From c184f30c1076ed88845585917a1b2456e8723413 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 18 Jan 2024 10:03:46 +0100 Subject: [PATCH 1/7] Delete old dnsmasq ipset when using dscp nft --- omr-dscp/files/etc/init.d/omr-dscp-nft | 3 ++- openmptcprouter/files/etc/uci-defaults/0000-omr-update | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/omr-dscp/files/etc/init.d/omr-dscp-nft b/omr-dscp/files/etc/init.d/omr-dscp-nft index bf764b6e9..c67af2b02 100755 --- a/omr-dscp/files/etc/init.d/omr-dscp-nft +++ b/omr-dscp/files/etc/init.d/omr-dscp-nft @@ -21,7 +21,7 @@ config_get lan_device lan ifname _add_dscp_domain() { domain=""; config_get domain "$1" name "" class=""; config_get class "$1" class "" - [ -n "$domain" ] && [ -n "$class" ] && [ -z "$(uci -q get dhcp.omr_dscp-$class.domain | grep $domain)" ] && { + [ -n "$domain" ] && [ -n "$class" ] && [ -z "$(uci -q get dhcp.omr_dscp_$class.domain | grep $domain)" ] && { uci -q batch <<-EOF add_list dhcp.omr_dscp_$class.domain="$domain" commit dhcp @@ -146,6 +146,7 @@ _setup_tunnel() { } _cleanup() { + uci -q del dhcp.@dnsmasq[0].ipset config_load dhcp config_foreach _remove_ipset_dnsmasq config_load firewall diff --git a/openmptcprouter/files/etc/uci-defaults/0000-omr-update b/openmptcprouter/files/etc/uci-defaults/0000-omr-update index 03f36123e..b3a1b70b0 100755 --- a/openmptcprouter/files/etc/uci-defaults/0000-omr-update +++ b/openmptcprouter/files/etc/uci-defaults/0000-omr-update @@ -3,6 +3,7 @@ cd /etc/uci-defaults || exit 0 # Keep dnsmasq ipset with old method rm -f /etc/uci-defaults/50-dnsmasq-migrate-ipset.sh +uci -q del dhcp.@dnsmasq[0].ipset source /etc/os-release From 4da4487376cfbc4ee5b03b4ab29c9649373b2d83 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 18 Jan 2024 10:20:35 +0100 Subject: [PATCH 2/7] Fix XRay --- xray-core/Makefile | 4 ++-- xray-core/files/etc/init.d/xray | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/xray-core/Makefile b/xray-core/Makefile index 23f6786c2..262d926d0 100644 --- a/xray-core/Makefile +++ b/xray-core/Makefile @@ -41,7 +41,7 @@ define Package/$(PKG_NAME)-config-nft TITLE+= (init script with nft) endef -define Package/$(PKG_NAME)/description +define Package/$(PKG_NAME)-core/description Xray-core bare bones binary (compiled without cgo) endef @@ -53,7 +53,7 @@ define Package/$(PKG_NAME)-config-nft/description Xray-core init script with nft support endef -define Package/$(PKG_NAME)/config +define Package/$(PKG_NAME)-core/config menu "Xray Configuration" depends on PACKAGE_$(PKG_NAME)-core diff --git a/xray-core/files/etc/init.d/xray b/xray-core/files/etc/init.d/xray index 3fa53a12f..1ad2ff53a 100755 --- a/xray-core/files/etc/init.d/xray +++ b/xray-core/files/etc/init.d/xray @@ -2114,7 +2114,7 @@ start_instance() { fi if [ -z "$xray_file" ] || [ ! -s "$xray_file" ] ; then - _err "Invalid V2Ray file." + _err "Invalid XRay file." return 1 fi From c4ebf454ad61c71154d5e7a2adda7d609e54e4c1 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 18 Jan 2024 14:35:38 +0100 Subject: [PATCH 3/7] Call less often ip command in multipath --- mptcp/files/usr/bin/multipath | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/mptcp/files/usr/bin/multipath b/mptcp/files/usr/bin/multipath index 014c3a8af..1b872182c 100755 --- a/mptcp/files/usr/bin/multipath +++ b/mptcp/files/usr/bin/multipath @@ -132,20 +132,23 @@ if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then printf "0x%02x" $(($(($IFF^$(($IFF&$IFF_MASK))))|$FLAG)) > $FLAG_PATH else # Remove not needed if* interfaces in MPTCP - oldintfs=$(ip mptcp endpoint show | grep "dev if" | awk '{ print $3 }') + endpoint="$(ip mptcp endpoint show)" + [ -z "$endpoint" ] && exit 0 + oldintfs=$(echo "${endpoint}" | grep "dev if" | awk '{ print $3 }') [ -n "$oldintfs" ] && { for oldintf in $oldintfs; do ip mptcp endpoint delete id $oldintf 2>&1 >/dev/null done } - - ID=$(ip mptcp endpoint show | sort | grep "dev $DEVICE " | awk '{print $3}') - IFF=$(ip mptcp endpoint show | sort | grep -m 1 -E "dev $DEVICE " | awk '{print $4}') + endpoint="$(ip mptcp endpoint show)" + [ -z "$endpoint" ] && exit 0 + ID=$(echo "${endpoint}" | sort | grep "dev $DEVICE " | awk '{print $3}') + IFF=$(echo "${endpoint}" | sort | grep -m 1 -E "dev $DEVICE " | awk '{print $4}') #IP=$(ip a show $DEVICE | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p') [ -f /usr/bin/jsonfilter ] && IP=$(ip -j a show $DEVICE | jsonfilter -e '@[0].addr_info[*].local') [ -f /usr/bin/jq ] && IP=$(ip -j a show $DEVICE | jq -r '.[0].addr_info[].local') - [ -z "$ID" ] && [ -n "$IP" ] && ID=$(ip mptcp endpoint show | grep "$IP " | awk '{print $3}') - RMID=$(ip mptcp endpoint show | grep '::ffff' | awk '{ print $3 }') + [ -z "$ID" ] && [ -n "$IP" ] && ID=$(echo "${endpoint}" show | grep "$IP " | awk '{print $3}') + RMID=$(echo "${endpoint}" | grep '::ffff' | awk '{ print $3 }') [ -n "$RMID" ] && ip mptcp endpoint delete id $RMID 2>&1 >/dev/null case $TYPE in "off") From 99e73464825dfc706ba5f9173a784c3474b4e740 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 18 Jan 2024 14:36:29 +0100 Subject: [PATCH 4/7] Fix omr-tracker-server script up/down --- omr-tracker/files/bin/omr-tracker-server | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/omr-tracker/files/bin/omr-tracker-server b/omr-tracker/files/bin/omr-tracker-server index 69c33a78f..f270d86d5 100755 --- a/omr-tracker/files/bin/omr-tracker-server +++ b/omr-tracker/files/bin/omr-tracker-server @@ -174,8 +174,8 @@ _check_master() { echo -e "Subject: $OMR_SYSNAME: Server ${name} (${ip}) is UP\n. The reason is \"$OMR_TRACKER_STATUS_MSG\"." | sendmail $(uci -q get mail.default.to) fi } - script_alert_down="$(uci -q get omr-tracker.proxy.script_alert_up)" - [ -n "$script_alert_down" ] && eval $script_alert_up + script_alert_up="$(uci -q get omr-tracker.proxy.script_alert_up)" + [ -n "$script_alert_up" ] && eval $script_alert_up count=$((count+1)) else logger -t "OMR-Tracker-Server" "Master server ${name} down ($ip)" @@ -317,8 +317,8 @@ _check_backup() { echo -e "Subject: $OMR_SYSNAME: Server ${name} (${ip}) is UP\n. The reason is \"$OMR_TRACKER_STATUS_MSG\"." | sendmail $(uci -q get mail.default.to) fi } - script_alert_down="$(uci -q get omr-tracker.proxy.script_alert_up)" - [ -n "$script_alert_down" ] && eval $script_alert_up + script_alert_up="$(uci -q get