From 36351e8548c3cf4878ecab2a97c4ded3d3f0b041 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Sat, 16 Jan 2021 08:14:09 +0100 Subject: [PATCH] Make omr-tracker compatible with WAN IPv6 --- .../share/omr/post-tracking.d/post-tracking | 383 +++++++++++++++++- omr-tracker/files/bin/omr-tracker | 115 ++++++ omr-tracker/files/etc/init.d/omr-tracker | 9 +- .../files/etc/init.d/openmptcprouter-vps | 48 ++- .../files/etc/uci-defaults/1980-omr-firewall | 13 + 5 files changed, 546 insertions(+), 22 deletions(-) diff --git a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking index 0acb30236..ca23f14cd 100755 --- a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking +++ b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking @@ -1,5 +1,5 @@ - SETROUTE=false + set_route() { local multipath_config_route interface_gw interface_if INTERFACE=$1 @@ -33,6 +33,39 @@ set_route() { fi } +set_route6() { + local multipath_config_route interface_gw interface_if + INTERFACE=$1 + PREVINTERFACE=$2 + SETDEFAULT=$3 + [ -z "$SETDEFAULT" ] && SETDEFAULT="yes" + multipath_config_route=$(uci -q get openmptcprouter.$INTERFACE.multipath) + [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$INTERFACE.multipath || echo "off") + [ "$(uci -q get openmptcprouter.$INTERFACE.multipathvpn)" = "1" ] && multipath_config_route="$(uci -q get openmptcprouter.ovpn${INTERFACE}.multipath || echo "off")" + interface_if=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + interface_up=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["up"]') + [ -z "$interface_if" ] && interface_if=$(ifstatus "${INTERFACE}_4" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + [ -z "$interface_if" ] && interface_if=$(uci -q get network.$INTERFACE.ifname) + interface_current_config=$(uci -q get openmptcprouter.$INTERFACE.state || echo "up") + if [ "$multipath_config_route" != "off" ] && [ "$SETROUTE" != true ] && [ "$INTERFACE" != "$PREVINTERFACE" ] && [ "$interface_current_config" = "up" ] && [ "$interface_up" = "true" ]; then + interface_gw="$(uci -q get network.$INTERFACE.gateway)" + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n") + fi + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.route[@.target="::"].nexthop' | tr -d "\n") + fi + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.${INTERFACE}_6 status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n") + fi + if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ] && [ -n "$(echo $interface_gw | grep :)" ]; then + [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "$PREVINTERFACE down. Replace default route by $interface_gw dev $interface_if" + [ "$SETDEFAULT" = "yes" ] && ip -6 route replace default scope global nexthop via $interface_gw dev $interface_if + ip -6 route replace default via $interface_gw dev $interface_if table 991337 && SETROUTE=true + fi + fi +} + set_server_default_route() { local server=$1 local serverip multipath_config_route @@ -52,6 +85,25 @@ set_server_default_route() { fi } +set_server_default_route6() { + local server=$1 + local serverip multipath_config_route + config_get serverip $server ip + [ -n "$serverip" ] && serverip="$(resolveip -6 -t 5 $serverip | head -n 1 | tr -d '\n')" + config_get disabled $server disabled + [ "$disabled" = "1" ] && return + multipath_config_route=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath) + [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath || echo "off") + [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipathvpn)" = "1" ] && multipath_config_route="$(uci -q get openmptcprouter.ovpn${OMR_TRACKER_INTERFACE}.multipath || echo "off")" + if [ "$serverip" != "" ] && [ "$OMR_TRACKER_DEVICE_GATEWAY6" != "" ] && [ "$(ip -6 route show dev $OMR_TRACKER_DEVICE metric 1 | grep $serverip | grep $OMR_TRACKER_DEVICE_GATEWAY6)" = "" ] && [ "$multipath_config_route" != "off" ]; then + [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "Set server $server ($serverip) default route via $OMR_TRACKER_DEVICE_GATEWAY6" + if [ "$(ip -6 r show $serverip | grep nexthop)" != "" ]; then + ip -6 r delete $serverip >/dev/null 2>&1 + fi + ip -6 route replace $serverip via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE metric 1 + fi +} + delete_server_default_route() { local server=$1 local serverip @@ -65,6 +117,19 @@ delete_server_default_route() { fi } +delete_server_default_route6() { + local server=$1 + local serverip + config_get serverip $server ip + [ -n "$serverip" ] && serverip="$(resolveip -6 -t 5 $serverip | head -n 1 | tr -d '\n')" + config_get disabled $server disabled + [ "$disabled" = "1" ] && return + if [ "$serverip" != "" ] && [ "$(ip -6 route show $serverip metric 1)" != "" ]; then + [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "Delete server ($serverip) default route" + ip -6 route del $serverip metric 1 >/dev/null 2>&1 + fi +} + set_routes_intf() { local multipath_config_route local INTERFACE=$1 @@ -89,7 +154,7 @@ set_routes_intf() { interface_gw=$(ubus call network.interface.${INTERFACE}_4 status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") fi #if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ] && [ "$(ip route show $serverip | grep $interface_if)" = "" ]; then - if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ]; then + if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ] && [ -n "$(echo $interface_gw | grep :)" ]; then if [ "$multipath_config_route" = "master" ]; then weight=10 else @@ -114,6 +179,55 @@ set_routes_intf() { fi } +set_routes_intf6() { + local multipath_config_route + local INTERFACE=$1 + multipath_config_route=$(uci -q get openmptcprouter.$INTERFACE.multipath) + [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$INTERFACE.multipath || echo "off") + [ "$(uci -q get openmptcprouter.