diff --git a/6in4/Makefile b/6in4/Makefile new file mode 100644 index 000000000..d0f2ad30c --- /dev/null +++ b/6in4/Makefile @@ -0,0 +1,45 @@ +# +# Copyright (C) 2010-2015 OpenWrt.org +# Copyright (C) 2018-2019 Ycarus (Yannick Chabanois) +# - Added gateway setting +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=6in4 +PKG_VERSION:=270 +PKG_RELEASE:=2 +PKG_LICENSE:=GPL-2.0 + +include $(INCLUDE_DIR)/package.mk + +define Package/6in4 + SECTION:=net + CATEGORY:=Network + DEPENDS:=@IPV6 +kmod-sit +uclient-fetch + TITLE:=IPv6-in-IPv4 configuration support + MAINTAINER:=Jo-Philipp Wich + PKGARCH:=all +endef + +define Package/6in4/description +Provides support for 6in4 tunnels in /etc/config/network. +Refer to http://wiki.openwrt.org/doc/uci/network for +configuration details. +endef + +define Build/Compile +endef + +define Build/Configure +endef + +define Package/6in4/install + $(INSTALL_DIR) $(1)/lib/netifd/proto + $(INSTALL_BIN) ./files/6in4.sh $(1)/lib/netifd/proto/6in4.sh +endef + +$(eval $(call BuildPackage,6in4)) diff --git a/6in4/files/6in4.sh b/6in4/files/6in4.sh new file mode 100644 index 000000000..cf17c86d8 --- /dev/null +++ b/6in4/files/6in4.sh @@ -0,0 +1,149 @@ +#!/bin/sh +# 6in4.sh - IPv6-in-IPv4 tunnel backend +# Copyright (c) 2010-2015 OpenWrt.org + +[ -n "$INCLUDE_ONLY" ] || { + . /lib/functions.sh + . /lib/functions/network.sh + . ../netifd-proto.sh + init_proto "$@" +} + +proto_6in4_update() { + sh -c ' + timeout=5 + + (while [ $((timeout--)) -gt 0 ]; do + sleep 1 + kill -0 $$ || exit 0 + done; kill -9 $$) 2>/dev/null & + + exec "$@" + ' "$1" "$@" +} + +proto_6in4_add_prefix() { + append "$3" "$1" +} + +proto_6in4_setup() { + local cfg="$1" + local iface="$2" + local link="6in4-$cfg" + + local mtu ttl tos ipaddr peeraddr ip6addr ip6prefix ip6prefixes tunlink tunnelid username password updatekey gateway + json_get_vars mtu ttl tos ipaddr peeraddr ip6addr tunlink tunnelid username password updatekey gateway + json_for_each_item proto_6in4_add_prefix ip6prefix ip6prefixes + + [ -z "$peeraddr" ] && { + proto_notify_error "$cfg" "MISSING_ADDRESS" + proto_block_restart "$cfg" + return + } + + [ -n "$tunlink" ] && ( proto_add_host_dependency "$cfg" "$peeraddr" "$tunlink" ) + + [ -z "$ipaddr" ] && { + local wanif="$tunlink" + if [ -z "$wanif" ] && ! network_find_wan wanif; then + proto_notify_error "$cfg" "NO_WAN_LINK" + return + fi + + if ! network_get_ipaddr ipaddr "$wanif"; then + proto_notify_error "$cfg" "NO_WAN_LINK" + return + fi + } + + proto_init_update "$link" 1 + + [ -n "$ip6addr" ] && { + local local6="${ip6addr%%/*}" + local mask6="${ip6addr##*/}" + [[ "$local6" = "$mask6" ]] && mask6= + proto_add_ipv6_address "$local6" "$mask6" + proto_add_ipv6_route "::" 0 "" "" "" "$local6/$mask6" + } + + [ -n "$gateway" ] && { + proto_add_ipv6_route "::" 0 "$gateway" + } + + for ip6prefix in $ip6prefixes; do + proto_add_ipv6_prefix "$ip6prefix" + proto_add_ipv6_route "::" 0 "" "" "" "$ip6prefix" + done + + proto_add_tunnel + json_add_string mode sit + json_add_int mtu "${mtu:-1280}" + json_add_int ttl "${ttl:-64}" + [ -n "$tos" ] && json_add_string