From 1aba5f5842c25156980eb930ec58f15258e2ce3d Mon Sep 17 00:00:00 2001 From: suyuan168 <175338101@qq.com> Date: Fri, 15 Apr 2022 14:41:11 +0800 Subject: [PATCH] fix iptebles6 --- 6in4/Makefile | 45 ------ 6in4/files/6in4.sh | 149 ------------------ omr-6in4/Makefile | 33 ---- omr-6in4/files/bin/omr-6in4 | 67 -------- omr-6in4/files/etc/init.d/omr-6in4 | 136 ---------------- omr-6in4/files/etc/uci-defaults/9010-omr-6in4 | 42 ----- openmptcprouter-full/Makefile | 1 - 7 files changed, 473 deletions(-) delete mode 100755 6in4/Makefile delete mode 100755 6in4/files/6in4.sh delete mode 100755 omr-6in4/Makefile delete mode 100755 omr-6in4/files/bin/omr-6in4 delete mode 100755 omr-6in4/files/etc/init.d/omr-6in4 delete mode 100755 omr-6in4/files/etc/uci-defaults/9010-omr-6in4 diff --git a/6in4/Makefile b/6in4/Makefile deleted file mode 100755 index d0f2ad30c..000000000 --- a/6in4/Makefile +++ /dev/null @@ -1,45 +0,0 @@ -# -# Copyright (C) 2010-2015 OpenWrt.org -# Copyright (C) 2018-2019 Ycarus (Yannick Chabanois) -# - Added gateway setting -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=6in4 -PKG_VERSION:=270 -PKG_RELEASE:=2 -PKG_LICENSE:=GPL-2.0 - -include $(INCLUDE_DIR)/package.mk - -define Package/6in4 - SECTION:=net - CATEGORY:=Network - DEPENDS:=@IPV6 +kmod-sit +uclient-fetch - TITLE:=IPv6-in-IPv4 configuration support - MAINTAINER:=Jo-Philipp Wich - PKGARCH:=all -endef - -define Package/6in4/description -Provides support for 6in4 tunnels in /etc/config/network. -Refer to http://wiki.openwrt.org/doc/uci/network for -configuration details. -endef - -define Build/Compile -endef - -define Build/Configure -endef - -define Package/6in4/install - $(INSTALL_DIR) $(1)/lib/netifd/proto - $(INSTALL_BIN) ./files/6in4.sh $(1)/lib/netifd/proto/6in4.sh -endef - -$(eval $(call BuildPackage,6in4)) diff --git a/6in4/files/6in4.sh b/6in4/files/6in4.sh deleted file mode 100755 index cf17c86d8..000000000 --- a/6in4/files/6in4.sh +++ /dev/null @@ -1,149 +0,0 @@ -#!/bin/sh -# 6in4.sh - IPv6-in-IPv4 tunnel backend -# Copyright (c) 2010-2015 OpenWrt.org - -[ -n "$INCLUDE_ONLY" ] || { - . /lib/functions.sh - . /lib/functions/network.sh - . ../netifd-proto.sh - init_proto "$@" -} - -proto_6in4_update() { - sh -c ' - timeout=5 - - (while [ $((timeout--)) -gt 0 ]; do - sleep 1 - kill -0 $$ || exit 0 - done; kill -9 $$) 2>/dev/null & - - exec "$@" - ' "$1" "$@" -} - -proto_6in4_add_prefix() { - append "$3" "$1" -} - -proto_6in4_setup() { - local cfg="$1" - local iface="$2" - local link="6in4-$cfg" - - local mtu ttl tos ipaddr peeraddr ip6addr ip6prefix ip6prefixes tunlink tunnelid username password updatekey gateway - json_get_vars mtu ttl tos ipaddr peeraddr ip6addr tunlink tunnelid username password updatekey gateway - json_for_each_item proto_6in4_add_prefix ip6prefix ip6prefixes - - [ -z "$peeraddr" ] && { - proto_notify_error "$cfg" "MISSING_ADDRESS" - proto_block_restart "$cfg" - return - } - - [ -n "$tunlink" ] && ( proto_add_host_dependency "$cfg" "$peeraddr" "$tunlink" ) - - [ -z "$ipaddr" ] && { - local wanif="$tunlink" - if [ -z "$wanif" ] && ! network_find_wan wanif; then - proto_notify_error "$cfg" "NO_WAN_LINK" - return - fi - - if ! network_get_ipaddr ipaddr "$wanif"; then - proto_notify_error "$cfg" "NO_WAN_LINK" - return - fi - } - - proto_init_update "$link" 1 - - [ -n "$ip6addr" ] && { - local local6="${ip6addr%%/*}" - local mask6="${ip6addr##*/}" - [[ "$local6" = "$mask6" ]] && mask6= - proto_add_ipv6_address "$local6" "$mask6" - proto_add_ipv6_route "::" 0 "" "" "" "$local6/$mask6" - } - - [ -n "$gateway" ] && { - proto_add_ipv6_route "::" 0 "$gateway" - } - - for ip6prefix in $ip6prefixes; do - proto_add_ipv6_prefix "$ip6prefix" - proto_add_ipv6_route "::" 0 "" "" "" "$ip6prefix" - done - - proto_add_tunnel - json_add_string mode sit - json_add_int mtu "${mtu:-1280}" - json_add_int ttl "${ttl:-64}" - [ -n "$tos" ] && json_add_string tos "$tos" - json_add_string local "$ipaddr" - json_add_string remote "$peeraddr" - [ -n "$tunlink" ] && json_add_string link "$tunlink" - proto_close_tunnel - - proto_send_update "$cfg" - - [ -n "$tunnelid" -a -n "$username" -a \( -n "$password" -o -n "$updatekey" \) ] && { - [ -n "$updatekey" ] && password="$updatekey" - - local http="http" - local urlget="uclient-fetch" - local urlget_opts="-qO-" - local ca_path="${SSL_CERT_DIR:-/etc/ssl/certs}" - - [ -f /lib/libustream-ssl.so ] && http=https - [ "$http" = "https" -a -z "$(find $ca_path -name "*.0" 2>/dev/null)" ] && { - urlget_opts="$urlget_opts --no-check-certificate" - } - - local url="$http://ipv4.tunnelbroker.net/nic/update?hostname=$tunnelid" - local try=0 - local max=3 - - ( - set -o pipefail - while [ $((++try)) -le $max ]; do - if proto_6in4_update $urlget $urlget_opts --user="$username" --password="$password" "$url" 2>&1 | \ - sed -e 's,^Killed$,timeout,' -e "s,^,update $try/$max: ," | \ - logger -t "$link"; - then - logger -t "$link" "updated" - return 0 - fi - sleep 5 - done - logger -t "$link" "update failed" - ) - } -} - -proto_6in4_teardown() { - local cfg="$1" -} - -proto_6in4_init_config() { - no_device=1 - available=1 - - proto_config_add_string "ipaddr" - proto_config_add_string "ip6addr" - proto_config_add_array "ip6prefix" - proto_config_add_string "peeraddr" - proto_config_add_string "tunlink" - proto_config_add_string "tunnelid" - proto_config_add_string "username" - proto_config_add_string "password" - proto_config_add_string "updatekey" - proto_config_add_string "gateway" - proto_config_add_int "mtu" - proto_config_add_int "ttl" - proto_config_add_string "tos" -} - -[ -n "$INCLUDE_ONLY" ] || { - add_protocol 6in4 -} diff --git a/omr-6in4/Makefile b/omr-6in4/Makefile deleted file mode 100755 index 414133335..000000000 --- a/omr-6in4/Makefile +++ /dev/null @@ -1,33 +0,0 @@ -# -# Copyright (C) 2018-2019 Ycarus (Yannick Chabanois) -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=omr-6in4 -PKG_VERSION:=0.4 -PKG_RELEASE:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/$(PKG_NAME) -SECTION:=OMR -CATEGORY:=OpenMPTCProuter -TITLE:=OpenMPTCProuter 6in4 -endef - -define Package/$(PKG_NAME)/description -OpenMPTCProuter 6in4 package -endef - -define Build/Compile -endef - -define Package/$(PKG_NAME)/install - $(CP) ./files/* $(1)/ -endef - -$(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/omr-6in4/files/bin/omr-6in4 b/omr-6in4/files/bin/omr-6in4 