Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[luci-app-shadowsocks-libev] Cannot disable Redir Rules

See original GitHub issue

Step to reproduce

Add an remote server and ss_redir instance. Enable redir rules. In the Local Instances tab, the Running column of the corresponding ss_redir instance says yes；
Check IP (e.g. curl https://myip.ipip.net/) to confirm the router is forwarding connections to shadowsocks server.
Check the Disabled checkbox in the Redir Rules tab, then save and apply.
Back to the Local Instances tab, you can find that the Running column of the ss_redie instance still says yes.
Check IP and you can find that the router is still forwarding you connections.
Edit the local instance to disable it. Save and apply.
You can find that you lost your Internet access, which is likely because that the router is forwarding you connection to a stopped ss_redir instance.

Expected behaviour

After disabling Redir Rules, the router should stop forwarding connections.

Versions

OpenWrt 18.06.2 r7676-cddd7b4c77
luci-app-shadowsocks-libev git-19.034.35162-a0ae6c9-1
shadowsocks-libev-* 3.1.3-2

Issue Analytics

State:
Created 5 years ago
Comments:5 (2 by maintainers)

Top GitHub Comments

1reaction

yousongcommented, Feb 11, 2019

It’s bug in the init script. Please try patching /etc/init.d/shadowsocks-libev like the following. It should work.

From 797bc1bb6a26227ef31245730f58070765c0fde0 Mon Sep 17 00:00:00 2001
From: Yousong Zhou <yszhou4tech@gmail.com>
Date: Mon, 11 Feb 2019 13:21:04 +0000
Subject: [PATCH] shadowsocks-libev: flush ss rules on entry

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
---
 net/shadowsocks-libev/files/shadowsocks-libev.init | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/net/shadowsocks-libev/files/shadowsocks-libev.init b/net/shadowsocks-libev/files/shadowsocks-libev.init
index 22d825d0b..88c1c2429 100644
--- a/net/shadowsocks-libev/files/shadowsocks-libev.init
+++ b/net/shadowsocks-libev/files/shadowsocks-libev.init
@@ -144,12 +144,14 @@ ss_rules() {
 	local args
 
 	[ -x "$bin" ] || return 1
+	"$bin" -f
+
 	config_get cfgtype "$cfg" TYPE
 	[ "$cfgtype" = ss_rules ] || return 1
 
 	eval "$(validate_ss_rules_section "$cfg" ss_validate_mklocal)"
 	validate_ss_rules_section "$cfg" || return 1
-	[ "$disabled" = 0 ] || return 1
+	[ "$disabled" = 0 ] || return 0
 
 	eval local_port_tcp="\$ss_rules_redir_tcp_$redir_tcp"
 	eval local_port_udp="\$ss_rules_redir_udp_$redir_udp"

0reactions

balthildcommented, Feb 11, 2019

Yes, it works now. Thanks!