tos "$tos" + json_add_string local "$ipaddr" + json_add_string remote "$peeraddr" + [ -n "$tunlink" ] && json_add_string link "$tunlink" + proto_close_tunnel + + proto_send_update "$cfg" + + [ -n "$tunnelid" -a -n "$username" -a \( -n "$password" -o -n "$updatekey" \) ] && { + [ -n "$updatekey" ] && password="$updatekey" + + local http="http" + local urlget="uclient-fetch" + local urlget_opts="-qO-" + local ca_path="${SSL_CERT_DIR:-/etc/ssl/certs}" + + [ -f /lib/libustream-ssl.so ] && http=https + [ "$http" = "https" -a -z "$(find $ca_path -name "*.0" 2>/dev/null)" ] && { + urlget_opts="$urlget_opts --no-check-certificate" + } + + local url="$http://ipv4.tunnelbroker.net/nic/update?hostname=$tunnelid" + local try=0 + local max=3 + + ( + set -o pipefail + while [ $((++try)) -le $max ]; do + if proto_6in4_update $urlget $urlget_opts --user="$username" --password="$password" "$url" 2>&1 | \ + sed -e 's,^Killed$,timeout,' -e "s,^,update $try/$max: ," | \ + logger -t "$link"; + then + logger -t "$link" "updated" + return 0 + fi + sleep 5 + done + logger -t "$link" "update failed" + ) + } +} + +proto_6in4_teardown() { + local cfg="$1" +} + +proto_6in4_init_config() { + no_device=1 + available=1 + + proto_config_add_string "ipaddr" + proto_config_add_string "ip6addr" + proto_config_add_array "ip6prefix" + proto_config_add_string "peeraddr" + proto_config_add_string "tunlink" + proto_config_add_string "tunnelid" + proto_config_add_string "username" + proto_config_add_string "password" + proto_config_add_string "updatekey" + proto_config_add_string "gateway" + proto_config_add_int "mtu" + proto_config_add_int "ttl" + proto_config_add_string "tos" +} + +[ -n "$INCLUDE_ONLY" ] || { + add_protocol 6in4 +} diff --git a/luci-app-omr-bypass/Makefile b/luci-app-omr-bypass/Makefile index fac789d4b..cbce20358 100644 --- a/luci-app-omr-bypass/Makefile +++ b/luci-app-omr-bypass/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=LuCI Interface to bypass domains -LUCI_DEPENDS:=+dnsmasq-full +shadowsocks-libev-ss-rules +iptables-mod-extra +iptables +LUCI_DEPENDS:=+dnsmasq-full +shadowsocks-libev-ss-rules +iptables-mod-ndpi +iptables-mod-extra +kmod-ipt-ndpi +iptables PKG_LICENSE:=GPLv3 diff --git a/omr-tracker/files/etc/config/omr-tracker b/omr-tracker/files/etc/config/omr-tracker index 7c0671b28..f07da7b35 100644 --- a/omr-tracker/files/etc/config/omr-tracker +++ b/omr-tracker/files/etc/config/omr-tracker @@ -48,6 +48,9 @@ config proxy 'proxy' list hosts '113.105.165.19' list hosts '14.215.167.223' list hosts '198.27.92.1' + list hosts '151.101.129.164' + list hosts '77.88.55.77' + list hosts '1.1.1.1' list hosts '74.82.42.42' list hosts '176.103.130.130' option timeout '10' diff --git a/omr-tracker/files/etc/uci-defaults/omr-tracker b/omr-tracker/files/etc/uci-defaults/omr-tracker index 11f985272..7ae77dddf 100755 --- a/omr-tracker/files/etc/uci-defaults/omr-tracker +++ b/omr-tracker/files/etc/uci-defaults/omr-tracker @@ -46,6 +46,7 @@ if [ "$(uci -q get omr-tracker.proxy.hosts | grep '23.96.52.53')" != "" ]; then del_list omr-tracker.proxy.hosts='80.67.169.12' add_list