deleted file mode 100755 index 8bf094a50..000000000 --- a/omr-6in4/files/bin/omr-6in4 +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/sh -# Copyright (C) 2018-2019 Ycarus (Yannick Chabanois) - -while true; do - if [ "$(uci -q get glorytun.vpn.enable)" = "1" ]; then - iface=$(uci -q get glorytun.vpn.dev) - addr=$(uci -q get glorytun.vpn.localip) - peer=$(uci -q get glorytun.vpn.remoteip) - elif [ "$(uci -q get glorytun-udp.vpn.enable)" = "1" ]; then - iface=$(uci -q get glorytun-udp.vpn.dev) - addr=$(uci -q get glorytun-udp.vpn.localip) - peer=$(uci -q get glorytun-udp.vpn.remoteip) - elif [ "$(uci -q get dsvpn.vpn.enable)" = "1" ]; then - iface=$(uci -q get dsvpn.vpn.dev) - addr=$(uci -q get dsvpn.vpn.localip) - peer=$(uci -q get dsvpn.vpn.remoteip) - elif [ "$(uci -q get mlvpn.general.enable)" = "1" ]; then - iface=$(uci -q get mlvpn.general.interface_name) - elif [ "$(uci -q get openvpn.omr.enabled)" = "1" ]; then - iface=$(uci -q get openvpn.omr.dev) - fi - [ -z "$addr" ] && addr=$(ubus call network.interface.omrvpn status | jsonfilter -q -e '@["ipv4-address"][0].address' | tr -d "\n") - if [ -n "$iface" ] && [ -d "/sys/class/net/$iface" ]; then - [ -z "$addr" ] && [ -n "$iface" ] && addr=$(ip -4 addr show dev $iface | grep inet | awk '{print $2}' | cut -d/ -f1 | tr -d "\n") - [ -z "$peer" ] && peer=$(ubus call network.interface.omrvpn status | jsonfilter -q -l 1 -e '@.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") - [ -z "$peer" ] && peer=$(ip -4 r list dev $iface | grep via | grep -v default | grep -v metric | grep -v / | awk '{print $1; exit}' | tr -d "\n") - [ -z "$peer" ] && peer=$(ip -4 r list dev $iface | grep kernel | awk '/proto kernel/ {print $1}' | grep -v / | tr -d "\n") - [ -n "$addr" ] && [ -n "$peer" ] && { - if [ "$addr" != "$(uci -q get network.omr6in4.ipaddr)" ] || [ "$peer" != "$(uci -q get network.omr6in4.peeraddr)" ] || [ "$(ip -6 route show default | grep via)" = "" ]; then - logger -t "omr6in4" "Set network for OMR 6in4 to local $addr peer $peer" - uci -q batch <<-EOF - set network.omr6in4.ipaddr=$addr - set network.omr6in4.peeraddr=$peer - set network.omr6in4.metric=1 - commit network - EOF - if [ -n "$(ip tunnel | grep omr6in4)" ]; then - ip tunnel change "6in4-omr6in4" mode sit local ${addr} remote ${peer} ttl 64 > /dev/null 2>&1 - else - ifup omr6in4 > /dev/null 2>&1 - fi - sleep 5 - #ipv6_addr=$(ip -6 addr show dev 6in4-omr6in4 | grep inet | awk '{print $2'} | cut -d/ -f1 | tr -d "\n") - #ipv6_gw=$(echo $ipv6_addr | sed 's/1$/2') - ipv6_addr=$(ubus call network.interface.omr6in4 status | jsonfilter -q -l 1 -e '@["ipv6-address"][0].address' | tr -d "\n") - ip -6 addr add $ipv6_addr dev 6in4-omr6in4 > /dev/null 2>&1 - ipv6_gw=$(ubus call network.interface.omr6in4 status | jsonfilter -q -l 1 -e '@.route[@.target="::"].nexthop' | tr -d "\n") - [ "$ipv6_gw" = "::" ] && ipv6_gw='fe80::a00:1' - [ -z "$ipv6_gw" ] && ipv6_gw='fe80::a00:1' - #[ -z "$ipv6_gw" ] && ipv6_gw='fe80::aff:ff01' - ip -6 route add ${ipv6_gw} dev 6in4-omr6in4 > /dev/null 2>&1 - ip -6 route 2002::/16 dev 6in4-omr6in4 > /dev/null 2>&1 - ip -6 route replace default via ${ipv6_gw} dev 6in4-omr6in4 metric 1 > /dev/null 