miniupnpd: rearrange init functions

Self-Hosting-Group · Self-Hosting-Group · commit fe42ffefe63a · 2025-11-03T00:00:00.000Z
Arrange `start_service` and main init functions first

(to merge with prior)

Signed-off-by: Self-Hosting-Group &lt;selfhostinggroup-git+openwrt@shost.ing&gt;
diff --git a/net/miniupnpd/files/miniupnpd.init b/net/miniupnpd/files/miniupnpd.init
@@ -7,34 +7,52 @@ USE_PROCD=1
 PROG=/usr/sbin/miniupnpd
 [ -x "$(command -v nft)" ] && FW="fw4" || FW="fw3"
 
-is_port_or_range() {
-	[ "$1" = "0" ] && return 1
-	[ "$1" -ge "1" ] 2>/dev/null && [ "$1" -le "65535" ] 2>/dev/null && return 0
-	[ "$2" = "port0inrange" ] && local minport=0 || local minport=1
-	[ "${1%%-*}" -ge "$minport" ] 2>/dev/null && [ "${1%%-*}" -le "65535" ] 2>/dev/null &&
-		[ "${1##*-}" -ge "$minport" ] 2>/dev/null && [ "${1##*-}" -le "65535" ] 2>/dev/null &&
-		[ "${1##*-}" -ge "${1%%-*}" ] 2>/dev/null && return 0 || return 1
+start_service() {
+	upnpd_uci_migration
+	config_load "upnpd"
+	local enabled config_file log_output conf
+	config_get enabled settings enabled 0
+	config_get config_file settings config_file
+	config_get log_output settings log_output
+	[ "$enabled" != "1" ] && log "Service disabled, UCI enabled is not set" && exit 1
+	if [ -n "$config_file" ]; then
+		conf="$config_file"
+	else
+		local tmpconf="/var/etc/miniupnpd.conf"
+		conf="$tmpconf"
+		mkdir -p /var/etc
+		upnpd_generate_config "$tmpconf"
+	fi
+	if [ "$FW" = "fw4" ]; then
+		nft -s -t -n list chain inet fw4 upnp_forward >/dev/null 2>&1 || fw4 reload
+	else
+		iptables -L MINIUPNPD >/dev/null 2>&1 || fw3 reload
+	fi
+
+	procd_open_instance
+	procd_set_param file "$conf" "/etc/config/firewall"
+	procd_set_param command "$PROG"
+	procd_append_param command -f "$conf"
+	[ "$log_output" = "info" ] && procd_append_param command -v
+	[ "$log_output" = "debug" ] && procd_append_param command -d
+	procd_close_instance
 }
 
-upnpd_add_custom_acl_entry() {
-	local cfg="$1"
-	local comment int_addr int_port ext_port desc_filter action
-	config_get comment "$cfg" comment "unspecified" # comment
-	config_get int_addr "$cfg" int_addr "0.0.0.0/0" # IPv4 or network and subnet mask (internal)
-	config_get int_port "$cfg" int_port "1-65535"   # internal port/range: x or x-y
-	config_get ext_port "$cfg" ext_port "1-65535"   # external port/range: x or x-y
-	config_get desc_filter "$cfg" desc_filter       # description regex filter (must be built in)
-	config_get action "$cfg" action                 # accept/reject/ignore
-	! is_port_or_range "$int_port" port0inrange &&
-		log "Custom ACL: Entry with invalid port or port range ($int_port) in int_port ignored" daemon.warn && int_port=1-65535
-	! is_port_or_range "$ext_port" port0inrange &&
-		log "Custom ACL: Entry with invalid port or port range ($ext_port) in ext_port ignored" daemon.warn && ext_port=1-65535
-	[ "$desc_filter" != "" ] && desc_filter=" \"$desc_filter\""
-	[ "$action" = "accept" ] && action=allow
-	[ "$action" = "reject" ] && action=deny
-	[ "$action" = "ignore" ] && return 0
-	[ "$action" = "" ] && log "Custom ACL: Entry with no action ignored" daemon.warn && return 0
-	echo "$action $ext_port $int_addr $int_port${desc_filter} # $comment"
+stop_service() {
+	if [ "$FW" = "fw3" ]; then
+		iptables -t nat -F MINIUPNPD 2>/dev/null
+		iptables -t nat -F MINIUPNPD-POSTROUTING 2>/dev/null
+		iptables -t filter -F MINIUPNPD 2>/dev/null
+		[ -x /usr/sbin/ip6tables ] && ip6tables -t filter -F MINIUPNPD 2>/dev/null
+	else
+		nft flush chain inet fw4 upnp_forward 2>/dev/null
+		nft flush chain inet fw4 upnp_prerouting 2>/dev/null
+		nft flush chain inet fw4 upnp_postrouting 2>/dev/null
+	fi
+}
+
+service_triggers() {
+	procd_add_reload_trigger "upnpd"
 }
 
 upnpd_generate_config() {
@@ -161,54 +179,6 @@ upnpd_generate_config() {
 	} >"$1"
 }
 
