This release focuses on security and reliability aspects.
Main changes:
- Set correct permissions for the status file and the datadir used by geoip-shell on OpenWrt
- Improved validation for strings which geoip-shell does not control, such as user input and data read from the filesystem
- Improved handling of unsafe strings
- Additional checks of critical variables in multiple scripts
- Improved trap signal handling (a trap means reacting to external signals, such as when the script gets closed by Ctrl+C etc - in these conditions it needs to clean up before exiting)
- Improved handling of weird network interface names in the command passed to nftables
- Fixed a bug with manually specifying multiple network interfaces
- The status report now reports some additional possible (but unlikely) issues, such as missing certain config entries
- Minor efficiency improvements in the way geoip-shell reads certain files in the filesystem
And some additional changes:
- Now the status report includes information about nftables sets optimization policy (memory or performance).
- The mk-owrt-package.sh script has been split into prep-owrt-package.sh and mk-owrt-package.sh, per user request. The prep- script prepares geoip-shell files for creating a package but doesn't build the package itself.
- Updated documentation.
Full Changelog: v0.4.8...v0.4.9