$INTERFACE.multipathvpn)" = "1" ] && multipath_config_route="$(uci -q get openmptcprouter.ovpn${INTERFACE}.multipath || echo 'off')" + interface_if=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + [ -z "$interface_if" ] && interface_if=$(ifstatus "${INTERFACE}_6" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + [ -z "$interface_if" ] && interface_if=$(uci -q get network.$INTERFACE.ifname) + interface_up=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["up"]') + #multipath_current_config=$(multipath $interface_if | grep 'deactivated') + interface_current_config=$(uci -q get openmptcprouter.$INTERFACE.state || echo "up") + if [ "$multipath_config_route" != "off" ] && [ "$interface_current_config" = "up" ] && [ "$interface_if" != "" ] && [ "$interface_up" = "true" ]; then + interface_gw="$(uci -q get network.$INTERFACE.gateway)" + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n") + fi + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.route[@.target="::"].nexthop' | tr -d "\n") + fi + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.${INTERFACE}_6 status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n") + fi + #if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ] && [ "$(ip -6 route show $serverip | grep $interface_if)" = "" ]; then + if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ] && [ -n "$(echo $interface_gw | grep :)" ]; then + if [ "$multipath_config_route" = "master" ]; then + weight=10 + else + weight=1 + fi + if [ "$multipath_config_route" = "backup" ]; then + nbintfb=$((nbintfb+1)) + if [ -z "$routesintfbackup6" ]; then + routesintfbackup6="nexthop via $interface_gw dev $interface_if weight $weight" + else + routesintfbackup6="$routesintfbackup6 nexthop via $interface_gw dev $interface_if weight $weight" + fi + else + nbintf=$((nbintf+1)) + if [ -z "$routesintf6" ]; then + routesintf6="nexthop via $interface_gw dev $interface_if weight $weight" + else + routesintf6="$routesintf6 nexthop via $interface_gw dev $interface_if weight $weight" + fi + fi + fi + fi +} + set_route_balancing() { local multipath_config_route interface_gw interface_if INTERFACE=$1 @@ -157,6 +271,49 @@ set_route_balancing() { fi } +set_route_balancing6() { + local multipath_config_route interface_gw interface_if + INTERFACE=$1 + multipath_config_route=$(uci -q get openmptcprouter.$INTERFACE.multipath) + [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$INTERFACE.multipath || echo "off") + [ "$(uci -q get openmptcprouter.$INTERFACE.multipathvpn)" = "1" ] && multipath_config_route="$(uci -q get openmptcprouter.ovpn${INTERFACE}.multipath || echo 'off')" + interface_if=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + [ -z "$interface_if" ] && interface_if=$(ifstatus "${INTERFACE}_4" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + [ -z "$interface_if" ] && interface_if=$(uci -q get network.$INTERFACE.ifname) + interface_up=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["up"]') + interface_current_config=$(uci -q get openmptcprouter.$INTERFACE.state || echo "up") + if [ "$multipath_config_route" != "off" ] && [ "$interface_current_config" = "up" ] && [ "$interface_up" = "true" ]; then + interface_gw="$(uci -q get network.$INTERFACE.gateway)" + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n") + fi + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.route[@.target="::"].nexthop' | tr -d "\n") + fi + if [ -z "$interface_gw" ]; then + interface_gw=$(ubus call network.interface.${INTERFACE}_6 status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n") + fi + if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ] && [ -n "$(echo $interface_gw | grep :)" ]; then + if [ "$(uci -q get network.$INTERFACE.weight)" != "" ]; then + weight=$(uci -q get network.$INTERFACE.weight) + elif [ "$(uci -q get openmtpcprouter.$INTERFACE.weight)" != "" ]; then + weight=$(uci -q get openmtpcprouter.$INTERFACE.weight) + elif [ "$multipath_config_route" = "master" ]; then + weight=2 + else + weight=1 + fi + if [ "$multipath_config_route" = "backup" ]; then + nbintfb=$((nbintfb+1)) + routesbalancingbackup6="$routesbalancingbackup6 nexthop via $interface_gw dev $interface_if weight $weight" + else + nbintf=$((nbintf+1)) + routesbalancing6="$routesbalancing6 nexthop via $interface_gw dev $interface_if weight $weight" + fi + fi + fi +} + set_server_all_routes() { local server=$1 local serverip multipath_config_route @@ -195,6 +352,44 @@ set_server_all_routes() { fi } +set_server_all_routes6() { + local server=$1 + local serverip multipath_config_route + config_get serverip $server ip + [ -n "$serverip" ] && serverip="$(resolveip -6 -t 5 $serverip | head -n 1 | tr -d '\n')" + config_get disabled $server disabled + [ "$disabled" = "1" ] && return + interface_if=$(uci -q get network.$OMR_TRACKER_INTERFACE.ifname) + [ -z "$interface_if" ] && interface_if=$(ifstatus "$OMR_TRACKER_INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + [ -z "$interface_if" ] && interface_if=$(ifstatus "${OMR_TRACKER_INTERFACE}_6" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + interface_up=$(ifstatus "$OMR_TRACKER_INTERFACE" 2>/dev/null | jsonfilter -q -e '@["up"]') + multipath_config_route=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath || echo "off") + [ "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath || echo 'off') + [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipathvpn)" = "1" ] && multipath_config_route="$(uci -q get openmptcprouter.ovpn${OMR_TRACKER_INTERFACE}.multipath || echo "off")" + if [ "$serverip" != "" ] && [ "$OMR_TRACKER_DEVICE_GATEWAY6" != "" ] && [ "$multipath_config_route" != "off" ] && [ "$interface_up" = "true" ]; then + routesintf="" + routesintfbackup="" + nbintf=0 + nbintfb=0 + config_load network + config_foreach set_routes_intf interface + uintf="$(echo $routesintf | awk '{print $5}')" + uintfb="$(echo $routesintfbackup | awk '{print $5}')" + if [ -n "$routesintf" ] && ([ "$nbintf" -gt "1" ] && [ "$(ip -6 r show $serverip metric 0 | tr -d '\t' | tr -d '\n')" != "$serverip $routesintf " ]) || ([ "$nbintf" = "1" ] && [ "$(ip -6 r show $serverip metric 0 | grep $uintf)" = "" ]); then + while [ "$(ip -6 r show $serverip | grep -v nexthop | sed 's/ //g' | tr -d '\n')" != "$serverip" ] && [ "$(ip -6 r show $serverip | grep -v nexthop | sed 's/ //g' | tr -d '\n')" != "" ]; do + ip -6 r del $serverip + done + [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "Set server $server ($serverip) default route $serverip $routesintf" + ip -6 route replace $serverip scope global $routesintf + [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "New server route is $(ip -6 r show $serverip metric 0 | tr -d '\t' | tr -d '\n')" + fi + if [ -n "$routesintfbackup" ] && ([ "$nbintfb" -gt "1" ] && [ "$(ip -6 r show $serverip metric 999 | tr -d '\t' | tr -d '\n')" != "$serverip $routesintfbackup " ]) || ([ "$nbintfb" = "1" ] && [ "$(ip -6 r show $serverip metric 999 | grep $uintfb)" = "" ]); then + [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "Set server $server ($serverip) backup default route $serverip $routesintfbackup nbintfb $nbintfb $OMR_TRACKER_DEVICE" + ip -6 route replace $serverip scope global metric 999 $routesintfbackup + fi + fi +} + set_server_route() { @@ -225,6 +420,34 @@ set_server_route() { fi } +set_server_route6() { + local server=$1 + local serverip multipath_config_route + config_get serverip $server ip + [ -n "$serverip" ] && serverip="$(resolveip -6 -t 5 $serverip | head -n 1 | tr -d '\n')" + config_get disabled $server disabled + [ "$disabled" = "1" ] && return + local metric=$2 + [ -z "$metric" ] && metric=$(uci -q get network.$OMR_TRACKER_INTERFACE.metric) + multipath_config_route=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath) + [ "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath || echo "off") + [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipathvpn)" = "1" ] && multipath_config_route="$(uci -q get openmptcprouter.ovpn${OMR_TRACKER_INTERFACE}.multipath || echo "off")" + interface_if=$(uci -q get network.$OMR_TRACKER_INTERFACE.ifname) + [ -z "$interface_if" ] && interface_if=$(ifstatus "$OMR_TRACKER_INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + [ -z "$interface_if" ] && interface_if=$(ifstatus "${OMR_TRACKER_INTERFACE}_6" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') + interface_up=$(ifstatus "$OMR_TRACKER_INTERFACE" 2>/dev/null | jsonfilter -q -e '@["up"]') + #multipath_current_config=$(multipath $interface_if | grep "deactivated") + interface_current_config=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.state || echo "up") + #if [ "$serverip" != "" ] && [ "$OMR_TRACKER_DEVICE_GATEWAY6" != "" ] && [ "$(ip -6 route show dev $OMR_TRACKER_DEVICE metric $metric | grep $serverip | grep $OMR_TRACKER_DEVICE_GATEWAY)" = "" ] && [ "$multipath_config_route" != "off" ] && [ "$multipath_current_config" = "" ]; then + if [ "$serverip" != "" ] && [ "$OMR_TRACKER_DEVICE_GATEWAY6" != "" ] && [ "$(ip -6 route show dev $OMR_TRACKER_DEVICE metric $metric | grep $serverip | grep $OMR_TRACKER_DEVICE_GATEWAY6)" = "" ] && [ "$multipath_config_route" != "off" ] && [ "$interface_current_config" = "up" ] && [ "$interface_up" = "true" ]; then + [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "Set server $server ($serverip) route via $OMR_TRACKER_DEVICE_GATEWAY metric $metric" + ip -6 route replace $serverip via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE metric $metric + fi + if [ "$OMR_TRACKER_DEVICE_GATEWAY6" != "" ] && [ "$(ip -6 route show dev $OMR_TRACKER_DEVICE metric $metric | grep default | grep $OMR_TRACKER_DEVICE_GATEWAY6)" = "" ] && [ "$multipath_config_route" != "off" ] && [ "$interface_current_config" = "up" ] && [ "$interface_up" = "true" ]; then + ip -6 route replace default via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE metric $metric + fi +} + del_server_route() { local server=$1 local serverip @@ -242,6 +465,23 @@ del_server_route() { fi } +del_server_route6() { + local server=$1 + local serverip + config_get serverip $server ip + [ -n "$serverip" ] && serverip="$(resolveip -6 -t 5 $serverip | head -n 1 | tr -d '\n')" + [ -n "$serverip" ] && _log "Delete default route via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE" + local metric + metric=$(uci -q get network.$OMR_TRACKER_INTERFACE.metric) + ip route del $serverip dev $OMR_TRACKER_DEVICE metric $metric >/dev/null 2>&1 + ip route del $serverip dev $OMR_TRACKER_DEVICE >/dev/null 2>&1 + if [ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ]; then + ip -6 route del default via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE >/dev/null 2>&1 + else + ip -6 route del default dev $OMR_TRACKER_DEVICE >/dev/null 2>&1 + fi +} + disable_pihole() { local server=$1 if [ -n "$(uci -q get dhcp.@dnsmasq[0].server | grep '#53' | grep '10.2')" ]; then @@ -288,6 +528,7 @@ if [ -d "/sys/class/net/$OMR_TRACKER_DEVICE" ]; then fi default_gw=$(ip route show default | grep -v "metric" | awk '/default/ {print $3}') +default_gw6=$(ip -6 route show default | grep -v "metric" | awk '/default/ {print $3}') #current_interface_gw=$(uci -q get "network.$OMR_TRACKER_INTERFACE.gateway") interface_up=$(ifstatus "$OMR_TRACKER_INTERFACE" 2>/dev/null | jsonfilter -q -e '@["up"]') @@ -320,6 +561,9 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ] || [ "$interface_up" != "true" ]; then if [ -n "$OMR_TRACKER_DEVICE_IP" ]; then glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set down > /dev/null 2>&1 fi + if [ -n "$OMR_TRACKER_DEVICE_IP6" ]; then + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP6 dev tun0 set down > /dev/null 2>&1 + fi if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.vpn)" = "1" ]; then VPN_BASE_INTF="$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.baseintf)" VPN_BASE_INTF_IP=$(ubus call network.interface.$VPN_BASE_INTF status | jsonfilter -e '@["ipv4-address"][0].address' | tr -d "\n") @@ -331,18 +575,22 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ] || [ "$interface_up" != "true" ]; then fi config_load openmptcprouter config_foreach del_server_route server + config_foreach del_server_route6 server #if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ] && [ "$(uci -q get openmptcprouter.settings.vpn)" != "mlvpn" ]; then if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ]; then config_foreach set_server_all_routes server + config_foreach set_server_all_routes6 server fi fi - if ([ "$default_gw" = "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$default_gw" = "" ]) && [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then + if ([ "$default_gw" = "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$default_gw" = "" ] || [ "$default_gw6" != "$OMR_TRACKER_DEVICE_GATEWAY6" ]) && [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then config_load network config_foreach set_route interface $OMR_TRACKER_INTERFACE + config_foreach set_route6 interface $OMR_TRACKER_INTERFACE elif [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath)" = "master" ]; then config_load network config_foreach set_route interface $OMR_TRACKER_INTERFACE "no" + config_foreach set_route6 interface $OMR_TRACKER_INTERFACE "no" fi mail_alert="$(uci -q get omr-tracker.$OMR_TRACKER_INTERFACE.mail_alert)" [ -z "$mail_alert" ] && mail_alert="$(uci -q get omr-tracker.defaults.mail_alert)" @@ -370,6 +618,7 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ] || [ "$interface_up" != "true" ]; then if [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then config_load network config_foreach set_route interface $OMR_TRACKER_INTERFACE + config_foreach set_route6 interface $OMR_TRACKER_INTERFACE fi if [ "$(uci -q get openmptcprouter.settings.shadowsocksudp)" = "1" ] && [ "$(uci -q get shadowsocks-libev.sss0.disabled)" != "1" ] && [ "$(uci -q get openmptcprouter.omr.shadowsocks)" = "up" ] && [ "$(uci -q get shadowsocks-libev.ss_rules.redir_udp)" = "" ] && [ "$(uci -q get shadowsocks-libev.hi2.mode)" = "tcp_and_udp" ] && [ "$(uci -q get shadowsocks-libev.sss0.obfs)" != "1" ]; then _log "Tunnel down use ShadowSocks for UDP" @@ -400,6 +649,7 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ] || [ "$interface_up" != "true" ]; then #if [ "$(uci -q get openmptcprouter.settings.master)" != "balancing" ] || [ "$(uci -q get openmptcprouter.settings.vpn)" = "mlvpn" ]; then if [ "$(uci -q get openmptcprouter.settings.master)" != "balancing" ]; then config_foreach set_server_default_route server + config_foreach set_server_default_route6 server fi fi dns_flush @@ -525,6 +775,20 @@ if [ "$multipath_config" = "master" ]; then config_foreach set_server_default_route server fi fi + if ([ "$default_gw6" != "$OMR_TRACKER_DEVICE_GATEWAY6" ] || [ "$default_gw6" = "" ]) && [ "$OMR_TRACKER_DEVICE_GATEWAY6" != "" ] && [ "$(uci -q get openmptcprouter.settings.master)" != "balancing" ]; then + omrvpn_intf=$(uci -q get "network.omrvpn.ifname" || echo "tun") + if [ -n "$omrvpn_intf" ] && [ "$(ip route show default | awk '/default/ {print $5}' | grep $omrvpn_intf)" = "" ] && [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then + _log "Master up : Replace default route by $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE" + ip -6 route replace default scope global nexthop via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE + fi + config_load openmptcprouter + #if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ]; then + # config_foreach set_server_all_routes server + if [ "$(uci -q get openmptcprouter.settings.master)" != "failover" ]; then + config_foreach set_server_default_route server + config_foreach set_server_default_route6 server + fi + fi #if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ] && [ "$(ip route show default | grep weight)" = "" ] && [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ] && [ "$(uci -q get openmptcprouter.settings.vpn)" != "mlvpn" ]; then if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ] && [ "$(ip route show default | grep weight)" = "" ] && [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then omrvpn_intf=$(uci -q get "network.omrvpn.ifname" || echo "tun") @@ -534,10 +798,17 @@ if [ "$multipath_config" = "master" ]; then nbintf=0 config_load network config_foreach set_route_balancing interface + config_foreach set_route_balancing6 interface [ -n "$routesbalancing" ] && { ([ "$nbintf" -gt "1" ] && [ "$(ip r show default metric 0 | tr -d '\t' | tr -d '\n')" != "default via $routesbalancing " ]) || ([ "$nbintf" = "1" ] && [ "$(ip r show default metric 0 | grep $OMR_TRACKER_DEVICE)" = "" ]) && { _log "Set ip route replace default scope global $routesbalancing" - ip route replace default scope global $routesbalancing + ip route replace default scope global metric 0 $routesbalancing + } + } + [ -n "$routesbalancing6" ] && { + ([ "$nbintf" -gt "1" ] && [ "$(ip -6 r show default metric 1 | tr -d '\t' | tr -d '\n')" != "default via $routesbalancing6 " ]) || ([ "$nbintf" = "1" ] && [ "$(ip -6 r show default metric 1 | grep $OMR_TRACKER_DEVICE)" = "" ]) && { + _log "Set ip -6 route replace default scope global metric 1 $routesbalancing6" + ip -6 route replace default scope global metric 1 $routesbalancing6 } } [ -n "$routesbalancingbackup" ] && { @@ -546,11 +817,20 @@ if [ "$multipath_config" = "master" ]; then ip route replace default scope global metric 999 $routesbalancingbackup } } + [ -n "$routesbalancingbackup6" ] && { + ([ "$nbintf" -gt "1" ] && [ "$(ip -6 r show default metric 999 | tr -d '\t' | tr -d '\n')" != "default via $routesbalancingbackup6 " ]) || ([ "$nbintf" = "1" ] && [ "$(ip -6 r show default metric 999 | grep $OMR_TRACKER_DEVICE)" = "" ]) && { + _log "Set backup ip -6 route replace default scope global $routesbalancingbackup6" + ip -6 route replace default scope global metric 999 $routesbalancingbackup6 + } + } fi fi if [ -n "$OMR_TRACKER_DEVICE_GATEWAY" ] && [ -n "$OMR_TRACKER_DEVICE" ] && [ "$(ip r show table 991337)" != "default via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE " ]; then ip route replace default