From 6d1b64d14d8a1e94809e9ea897401fc0f2766ce1 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 3 Oct 2024 07:55:42 +0200 Subject: [PATCH 1/4] Replace ifconfig by ip --- mptcp/files/etc/init.d/mptcp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/mptcp/files/etc/init.d/mptcp b/mptcp/files/etc/init.d/mptcp index 4ba3a05c4..d370e7bb1 100755 --- a/mptcp/files/etc/init.d/mptcp +++ b/mptcp/files/etc/init.d/mptcp @@ -213,7 +213,8 @@ interface_multipath_settings() { [ -z "$iface" ] && return 0 #[ "$config" = "omrvpn" ] && return 0 [ "$config" = "omrvpn" ] && mode="off" - [ -n "$(ifconfig | grep $iface)" ] || return 0 + #[ -n "$(ifconfig | grep $iface)" ] || return 0 + [ -n "$(ip link show dev $iface)" ] || return 0 [ "$(echo $iface | grep _dev)" != "" ] && return 0 [ "$(echo $iface | grep '^if')" != "" ] && return 0 [ "$iface" = "lo" ] && return 0 @@ -328,9 +329,11 @@ interface_multipath_settings() { # ip route replace default via $gateway dev $iface >/dev/null 2>&1 #} if [ "$txqueuelen" != "" ]; then - ifconfig $iface txqueuelen $txqueuelen > /dev/null 2>&1 + #ifconfig $iface txqueuelen $txqueuelen > /dev/null 2>&1 + ip link set dev $iface txqueuelen $txqueuelen > /dev/null 2>&1 else - ifconfig $iface txqueuelen 1000 > /dev/null 2>&1 + #ifconfig $iface txqueuelen 1000 > /dev/null 2>&1 + ip link set dev $iface txqueuelen 1000 > /dev/null 2>&1 fi fi if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "1" ] && [ "$config" != "omr6in4" ]; then From ca8c295c3cb89dfc08195e4406546afcd567a85c Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 3 Oct 2024 10:56:48 +0200 Subject: [PATCH 2/4] Fix Multipath support detection --- openmptcprouter-api/files/bin/omr-mptcp-intf | 70 ++++++++++++++++++-- 1 file changed, 63 insertions(+), 7 deletions(-) diff --git a/openmptcprouter-api/files/bin/omr-mptcp-intf b/openmptcprouter-api/files/bin/omr-mptcp-intf index 8fac4468b..4a69b5bcf 100755 --- a/openmptcprouter-api/files/bin/omr-mptcp-intf +++ b/openmptcprouter-api/files/bin/omr-mptcp-intf @@ -33,7 +33,7 @@ get_mptcp_from_server() { [ -n "$support" ] && break } -get_mptcp_from_website() { +get_mptcpv0_from_website() { multipathip=$(dig +short A multipath-tcp.org | tr -d "\n") ipset add ss_rules_dst_bypass_all $multipathip > /dev/null 2>&1 support="$(curl -s -4 -m ${timeout} --interface $intf http://www.multipath-tcp.org)" @@ -47,7 +47,7 @@ get_mptcp_from_website() { } } -get_mptcp_from_website6() { +get_mptcpv0_from_website6() { multipathip=$(dig +short AAAA multipath-tcp.org | tr -d "\n") ipset add ss_rules6_dst_bypass_all $multipathip > /dev/null 2>&1 support="$(curl -s -6 -m ${timeout} --interface $intf http://www.multipath-tcp.org)" @@ -61,12 +61,68 @@ get_mptcp_from_website6() { } } +get_mptcpv1_from_website() { + multipathip=$(dig +short A check.mptcp.dev | tr -d "\n") + if [ -n "$(ipset list 2>/dev/null | grep ss_rules)" ]; then + ipset add ss_rules_dst_bypass_all $multipathip > /dev/null 2>&1 + fi + if [ -n "$(nft list set inet fw4 omr_dst_bypass_all_4 2>/dev/null)" ]; then + nft add element inet fw4 omr_dst_bypass_all_4 { $multipathip } >/dev/null 2>&1 + fi + support="$(mptcpize run curl -s -4 -m ${timeout} --interface $intf https://check.mptcp.dev)" + if [ -n "$(ipset list 2>/dev/null | grep ss_rules)" ]; then + ipset del ss_rules_dst_bypass_all $multipathip > /dev/null 2>&1 + fi + if [ -n "$(nft list set inet fw4 omr_dst_bypass_all_4 2>/dev/null)" ]; then + nft delete element inet fw4 omr_dst_bypass_all_4 { $multipathip } >/dev/null 2>&1 + fi + [ -n "$support" ] && { + if [ "$support" = "You are using MPTCP." ]; then + support="working" + else + support="not working" + fi + } +} + +get_mptcpv1_from_website6() { + multipathip=$(dig +short AAAA check.mptcp.dev | tr -d "\n") + if [ -n "$(ipset list 2>/dev/null | grep ss_rules)" ]; then + ipset add ss_rules_dst_bypass_all $multipathip > /dev/null 2>&1 + fi + if [ -n "$(nft list set inet fw4 omr_dst_bypass_all_4 2>/dev/null)" ]; then + nft add element inet fw4 omr_dst_bypass_all_4 { $multipathip } >/dev/null 2>&1 + fi + support="$(mptcpize run curl -s -6 -m ${timeout} --interface $intf https://check.mptcp.dev)" + if [ -n "$(ipset list 2>/dev/null | grep ss_rules)" ]; then + ipset del ss_rules_dst_bypass_all $multipathip > /dev/null 2>&1 + fi + if [ -n "$(nft list set inet fw4 omr_dst_bypass_all_4 2>/dev/null)" ]; then + nft delete element inet fw4 omr_dst_bypass_all_4 { $multipathip } >/dev/null 2>&1 + fi + [ -n "$support" ] && { + if [ "$support" = "You are using MPTCP." ]; then + support="working" + else + support="not working" + fi + } +} + support="" -config_load openmptcprouter -config_foreach get_mptcp_from_server server -if [ ! -f /proc/sys/net/mptcp/enabled ] && [ -z "$support" ]; then - [ -n "$(ip -4 a show dev $intf)" ] && get_mptcp_from_website - [ -n "$(ip -6 a show dev $intf)" ] && get_mptcp_from_website6 +if [ ! -f /proc/sys/net/mptcp/enabled ]; then + # For now API can't give MPTCP status as MPTCP is not correctly enabled on it + config_load openmptcprouter + config_foreach get_mptcp_from_server server +fi +if [ -z "$support" ]; then + if [ ! -f /proc/sys/net/mptcp/enabled ]; then + [ -n "$(ip -4 a show dev $intf)" ] && get_mptcpv0_from_website + [ -z "$support" ] && [ -n "$(ip -6 a show dev $intf)" ] && get_mptcpv0_from_website6 + else + [ -n "$(ip -4 a show dev $intf)" ] && get_mptcpv1_from_website + [ -z "$support" ] && [ -n "$(ip -6 a show dev $intf)" ] && get_mptcpv1_from_website6 + fi fi if [ "$support" = "working" ]; then echo "MPTCP enabled" From ca25b1c23cb4a7d67f40aa0a3382b571614f280b Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 3 Oct 2024 10:58:26 +0200 Subject: [PATCH 3/4] Fix proxy restrict listen to LAN with VLAN --- .../files/usr/share/omr/schedule.d/010-services | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/omr-schedule/files/usr/share/omr/schedule.d/010-services b/omr-schedule/files/usr/share/omr/schedule.d/010-services index 066e6a744..4dd2864a0 100755 --- a/omr-schedule/files/usr/share/omr/schedule.d/010-services +++ b/omr-schedule/files/usr/share/omr/schedule.d/010-services @@ -155,16 +155,11 @@ set_lan_ips() { config_get proto "$1" proto # No restrict for interfaces with strong name [ -n "$(echo $device | grep -)" ] && uci -q set openmptcprouter.settings.restrict_to_lan="0" && uci commit openmptcprouter + uci -q del_list shadowsocks-libev.ss_rules.ifnames="$device" + uci -q del_list shadowsocks-rust.ss_rules.ifnames="$device" if [ "$ip4table" != "wan" ] && [ "$ip4table" != "vpn" ] && [ -n "$ip4table" ] && [ -n "$device" ] && ([ "$proto" = "dhcp" ] || [ "$proto" = "static" ]); then - # No restrict when vlan - [ -n "$(echo $device | grep '\.')" ] && uci -q set openmptcprouter.settings.restrict_to_lan="0" && uci commit openmptcprouter - [ -z "$(uci -q get shadowsocks-libev.ss_rules.ifnames | grep $device)" ] && [ -z "$(uci -q get shadowsocks-rust.ss_rules.ifnames | grep $device)" ] && { - uci -q add_list