From ab045f47ce520011d2f93cffa2e517cbd85f411f Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Thu, 24 Oct 2024 10:22:12 +0200
Subject: [PATCH 1/6] Fix when VPN is back UP

---
 omr-tracker/files/usr/share/omr/post-tracking.d/003-up | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/omr-tracker/files/usr/share/omr/post-tracking.d/003-up b/omr-tracker/files/usr/share/omr/post-tracking.d/003-up
index 96e493441..81a8ca0d7 100755
--- a/omr-tracker/files/usr/share/omr/post-tracking.d/003-up
+++ b/omr-tracker/files/usr/share/omr/post-tracking.d/003-up
@@ -11,7 +11,7 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ]; then
 	exit 0
 fi
 
-if [ "$OMR_TRACKER_PREV_STATUS" = "$OMR_TRACKER_STATUS" ] && [ -n "$OMR_TRACKER_INTERFACE" ] && [ "$OMR_TRACKER_PREV_DEVICE_IP" = "$OMR_TRACKER_DEVICE_IP" ] && [ "$OMR_TRACKER_PREV_DEVICE_IP6" = "$OMR_TRACKER_DEVICE_IP6" ] && (([ -n "$OMR_TRACKER_DEVICE_GATEWAY" ] && [ -n "$(ip r show table 991337)" ]) || ([ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ] && [ -n "$(ip -6 r show table 6991337)" ])); then
+if [ "$OMR_TRACKER_INTERFACE" != "omrvpn" ] && [ "$OMR_TRACKER_INTERFACE" != "omr6in4" ] && [ "$OMR_TRACKER_PREV_STATUS" = "$OMR_TRACKER_STATUS" ] && [ -n "$OMR_TRACKER_INTERFACE" ] && [ "$OMR_TRACKER_PREV_DEVICE_IP" = "$OMR_TRACKER_DEVICE_IP" ] && [ "$OMR_TRACKER_PREV_DEVICE_IP6" = "$OMR_TRACKER_DEVICE_IP6" ] && (([ -n "$OMR_TRACKER_DEVICE_GATEWAY" ] && [ -n "$(ip r show table 991337)" ]) || ([ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ] && [ -n "$(ip -6 r show table 6991337)" ])); then
 	exit 0
 fi
 

From ebce49935a1416b2526d2de6161e9693fafc14f1 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Tue, 29 Oct 2024 09:34:12 +0100
Subject: [PATCH 2/6] Add ACL for ModemManager Ubus

---
 .../root/usr/share/rpcd/acl.d/luci-proto-modemmanager.json     | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/luci-proto-modemmanager/root/usr/share/rpcd/acl.d/luci-proto-modemmanager.json b/luci-proto-modemmanager/root/usr/share/rpcd/acl.d/luci-proto-modemmanager.json
index cde3e9cbb..0987c1c24 100644
--- a/luci-proto-modemmanager/root/usr/share/rpcd/acl.d/luci-proto-modemmanager.json
+++ b/luci-proto-modemmanager/root/usr/share/rpcd/acl.d/luci-proto-modemmanager.json
@@ -8,6 +8,9 @@
 				"/usr/bin/mmcli -m [0-9]* -J": [ "exec" ],
 				"/usr/bin/mmcli -i [0-9]* -J": [ "exec" ],
 				"/usr/bin/mmcli -m [0-9]* --location-get -J": [ "exec" ]
+			},
+			"ubus": {
+				"modemmanager": [ "*" ]
 			}
 		}
 	}

From d11f4092253fb096afa1be881952aad8c79658f1 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Tue, 29 Oct 2024 09:34:53 +0100
Subject: [PATCH 3/6] Update TTL settings to nftables

---
 openmptcprouter/files/etc/firewall.ttl                   | 8 ++++++--
 openmptcprouter/files/etc/uci-defaults/1980-omr-firewall | 4 +++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/openmptcprouter/files/etc/firewall.ttl b/openmptcprouter/files/etc/firewall.ttl
index 0c48ee873..611ce9fa2 100644
--- a/openmptcprouter/files/etc/firewall.ttl
+++ b/openmptcprouter/files/etc/firewall.ttl
@@ -5,8 +5,12 @@
 _set_ttl() {
 	device=$(uci -q get network.$1.name)
 	ttl=$(uci -q get network.$1.ttl)
-	if [ -n "$ttl" ] && [ -z "$(iptables-save 2>/dev/null | grep TTL | grep $device)" ]; then
-		iptables -w -t mangle -I POSTROUTING -o $device -j TTL --ttl-set $ttl 2>&1 >/dev/null
+	if [ -n "$ttl" ]; then
+		if [ -e /usr/sbin/iptables-nft ] && [ -z "$(nft list ruleset 2>/dev/null | grep ttl | grep $device)" ]; then
+			nft add rule inet fw4 mangle_forward oifname $device ip ttl set $ttl >/dev/null 2>&1
+		elif [ ! -e /usr/sbin/iptables-nft ] && [ -z "$(iptables-save 2>/dev/null | grep TTL | grep $device)" ]; then
+			iptables -w -t mangle -I POSTROUTING -o $device -j TTL --ttl-set $ttl >/dev/null 2>&1
+		fi
 	fi
 }
 
