pbr: update to 1.2.1-r87

Makefile: * Remove installation of /usr/share/nftables.d/* files as they are no longer needed Init script: * bugfixes/more mature netifd extensions support * refactor of the nft_file function and global variables it uses * the "main" atomic nft file now includes creation of pbr chains and jumps from relevant fw4 chains to pbr chains * more consistent use of "uplink" wording in the output and variable names * implement resolver 'wait' call and use it before trying to resolve any policy entries * major overhaul of the split uplink case (IPv4-only wan and IPv6-only wan6), should now create/use a single pbr_wan table for both legacy and IPv6 routing and the same marking chain * updates to IDs and text of some error messages (needs luci app update) * major speed improvements for service stop * unify the cleanup_* functions into a single cleanup function * reject creating/additions to nft sets for src_address entries as dnsmasq doesn't populate sets with local addresses * minor bugfixes/code cleanups * refactor processing of WG servers due to split uplink support (thanks @egc112!) * clearer (hopefully) argument names for process_interface calls * small improvements to status_service Signed-off-by: Stan Grishin <stangri@melmac.ca>
2026-04-15 10:51:55 +00:00 · 2026-01-30 20:22:03 +00:00
parent ec04b18514
commit 0666df9e69
8 changed files with 717 additions and 464 deletions
--- a/net/pbr/Makefile
+++ b/net/pbr/Makefile
@@ -1,11 +1,11 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
-# Copyright 2017-2025 MOSSDeF, Stan Grishin (stangri@melmac.ca).
+# Copyright 2017-2026 MOSSDeF, Stan Grishin (stangri@melmac.ca).

 include $(TOPDIR)/rules.mk

 PKG_NAME:=pbr
 PKG_VERSION:=1.2.1
-PKG_RELEASE:=45
+PKG_RELEASE:=87
 PKG_LICENSE:=AGPL-3.0-or-later
 PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>

@@ -57,8 +57,6 @@ define Package/pbr/install
 	$(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.dnsprefetch $(1)/usr/share/pbr/pbr.user.dnsprefetch
 	$(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.aws $(1)/usr/share/pbr/pbr.user.aws
 	$(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.netflix $(1)/usr/share/pbr/pbr.user.netflix
-	$(INSTALL_DIR) $(1)/usr/share/nftables.d
-	$(CP) ./files/usr/share/nftables.d/* $(1)/usr/share/nftables.d/
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_BIN) ./files/etc/uci-defaults/90-pbr $(1)/etc/uci-defaults/90-pbr
 	$(INSTALL_BIN) ./files/etc/uci-defaults/91-pbr-nft $(1)/etc/uci-defaults/91-pbr-nft
--- a/net/pbr/files/README.md
+++ b/net/pbr/files/README.md
--- a/net/pbr/files/etc/init.d/pbr
+++ b/net/pbr/files/etc/init.d/pbr
--- a/net/pbr/files/usr/share/nftables.d/chain-post/mangle_forward/30-pbr.nft
+++ b/net/pbr/files/usr/share/nftables.d/chain-post/mangle_forward/30-pbr.nft
@@ -1 +0,0 @@
-jump pbr_forward comment "Jump into pbr forward chain";
--- a/net/pbr/files/usr/share/nftables.d/chain-post/mangle_output/30-pbr.nft
+++ b/net/pbr/files/usr/share/nftables.d/chain-post/mangle_output/30-pbr.nft
@@ -1 +0,0 @@
-jump pbr_output comment "Jump into pbr output chain";
--- a/net/pbr/files/usr/share/nftables.d/chain-post/mangle_prerouting/30-pbr.nft
+++ b/net/pbr/files/usr/share/nftables.d/chain-post/mangle_prerouting/30-pbr.nft
@@ -1 +0,0 @@
-jump pbr_prerouting comment "Jump into pbr prerouting chain";
--- a/net/pbr/files/usr/share/nftables.d/chain-pre/dstnat/30-pbr.nft
+++ b/net/pbr/files/usr/share/nftables.d/chain-pre/dstnat/30-pbr.nft
@@ -1 +0,0 @@
-jump pbr_dstnat comment "Jump into pbr dstnat chain";
--- a/net/pbr/files/usr/share/nftables.d/table-post/30-pbr.nft
+++ b/net/pbr/files/usr/share/nftables.d/table-post/30-pbr.nft
@@ -1,4 +0,0 @@
-chain pbr_dstnat {}
-chain pbr_forward {}
-chain pbr_output {}
-chain pbr_prerouting {}
				`@@ -1 +0,0 @@`
				`jump pbr_forward comment "Jump into pbr forward chain";`
				`@@ -1 +0,0 @@`
				`jump pbr_output comment "Jump into pbr output chain";`
				`@@ -1 +0,0 @@`
				`jump pbr_prerouting comment "Jump into pbr prerouting chain";`
				`@@ -1 +0,0 @@`
				`jump pbr_dstnat comment "Jump into pbr dstnat chain";`