shadowsocks-libev.ss_rules.ifnames="$device" - uci -q add_list shadowsocks-rust.ss_rules.ifnames="$device" - } - elif [ -n "$device" ] && [ -n "$(uci -q get shadowsocks-libev.ss_rules.ifnames | grep $device)" ]; then - uci -q del_list shadowsocks-libev.ss_rules.ifnames="$device" - uci -q del_list shadowsocks-rust.ss_rules.ifnames="$device" + uci -q add_list shadowsocks-libev.ss_rules.ifnames="$device" + uci -q add_list shadowsocks-rust.ss_rules.ifnames="$device" fi } config_load network @@ -176,8 +171,8 @@ config_foreach restart_omrtracker interface delete shadowsocks-rust.ss_rules.ifnames="$device" EOF } -uci -q commit shadowsocks-libev.ss_rules -uci -q commit shadowsocks-rust.ss_rules +[ -n "$(uci -q changes shadowsocks-libev)" ] && uci -q commit shadowsocks-libev.ss_rules +[ -n "$(uci -q changes shadowsocks-rust)" ] && uci -q commit shadowsocks-rust.ss_rules multipath_fix() { config_get multipath "$1" multipath [ "$multipath" != "off" ] && return From ffbd7bbd722ed6475ae9809002dcc07c6269eaff Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 3 Oct 2024 11:45:05 +0200 Subject: [PATCH 4/4] Check Multipath support every 10 minutes --- .../usr/share/omr/post-tracking.d/020-status | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/omr-tracker/files/usr/share/omr/post-tracking.d/020-status b/omr-tracker/files/usr/share/omr/post-tracking.d/020-status index a9a2fa1dd..570303692 100755 --- a/omr-tracker/files/usr/share/omr/post-tracking.d/020-status +++ b/omr-tracker/files/usr/share/omr/post-tracking.d/020-status @@ -159,10 +159,10 @@ if [ -n "$OMR_TRACKER_INTERFACE" ] && { [ "$(uci -q get openmptcprouter.$OMR_TRA } config_load openmptcprouter config_foreach traceboxmtutest server - [ "$(uci -q get openmptcprouter.settings.tracebox)" = "0" ] && [ -n "$OMR_TRACKER_DEVICE" ] && { - mptcpsupport="$(omr-mptcp-intf $OMR_TRACKER_DEVICE)" - [ -n "$mptcpsupport" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mptcp_status="$mptcpsupport" - } +# [ "$(uci -q get openmptcprouter.settings.tracebox)" = "0" ] && [ -n "$OMR_TRACKER_DEVICE" ] && { +# mptcpsupport="$(omr-mptcp-intf $OMR_TRACKER_DEVICE)" +# [ -n "$mptcpsupport" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mptcp_status="$mptcpsupport" +# } uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state='up' uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.lc=$(date +"%s") } @@ -277,5 +277,16 @@ if [ -n "$OMR_TRACKER_INTERFACE" ] && { [ "$(uci -q get openmptcprouter.$OMR_TRA fi #dns_flush fi +if [ "$(uci -q get openmptcprouter.settings.tracebox)" = "0" ] && [ -n "$OMR_TRACKER_DEVICE" ] && [ -n "$OMR_TRACKER_INTERFACE" ] && [ "$OMR_TRACKER_INTERFACE" != "omrvpn" ] && { [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.mplc)" = "" ] || [ $(($(date +"%s") - $(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.mplc))) -gt 600 ]; }; then + #_log "Get MPTCP status for $OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE)" + mptcpsupport="$(omr-mptcp-intf $OMR_TRACKER_DEVICE)" + #_log "MPTCP status for $OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE): $mptcpsupport" + [ -n "$mptcpsupport" ] && [ "$(uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mptcp_status)" != "$mptcpsupport" ] && { + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mptcp_status="$mptcpsupport" + uci -q commit openmptcprouter + } + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mplc=$(date +"%s") + uci -q commit openmptcprouter +fi exit 0 \ No newline at end of file