Using iface name inside procd init script

Hi all I am trying to bind to interface by it's name inside procd init script but my service doesn't if I remove iface name it's binds correctly to :::0 iface but I need to bind to br-lan only, if I am trying to start the same from cli -- it starts correct. It seems that iface names are not available inside procd namespace. Could anyone help me? OpenWRT version is 17.

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
tyroot@LEDE:~# ubus call system board
{
	"kernel": "4.4.182",
	"hostname": "LEDE",
	"system": "Atheros AR7241 rev 1",
	"model": "TP-Link TL-MR3220 v1",
	"board_name": "tl-mr3220",
	"release": {
		"distribution": "LEDE",
		"version": "17.01.7",
		"revision": "r4030-6028f00df0",
		"codename": "reboot",
		"target": "ar71xx\/generic",
		"description": "LEDE Reboot 17.01.7 r4030-6028f00df0"
	}
}
root@LEDE:~# cat /etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd41:6d35:30d7::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.5.1'

config interface 'wan'
	option ifname 'eth1'
	option proto 'dhcp'

config interface 'wan6'
	option ifname 'eth1'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 0'
pe or paste code here

You need to back your broken program that falls back to listen on wildcard with a firewall rule.
Would go easier if you were less secretive.

Please post the script contents and which command fails, specifically.

1 Like
cat /etc/init.d/zapret 
#!/bin/sh /etc/rc.common

USE_PROCD=1
# after network
START=21
CONFIGURATION=zapret

PIDDIR=/var/run


load_fw_rules()
{
	iptables -t nat -I PREROUTING -i br-lan -p tcp -m multiport --dports 80,443 -j REDIRECT --to-port $1

} 

unload_fw_rules()
{
	iptables -t nat -D PREROUTING -i br-lan -p tcp -m multiport --dports 80,443 -j REDIRECT --to-port $1

}

start_service()
{
	echo "Starting Zapret service"
	config_load "$CONFIGURATION"
	local opts
	local pid
	local port
	config_get opts tpws opts
	config_get pid tpws pid
	config_get port tpws port
	procd_open_instance
	procd_set_param command /opt/zapret/tpws/tpws
	procd_append_param command "--bind-iface4=br-lan"
	procd_append_param command "--port=$port"
	procd_append_param command "--bind-wait-ifup=30"                                    
	procd_append_param command "--bind-wait-ip=10"
	procd_append_param command "--user=nobody"
	procd_append_param command "$opts"                                   
	procd_set_param file /etc/config/zapret
	procd_set_param pidfile "$PIDDIR/$pid"
	procd_set_param netdev br-lan
	procd_set param user nobody
	procd_close_instance
	load_fw_rules $port
}


stop_service()
{
	# this procedure is called from stop()
	# stop() already stop daemons
	config_load "$CONFIGURATION"
	local port
	config_get port tpws port
	unload_fw_rules $port
	echo "STOP Zapret service"
}

Try setting ${PATH} in the beginning of the script:
export PATH=/usr/sbin:/usr/bin:/sbin:/bin

1 Like