_fw_rules()
{
iptables -t nat -D PREROUTING -i br-lan -p tcp -m multiport --dports 80,443 -j REDIRECT --to-port $1
}
start_service()
{
echo "Starting Zapret service"
config_load "$CONFIGURATION"
local opts
local pid
local port
config_get opts tpws opts
config_get pid tpws pid
config_get port tpws port
procd_open_instance
procd_set_param command /opt/zapret/tpws/tpws
procd_append_param command "--bind-iface4=br-lan"
procd_append_param command "--port=$port"
procd_append_param command "--bind-wait-ifup=30"
procd_append_param command "--bind-wait-ip=10"
procd_append_param command "--user=nobody"
procd_append_param command "$opts"
procd_set_param file /etc/config/zapret
procd_set_param pidfile "$PIDDIR/$pid"
procd_set_param netdev br-lan
procd_set param user nobody
procd_close_instance
load_fw_rules $port
}
stop_service()
{
# this procedure is called from stop()
# stop() already stop daemons
config_load "$CONFIGURATION"
local port
config_get port tpws port
unload_fw_rules $port
echo "STOP Zapret service"
}
Try setting ${PATH} in the beginning of the script:
export PATH=/usr/sbin:/usr/bin:/sbin:/bin
1 Like