feat: fw4: set mask for mark

muink · Oct 19, 2024 · cc9e250 · cc9e250
1 parent fc84d7b
commit cc9e250
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 6 deletions.
diff --git a/luci-app-fchomo/htdocs/luci-static/resources/view/fchomo/global.js b/luci-app-fchomo/htdocs/luci-static/resources/view/fchomo/global.js
@@ -607,14 +607,12 @@ return view.extend({
 
 		so = ss.taboption('interface', form.Value, 'tproxy_mark', _('Tproxy Fwmark'));
 		so.ucisection = 'config';
-		so.datatype = 'uinteger'
-		so.placeholder = '201';
+		so.placeholder = '201 or 0xc9/0xff';
 		so.rmempty = false;
 
 		so = ss.taboption('interface', form.Value, 'tun_mark', _('Tun Fwmark'));
 		so.ucisection = 'config';
-		so.datatype = 'uinteger'
-		so.placeholder = '202';
+		so.placeholder = '202 or 0xca/0xff';
 		so.rmempty = false;
 
 		/* Access control */

diff --git a/luci-app-fchomo/root/etc/fchomo/scripts/firewall_post.ut b/luci-app-fchomo/root/etc/fchomo/scripts/firewall_post.ut
@@ -29,6 +29,26 @@
 			return `& ${ipv6.mask} == ${ipv6.addr}`;
 	}
 
+	function resolve_mark(str) {
+		if (isEmpty(str))
+			return null;
+
+		let mark = fw4.parse_mark(str);
+		if (isEmpty(mark))
+			return null;
+
+		if (mark.mask === 0xffffffff)
+			return fw4.hex(mark.mark);
+		else if (mark.mark === 0)
+			return `mark and ${fw4.hex(~mark.mask & 0xffffffff)}`;
+		else if (mark.mark === mark.mask)
+			return `mark or ${fw4.hex(mark.mark)}`;
+		else if (mark.mask === 0)
+			return `mark xor ${fw4.hex(mark.mark)}`;
+		else
+			return `mark and ${fw4.hex(~mark.mask & 0xffffffff)} xor ${fw4.hex(mark.mark)}`;
+	}
+
 	/* Misc config */
 	const resources_dir = '/etc/fchomo/resources';
 
@@ -42,8 +62,8 @@
 	      stun_port = uci.get(cfgname, 'config', 'stun_port') || '3478,19302',
 	      tun_name = uci.get(cfgname, 'config', 'tun_name') || 'hmtun0',
 	      self_mark = uci.get(cfgname, 'config', 'self_mark') || '200',
-	      tproxy_mark = uci.get(cfgname, 'config', 'tproxy_mark') || '201',
-	      tun_mark = uci.get(cfgname, 'config', 'tun_mark') || '202';
+	      tproxy_mark = resolve_mark(uci.get(cfgname, 'config', 'tproxy_mark') || '201'),
+	      tun_mark = resolve_mark(uci.get(cfgname, 'config', 'tun_mark') || '202');
 
 	const redir_port = uci.get(cfgname, 'inbound', 'redir_port') || '7891',
 	      tproxy_port = uci.get(cfgname, 'inbound', 'tproxy_port') || '7892',