omr-tracker.proxy.hosts='104.16.1.1' add_list omr-tracker.proxy.hosts='198.27.92.1' + add_list omr-tracker.proxy.hosts='151.101.129.164' commit omr-tracker EOF fi diff --git a/openmptcprouter-zuixiao/Makefile b/openmptcprouter-zuixiao/Makefile new file mode 100644 index 000000000..c5d329737 --- /dev/null +++ b/openmptcprouter-zuixiao/Makefile @@ -0,0 +1,107 @@ +# +# Copyright (C) 2018-2019 Ycarus (Yannick Chabanois) +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=openmptcprouter-zuixiao +PKG_VERSION:=0.1 +PKG_RELEASE:=1 + +include $(INCLUDE_DIR)/package.mk + +MY_DEPENDS := \ + mptcp \ + unbound-daemon unbound-control unbound-anchor \ + netifd \ + luci-app-dsvpn \ + mc \ + f2fs-tools \ + openmptcprouter \ + dnsmasq-full \ + uhttpd \ + uhttpd-mod-ubus \ + curl \ + iperf3-ssl luci-app-iperf \ + arptables \ + bind-dig \ + libnetfilter-conntrack ebtables ebtables-utils ip-full \ + iptables-mod-iface iptables-mod-ipmark iptables-mod-hashlimit iptables-mod-condition iptables-mod-trace iptables-mod-conntrack-extra iptables-mod-account \ + kmod-nf-nat kmod-nf-nathelper kmod-nf-nathelper-extra iptables-mod-extra kmod-ledtrig-activity kmod-ledtrig-gpio kmod-ledtrig-oneshot kmod-ledtrig-transient kmod-ledtrig-disk kmod-ledtrig-mtd kmod-ledtrig-heartbeat kmod-ledtrig-backlight kmod-ledtrig-cpu kmod-ledtrig-panic kmod-ledtrig-netdev kmod-ledtrig-pattern kmod-ipt-led \ + iptables-mod-ipsec kmod-crypto-authenc kmod-ipsec kmod-ipsec4 kmod-ipsec6 kmod-ipt-ipsec \ + wireless-tools \ + libiwinfo-lua \ + ca-bundle ca-certificates \ + luci-mod-admin-full luci-app-firewall luci-app-glorytun-tcp luci-app-glorytun-udp luci-app-shadowsocks-libev luci-app-unbound luci-theme-openmptcprouter luci-theme-argon luci-theme-bootstrap luci-base \ + luci-app-omr-tracker luci-app-omr-dscp \ + luci-app-sqm sqm-scripts-extra luci-app-status luci-mod-status frpc rtty-nossl minicom irqbalance mtr \ + luci-app-vnstat2 omr-quota luci-app-omr-quota \ + luci-app-mptcp luci-app-openmptcprouter luci-app-omr-bypass luci-app-mail luci-app-upnp \ + luci-app-wol luci-app-opkg \ + luci-app-uhttpd \ + luci-mod-rpc rpcd-mod-rpcsys rpcd-mod-file rpcd-mod-iwinfo \ + luci-app-openvpn \ + macvlan \ + shadowsocks-libev-ss-server shadowsocks-libev-ss-tunnel \ + omr-6in4 ip6tables-mod-nat luci-proto-ipv6 6to4 6in4 6rd ip6tables \ + speedtestc \ + iftop \ + htop \ + nano \ + tcpdump \ + ethtool \ + iputils-ping \ + tracebox \ + !TARGET_mvebu:luci-proto-3g \ + !TARGET_mvebu:comgt-ncm !TARGET_mvebu:luci-proto-ncm \ + !TARGET_mvebu:luci-proto-modemmanager \ + !TARGET_mvebu:luci-proto-ppp \ + omr-update \ + rng-tools \ + openvpn-openssl \ + mmc-utils \ + libimobiledevice \ + comgt \ + kmod-random-core \ + kmod-netem \ + ca-bundle openssl-util \ + dejavu-fonts-ttf-DejaVuSerif dejavu-fonts-ttf-DejaVuSerif-Bold dejavu-fonts-ttf-DejaVuSerif-Italic dejavu-fonts-ttf-DejaVuSerif-BoldItalic \ + luci-app-snmpd \ + iputils-tracepath netcat adb-enablemodem simple-obfs \ + (TARGET_x86||TARGET_x86_64):kmod-iwlwifi (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl1000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl100 