From 80d15f24259d7be8ff45a771c53ebc6ce8237685 Mon Sep 17 00:00:00 2001
From: Anya Lin <hukk1996@gmail.com>
Date: Mon, 25 Nov 2024 12:05:59 +0800
Subject: [PATCH] 0.1.4-4

---
 Makefile           |  2 +-
 files/einat.config |  3 +++
 files/einat.init   | 13 ++++++++++++-
 3 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 34fefa3..1137fdb 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=einat-ebpf
 PKG_VERSION:=0.1.4
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 ifneq ($(shell echo $(PKG_RELEASE) | grep -E '^[0-9]+$$'),)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
diff --git a/files/einat.config b/files/einat.config
index be0505c..520d0cf 100644
--- a/files/einat.config
+++ b/files/einat.config
@@ -7,4 +7,7 @@ config einat 'config'
 	option hairpin_enabled '0'
 	list hairpinif 'lo'
 	list hairpinif 'br-lan'
+	list internal_subnets '192.168.0.0/16'
+	list internal_subnets '172.16.0.0/12'
+	list internal_subnets '10.0.0.0/8'
 
diff --git a/files/einat.init b/files/einat.init
index 8c71d02..951ff2f 100644
--- a/files/einat.init
+++ b/files/einat.init
@@ -35,10 +35,13 @@ validate_section_config() {
 	uci_load_validate "$CONF" "$CONFIGSECTION" "$1" "$2" \
 		'enabled:bool:0' \
 		'bpf_log_level:range(0, 5):0' \
+		'bpf_loader:or("aya", "libbpf")' \
 		'nat44:bool:1' \
 		'nat66:bool:0' \
 		'ifname:network' \
 		'ports:portrange:20000-29999' \
+		'internal_ifaces:list(network)' \
+		'internal_subnets:list(cidr)' \
 		'hairpin_enabled:bool:0' \
 		'hairpinif:list(network)'
 }
@@ -48,11 +51,19 @@ einat_instance() {
 	procd_open_instance "$CONF"
 	procd_set_param command "$PROG" \
 		--bpf-log "$bpf_log_level" \
+		${bpf_loader:+--bpf-loader "$bpf_loader"} \
 		-i "$ifname" \
 		--ports "$ports"
 
 	[ "$nat44" = 1 ] && procd_append_param command --nat44
 	#[ "$nat66" = 1 ] && procd_append_param command --nat66
+
+	local subnets internal_iface
+	for internal_iface in $internal_ifaces; do
+		network_get_subnets subnets $internal_iface
+		internal_subnets="${subnets:+$subnets }$internal_subnets"
+	done
+	[ -z "$internal_subnets" ] || procd_append_param command --internal $internal_subnets
 		
 	procd_append_param netdev "$ifname"
 
@@ -126,7 +137,7 @@ launcher() {
 
 	# review
 	[ -n "$EINAT_DEBUG" ] && {
-		local v ucivv="enabled bpf_log_level nat44 nat66 ifname ports hairpin_enabled hairpinif"
+		local v ucivv="enabled bpf_log_level bpf_loader nat44 nat66 ifname ports internal_ifaces internal_subnets hairpin_enabled hairpinif"
 		for v in $ucivv; do eval "echo $1 $v=\'\$$v\'"; done # ash not support ${!v}
 	}
 	[ "$error" -gt 0 ] && return 1