feat: add debug logging for firewall and route rules

2025-12-16 08:44:29 +00:00 · 2025-11-03 15:25:23 +08:00 · 2025-11-03 15:25:23 +08:00 · 9c20574418
commit 9c20574418
parent 8bf2e2dd75
1 changed files with 21 additions and 0 deletions
--- a/openwrt/files/ua3f.init
+++ b/openwrt/files/ua3f.init
@ -455,6 +455,27 @@ start_service() {
        ;;
    esac

+    # dump all fw rules for debug
+    if [ "$log_level" = "debug" ]; then
+        if [ "$FW_BACKEND" = "nft" ]; then
+            LOG "nftables rules:"
+            nft --handle list ruleset >>"$LOG_FILE" 2>&1
+        elif [ "$FW_BACKEND" = "ipt" ]; then
+            LOG "iptables rules:"
+            LOG "mangle table:"
+            iptables -t mangle -L -v -n >>"$LOG_FILE" 2>&1
+            LOG "nat table:"
+            iptables -t nat -L -v -n >>"$LOG_FILE" 2>&1
+            LOG "filter table:"
+            iptables -t filter -L -v -n >>"$LOG_FILE" 2>&1
+        fi
+    fi
+    # dump route rules for debug
+    if [ "$log_level" = "debug" ]; then
+        LOG "ip rule list:"
+        ip rule show >>"$LOG_FILE" 2>&1
+    fi
+
    procd_open_instance "$NAME"
    procd_set_param command "$PROG"
    procd_append_param command -m "$server_mode"