2>&1 - if [ "$(uci -q get openmptcprouter.settings.uci_route)" = "1" ]; then - uci -q batch <<-EOF - set network.omr6in4_route6_default=route6 - set network.omr6in4_route6_default.interface=omr6in4 - set network.omr6in4_route6_default.target='::' - set network.omr6in4_route6_default.gateway=$ipv6_gw - commit network - EOF - fi - fi - } - fi - sleep 10 -done \ No newline at end of file diff --git a/omr-6in4/files/etc/init.d/omr-6in4 b/omr-6in4/files/etc/init.d/omr-6in4 deleted file mode 100755 index 8a3e38a38..000000000 --- a/omr-6in4/files/etc/init.d/omr-6in4 +++ /dev/null @@ -1,136 +0,0 @@ -#!/bin/sh /etc/rc.common -# Copyright (C) 2018 Ycarus (Yannick Chabanois) -# shellcheck disable=SC2039 -# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 : - -# shellcheck disable=SC2034 -{ - START=99 - STOP=10 - USE_PROCD=1 -} - -set_shadowsocks_address() { - uci -q set shadowsocks-libev.$1.local_address="$2" -} - -set_ipv6_state() { - local disable_ipv6="$(uci -q get openmptcprouter.settings.disable_ipv6)" - [ -z "$disable_ipv6" ] && disable_ipv6="1" - #previous=$(sysctl -qn net.ipv6.conf.all.disable_ipv6 | tr -d "\n") - previous="$(uci -q get network.lan.ipv6)" - #sysctl -qw net.ipv6.conf.all.disable_ipv6=$disable_ipv6 - #sed -i "s:^net.ipv6.conf.all.disable_ipv6=[0-9]*:net.ipv6.conf.all.disable_ipv6=$disable_ipv6:" /etc/sysctl.d/zzz_openmptcprouter.conf - sed -i "s:^net.ipv6.conf.all.disable_ipv6=[0-9]*::" /etc/sysctl.d/zzz_openmptcprouter.conf - sysctl -qw net.ipv6.conf.all.disable_ipv6=0 - - uci -q batch <<-EOF >/dev/null - set firewall.@defaults[0].disable_ipv6=$disable_ipv6 - commit firewall - EOF - - if [ "$disable_ipv6" == "1" ]; then - logger -t "omr-6in4" "Disable IPv6" - uci -q batch <<-EOF >/dev/null - set dhcp.lan.ra_default="0" - set network.lan.ipv6="0" - delete network.lan.ipv6 - delete dhcp.lan.dhcpv6 - delete dhcp.lan.ra - delete dhcp.lan.ra_default - delete dhcp.lan.ra_management - delete dhcp.lan.ra_preference - unbound.ub_main.protocol='ip4_only' - commit unbound - del_list v2ray.main.inbounds="omr6" - commit v2ray - EOF - config_load shadowsocks-libev - config_foreach set_shadowsocks_address ss_redir "0.0.0.0" - uci -q batch <<-EOF >/dev/null - commit network - commit dhcp - commit shadowsocks-libev - EOF - [ ! -f /etc/wgetrc ] && cp /etc/wgetrc4 /etc/wgetrc - else - logger -t "omr-6in4" "Enable IPv6" - uci -q batch <<-EOF >/dev/null - set dhcp.lan.dhcpv6="server" - set dhcp.lan.ra="server" - set dhcp.lan.ra_default="1" - set dhcp.lan.ra_preference="high" - set dhcp.lan.ra_management="1" - delete dhcp.lan.ra_flags - add_list dhcp.lan.ra_flags='managed-config' - set dhcp.lan.ra_slaac='1' - add_list dhcp.lan.ra_flags='other-config' - set network.lan.ipv6="1" - set network.lan.delegate="0" - set network.omr6in4.force_link=1 - set network.omr6in4.metric=1 - delete network.omr6in4.auto - unbound.ub_main.protocol='mixed' - commit unbound - EOF - if [ "$(uci -q get network.lan.ip6assign)" = "" ]; then - uci -q set network.lan.ip6assign='60' - fi - if [ "$(uci -q get network.globals.ula_prefix)" = "" ]; then - r1=$(dd if=/dev/urandom bs=1 count=1 |hexdump -e '1/1 "%02x"') - r2=$(dd if=/dev/urandom bs=2 count=1 |hexdump -e '2/1 "%02x"') - r3=$(dd if=/dev/urandom bs=2 count=1 |hexdump -e '2/1 "%02x"') - uci -q set network.globals.ula_prefix=fd$r1:$r2:$r3::/48 - fi - - config_load shadowsocks-libev - config_foreach set_shadowsocks_address ss_redir "::" - uci -q batch <<-EOF >/dev/null - commit network - commit dhcp - commit shadowsocks-libev - EOF - /etc/init.d/shadowsocks-libev restart - if [ "$(uci -q get v2ray.main.inbounds | grep omr6)" = "" ]; then - uci -q batch <<-EOF >/dev/null - add_list v2ray.main.inbounds="omr6" - commit v2ray - EOF - /etc/init.d/v2ray restart - fi - rm -f /etc/wgetrc - fi - /etc/init.d/odhcpd restart - if [ "$previous" != "1" ]; then - env -i /bin/ubus call network reload - fi -} - - -start_service() { - [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "1" ] && [ "$(uci -q get network.lan.ipv6)" != "1" ] && set_ipv6_state - [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "0" ] && { - ifdown omr6in4 - /etc/init.d/odhcpd stop - return - } - [ "$(ifstatus omr6in4 | jsonfilter -e '@.up' | tr -d '\n')" != "true" ] && ifup omr6in4 - multipath 6in4-omr6in4 off 2>&1 >/dev/null - - procd_open_instance - # shellcheck disable=SC2086 - procd_set_param command /bin/omr-6in4 - procd_set_param limits nofile="51200 51200" - procd_set_param respawn 0 10 0 - procd_set_param stderr 1 - procd_close_instance -} - -service_triggers() { - procd_add_reload_trigger "openmptcprouter" -} - -reload_service() { - stop - start -} diff --git a/omr-6in4/files/etc/uci-defaults/9010-omr-6in4 b/omr-6in4/files/etc/uci-defaults/9010-omr-6in4 deleted file mode 100755 index 56ca8b282..000000000 --- a/omr-6in4/files/etc/uci-defaults/9010-omr-6in4 +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/sh - -. /lib/functions.sh - -if [ "$(uci -q show network | grep omr6in4)" = "" ]; then - uci -q batch <<-EOF >/dev/null - set network.omr6in4=interface - set network.omr6in4.proto=6in4 - set network.omr6in4.ip4table=vpn - set network.omr6in4.multipath=off - set network.omr6in4.ipaddr=10.255.255.2 - set network.omr6in4.peeraddr=10.255.255.1 - set network.omr6in4.gateway=fe80::a00:1 - set network.omr6in4.ip6addr='fe80::a00:2/128' - set network.omr6in4.auto='0' - commit network - EOF -fi - -if [ "$(uci -q get ucitrack.@network[-1].affects | grep omr6in4)" = "" ]; then - uci -q batch <<-EOF >/dev/null - add_list ucitrack.@network[-1].affects=omr6in4 - commit ucitrack - EOF -fi - - -if [ "$(uci -q get network.omr6in4.ip6addr)" = "" ]; then - uci -q batch <<-EOF >/dev/null - set network.omr6in4.ip6addr=fe80::a00:2 - commit network - EOF -fi - -if [ "$(uci -q get firewall.zone_vpn.network | grep omr6in4)" = "" ]; then - uci -q batch <<-EOF >/dev/null - add_list firewall.zone_vpn.network=omr6in4 - commit firewall - EOF -fi -rm -f /tmp/luci-indexcache -exit 0 diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index c57fca2a7..3989acfb7 100755 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -44,7 +44,6 @@ MY_DEPENDS := \ luci-mod-rpc rpcd-mod-rpcsys rpcd-mod-file rpcd-mod-iwinfo \ luci-app-openvpn \ shadowsocks-libev-ss-server shadowsocks-libev-ss-tunnel \ - omr-6in4 ip6tables-mod-nat luci-proto-ipv6 6to4 6in4 6rd ip6tables \ iftop \ htop \ nano \