Skip to content

https-dns-proxy: update to 2026.03.18-4#29469

Open
stangri wants to merge 1 commit into
openwrt:masterfrom
stangri:master-https-dns-proxy
Open

https-dns-proxy: update to 2026.03.18-4#29469
stangri wants to merge 1 commit into
openwrt:masterfrom
stangri:master-https-dns-proxy

Conversation

@stangri
Copy link
Copy Markdown
Member

@stangri stangri commented May 16, 2026

Maintainer: me
Compile tested: x86_64, Dell EMC Edge620, OpenWrt 25.12.1
Run tested: x86_64, Dell EMC Edge620, OpenWrt 25.12.1

Description:
Robustify nftables notrack generation

Makefile:

  • Bump PKG_RELEASE to 4.
  • Add install rule to create /usr/share/nftables.d/ruleset-post.

files/etc/init.d/https-dns-proxy:

  • Check if 'nft' command exists before generating rules.
  • Add robust error handling for directory creation and file writing.
  • Log errors when directory creation or file writing fails.

tests/run_tests.sh:

  • Add test case for 'nft' binary absence, confirming no-op behavior.
  • Add test case for mkdir failure during notrack rule generation
@stangri
https-dns-proxy: update to 2026.03.18-4
30b79d7 
Maintainer: me
Compile tested: x86_64, Dell EMC Edge620, OpenWrt 25.12.1
Run tested: x86_64, Dell EMC Edge620, OpenWrt 25.12.1

Description:
Robustify nftables notrack generation

  - Bump PKG_RELEASE to 4.
  - Add install rule to create /usr/share/nftables.d/ruleset-post.

files/etc/init.d/https-dns-proxy:
  - Check if 'nft' command exists before generating rules.
  - Add robust error handling for directory creation and file writing.
  - Log errors when directory creation or file writing fails.

tests/run_tests.sh:
  - Add test case for 'nft' binary absence, confirming no-op behavior.
  - Add test case for mkdir failure during notrack rule generation.

Signed-off-by: Stan Grishin <stangri@melmac.ca>
@stangri stangri requested a review from Copilot May 16, 2026 02:50
stangri
stangri commented May 16, 2026
View reviewed changes
Comment thread net/https-dns-proxy/Makefile
$(INSTALL_CONF) ./files/etc/config/https-dns-proxy $(1)/etc/config/https-dns-proxy
$(INSTALL_DIR) $(1)/etc/uci-defaults/
$(INSTALL_BIN) ./files/etc/uci-defaults/50-https-dns-proxy-migrate-options.sh $(1)/etc/uci-defaults/50-https-dns-proxy-migrate-options.sh
$(INSTALL_DIR) $(1)/usr/share/nftables.d/ruleset-post
Copy link
Copy Markdown
Member Author

@stangri stangri May 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aparcar @hnyman @BKPepe -- I've had reports that despite mkdir in the init script in release 3, this directory was still missing. As far as I understand there are no side effects from having this in the Makefile, but I'd still like a feedback on this.
Copy link
Copy Markdown
Member

@BKPepe BKPepe May 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What I think is happening here (I haven't gone through all your changes yet) is that the folder is empty, which is why it gets removed and is still missing. There should be at least something in there. :) What most people do in this case is create an empty file to prevent the empty folder from being removed. For example, search for touch (like it's done in syslog-ng, netdata, etc.).
Copy link
Copy Markdown
Member Author

@stangri stangri May 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@BKPepe thanks for your prompt reply, so your recommendation before resorting to having a folder in the Makefile, I should try touching a file in there immediately after mkdir -p?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@stangri @BKPepe