Commit 3b1e5c99 authored by Vitaly Lipatov's avatar Vitaly Lipatov

route-update: prune stale volatile_ips for domains removed from lists

expand_volatile_subnets() iterated the whole volatile_ips/ directory and re-resolved every saved entry as a domain, never removing ones whose domain was no longer in the .list. As a result, a domain removed from a list kept re-injecting its (stale) IPs into the table forever — on igw this had accumulated ~40 stale domains in web-bypass plus claude.ai/anthropic in ai, shadowing the dedicated fr/claude.ai group. Pass the current list file to expand_volatile_subnets and prune volatile_ips entries whose domain is absent from the list before resolving. Co-Authored-By: 's avatarClaude <noreply@anthropic.com>
parent a9f36d2f
...@@ -244,11 +244,29 @@ CHECKER ...@@ -244,11 +244,29 @@ CHECKER
# Uses: _resolved_new (appends subnets), STATE_DIR, EXTRA_DNS # Uses: _resolved_new (appends subnets), STATE_DIR, EXTRA_DNS
expand_volatile_subnets() expand_volatile_subnets()
{ {
local state="$1" tag="$2" label="$3" local state="$1" tag="$2" label="$3" list_file="$4"
local volatile_file="$STATE_DIR/$state/volatile_domains" local volatile_file="$STATE_DIR/$state/volatile_domains"
local vip_dir="$STATE_DIR/$state/volatile_ips" local vip_dir="$STATE_DIR/$state/volatile_ips"
mkdir -p "$vip_dir" mkdir -p "$vip_dir"
# Prune volatile_ips for domains no longer present in the list.
# Without this, a domain removed from the .list keeps a saved volatile_ips
# entry forever and gets re-resolved every run, re-injecting its (stale) IPs
# into the table. vip_dir filenames ARE the domain names (see loop below).
if [ -n "$list_file" ] && ls "$vip_dir"/* >/dev/null 2>&1 ; then
local current_domains=$(mktemp)
cat_expanded "$list_file" 2>/dev/null | grep -v '^#' | grep -v '^$' \
| grep '[a-zA-Z]' | sort -u > "$current_domains"
for vf in "$vip_dir"/* ; do
[ -f "$vf" ] || continue
if ! grep -qxF "$(basename "$vf")" "$current_domains" ; then
rm -f "$vf"
vlog "${tag}${label} pruned stale volatile_ips: $(basename "$vf")"
fi
done
rm -f "$current_domains"
fi
# Build combined domain list: volatile_domains + domains with saved volatile_ips # Build combined domain list: volatile_domains + domains with saved volatile_ips
local all_domains=$(mktemp) local all_domains=$(mktemp)
[ -s "$volatile_file" ] && awk -F' ' '{print $1}' "$volatile_file" > "$all_domains" [ -s "$volatile_file" ] && awk -F' ' '{print $1}' "$volatile_file" > "$all_domains"
...@@ -652,7 +670,7 @@ resolve_list_file() ...@@ -652,7 +670,7 @@ resolve_list_file()
# Also run if volatile_ips accumulated from prior runs (even if current detect found nothing) # Also run if volatile_ips accumulated from prior runs (even if current detect found nothing)
local _vip_dir="$STATE_DIR/$_state/volatile_ips" local _vip_dir="$STATE_DIR/$_state/volatile_ips"
if [ "$_ipcmd" = "ip -6" ] && { [ -s "$STATE_DIR/$_state/volatile_domains" ] || [ -d "$_vip_dir" ] && ls "$_vip_dir"/* >/dev/null 2>&1 ; } ; then if [ "$_ipcmd" = "ip -6" ] && { [ -s "$STATE_DIR/$_state/volatile_domains" ] || [ -d "$_vip_dir" ] && ls "$_vip_dir"/* >/dev/null 2>&1 ; } ; then
expand_volatile_subnets "$_state" "$_tag" "$_label" expand_volatile_subnets "$_state" "$_tag" "$_label" "$_f"
fi fi
fi fi
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment