mwan3: update to version 2.0-2

Fix iptables issue where a needed ipset was not created if first wan that came online was not a member of policy.

Signed-off-by: Jeroen Louwes <redacted>

diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile
index 028ffa59bc9ea9032107eb2201efb1093a9b1823..25ad2bab49d1914222c119eee80b7cd52b9d7996 100644 (file)
--- a/net/mwan3/Makefile
+++ b/net/mwan3/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mwan3
 PKG_VERSION:=2.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_MAINTAINER:=Jeroen Louwes <jeroen.louwes@gmail.com>
 PKG_LICENSE:=GPLv2
 

diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index dab1fbd4d01f0b8daea57d4769fa900058f3c9d2..3afc72df27f4d08004dfc25cde3e72dbad2139e2 100644 (file)
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -85,16 +85,16 @@ mwan3_set_general_iptables()
                        $IPT -N mwan3_ifaces_in
                fi
 
-               if ! $IPT -S mwan3_ifaces_out &> /dev/null; then
-                       $IPT -N mwan3_ifaces_out
-               fi
-
                if ! $IPT -S mwan3_connected &> /dev/null; then
                        $IPT -N mwan3_connected
                        $IPS -! create mwan3_connected list:set
                        $IPT -A mwan3_connected -m set --match-set mwan3_connected dst -j MARK --set-xmark 0xff00/0xff00
                fi
 
+               if ! $IPT -S mwan3_ifaces_out &> /dev/null; then
+                       $IPT -N mwan3_ifaces_out
+               fi
+
                if ! $IPT -S mwan3_rules &> /dev/null; then
                        $IPT -N mwan3_rules
                fi
@@ -103,8 +103,8 @@ mwan3_set_general_iptables()
                        $IPT -N mwan3_hook
                        $IPT -A mwan3_hook -j CONNMARK --restore-mark --nfmask 0xff00 --ctmask 0xff00
                        $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_ifaces_in
-                       $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_ifaces_out
                        $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_connected
+                       $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_ifaces_out
                        $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_rules
                        $IPT -A mwan3_hook -j CONNMARK --save-mark --nfmask 0xff00 --ctmask 0xff00
                        $IPT -A mwan3_hook -m mark ! --mark 0xff00/0xff00 -j mwan3_connected
@@ -529,12 +529,6 @@ mwan3_set_sticky_iptables()
 
                        [ -n "$id" ] || return 0
 
-                       $IPS -! create mwan3_sticky_v4_$rule hash:ip,mark markmask 0xff00 timeout $timeout
-                       $IPS -! create mwan3_sticky_v6_$rule hash:ip,mark markmask 0xff00 timeout $timeout family inet6
-                       $IPS -! create mwan3_sticky_$rule list:set
-                       $IPS -! add mwan3_sticky_$rule mwan3_sticky_v4_$rule
-                       $IPS -! add mwan3_sticky_$rule mwan3_sticky_v6_$rule
-
                        for IPT in "$IPT4" "$IPT6"; do
                                if [ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" ]; then
                                        $IPT -I mwan3_rule_$rule -m mark --mark $(($id*256))/0xff00 -m set ! --match-set mwan3_sticky_$rule src,src -j MARK --set-xmark 0x0/0xff00
@@ -594,6 +588,12 @@ mwan3_set_user_iptables_rule()
                                        $IPT -F mwan3_rule_$1
                                done
 
+                               $IPS -! create mwan3_sticky_v4_$rule hash:ip,mark markmask 0xff00 timeout $timeout
+                               $IPS -! create mwan3_sticky_v6_$rule hash:ip,mark markmask 0xff00 timeout $timeout family inet6
+                               $IPS -! create mwan3_sticky_$rule list:set
+                               $IPS -! add mwan3_sticky_$rule mwan3_sticky_v4_$rule
+                               $IPS -! add mwan3_sticky_$rule mwan3_sticky_v6_$rule
+
                                config_foreach mwan3_set_sticky_iptables interface
 
                                for IPT in "$IPT4" "$IPT6"; do