From: Dirk Brenken Date: Fri, 29 May 2026 11:57:31 +0000 (+0200) Subject: banip: update 1.8.8-5 X-Git-Url: http://git.99rst.org/?a=commitdiff_plain;h=faeecaeb1457039fb9c1a48c90fb12fceee30fac;p=openwrt-packages.git banip: update 1.8.8-5 * bugfix: only load the configuration once per run: a new `ban_confload` guard short-circuits `f_conf()` on subsequent calls, avoiding repeated `config_load` invocations * new: the per-set report now sorts elements by their packet counter in descending order before truncating to the top 50, so the report shows the most active elements instead of just the first 50 found Signed-off-by: Dirk Brenken --- diff --git a/net/banip/Makefile b/net/banip/Makefile index 41af8f893..7c522dad0 100644 --- a/net/banip/Makefile +++ b/net/banip/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=banip PKG_VERSION:=1.8.8 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/banip/files/banip-functions.sh b/net/banip/files/banip-functions.sh index fe8ccf3a7..45acd3500 100644 --- a/net/banip/files/banip-functions.sh +++ b/net/banip/files/banip-functions.sh @@ -102,6 +102,7 @@ ban_packages="" ban_trigger="" ban_resolver="" ban_enabled="0" +ban_confload="0" ban_debug="0" # gather system information @@ -288,6 +289,8 @@ f_log() { f_conf() { local rir ccode region country + [ "${ban_confload}" = "1" ] && return 0 + config_cb() { option_cb() { local option="${1}" value="${2//\"/\\\"}" @@ -322,6 +325,7 @@ f_conf() { } } config_load banip + ban_confload="1" if [ -f "${ban_logreadfile}" ]; then ban_logreadcmd="$(command -v tail)" @@ -2055,8 +2059,11 @@ f_report() { set_dport="${set_proto}: $(f_trim "${set_dport}")" fi if [ "${ban_nftcount}" = "1" ]; then - set_elements="$("${ban_jsoncmd}" -i "${set_jsn}" -l50 -qe '@.nftables[*].set.elem[*][@.counter.packets>0].val' | - "${ban_awkcmd}" -F '[ ,]' '{ORS=" ";if($2=="\"range\":"||$2=="\"concat\":")printf"%s, ",$4;else if($2=="\"prefix\":")printf"%s, ",$5;else printf"\"%s\", ",$1}')" + "${ban_jsoncmd}" -i "${set_jsn}" -qe '@.nftables[*].set.elem[*][@.counter.packets>0].counter.packets' >"${set_jsn}.cnt" + "${ban_jsoncmd}" -i "${set_jsn}" -qe '@.nftables[*].set.elem[*][@.counter.packets>0].val' >"${set_jsn}.val" + set_elements="$("${ban_awkcmd}" 'NR==FNR{p[FNR]=$0;next}{print p[FNR]"\t"$0}' "${set_jsn}.cnt" "${set_jsn}.val" | + "${ban_sortcmd}" -k1,1nr | + "${ban_awkcmd}" -F '\t' 'NR<=50{split($2,a,/[ ,]/);ORS=" ";if(a[2]=="\"range\":"||a[2]=="\"concat\":")printf"%s, ",a[4];else if(a[2]=="\"prefix\":")printf"%s, ",a[5];else printf"\"%s\", ",a[1]}')" fi if [ -n "${set_cntinbound}" ]; then set_inbound="ON" @@ -2078,7 +2085,7 @@ f_report() { \"port\": \"${set_dport:-"-"}\", \ \"set_elements\": [ ${set_elements%%??} ] \ }" >"${report_jsn}.${item}" - "${ban_rmcmd}" -f "${set_jsn}" + "${ban_rmcmd}" -f "${set_jsn}"* ) & [ "${cnt}" -gt "${ban_cores}" ] && wait -n cnt="$((cnt + 1))"