diff --git a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
index fa4ac9ffc..46ee2cb7f 100755
--- a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
+++ b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
@@ -155,13 +155,15 @@ if [ "$(uci -q get firewall.ttl)" = "" ]; then
 	uci -q batch <<-EOF >/dev/null
 		set firewall.ttl=include
 		set firewall.ttl.path=/etc/firewall.ttl
+		set firewall.ttl.type='script'
+		set firewall.ttl.fw4_compatible='1'
 		commit firewall
 	EOF
 fi
 if [ "$(uci -q get firewall.upnp)" = "" ]; then
 	uci -q batch <<-EOF >/dev/null
 		set firewall.upnp=include
-		set firewall.upnp.path='/etc/firewall.ttl'
+		set firewall.upnp.path='/etc/firewall.upnp'
 		set firewall.upnp.type='script'
 		set firewall.upnp.fw4_compatible='1'
 		commit firewall

From 9fc63c1efbe01160122cf41dafdbc976bff4b621 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Tue, 29 Oct 2024 09:35:20 +0100
Subject: [PATCH 4/6] Force nptd

---
 openmptcprouter/files/etc/ntpd.d/force_ntp.conf | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 openmptcprouter/files/etc/ntpd.d/force_ntp.conf

diff --git a/openmptcprouter/files/etc/ntpd.d/force_ntp.conf b/openmptcprouter/files/etc/ntpd.d/force_ntp.conf
new file mode 100644
index 000000000..4fc930b92
--- /dev/null
+++ b/openmptcprouter/files/etc/ntpd.d/force_ntp.conf
@@ -0,0 +1 @@
+tinker panic 0
\ No newline at end of file

From b0c5e22d34a1cbfb6056a3333280bb949e112bea Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Tue, 29 Oct 2024 09:36:29 +0100
Subject: [PATCH 5/6] Add a common proxy-post-tracking.d directory for all
 proxy

---
 omr-tracker/files/bin/omr-tracker-ss    | 29 ++++++++++++++++--------
 omr-tracker/files/bin/omr-tracker-v2ray | 29 ++++++++++++++++--------
 omr-tracker/files/bin/omr-tracker-xray  | 30 ++++++++++++++++---------
 3 files changed, 60 insertions(+), 28 deletions(-)

diff --git a/omr-tracker/files/bin/omr-tracker-ss b/omr-tracker/files/bin/omr-tracker-ss
index e56748f7f..5079968a9 100755
--- a/omr-tracker/files/bin/omr-tracker-ss
+++ b/omr-tracker/files/bin/omr-tracker-ss
@@ -22,15 +22,26 @@ _log() {
 }
 
 _post_tracking() {
-	[ ! -d /usr/share/omr/ss-post-tracking.d ] && return
-	for tracker_bin in /usr/share/omr/ss-post-tracking.d/*; do
-		[ -x "$tracker_bin" ] && (
-			_log() {
-				logger -t "ss-post-tracking-${tracker_bin##*/}" "$*"
-			}
-			. "$tracker_bin" 2>&1
-		)
-	done
+	[ -d /usr/share/omr/ss-post-tracking.d ] && {
+		for tracker_bin in /usr/share/omr/ss-post-tracking.d/*; do
+			[ -x "$tracker_bin" ] && (
+				_log() {
+					logger -t "ss-post-tracking-${tracker_bin##*/}" "$*"
+				}
+				. "$tracker_bin" 2>&1
+			)
+		done
+	}
+	[ -d /usr/share/omr/proxy-post-tracking.d ] && {
+		for tracker_bin in /usr/share/omr/proxy-post-tracking.d/*; do
+			[ -x "$tracker_bin" ] && (
+				_log() {
+					logger -t "proxy-post-tracking-${tracker_bin##*/}" "$*"
+				}
+				. "$tracker_bin" 2>&1
+			)
+		done
+	}
 }
 
 _ping_server() {
diff --git a/omr-tracker/files/bin/omr-tracker-v2ray b/omr-tracker/files/bin/omr-tracker-v2ray
index ad07829f2..97babefe6 100755
--- a/omr-tracker/files/bin/omr-tracker-v2ray
+++ b/omr-tracker/files/bin/omr-tracker-v2ray
@@ -20,15 +20,26 @@ _log() {
 }
 