omr-tracker.proxy.script_alert_up)" + [ -n "$script_alert_up" ] && eval $script_alert_up count=$((count+1)) else uci -q batch <<-EOF >/dev/null @@ -374,7 +374,6 @@ interval=${OMR_TRACKER_INTERVAL:-10} intervaltries=${OMR_TRACKER_INTERVAL_TRIES:-2} retry=${OMR_TRACKER_TRIES:-4} waittest=${OMR_TRACKER_WAIT_TEST:-0} - while true; do server_ping=false config_load openmptcprouter From b84118d27dd7cca654ff3054c5d47f52b10be279 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 18 Jan 2024 14:36:46 +0100 Subject: [PATCH 5/7] Fix OMR-ByPass check --- omr-bypass/files/etc/init.d/omr-bypass-nft | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/omr-bypass/files/etc/init.d/omr-bypass-nft b/omr-bypass/files/etc/init.d/omr-bypass-nft index 31a2162fc..92dfbf96f 100755 --- a/omr-bypass/files/etc/init.d/omr-bypass-nft +++ b/omr-bypass/files/etc/init.d/omr-bypass-nft @@ -807,6 +807,15 @@ start_service() { #nft insert rule inet fw4 ss_rules_dst_tcp ip daddr @omr_dst_bypass_all accept #nft insert rule inet fw4 ss_rules_local_out ip daddr @omr_dst_bypass_all accept EOF + #config_load shadowsocks-libev + #config_foreach _ss_rules_config ss_rules + ([ "$(uci -q get shadowsocks-libev.sss0.disabled)" != "1" ] || [ "$(uci -q get shadowsocks-rust.sss0.disabled)" != "1" ]) && _ss_rules_config + #config_load shadowsocks-rust + #config_foreach _ss_rules_config ss_rules + [ "$(uci -q get v2ray.main.enabled)" = "1" ] && _v2ray_rules_config + [ "$(uci -q get xray.main.enabled)" = "1" ] && _xray_rules_config + + uci batch <<-EOF set firewall.omr_bypass=include set firewall.omr_bypass.enabled='1' @@ -846,14 +855,6 @@ start_service() { # ip rule add prio 1 fwmark 0x4539 lookup 991337 > /dev/null 2>&1 # ip -6 rule add prio 1 fwmark 0x6539 lookup 6991337 > /dev/null 2>&1 - #config_load shadowsocks-libev - #config_foreach _ss_rules_config ss_rules - ([ "$(uci -q get shadowsocks-libev.sss0.disabled)" != "1" ] || [ "$(uci -q get shadowsocks-rust.sss0.disabled)" != "1" ]) && _ss_rules_config - #config_load shadowsocks-rust - #config_foreach _ss_rules_config ss_rules - [ "$(uci -q get v2ray.main.enabled)" = "1" ] && _v2ray_rules_config - [ "$(uci -q get xray.main.enabled)" = "1" ] && _xray_rules_config - # NDPI Netfilter is not available for nftables $IPTABLESSAVE --counters 2>/dev/null | grep -v omr-bypass-dpi | $IPTABLESRESTORE -w --counters 2>/dev/null $IPTABLESRESTORE -w --wait=60 --noflush <<-EOF From 47547dcc81821e316e6a3fd5af2963c3af2773ab Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 18 Jan 2024 17:23:30 +0100 Subject: [PATCH 6/7] Fix find gateway in omr-tracker in some case --- omr-tracker/files/bin/omr-tracker | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker index 9ab5b40d7..8c11bcc43 100755 --- a/omr-tracker/files/bin/omr-tracker +++ b/omr-tracker/files/bin/omr-tracker @@ -317,7 +317,7 @@ while true; do OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep -m 1 default | awk '/via/ {print $3}' | tr -d "\n") fi if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then - OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | awk '/via/ {print $3}' | tr -d "\n") + OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | awk '/via/ {print $3;exit}' | tr -d "\n") fi fi if ([ "$OMR_TRACKER_IPV6" = "1" ] || [ "$OMR_TRACKER_IPV6" = "auto" ] || [ -z "$OMR_TRACKER_IPV6" ]) && ([ "$OMR_TRACKER_FAMILY" = "ipv6" ] || [ "$OMR_TRACKER_FAMILY" = "ipv4ipv6" ]); then From 766ee12b7da590ae7fdae86d7b69fff7f8156222 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 18 Jan 2024 17:23:54 +0100 Subject: [PATCH 7/7] Fix get gateway in mptcp script --- mptcp/files/etc/init.d/mptcp | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/mptcp/files/etc/init.d/mptcp b/mptcp/files/etc/init.d/mptcp index e2cd16260..4761f7b93 100755 --- a/mptcp/files/etc/init.d/mptcp +++ b/mptcp/files/etc/init.d/mptcp @@ -240,6 +240,9 @@ interface_multipath_settings() { if [ -z "$gateway" ] || [ "$( valid_subnet4 $gateway )" != "ok" ]; then gateway=$(ubus call network.interface.${config}_4 status 2>/dev/null | jsonfilter -q -l 1 -e '@.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") fi + if [ -z "$gateway" ] || [ "$( valid_subnet4 $gateway )" != "ok" ]; then + gateway=$(ip -4 r list dev "$iface" | awk '/via/ {print $3;exit}' | tr -d "\n") + fi if [ -z "$gateway" ] || [ "$( valid_subnet4 $gateway )" != "ok" ]; then gateway=$(traceroute -m1 -i $iface 8.8.8.8 2>/dev/null | awk 'FNR==2{ print $2 }') [ "$gateway" = "*" ] && gateway="" @@ -297,7 +300,7 @@ interface_multipath_settings() { ip route replace $network/$netmask dev $iface scope link table $id $initcwrwnd 2>&1 >/dev/null ip route replace default via $gateway dev $iface table $id $initcwrwnd 2>&1 >/dev/null [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ] && ip route replace default via $gateway dev $iface metric $id $initcwrwnd 2>&1 >/dev/null - ip route flush cache $id 2>&1 >/dev/null + #ip route flush cache $id 2>&1 >/dev/null fi #config_get mode "$config" multipath "" @@ -387,7 +390,7 @@ interface_multipath_settings() { ip -6 route replace $network6/$netmask6 dev $iface scope link table 6$id $initcwrwnd 2>&1 >/dev/null ip -6 route replace default via $gateway6 dev $iface table 6$id $initcwrwnd 2>&1 >/dev/null [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ] && ip -6 route replace default via $gateway6 dev $iface metric 6$id $initcwrwnd 2>&1 >/dev/null - ip -6 route flush cache 6$id 2>&1 >/dev/null + #ip -6 route flush cache 6$id 2>&1 >/dev/null fi #config_get mode "$config" multipath "off" @@ -528,14 +531,14 @@ start_service() { #config_foreach remove route6 #config_foreach remove rule #config_foreach remove rule6 - [ -z "$intf" ] && [ -n "$(uci -q get network.@route[-1])" ] && { - # logger -t "MPTCP" "Flush main table" - # ip route flush table main - # ip -6 route flush table main - logger -t "MPTCP" "Flush route cache" - ip route flush cache - ip -6 route flush cache - } + #[ -z "$intf" ] && [ -n "$(uci -q get network.@route[-1])" ] && { + ## logger -t "MPTCP" "Flush main table" + ## ip route flush table main + ## ip -6 route flush table main + # logger -t "MPTCP" "Flush route cache" + # ip route flush cache + # ip -6 route flush cache + #} if [ "$(uci -q get network.globals.mptcp_disable_initial_config)" != "1" ]; then config_foreach interface_multipath_settings interface $intf config_foreach add_route route