banip: update 1.5.0-5

* fix a reporting issue with multiple ports/protocols Signed-off-by: Dirk Brenken <[email protected]>
openwrt · Jan 26, 2025 · 737c060 · 737c060
1 parent 2434806
commit 737c060
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 4 deletions.
diff --git a/net/banip/Makefile b/net/banip/Makefile
@@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=banip
 PKG_VERSION:=1.5.0
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 PKG_LICENSE:=GPL-3.0-or-later
 PKG_MAINTAINER:=Dirk Brenken <[email protected]>
 

diff --git a/net/banip/files/banip-functions.sh b/net/banip/files/banip-functions.sh
@@ -1509,18 +1509,25 @@ f_report() {
 			set_proto=""
 			set_dport=""
 			for chain in _inbound _outbound; do
-				for expr in 0 1; do
+				for expr in 0 1 2; do
 					if [ "${chain}" = "_inbound" ] && [ -z "${set_cntinbound}" ]; then
 						set_cntinbound="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[${expr}].match.right=\"@${item}\"].expr[*].counter.packets")"
 					elif [ "${chain}" = "_outbound" ] && [ -z "${set_cntoutbound}" ]; then
 						set_cntoutbound="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[${expr}].match.right=\"@${item}\"].expr[*].counter.packets")"
 					fi
-					[ "${expr}" = "1" ] && [ -z "${set_dport}" ] && set_dport="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[${expr}].match.right=\"@${item}\"].expr[*].match.right.set")"
-					[ "${expr}" = "1" ] && [ -z "${set_proto}" ] && set_proto="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[${expr}].match.right=\"@${item}\"].expr[*].match.left.payload.protocol")"
+					[ -z "${set_proto}" ] && set_proto="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[2].match.right=\"@${item}\"].expr[0].match.right.set")"
+					[ -z "${set_proto}" ] && set_proto="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[1].match.right=\"@${item}\"].expr[0].match.left.payload.protocol")"
+					[ -z "${set_dport}" ] && set_dport="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[2].match.right=\"@${item}\"].expr[1].match.right.set")"
+					[ -z "${set_dport}" ] && set_dport="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[2].match.right=\"@${item}\"].expr[1].match.right")"
+					[ -z "${set_dport}" ] && set_dport="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[1].match.right=\"@${item}\"].expr[0].match.right.set")"
+					[ -z "${set_dport}" ] && set_dport="$(printf "%s" "${table_json}" | "${ban_jsoncmd}" -ql1 -e "@.nftables[@.rule.chain=\"${chain}\"][@.expr[1].match.right=\"@${item}\"].expr[0].match.right")"
 				done
 			done
 			if [ -n "${set_proto}" ] && [ -n "${set_dport}" ]; then
 				sum_setports="$((sum_setports + 1))"
+				set_proto="${set_proto//[\{\}\":]/}"
+				set_proto="${set_proto#\[ *}"
+				set_proto="${set_proto%* \]}"
 				set_dport="${set_dport//[\{\}\":]/}"
 				set_dport="${set_dport#\[ *}"
 				set_dport="${set_dport%* \]}"