 _post_tracking() {
-	[ ! -d /usr/share/omr/v2ray-post-tracking.d ] && return
-	for tracker_bin in /usr/share/omr/v2ray-post-tracking.d/*; do
-		[ -x "$tracker_bin" ] && (
-			_log() {
-				logger -t "v2ray-post-tracking-${tracker_bin##*/}" "$*"
-			}
-			. "$tracker_bin" 2>&1
-		)
-	done
+	[ -d /usr/share/omr/v2ray-post-tracking.d ] && {
+		for tracker_bin in /usr/share/omr/v2ray-post-tracking.d/*; do
+			[ -x "$tracker_bin" ] && (
+				_log() {
+					logger -t "v2ray-post-tracking-${tracker_bin##*/}" "$*"
+				}
+				. "$tracker_bin" 2>&1
+			)
+		done
+	}
+	[ -d /usr/share/omr/proxy-post-tracking.d ] && {
+		for tracker_bin in /usr/share/omr/proxy-post-tracking.d/*; do
+			[ -x "$tracker_bin" ] && (
+				_log() {
+					logger -t "proxy-post-tracking-${tracker_bin##*/}" "$*"
+				}
+				. "$tracker_bin" 2>&1
+			)
+		done
+	}
 }
 
 _ping_server() {
diff --git a/omr-tracker/files/bin/omr-tracker-xray b/omr-tracker/files/bin/omr-tracker-xray
index 83b5d82c2..76781ba24 100755
--- a/omr-tracker/files/bin/omr-tracker-xray
+++ b/omr-tracker/files/bin/omr-tracker-xray
@@ -19,18 +19,28 @@ _log() {
 }
 
 _post_tracking() {
-	[ ! -d /usr/share/omr/xray-post-tracking.d ] && return
-	for tracker_bin in /usr/share/omr/xray-post-tracking.d/*; do
-		[ -x "$tracker_bin" ] && (
-			_log() {
-				logger -t "xray-post-tracking-${tracker_bin##*/}" "$*"
-			}
-			. "$tracker_bin" 2>&1
-		)
-	done
+	[ -d /usr/share/omr/xray-post-tracking.d ] && {
+		for tracker_bin in /usr/share/omr/xray-post-tracking.d/*; do
+			[ -x "$tracker_bin" ] && (
+				_log() {
+					logger -t "xray-post-tracking-${tracker_bin##*/}" "$*"
+				}
+				. "$tracker_bin" 2>&1
+			)
+		done
+	}
+	[ -d /usr/share/omr/proxy-post-tracking.d ] && {
+		for tracker_bin in /usr/share/omr/proxy-post-tracking.d/*; do
+			[ -x "$tracker_bin" ] && (
+				_log() {
+					logger -t "proxy-post-tracking-${tracker_bin##*/}" "$*"
+				}
+				. "$tracker_bin" 2>&1
+			)
+		done
+	}
 }
 
-
 _ping_server() {
 	local host=$1
 	ret=$(ping \

From 8eb8b22a568e5c5f4b0e405e3117cc1496e20941 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Tue, 29 Oct 2024 09:53:24 +0100
Subject: [PATCH 6/6] Add Proxy/VPN status report via Led

---
 .../resources/view/system/led-trigger/proxy.js | 18 ++++++++++++++++++
 .../resources/view/system/led-trigger/vpn.js   | 18 ++++++++++++++++++
 2 files changed, 36 insertions(+)
 create mode 100644 luci-app-openmptcprouter/htdocs/luci-static/resources/view/system/led-trigger/proxy.js
 create mode 100644 luci-app-openmptcprouter/htdocs/luci-static/resources/view/system/led-trigger/vpn.js

diff --git a/luci-app-openmptcprouter/htdocs/luci-static/resources/view/system/led-trigger/proxy.js b/luci-app-openmptcprouter/htdocs/luci-static/resources/view/system/led-trigger/proxy.js
new file mode 100644
index 000000000..d7b9300b6
--- /dev/null
+++ b/luci-app-openmptcprouter/htdocs/luci-static/resources/view/system/led-trigger/proxy.js
@@ -0,0 +1,18 @@
+'use strict';
+'require baseclass';
+'require form';
+
+return baseclass.extend({
+	trigger: _('Proxy status (service: proxy)'),
+	kernel: false,
+	addFormOptions: function(s){
+		var o;
+
+		o = s.option(form.ListValue, 'proxy_status', _('Proxy Status'));
+		o.rmempty = true;
+		o.modalonly = true;
+		o.value('up', _('Up'));
+		o.value('down', _('Down'));
+		o.depends('trigger','proxy');
+	}
+});
diff --git a/luci-app-openmptcprouter/htdocs/luci-static/resources/view/system/led-trigger/vpn.js b/luci-app-openmptcprouter/htdocs/luci-static/resources/view/system/led-trigger/vpn.js
new file mode 100644
index 000000000..85f28a8a2
--- /dev/null
+++ b/luci-app-openmptcprouter/htdocs/luci-static/resources/view/system/led-trigger/vpn.js
@@ -0,0 +1,18 @@
+'use strict';
+'require baseclass';
+'require form';
+
+return baseclass.extend({
+	trigger: _('VPN status (service: vpn)'),
+	kernel: false,
+	addFormOptions: function(s){
+		var o;
+
+		o = s.option(form.ListValue, 'vpn_status', _('VPN Status'));
+		o.rmempty = true;
+		o.modalonly = true;
+		o.value('up', _('Up'));
+		o.value('down', _('Down'));
+		o.depends('trigger','vpn');
+	}
+});