From f81bb51f4a5c21a02e15f1b9d8f7f42820b6352e Mon Sep 17 00:00:00 2001 From: bol-van Date: Tue, 3 Dec 2024 17:22:16 +0300 Subject: [PATCH] install_easy: validate daemon options --- common/installer.sh | 37 ++++++++++++++++++++++++++++++++++++- install_easy.sh | 32 ++++++++++++++++++++++++++++---- 2 files changed, 64 insertions(+), 5 deletions(-) diff --git a/common/installer.sh b/common/installer.sh index 903337c..23b8f82 100644 --- a/common/installer.sh +++ b/common/installer.sh @@ -140,7 +140,7 @@ echo_var() eval v="\$$1" if find_str_in_list $1 "$EDITVAR_NEWLINE_VARS"; then echo "$1=\"" - echo "$v\"" | sed "s/$EDITVAR_NEWLINE_DELIMETER /$EDITVAR_NEWLINE_DELIMETER\n/g" + echo "$v\"" | tr '\n' ' ' | tr -d '\r' | sed -e 's/ *//' -e "s/$EDITVAR_NEWLINE_DELIMETER /$EDITVAR_NEWLINE_DELIMETER\n/g" else if contains "$v" " "; then echo $1=\"$v\" @@ -170,6 +170,7 @@ list_vars() echo_var $1 shift done + echo } openrc_test() @@ -837,3 +838,37 @@ select_fwtype() echo select firewall type : ask_list FWTYPE "iptables nftables" "$FWTYPE" && write_config_var FWTYPE } + +dry_run_tpws_() +{ + local TPWS="$ZAPRET_BASE/tpws/tpws" + echo verifying tpws options + "$TPWS" --dry-run "$@" +} +dry_run_nfqws_() +{ + local NFQWS="$ZAPRET_BASE/nfq/nfqws" + echo verifying nfqws options + "$NFQWS" --dry-run "$@" +} +dry_run_tpws() +{ + [ "$TPWS_ENABLE" = 1 ] || return 0 + local opt="$TPWS_OPT" port=${TPPORT_SOCKS:-988} + filter_apply_hostlist_target opt + dry_run_tpws_ --port=$port $opt +} +dry_run_tpws_socks() +{ + [ "$TPWS_SOCKS_ENABLE" = 1 ] || return 0 + local opt="$TPWS_SOCKS_OPT" port=${TPPORT:-987} + filter_apply_hostlist_target opt + dry_run_tpws_ --port=$port --socks $opt +} +dry_run_nfqws() +{ + [ "$NFQWS_ENABLE" = 1 ] || return 0 + local opt="$NFQWS_OPT" qn=${QNUM:-200} + filter_apply_hostlist_target opt + dry_run_nfqws_ --qnum=$qn $opt +} diff --git a/install_easy.sh b/install_easy.sh index a6aca99..ccb259c 100755 --- a/install_easy.sh +++ b/install_easy.sh @@ -26,6 +26,7 @@ IPSET_DIR="$ZAPRET_BASE/ipset" . "$ZAPRET_BASE/common/ipt.sh" . "$ZAPRET_BASE/common/installer.sh" . "$ZAPRET_BASE/common/virt.sh" +. "$ZAPRET_BASE/common/list.sh" GET_LIST="$IPSET_DIR/get_config.sh" @@ -115,6 +116,30 @@ ws_opt_validate() } return 0 } +tpws_opt_validate() +{ + ws_opt_validate "$1" || return 1 + dry_run_tpws || { + echo invalid tpws options + return 1 + } +} +tpws_socks_opt_validate() +{ + # --ipset allowed here + dry_run_tpws_socks || { + echo invalid tpws options + return 1 + } +} +nfqws_opt_validate() +{ + ws_opt_validate "$1" || return 1 + dry_run_nfqws || { + echo invalid nfqws options + return 1 + } +} select_mode_group() { @@ -162,18 +187,17 @@ select_mode_group() select_mode_tpws_socks() { local EDITVAR_NEWLINE_DELIMETER="--new" EDITVAR_NEWLINE_VARS="TPWS_SOCKS_OPT" - # --ipset allowed here - select_mode_group TPWS_SOCKS_ENABLE "enable tpws socks mode on port $TPPORT_SOCKS ?" "TPPORT_SOCKS TPWS_SOCKS_OPT" + select_mode_group TPWS_SOCKS_ENABLE "enable tpws socks mode on port $TPPORT_SOCKS ?" "TPPORT_SOCKS TPWS_SOCKS_OPT" tpws_socks_opt_validate TPWS_SOCKS_OPT } select_mode_tpws() { local EDITVAR_NEWLINE_DELIMETER="--new" EDITVAR_NEWLINE_VARS="TPWS_OPT" - select_mode_group TPWS_ENABLE "enable tpws transparent mode ?" "TPWS_PORTS TPWS_OPT" ws_opt_validate TPWS_OPT + select_mode_group TPWS_ENABLE "enable tpws transparent mode ?" "TPWS_PORTS TPWS_OPT" tpws_opt_validate TPWS_OPT } select_mode_nfqws() { local EDITVAR_NEWLINE_DELIMETER="--new" EDITVAR_NEWLINE_VARS="NFQWS_OPT" - select_mode_group NFQWS_ENABLE "enable nfqws ?" "NFQWS_PORTS_TCP NFQWS_PORTS_UDP NFQWS_TCP_PKT_OUT NFQWS_TCP_PKT_IN NFQWS_UDP_PKT_OUT NFQWS_UDP_PKT_IN NFQWS_PORTS_TCP_KEEPALIVE NFQWS_PORTS_UDP_KEEPALIVE NFQWS_OPT" ws_opt_validate NFQWS_OPT + select_mode_group NFQWS_ENABLE "enable nfqws ?" "NFQWS_PORTS_TCP NFQWS_PORTS_UDP NFQWS_TCP_PKT_OUT NFQWS_TCP_PKT_IN NFQWS_UDP_PKT_OUT NFQWS_UDP_PKT_IN NFQWS_PORTS_TCP_KEEPALIVE NFQWS_PORTS_UDP_KEEPALIVE NFQWS_OPT" nfqws_opt_validate NFQWS_OPT } select_mode_mode()