via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE table 991337 fi + if [ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ] && [ -n "$OMR_TRACKER_DEVICE" ] && [ "$(ip -6 r show table 991337)" != "default via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE " ]; then + ip -6 route replace default via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE table 991337 + fi if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($(date +"%s") + $((10 + RANDOM % 31)) - $(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc))) -gt 3600 ] || [ "$(uci -q show openmptcprouter | grep get_config=\'1\')" != "" ] || [ "$(uci -q show openmptcprouter | grep admin_error=\'1\')" != "" ]; then /etc/init.d/openmptcprouter-vps restart >/dev/null 2>&1 fi @@ -566,6 +846,15 @@ if [ -n "$OMR_TRACKER_DEVICE_IP" ] && [ -n "$OMR_TRACKER_DEVICE_GATEWAY" ]; then config_foreach set_server_route server fi fi +if [ -n "$OMR_TRACKER_DEVICE_IP6" ] && [ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ]; then + config_load openmptcprouter + #if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ] && [ "$(uci -q get openmptcprouter.settings.vpn)" != "mlvpn" ]; then + if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ]; then + config_foreach set_server_all_routes6 server + elif [ "$(uci -q get openmptcprouter.settings.master)" != "failover" ]; then + config_foreach set_server_route6 server + fi +fi if [ "$multipath_config" = "on" ] || [ "$multipath_config" = "backup" ]; then download="$(uci -q get network.$OMR_TRACKER_INTERFACE.downloadspeed)" @@ -577,18 +866,33 @@ if [ "$multipath_config" = "on" ] || [ "$multipath_config" = "backup" ]; then fi gtudpst="up" [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipathvpn)" != "1" ] && [ "$multipath_config" = "backup" ] && [ "$(pgrep glorytun-udp)" != "" ] && gtudpst="backup" - if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.vpn)" != "1" ] && [ "$(pgrep glorytun-udp)" != "" ] && [ "$(glorytun-udp path | grep $OMR_TRACKER_DEVICE_IP)" = "" ]; then + if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.vpn)" != "1" ] && [ "$(pgrep glorytun-udp)" != "" ] && [ "$(glorytun-udp path | grep $OMR_TRACKER_DEVICE_IP)" = "" ] && [ "$OMR_TRACKER_DEVICE_IP" != "" ]; then if [ "$download" != "0" ] && [ "$download" != "" ] && [ "$upload" != "0" ] && [ "$upload" != "" ]; then if [ "$(uci -q get glorytun-udp.vpn.rateauto)" = "1" ]; then - glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set up rate pref 1 auto tx $((upload*1000/8)) rx $((download*1000/8)) > /dev/null 2>&1 + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set up rate auto tx $((upload*1000/8)) rx $((download*1000/8)) pref 1 > /dev/null 2>&1 else - glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set up rate pref 1 fixed tx $((upload*1000/8)) rx $((download*1000/8)) > /dev/null 2>&1 + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set up rate fixed tx $((upload*1000/8)) rx $((download*1000/8)) pref 1 > /dev/null 2>&1 fi else if [ "$(uci -q get glorytun-udp.vpn.rateauto)" = "1" ]; then - glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set up pref 1 rate auto tx 12500000 rx 12500000 > /dev/null 2>&1 + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set up rate auto tx 12500000 rx 12500000 pref 1 > /dev/null 2>&1 else - glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set up pref 1 rate fixed tx 12500000 rx 12500000 > /dev/null 2>&1 + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP dev tun0 set up rate fixed tx 12500000 rx 12500000 pref 1 > /dev/null 2>&1 + fi + fi + fi + if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.vpn)" != "1" ] && [ "$(pgrep glorytun-udp)" != "" ] && [ "$(glorytun-udp path | grep $OMR_TRACKER_DEVICE_IP6)" = "" ] && [ "$OMR_TRACKER_DEVICE_IP6" != "" ]; then + if [ "$download" != "0" ] && [ "$download" != "" ] && [ "$upload" != "0" ] && [ "$upload" != "" ]; then + if [ "$(uci -q get glorytun-udp.vpn.rateauto)" = "1" ]; then + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP6 dev tun0 set up rate auto tx $((upload*1000/8)) rx $((download*1000/8)) pref 1 > /dev/null 2>&1 + else + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP6 dev tun0 set up rate fixed tx $((upload*1000/8)) rx $((download*1000/8)) pref 1 > /dev/null 2>&1 + fi + else + if [ "$(uci -q get glorytun-udp.vpn.rateauto)" = "1" ]; then + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP6 dev tun0 set up rate auto tx 12500000 rx 12500000 pref 1 > /dev/null 2>&1 + else + glorytun-udp path addr $OMR_TRACKER_DEVICE_IP6 dev tun0 set up rate fixed tx 12500000 rx 12500000 pref 1 > /dev/null 2>&1 fi fi fi @@ -612,6 +916,7 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($( [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "Get status and settings for $OMR_TRACKER_INTERFACE..." if [ "$(uci -q get openmptcprouter.settings.external_check)" != "0" ] && [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.vpn)" != "1" ]; then local ipaddr="$(omr-ip-intf $OMR_TRACKER_DEVICE)" + local ip6addr="$(omr-ip6-intf $OMR_TRACKER_DEVICE)" else uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.lc=$(date +"%s") uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state="up" @@ -641,10 +946,10 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($( # fi #fi if [ "$(uci -q get openmptcprouter.settings.external_check)" != "0" ]; then - local asn="$(wget -4 -qO- -T 4 http://api.iptoasn.com/v1/as/ip/$ipaddr | jsonfilter -q -e '@.as_description')" - [ -z "$asn" ] && { - asn="$(whois $ipaddr 2>/dev/null | grep -m 1 -i 'netname' | awk '{print $2}')" - } + #local asn="$(wget -4 -qO- -T 4 http://api.iptoasn.com/v1/as/ip/$ipaddr | jsonfilter -q -e '@.as_description')" + #[ -z "$asn" ] && { + local asn="$(whois $ipaddr 2>/dev/null | grep -m 1 -i 'netname' | awk '{print $2}')" + #} fi [ -z "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE)" ] && { uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE=interface @@ -694,6 +999,58 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($( uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state='up' uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.lc=$(date +"%s") } + [ -n "$ip6addr" ] && { + if [ "$(uci -q get openmptcprouter.settings.external_check)" != "0" ]; then + local asn="$(whois $ip6addr 2>/dev/null | grep -m 1 -i 'netname' | awk '{print $2}')" + fi + [ -z "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE)" ] && { + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE=interface + } + if [ "$(uci -q get openmptcprouter.latest_versions.lc)" = "" ] || [ $(($(date +"%s") - $(uci -q get openmptcprouter.latest_versions.lc))) -gt 3600 ]; then + local latestversions="$(curl -6 -s -m 3 https://www.openmptcprouter.com/version/version.json)" + [ -n "$latestversions" ] && { + uci -q set openmptcprouter.latest_versions=latest_versions + uci -q set openmptcprouter.latest_versions.omr=$(echo $latestversions | jsonfilter -q -e '@.omr') + uci -q set openmptcprouter.latest_versions.vps=$(echo $latestversions | jsonfilter -q -e '@.vps') + uci -q set openmptcprouter.latest_versions.lc=$(date +"%s") + } + fi + local serverip=$(uci -q get shadowsocks-libev.sss0.server) + [ -n "$serverip" ] && [ "$serverip" != "127.0.0.1" ] && [ "$(pgrep tracebox)" = "" ] && [ "$(uci -q get openmptcprouter.settings.tracebox)" != "0" ] && { + omrtracebox="$(omr-tracebox-mptcp $serverip $OMR_TRACKER_DEVICE)" + [ -n "$omrtracebox" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mptcp_status="$omrtracebox" + } + [ -n "$ipaddr" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.publicip6="$ip6addr" + [ -n "$OMR_TRACKER_LATENCY" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.latency="$OMR_TRACKER_LATENCY" + [ -n "$asn" ] && { + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.asn="$asn" + } + if [ "$OMR_TRACKER_INTERFACE" != "omrvpn" ] && [ "$(uci -q get glorytun.vpn.enable)" != "1" ] && [ "$(uci -q get glorytun-udp.vpn.enable)" != "1" ]; then + if [ -n "$(uci -q get network.$OMR_TRACKER_INTERFACE.mtu)" ]; then + mtu=$(uci -q get network.$OMR_TRACKER_INTERFACE.mtu) + [ -n "$mtu" ] && { + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mtu=$mtu + ip link set dev $OMR_TRACKER_DEVICE mtu $mtu > /dev/null 2>&1 + } + else + [ -n "$serverip" ] && [ "$serverip" != "127.0.0.1" ] && { + local mtu=$(omr-mtu $OMR_TRACKER_DEVICE_IP $serverip) + [ -n "$mtu" ] && { + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mtu=$mtu + ip link set dev $OMR_TRACKER_DEVICE mtu $mtu > /dev/null 2>&1 + } + } || { + local mtu=$(omr-mtu $OMR_TRACKER_DEVICE_IP 1.1.1.1) + [ -n "$mtu" ] && { + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mtu=$mtu + ip link set dev $OMR_TRACKER_DEVICE mtu $mtu > /dev/null 2>&1 + } + } + fi + fi + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state='up' + uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.lc=$(date +"%s") + } if [ "$(uci -q get shadowsocks-libev.sss0.server)" != "" ] && [ "$(uci -q get openmptcprouter.settings.external_check)" = "0" ]; then if ping -c 1 $(uci -q get shadowsocks-libev.sss0.server) 2>&1 >/dev/null; then uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.lc=$(date +"%s") diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker index 2e7b3d96a..637c27019 100755 --- a/omr-tracker/files/bin/omr-tracker +++ b/omr-tracker/files/bin/omr-tracker @@ -5,6 +5,7 @@ [ -n "$1" ] || exit . /lib/functions.sh +. /usr/lib/unbound/iptools.sh # retrieve args OMR_TRACKER_INTERFACE="$1" @@ -13,16 +14,20 @@ shift # export vars export OMR_TRACKER_INTERFACE export OMR_TRACKER_HOST +export OMR_TRACKER_HOST6 export OMR_TRACKER_TIMEOUT export OMR_TRACKER_STATUS export OMR_TRACKER_STATUS_MSG export OMR_TRACKER_PREV_STATUS export OMR_TRACKER_DEVICE export OMR_TRACKER_DEVICE_IP +export OMR_TRACKER_DEVICE_IP6 export OMR_TRACKER_DEVICE_GATEWAY +export OMR_TRACKER_DEVICE_GATEWAY6 dscp=56 # set DSCP CS7 (56) in outgoing packets initial_hosts="$OMR_TRACKER_HOSTS" +initial_hosts6="$OMR_TRACKER_HOSTS6" initial_timeout="$OMR_TRACKER_TIMEOUT" wait_test=${OMR_TRACKER_WAIT_TEST:-0} @@ -59,10 +64,15 @@ _update_rto() { _restart() { OMR_TRACKER_HOST="${OMR_TRACKER_HOSTS%% *}" + OMR_TRACKER_HOST6="${OMR_TRACKER_HOSTS6%% *}" [ "$OMR_TRACKER_HOST" = "$OMR_TRACKER_HOSTS" ] || { OMR_TRACKER_HOSTS="${OMR_TRACKER_HOSTS#* } $OMR_TRACKER_HOST" _init_rto } + [ "$OMR_TRACKER_HOST6" = "$OMR_TRACKER_HOSTS6" ] || { + OMR_TRACKER_HOSTS6="${OMR_TRACKER_HOSTS6#* } $OMR_TRACKER_HOST6" + _init_rto + } } _post_tracking() { @@ -170,12 +180,14 @@ OMR_TRACKER_PREV_STATUS="" while true; do # setup tracker variables OMR_TRACKER_DEVICE_IP= + OMR_TRACKER_DEVICE_IP6= OMR_TRACKER_STATUS="ERROR" OMR_TRACKER_STATUS_MSG="" OMR_TRACKER_LATENCY= #OMR_TRACKER_TIMEOUT=$((rto / 1000 + (rto % 1000 ? 1 : 0))) OMR_TRACKER_LIST_HOSTS="" OMR_TRACKER_DEVICE_GATEWAY= + OMR_TRACKER_DEVICE_GATEWAY6= serverip_ping=false if [ -d "/sys/class/net/$OMR_TRACKER_DEVICE" ]; then @@ -185,6 +197,10 @@ while true; do if [ -z "$OMR_TRACKER_DEVICE_IP" ]; then OMR_TRACKER_DEVICE_IP=$(ip -4 addr show dev "$OMR_TRACKER_DEVICE" | grep -m 1 inet | awk '{print $2}' | cut -d'/' -s -f1) fi + #OMR_TRACKER_DEVICE_IP6=$(ip -6 -br addr ls dev "$OMR_TRACKER_DEVICE" | awk -F'[ /]+' '{print $3}') + #if [ -z "$OMR_TRACKER_DEVICE_IP6" ]; then + OMR_TRACKER_DEVICE_IP6=$(ip -6 addr show dev "$OMR_TRACKER_DEVICE" | grep -v 'inet6 f' | grep -m 1 inet | awk '{print $2}' | cut -d'/' -s -f1) + #fi #OMR_TRACKER_DEVICE_IP=$(ubus call network.interface.$OMR_TRACKER_INTERFACE status | jsonfilter -e '@["ipv4-address"][0].address' | tr -d "\n") #if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then # OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep -v default | awk '/proto static/ {print $1}' | tr -d "\n") @@ -219,6 +235,15 @@ while true; do if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep kernel | awk '/proto kernel/ {print $1}' | tr -d "\n") fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY6" ]; then + OMR_TRACKER_DEVICE_GATEWAY6=$(uci -q get "network.