router/update_egw.sh: fix line concatenation when appending IP lists

router/update_egw.sh

+#!/bin/sh
+
+#exit
+# Usage: --show|--force
+
+cd $(dirname "$(realpath "$0")") || exit #"
+
+SETNAME=egw
+TMPNAME=$SETNAME.ntmp
+MARK=6
+NBTABLE=egwroute
+MAXELEM=5000000
+IFACE=eth0
+VPNDEV=ipsec1
+# hash:ip
+IPSTYPE=hash:net
+#NBGW=91.232.225.14
+NBGW=91.232.225.112
+
+set_rules()
+{
+# initial
+if ! iptables -L -t mangle | grep -q $SETNAME ; then
+	iptables -t mangle -A PREROUTING -i $IFACE -m set --match-set $SETNAME dst -j MARK --set-mark $MARK || exit
+fi
+
+#if ! sysctl net.ipv4.conf.$VPNDEV.rp_filter | grep -q " = 2" ; then
+#	sysctl -w net.ipv4.conf.$VPNDEV.rp_filter=2
+#fi
+
+
+if [ -n "$NBGW" ] ; then
+    if ! ip route show table $NBTABLE | grep -q "default" ; then
+    	ip route replace default table $NBTABLE via $NBGW || exit
+    fi
+else
+    if ! ip route show table $NBTABLE | grep -q "default dev $VPNDEV" ; then
+	ip route replace default table $NBTABLE scope global nexthop dev $VPNDEV || exit
+    fi
+fi
+
+
+if ! ip rule | grep -q "fwmark 0x$MARK" ; then
+	ip rule add fwmark $MARK table $NBTABLE pref 2000 || exit
+fi
+
+# check for
+# -A POSTROUTING -o $VPNDEV -j MASQUERADE
+}
+
+stop_rules()
+{
+	iptables -t mangle -D PREROUTING -i $IFACE -m set --match-set $SETNAME dst -j MARK --set-mark $MARK || exit
+}
+
+update_ipset()
+{
+local file="$1"
+local base="update_egw.sh"
+# clean before use
+ipset destroy $TMPNAME 2>/dev/null
+
+# Use single ipset run (see https://bugs.etersoft.ru/show_bug.cgi?id=12353)
+( echo "create $TMPNAME $IPSTYPE hashsize 65536 maxelem $MAXELEM" ; \
+	cat $file | grep -v "^#" | grep -v "^$" | grep -v ":" | sed -e "s|^|add $TMPNAME |" ) | ipset -exist restore || exit
+
+# remove skipped ip
+#cat a_no_egw.list | grep -v "^ *#" | while read ip ; do
+#    ipset del $TMPNAME $ip
+#done
+
+ipset list $TMPNAME >$base.ipv4
+ipset list $TMPNAME | wc -l >$base.count
+ipset list $TMPNAME | grep "/" >$base.subnet
+cat $base.list | grep ":" >$base.skipped.ipv6
+ipset swap $TMPNAME $SETNAME || echo "Can't update ipset rules" >&2
+}
+
+
+if [ "$1" = "--show" ] ; then
+	echo "Example:"
+	echo "# iptables -t mangle -A PREROUTING -i $IFACE -m set --match-set $SETNAME dst -j MARK --set-mark $MARK"
+	echo "ipset list size: $(ipset list $SETNAME | wc -l)"
+	exit
+fi
+
+if [ "$1" = "--set-rules" ] ; then
+	set_rules
+	exit
+fi
+
+if [ "$1" = "--stop-rules" ] ; then
+	stop_rules
+	exit
+fi
+
+if [ "$1" = "--update-ipset" ] ; then
+	file="$2"
+	[ -n "$file" ] || file="$0.list"
+	if [ ! -s "$file" ] ; then
+		echo "$file is empty"
+		exit 1
+	fi
+	update_ipset $file
+	exit
+fi
+
+# download new list
+./get_ips_egw.sh > $0.list || exit
+
+echo >> $0.list
+./get_ips_z-i.sh >> $0.list || exit
+
+
+if [ ! -s "$0.list" ] ; then
+    echo "$0.list is empty"
+    #exit 1
+fi
+
+FIRSTRUN=''
+ipset list -n | grep -q "^$SETNAME$" || FIRSTRUN='1'
+
+if [ -s "$0.list.old" ] ; then
+    # just return if there are no changes
+    diff -u $0.list.old $0.list >$0.list.changes.tmp && [ "$FIRSTRUN" != '1' ] && [ "$1" != "--force" ] && exit
+    echo >>$0.list.changes
+    date >>$0.list.changes
+    cat $0.list.changes.tmp | grep "^[+-]" >>$0.list.changes
+fi
+
+#ip rule show | grep "lookup $NBTABLE" | sed -e "s|.*:||g" | sed -e "s|lookup|table|g" | while read str ; do
+#done
+
+ipset -exist create $SETNAME $IPSTYPE maxelem $MAXELEM
+
+
+
+# Obsoleted element by element
+#ipset create $SETNAME.tmp hash:ip maxelem $MAXELEM || exit
+## fill new ipset
+#./get_ips_z-i.sh | sort -u | while read ip ; do
+#	ipset add $SETNAME.tmp $ip
+#done
+
+if true ; then
+# use previous results too
+cp $0.list $0.list.human
+[ -s "$0.list.old2" ] && { echo >> $0.list; cat $0.list.old2 >>$0.list; }
+[ -s "$0.list.old1" ] && { echo >> $0.list; cat $0.list.old1 >>$0.list; }
+mv $0.list $0.list.in
+sort -u < $0.list.in >$0.list
+fi
+
+
+base="$0"
+
+update_ipset "$base.list"
+
+mv $base.list $base.list.old
+
+[ -s "$base.list.old1" ] && cp -f $base.list.old1 $base.list.old2
+cp $base.list.old $base.list.old1
+
+
+set_rules