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl105 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl135 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl2000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl2030 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl3160 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl3168 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl5000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl5150 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2a (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2b (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6050 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7260 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7265 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7265d (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl8260c (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl8265 \ + (TARGET_x86||TARGET_x86_64):kmod-e1000 (TARGET_x86||TARGET_x86_64):kmod-e1000e (TARGET_x86||TARGET_x86_64):kmod-igb (TARGET_x86||TARGET_x86_64):kmod-ne2k-pci (TARGET_x86||TARGET_x86_64):kmod-r8169 (TARGET_x86||TARGET_x86_64):kmod-8139too (TARGET_x86||TARGET_x86_64):kmod-bnx2 \ + TARGET_mvebu:kmod-mwlwifi TARGET_mvebu:mwlwifi-firmware-88w8864 TARGET_mvebu:mwlwifi-firmware-88w8897 TARGET_mvebu:mwlwifi-firmware-88w8964 TARGET_mvebu:mwlwifi-firmware-88w8997 \ + !TARGET_mvebu:kmod-usb-serial !TARGET_mvebu:kmod-usb-serial-option !TARGET_mvebu:kmod-usb-serial-wwan !TARGET_mvebu:usb-modeswitch !TARGET_mvebu:uqmi \ + !TARGET_mvebu:umbim !TARGET_mvebu:kmod-mii !TARGET_mvebu:kmod-usb-net !TARGET_mvebu:kmod-usb-wdm !TARGET_mvebu:kmod-usb-net-qmi-wwan !TARGET_mvebu:kmod-usb-net-cdc-mbim !TARGET_mvebu:umbim \ + !TARGET_mvebu:kmod-usb-net-huawei-cdc-ncm !TARGET_mvebu:kmod-usb-net-rndis !TARGET_mvebu:kmod-usb-net-cdc-ether !TARGET_mvebu:kmod-usb-net-ipheth !TARGET_mvebu:usbmuxd \ + kmod-rt2800-usb kmod-rtl8xxxu kmod-rtl8192cu kmod-net-rtl8192su \ + !TARGET_mvebu:luci-proto-qmi wpad-basic kmod-mt7601u kmod-rtl8187 \ + luci-app-mlvpn mlvpn 464xlat !TARGET_mvebu:kmod-usb-net-smsc75xx kmod-zram kmod-swconfig swconfig kmod-ipt-nat kmod-ipt-nat6 luci-app-https-dns-proxy kmod-tcp-nanqinlang (TARGET_x86_64||aarch64):kmod-tcp-bbr2 iptables-mod-ipopt igmpproxy ss iptraf-ng \ + luci-app-acl block-mount blockd fstools luci-app-shutdown libwebp luci-proto-gre tcptraceroute luci-proto-mbim kmod-rtl8xxxu kmod-ath9k-htc luci-app-ttyd luci-mod-dashboard (TARGET_x86||TARGET_x86_64):rtl8192eu-firmware kmod-usb2 libustream-wolfssl (TARGET_x86||TARGET_x86_64):kmod-ixgbevf \ + hwinfo (TARGET_x86||TARGET_x86_64):dmidecode luci-app-packet-capture kmod-bonding luci-proto-bonding \ + luci-theme-openwrt-2020 luci-proto-wireguard luci-app-wireguard (TARGET_x86||TARGET_x86_64):kmod-r8125 + +OMR_SUPPORTED_LANGS := zh-cn zh-tw oc + +define Package/$(PKG_NAME) +SECTION:=OMR +CATEGORY:=OpenMPTCProuter +DEPENDS:=$(foreach p,$(MY_DEPENDS),+$(p)) $(foreach lang,$(OMR_SUPPORTED_LANGS),+LUCI_LANG_$(lang):luci-i18n-base-$(lang)) +TITLE:=OpenMPTCProuter zuixiao Package +endef + +define Package/$(PKG_NAME)/description +OpenMPTCProuter zuixiao package +endef + +define Build/Compile +endef + +define Package/$(PKG_NAME)/install +endef + + +$(eval $(call BuildPackage,$(PKG_NAME))) \ No newline at end of file diff --git a/xtables-addons/Makefile b/xtables-addons/Makefile index c5e2c3f8a..fa7587589 100644 --- a/xtables-addons/Makefile +++ b/xtables-addons/Makefile @@ -9,9 +9,9 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=xtables-addons -PKG_VERSION:=3.13 +PKG_VERSION:=3.18 PKG_RELEASE:=4 -PKG_HASH:=893c0c4ea09759cda1ab7e68f1281d125e59270f7b59e446204ce686c6a76d65 +PKG_HASH:=a77914a483ff381663f52120577e5e9355ca07cca73958b038e09d91247458d5 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://inai.de/files/xtables-addons/ diff --git a/xtables-addons/patches/200-add-lua-packetscript.patch b/xtables-addons/patches/200-add-lua-packetscript.patch index 6f68802fe..8dd926712 100644 --- a/xtables-addons/patches/200-add-lua-packetscript.patch +++ b/xtables-addons/patches/200-add-lua-packetscript.patch @@ -17927,7 +17927,7 @@ + + L = lua_envs[info->state_id]->L; + -+ if (!skb_ensure_writable(pskb, pskb->len)) ++ if (!skb_make_writable(pskb, pskb->len)) + return NF_DROP; + + /* call the function provided by --function parameter or the default 'process_packet' defined in Lua */ @@ -17984,7 +17984,7 @@ + int32_t ret; + struct lua_env * env = kmalloc(sizeof(struct lua_env), GFP_KERNEL); + -+ if (!(script_size > 0)) { ++ if (!script_size > 0) { + pr_debug("LUA [%d]: script_size %lu < 0\n", state_id, script_size); + return false; + } @@ -18134,7 +18134,7 @@ + --- a/extensions/Kbuild +++ b/extensions/Kbuild -@@ -27,6 +27,7 @@ obj-${build_pknock} += pknock/ +@@ -28,6 +28,7 @@ obj-${build_pknock} += pknock/ obj-${build_psd} += xt_psd.o obj-${build_quota2} += xt_quota2.o obj-${build_rtsp} += rtsp/ @@ -18144,14 +18144,14 @@ -include ${M}/Kbuild.* --- a/extensions/Mbuild +++ b/extensions/Mbuild -@@ -22,3 +22,4 @@ obj-${build_pknock} += pknock/ +@@ -23,3 +23,4 @@ obj-${build_pknock} += pknock/ obj-${build_psd} += libxt_psd.so obj-${build_quota2} += libxt_quota2.so obj-${build_gradm} += libxt_gradm.so +obj-${build_LUA} += LUA/ --- a/mconfig +++ b/mconfig -@@ -23,3 +23,4 @@ build_pknock=m +@@ -24,3 +24,4 @@ build_pknock=m build_psd=m build_quota2=m build_rtsp=m diff --git a/xtables-addons/patches/201-fix-lua-packetscript.patch b/xtables-addons/patches/201-fix-lua-packetscript.patch index a9fb796d0..5a016e2ae 100644 --- a/xtables-addons/patches/201-fix-lua-packetscript.patch +++ b/xtables-addons/patches/201-fix-lua-packetscript.patch @@ -22,6 +22,15 @@ { uint32_t verdict; lua_packet_segment *p; +@@ -79,7 +79,7 @@ lua_tg(struct sk_buff *pskb, const struc + + L = lua_envs[info->state_id]->L; + +- if (!skb_make_writable(pskb, pskb->len)) ++ if (skb_ensure_writable(pskb, pskb->len)) + return NF_DROP; + + /* call the function provided by --function parameter or the default 'process_packet' defined in Lua */ @@ -88,11 +88,11 @@ lua_tg(struct sk_buff *pskb, const struc /* push the lua_packet_segment as a parameter */ p = (lua_packet_segment *)lua_newuserdata(L, sizeof(lua_packet_segment));