$OMR_TRACKER_INTERFACE.ip6gw") + fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY6" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY6" = "::" ]; then + OMR_TRACKER_DEVICE_GATEWAY6=$(ubus call network.interface.${OMR_TRACKER_INTERFACE} status 2>/dev/null | jsonfilter -q -l 1 -e "@.inactive.route[@.source=\"${OMR_TRACKER_DEVICE_IP6}\"].nexthop" | tr -d "\n") + fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY6" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY6" = "::" ]; then + OMR_TRACKER_DEVICE_GATEWAY6=$(ubus call network.interface.$OMR_TRACKER_INTERFACE status | jsonfilter -q -l 1 -e '@.route[@.target="::"].nexthop' | tr -d "\n") + fi # execute specific tracker if [ -n "$OMR_TRACKER_DEVICE_IP" ] && [ -n "$OMR_TRACKER_DEVICE_GATEWAY" ]; then @@ -304,6 +329,89 @@ while true; do sleep "$OMR_TRACKER_INTERVAL_TRIES" done fi + if [ -n "$OMR_TRACKER_DEVICE_IP6" ] && [ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ]; then + # setup loop variable + tries="$OMR_TRACKER_TRIES" + # loop until tries attempts have been reached + while [ "$tries" -gt 0 ]; do + #if [ -n "$OMR_TRACKER_DEVICE_ROUTE" ]; then + # _ping "$OMR_TRACKER_DEVICE_ROUTE" "$OMR_TRACKER_DEVICE" "no" + # status=$? + #else + _ping "$OMR_TRACKER_DEVICE_GATEWAY6" "$OMR_TRACKER_DEVICE" "no" + status=$? + #fi + if $(exit $status) && [ "$OMR_TRACKER_TYPE" = "none" ]; then + OMR_TRACKER_STATUS_MSG="" + OMR_TRACKER_STATUS="OK" + break + elif [ "$OMR_TRACKER_TYPE" != "none" ]; then + if ! $(exit $status); then + OMR_TRACKER_STATUS_MSG="gateway6 down" + fi + serverip_ping=false + if [ "$OMR_TRACKER_TYPE" = "ping" ]; then + config_load openmptcprouter + config_foreach _ping_server server $OMR_TRACKER_DEVICE + fi + if [ "$serverip_ping" = false ] && [ -n "$OMR_TRACKER_HOST6" ]; then + OMR_TRACKER_HOST6=$(resolveip -6 -t 5 $OMR_TRACKER_HOST6 | head -n 1 | tr -d "\n") + if [ -n "$OMR_TRACKER_HOST6" ]; then + if [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "3g" ] || [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "qmi" ] || [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "ncm" ]; then + # Check if route is not used + while ! ip -6 route add $OMR_TRACKER_HOST6 via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE src $OMR_TRACKER_DEVICE_IP6 > /dev/null 2>&1 + do + logger -t "omr-tracker" "Can't create route to $OMR_TRACKER_HOST6 via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE src $OMR_TRACKER_DEVICE_IP6. waiting..." + sleep 2 + ip -6 route del "$OMR_TRACKER_HOST6" via "$OMR_TRACKER_DEVICE_GATEWAY6" dev "$OMR_TRACKER_DEVICE" src "$OMR_TRACKER_DEVICE_IP6" > /dev/null 2>&1 + _restart + done + fi + if [ "$OMR_TRACKER_TYPE" = "ping" ]; then + _ping "$OMR_TRACKER_HOST6" "$OMR_TRACKER_DEVICE" "yes" + statusb=$? + elif [ "$OMR_TRACKER_TYPE" = "httping" ]; then + _httping "$OMR_TRACKER_HOST6" "$OMR_TRACKER_DEVICE_IP" "yes" + statusb=$? + elif [ "$OMR_TRACKER_TYPE" = "dns" ]; then + _dns "$OMR_TRACKER_HOST6" "$OMR_TRACKER_DEVICE_IP" "yes" + statusb=$? + fi + ip route del "$OMR_TRACKER_HOST6" via "$OMR_TRACKER_DEVICE_GATEWAY6" dev "$OMR_TRACKER_DEVICE" src "$OMR_TRACKER_DEVICE_IP6" > /dev/null 2>&1 + if $(exit $statusb); then + OMR_TRACKER_STATUS_MSG="" + OMR_TRACKER_STATUS="OK" + break + else + if [ "$OMR_TRACKER_LIST_HOSTS6" = "" ]; then + OMR_TRACKER_LIST_HOSTS="$OMR_TRACKER_HOST6" + else + OMR_TRACKER_LIST_HOSTS6="$OMR_TRACKER_LIST_HOSTS6,$OMR_TRACKER_HOST6" + fi + fi + else + OMR_TRACKER_STATUS_MSG="" + OMR_TRACKER_STATUS="OK" + break + fi + else + OMR_TRACKER_STATUS_MSG="" + OMR_TRACKER_STATUS="OK" + break + fi + elif ! $(exit $status); then + OMR_TRACKER_STATUS_MSG="gateway down" + fi + tries=$((tries - 1)) + #_restart + OMR_TRACKER_HOST6="${OMR_TRACKER_HOSTS6%% *}" + [ "$OMR_TRACKER_HOST6" = "$OMR_TRACKER_HOSTS6" ] || { + OMR_TRACKER_HOSTS6="${OMR_TRACKER_HOSTS6#* } $OMR_TRACKER_HOST6" + } + #OMR_TRACKER_TIMEOUT=$((OMR_TRACKER_TIMEOUT * 2)) + sleep "$OMR_TRACKER_INTERVAL_TRIES" + done + fi else OMR_TRACKER_STATUS_MSG="link down" fi @@ -316,6 +424,13 @@ while true; do OMR_TRACKER_STATUS_MSG="$OMR_TRACKER_STATUS_MSG and $OMR_TRACKER_TYPE from $OMR_TRACKER_DEVICE_IP error ($OMR_TRACKER_LIST_HOSTS)" fi fi + if [ "$OMR_TRACKER_LIST_HOSTS6" != "" ]; then + if [ "$OMR_TRACKER_STATUS_MSG" = "" ]; then + OMR_TRACKER_STATUS_MSG="$OMR_TRACKER_TYPE from $OMR_TRACKER_DEVICE_IP error ($OMR_TRACKER_LIST_HOSTS6)" + else + OMR_TRACKER_STATUS_MSG="$OMR_TRACKER_STATUS_MSG and $OMR_TRACKER_TYPE from $OMR_TRACKER_DEVICE_IP error ($OMR_TRACKER_LIST_HOSTS6)" + fi + fi #[ "$OMR_TRACKER_HOSTS" = "$initial_hosts" ] || [ "$OMR_TRACKER_STATUS" = "OK" ] && _post_tracking #[ "$OMR_TRACKER_STATUS" = "ERROR" ] && _restart diff --git a/omr-tracker/files/etc/init.d/omr-tracker b/omr-tracker/files/etc/init.d/omr-tracker index 3612c57ee..d5965fe1f 100755 --- a/omr-tracker/files/etc/init.d/omr-tracker +++ b/omr-tracker/files/etc/init.d/omr-tracker @@ -11,12 +11,15 @@ USE_PROCD=1 } +. /usr/lib/unbound/iptools.sh + _validate_section() { - local tmp_hosts=$hosts tmp_timeout=$timeout tmp_tries=$tries + local tmp_hosts=$hosts tmp_hosts6=$hosts6 tmp_timeout=$timeout tmp_tries=$tries local tmp_interval=$interval tmp_interval_tries=$interval_tries tmp_options=$options tmp_type=$type tmp_enabled=$enabled tmp_wait_test=$wait_test uci_validate_section omr-tracker "$1" "$2" \ 'hosts:list(host)' \ + 'hosts6:list(host6)' \ 'timeout:uinteger' \ 'tries:uinteger' \ 'interval:uinteger' \ @@ -27,6 +30,7 @@ _validate_section() { 'options:string' [ -z "$hosts" ] && hosts=$tmp_hosts + [ -z "$hosts6" ] && hosts6=$tmp_hosts6 [ -z "$timeout" ] && timeout=$tmp_timeout [ -z "$tries" ] && tries=$tmp_tries [ -z "$interval" ] && interval=$tmp_interval @@ -42,7 +46,7 @@ _launch_tracker() { loopback|lan*|if0*) return;; esac - local hosts timeout tries interval interval_tries options type enabled wait_test + local