search

xiaorouji / openwrt-passwall

7.21k stars 2.65k forks source link

[Bug]: service passwall restart 时有报错,导致nftables加载不完整 #2736

Closed chunfengyao closed 1 year ago

chunfengyao commented 1 year ago

描述您遇到的bug

root@OpenWrt:/usr/share/passwall# service passwall restart
/tmp/etc/passwall_tmp/nftset/passwall_blacklist:2:1-60: Error: Could not process rule: Invalid argument
add element inet fw4 passwall_blacklist $passwall_blacklist
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/tmp/etc/passwall_tmp/nftset/passwall_blacklist6:2:1-62: Error: Could not process rule: Invalid argument
add element inet fw4 passwall_blacklist6 $passwall_blacklist6
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/tmp/etc/passwall_tmp/nftset/passwall_shuntlist:2:1-60: Error: Could not process rule: Invalid argument
add element inet fw4 passwall_shuntlist $passwall_shuntlist
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/tmp/etc/passwall_tmp/nftset/passwall_shuntlist:2:1-60: Error: Could not process rule: Invalid argument
add element inet fw4 passwall_shuntlist $passwall_shuntlist
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/tmp/etc/passwall_tmp/nftset/passwall_shuntlist:2:1-60: Error: Could not process rule: Invalid argument
add element inet fw4 passwall_shuntlist $passwall_shuntlist
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/tmp/etc/passwall_tmp/nftset/passwall_shuntlist6:2:1-62: Error: Could not process rule: Invalid argument
add element inet fw4 passwall_shuntlist6 $passwall_shuntlist6
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
root@OpenWrt:/usr/share/passwall#

复现此Bug的步骤

执行service passwall restart

您想要实现的目的

正常载入nftable

日志信息

root@OpenWrt:/usr/share/passwall# service passwall restart /tmp/etc/passwall_tmp/nftset/passwall_blacklist:2:1-60: Error: Could not process rule: Invalid argument add element inet fw4 passwall_blacklist $passwall_blacklist ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ /tmp/etc/passwall_tmp/nftset/passwall_blacklist6:2:1-62: Error: Could not process rule: Invalid argument add element inet fw4 passwall_blacklist6 $passwall_blacklist6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ /tmp/etc/passwall_tmp/nftset/passwall_shuntlist:2:1-60: Error: Could not process rule: Invalid argument add element inet fw4 passwall_shuntlist $passwall_shuntlist ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ /tmp/etc/passwall_tmp/nftset/passwall_shuntlist:2:1-60: Error: Could not process rule: Invalid argument add element inet fw4 passwall_shuntlist $passwall_shuntlist ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ /tmp/etc/passwall_tmp/nftset/passwall_shuntlist:2:1-60: Error: Could not process rule: Invalid argument add element inet fw4 passwall_shuntlist $passwall_shuntlist ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ /tmp/etc/passwall_tmp/nftset/passwall_shuntlist6:2:1-62: Error: Could not process rule: Invalid argument add element inet fw4 passwall_shuntlist6 $passwall_shuntlist6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ root@OpenWrt:/usr/share/passwall#

截图

No response

系统相关信息

luci-app-passwall - 4.69-3 luci-i18n-passwall-zh-cn - 4.69-3

其他信息

错误来自于nftables.sh 141行。好像是有语法错误,不熟悉nftable。烦请检查修复一下,谢谢。

ShanStone commented 1 year ago

试过情况ipset按钮了吗,或者重启一下路由

chunfengyao commented 1 year ago

试过情况ipset按钮了吗,或者重启一下路由

又清空了一下ipset之后,正常了。(原以为:service passwall restart,不相当于清空ipset么。。)

chunfengyao commented 1 year ago

https://github.com/xiaorouji/openwrt-passwall/blob/d1e618220a9a0a4b73d536101f452a2f4cf14861/luci-app-passwall/root/usr/share/passwall/nftables.sh#L141C2-L141C2

报错的意思是无效参数,所以,应该是生成的nftset脚本有问题。

chunfengyao commented 1 year ago

不是很熟悉nftset,只搜到了这个使用elements的写法。https://wiki.nftables.org/wiki-nftables/index.php/Element_timeouts

chunfengyao commented 1 year ago

按照脚本的意思,倒是没看出有什么问题,就只是定义了一个变量,然后使用了一下。 这个错误在使用opk install 进行luci-app-passwall进行升级的时候,就会出现(安装升级后,会默认启动服务)。