-stop_service() {
-	if [ "$FW" = "fw3" ]; then
-		iptables -t nat -F MINIUPNPD 2>/dev/null
-		iptables -t nat -F MINIUPNPD-POSTROUTING 2>/dev/null
-		iptables -t filter -F MINIUPNPD 2>/dev/null
-		[ -x /usr/sbin/ip6tables ] && ip6tables -t filter -F MINIUPNPD 2>/dev/null
-	else
-		nft flush chain inet fw4 upnp_forward 2>/dev/null
-		nft flush chain inet fw4 upnp_prerouting 2>/dev/null
-		nft flush chain inet fw4 upnp_postrouting 2>/dev/null
-	fi
-}
-
-start_service() {
-	upnpd_uci_migration
-	config_load "upnpd"
-	local enabled config_file log_output conf
-	config_get enabled settings enabled 0
-	config_get config_file settings config_file
-	config_get log_output settings log_output
-	[ "$enabled" != "1" ] && log "Service disabled, UCI enabled is not set" && exit 1
-	if [ -n "$config_file" ]; then
-		conf="$config_file"
-	else
-		local tmpconf="/var/etc/miniupnpd.conf"
-		conf="$tmpconf"
-		mkdir -p /var/etc
-		upnpd_generate_config "$tmpconf"
-	fi
-	if [ "$FW" = "fw4" ]; then
-		nft -s -t -n list chain inet fw4 upnp_forward >/dev/null 2>&1 || fw4 reload
-	else
-		iptables -L MINIUPNPD >/dev/null 2>&1 || fw3 reload
-	fi
-
-	procd_open_instance
-	procd_set_param file "$conf" "/etc/config/firewall"
-	procd_set_param command "$PROG"
-	procd_append_param command -f "$conf"
-	[ "$log_output" = "info" ] && procd_append_param command -v
-	[ "$log_output" = "debug" ] && procd_append_param command -d
-	procd_close_instance
-}
-
-service_triggers() {
-	procd_add_reload_trigger "upnpd"
-}
-
 log() {
 	logger -s -p "${2:-daemon.notice}" -t "upnpd" "$1" || echo "upnpd: $1" >&2
 }
@@ -218,6 +188,15 @@ xml_encode() {
 	echo "$1" | sed "s/&/\&amp;/g; s/</\&lt;/g; s/>/\&gt;/g"
 }
 
+is_port_or_range() {
+	[ "$1" = "0" ] && return 1
+	[ "$1" -ge "1" ] 2>/dev/null && [ "$1" -le "65535" ] 2>/dev/null && return 0
+	[ "$2" = "port0inrange" ] && local minport=0 || local minport=1
+	[ "${1%%-*}" -ge "$minport" ] 2>/dev/null && [ "${1%%-*}" -le "65535" ] 2>/dev/null &&
+		[ "${1##*-}" -ge "$minport" ] 2>/dev/null && [ "${1##*-}" -le "65535" ] 2>/dev/null &&
+		[ "${1##*-}" -ge "${1%%-*}" ] 2>/dev/null && return 0 || return 1
+}
+
 upnpd_add_int_network_preset() {
 	local cfg="$1"
 	local interface acl_preset acl_accept_ports acl_reject_ports acl_custom_first
@@ -263,6 +242,27 @@ upnpd_add_int_network_preset() {
 	fi
 }
 
+upnpd_add_custom_acl_entry() {
+	local cfg="$1"
+	local comment int_addr int_port ext_port desc_filter action
+	config_get comment "$cfg" comment "unspecified" # comment
+	config_get int_addr "$cfg" int_addr "0.0.0.0/0" # IPv4 or network and subnet mask (internal)
+	config_get int_port "$cfg" int_port "1-65535"   # internal port/range: x or x-y
+	config_get ext_port "$cfg" ext_port "1-65535"   # external port/range: x or x-y
+	config_get desc_filter "$cfg" desc_filter       # description regex filter (must be built in)
+	config_get action "$cfg" action                 # accept/reject/ignore
+	! is_port_or_range "$int_port" port0inrange &&
+		log "Custom ACL: Entry with invalid port or port range ($int_port) in int_port ignored" daemon.warn && int_port=1-65535
+	! is_port_or_range "$ext_port" port0inrange &&
+		log "Custom ACL: Entry with invalid port or port range ($ext_port) in ext_port ignored" daemon.warn && ext_port=1-65535
+	[ "$desc_filter" != "" ] && desc_filter=" \"$desc_filter\""
+	[ "$action" = "accept" ] && action=allow
+	[ "$action" = "reject" ] && action=deny
+	[ "$action" = "ignore" ] && return 0
+	[ "$action" = "" ] && log "Custom ACL: Entry with no action ignored" daemon.warn && return 0
+	echo "$action $ext_port $int_addr $int_port${desc_filter} # $comment"
+}
+
 upnpd_uci_migration() {
 	{ uci -q get upnpd.settings >/dev/null || ! uci -q get upnpd.config >/dev/null; } && return 0
 	log "Check UCI options in /etc/config/upnpd to be migrated to v2.0"