hosts hosts6 timeout tries interval interval_tries options type enabled wait_test _validate_section "defaults" "defaults" _validate_section "interface" "$1" @@ -65,6 +69,7 @@ _launch_tracker() { # shellcheck disable=SC2086 procd_set_param command /bin/omr-tracker "$1" $options procd_append_param env "OMR_TRACKER_HOSTS=$hosts" + procd_append_param env "OMR_TRACKER_HOSTS6=$hosts6" procd_append_param env "OMR_TRACKER_TIMEOUT=$timeout" procd_append_param env "OMR_TRACKER_TRIES=$tries" procd_append_param env "OMR_TRACKER_INTERVAL=$interval" diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index 0ec6b55de..3c5ca2aaf 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -8,6 +8,8 @@ USE_PROCD=1 EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key" +. /usr/lib/unbound/iptools.sh + _parse_result() { result=$("echo $1 | jsonfilter -q -e '@.result'") echo $result @@ -22,7 +24,13 @@ _login() { serverport="$(uci -q get openmptcprouter.${servername}.port)" if [ -z "$token" ]; then #auth=`curl --max-time 10 -s -k -H "Content-Type: application/json" -X POST -d '{"username":"'$username'","password":"'$password'"}' https://$server:$serverport/login` - auth=`curl --max-time 10 -s -k -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -X POST -d 'username='$username'&password='$password https://$server:$serverport/token` + resolve="$(resolveip $server)" + valid_ip6=$(valid_subnet6 $server) + if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then + auth=`curl --max-time 10 -s -k -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -X POST -d 'username='$username'&password='$password https://$server:$serverport/token` + else + auth=`curl --max-time 10 -s -k -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -X POST -d 'username='$username'&password='$password https://[$server]:$serverport/token` + fi [ -z "$auth" ] && return token="$(echo "$auth" | jsonfilter -q -e '@.access_token')" uci -q set openmptcprouter.${servername}.token="$token" @@ -41,7 +49,13 @@ _get_json() { route=$1 [ -z "$token" ] && _login [ -n "$token" ] && { - result=`curl --max-time 10 -s -k -H "accept: application/json" -H "Authorization: Bearer $token" https://$server:$serverport/$route` + resolve="$(resolveip $server)" + valid_ip6=$(valid_subnet6 $server) + if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then + result=`curl --max-time 10 -s -k -H "accept: application/json" -H "Authorization: Bearer $token" https://$server:$serverport/$route` + else + result=`curl --max-time 10 -s -k -H "accept: application/json" -H "Authorization: Bearer $token" https://[$server]:$serverport/$route` + fi echo $result } || { echo '' @@ -54,7 +68,13 @@ _set_json() { settings="$2" [ -z "$token" ] && _login [ -n "$token" ] && { - result=`curl --max-time 10 -s -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$settings" https://$server:$serverport/$route` + resolve="$(resolveip $server)" + valid_ip6=$(valid_subnet6 $server) + if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then + result=`curl --max-time 10 -s -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$settings" https://$server:$serverport/$route` + else + result=`curl --max-time 10 -s -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$settings" https://[$server]:$serverport/$route` + fi echo $result } || { echo '' @@ -449,6 +469,7 @@ _get_gre_tunnel() { set network.omrip${i}gre.defaultroute='0' set network.omrip${i}gre.multipath='off' set network.omrip${i}gre.peerdns='0' + set network.omrip${i}gre.ttl='255' set network.omrip${i}gre.ip4table='vpn' set network.omrip${i}gre.peeraddr="$publicaddr" set network.omrip${i}gre.ipaddr="$vpnip_local" @@ -1453,7 +1474,7 @@ _backup_send() { EOF return } - sysupgrade -b /tmp/backup.tar.gz + sysupgrade -k -b /tmp/backup.tar.gz backup_data="$(cat /tmp/backup.tar.gz | base64 | tr -d '\n')" backup_sha256sum="$(sha256sum /tmp/backup.tar.gz | awk '{print $1}')" [ -n "$backup_data" ] && { @@ -1574,10 +1595,20 @@ _config_service() { fi port="$(uci -q get openmptcprouter.${servername}.port)" server="$(uci -q get openmptcprouter.${servername}.ip)" - if [ "$(curl -k -m 3 https://${server}:${port}/)" = "" ]; then - reason="$reason, no server API answer" + resolve="$(resolveip $server)" + valid_ip6=$(valid_subnet6 $server) + if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then + if [ "$(curl -k -m 3 https://${server}:${port}/)" = "" ]; then + reason="$reason, no server API answer" + else + reason="$reason, server API answer" + fi else - reason="$reason, server API answer" + if [ "$(curl -k -m 3 https://[${server}]:${port}/)" = "" ]; then + reason="$reason, no server API answer" + else + reason="$reason, server API answer" + fi fi if [ "$(uci -q get openmptcprouter.${servername}.username)" != "openmptcprouter" ]; then reason="$reason, custom username" @@ -1706,6 +1737,9 @@ start_service() { uci -q batch <<-EOF >/dev/null commit openmptcprouter EOF + if [ "$(ps w | grep sysupgrade)" = "" ]; then + /etc/init.d/sysupgrade restart + fi } service_triggers() { diff --git a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall index e6f918796..204cb92f3 100755 --- a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall +++ b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall @@ -151,6 +151,19 @@ if [ "$(uci -q get firewall.blockquicproxy)" = "" ]; then EOF fi +if [ "$(uci -q get firewall.allowicmpipv6)" = "" ]; then + uci -q batch <<-EOF >/dev/null + set firewall.allowicmpipv6=rule + set firewall.allowicmpipv6.proto='icmp' + set firewall.allowicmpipv6.target='ACCEPT' + set firewall.allowicmpipv6.src='wan' + set firewall.allowicmpipv6.name='Allow IPv6 ICMP' + set firewall.allowicmpipv6.family='ipv6' + set firewall.allowicmpipv6.icmp_type='neighbour-advertisement neighbour-solicitation router-advertisement router-solicitation' + commit firewall + EOF +fi + # Fix firewall config from some old config allintf=$(uci -q get firewall.@zone[1].network) uci -q del firewall.@zone[1].network