diff --git a/luci-app-shadowsocks-rust/htdocs/luci-static/resources/shadowsocks-rust.js b/luci-app-shadowsocks-rust/htdocs/luci-static/resources/shadowsocks-rust.js index 0e4c4e071..4e6d12605 100644 --- a/luci-app-shadowsocks-rust/htdocs/luci-static/resources/shadowsocks-rust.js +++ b/luci-app-shadowsocks-rust/htdocs/luci-static/resources/shadowsocks-rust.js @@ -28,6 +28,7 @@ var names_options_common = [ 'mode', 'mtu', 'timeout', + 'keep_alive', 'user', 'mptcp', ]; @@ -157,6 +158,8 @@ return L.Class.extend({ o.datatype = 'uinteger'; o = s.taboption(tab, form.Value, 'timeout', _('Timeout (sec)')); o.datatype = 'uinteger'; + o = s.taboption(tab, form.Value, 'keep_alive', _('Keep Alive (sec)')); + o.datatype = 'uinteger'; s.taboption(tab, form.Value, 'user', _('Run as')); s.taboption(tab, form.Flag, 'verbose', _('Verbose')); diff --git a/ndpi-netfilter2/Makefile b/ndpi-netfilter2/Makefile index 249859718..6990f3bdf 100644 --- a/ndpi-netfilter2/Makefile +++ b/ndpi-netfilter2/Makefile @@ -83,7 +83,7 @@ define KernelPackage/ipt-ndpi TITLE:= nDPI net netfilter module # DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +kmod-ipt-compat-xtables +libpcap @(LINUX_5_4||LINUX_5_15||TARGET_x86_64) # DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +kmod-ipt-compat-xtables +libpcap @(LINUX_5_4||LINUX_5_15) @!TARGET_ramips - DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +(LINUX_5_4||LINUX_6_1):kmod-ipt-compat-xtables +libpcap @!TARGET_ramips @!LINUX_6_6 @!LINUX_6_10 @!LINUX_6_11 + DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +(LINUX_5_4||LINUX_6_1):kmod-ipt-compat-xtables +libpcap @!TARGET_ramips @!LINUX_6_6 @!LINUX_6_10 @!LINUX_6_11 @!LINUX_6_12 # DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +kmod-ipt-compat-xtables +libpcap KCONFIG:=CONFIG_NF_CONNTRACK_LABELS=y \ CONFIG_NETFILTER_XT_MATCH_CONNLABEL=y diff --git a/omr-bypass/files/etc/init.d/omr-bypass-nft b/omr-bypass/files/etc/init.d/omr-bypass-nft index 0e8baebd1..a922412b0 100755 --- a/omr-bypass/files/etc/init.d/omr-bypass-nft +++ b/omr-bypass/files/etc/init.d/omr-bypass-nft @@ -62,10 +62,12 @@ _bypass_ip() { uci -q add_list firewall.omr_dst_bypass_${type}_4.entry="$ip" uci -q set firewall.omr_dst_bypass_${type}_4.enabled='1' uci -q set firewall.omr_dst_bypass_${type}_dstip_4.enabled='1' + uci -q set firewall.omr_dst_bypass_${type}_dstip_4_accept.enabled='1' elif [ "$valid_ip6" = "ok" ]; then uci -q add_list firewall.omr_dst_bypass_${type}_6.entry="$ip" uci -q set firewall.omr_dst_bypass_${type}_6.enabled='1' uci -q set firewall.omr_dst_bypass_${type}_dstip_6.enabled='1' + uci -q set firewall.omr_dst_bypass_${type}_dstip_6_accept.enabled='1' fi } diff --git a/omr-tracker/files/usr/share/omr/post-tracking.d/003-up b/omr-tracker/files/usr/share/omr/post-tracking.d/003-up index d46388efe..379ce9173 100755 --- a/omr-tracker/files/usr/share/omr/post-tracking.d/003-up +++ b/omr-tracker/files/usr/share/omr/post-tracking.d/003-up @@ -11,7 +11,7 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ]; then exit 0 fi -if [ "$OMR_TRACKER_PREV_STATUS" = "$OMR_TRACKER_STATUS" ] && [ -n "$OMR_TRACKER_INTERFACE" ] && [ "$OMR_TRACKER_PREV_DEVICE_IP" = "$OMR_TRACKER_DEVICE_IP" ] && [ "$OMR_TRACKER_PREV_DEVICE_IP6" = "$OMR_TRACKER_DEVICE_IP6" ]; then +if [ "$OMR_TRACKER_PREV_STATUS" = "$OMR_TRACKER_STATUS" ] && [ -n "$OMR_TRACKER_INTERFACE" ] && [ "$OMR_TRACKER_PREV_DEVICE_IP" = "$OMR_TRACKER_DEVICE_IP" ] && [ "$OMR_TRACKER_PREV_DEVICE_IP6" = "$OMR_TRACKER_DEVICE_IP6" ] && (([ -n "$OMR_TRACKER_DEVICE_GATEWAY" ] && [ -n "$(ip r show table 991337)" ]) || ([ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ] && [ -n "$(ip -6 r show table 6991337)" ])); then exit 0 fi @@ -115,7 +115,7 @@ set_route6() { if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ] && [ -n "$(echo $interface_gw | grep ':')" ]; then [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && _log "$PREVINTERFACE down. Replace default route by $interface_gw dev $interface_if" [ "$SETDEFAULT" = "yes" ] && [ "$(uci -q openmptcprouter.settings.defaultgw)" != "0" ] && ip -6 route replace default scope metric 1 global nexthop via $interface_gw dev $interface_if >/dev/null 2>&1 - ip -6 route replace default via $interface_gw dev $interface_if table 991337 >/dev/null 2>&1 && SETROUTE=true + ip -6 route replace default via $interface_gw dev $interface_if table 6991337 >/dev/null 2>&1 && SETROUTE=true fi fi } @@ -947,7 +947,7 @@ if [ "$multipath_config" = "master" ]; then ip route replace default via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE table 991337 $initcwrwnd >/dev/null 2>&1 #ip route flush cache >/dev/null 2>&1 fi - if [ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ] && [ -n "$OMR_TRACKER_DEVICE" ] && [ "$(ip -6 r show table 991337)" != "default via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE " ]; then + if [ -n "$OMR_TRACKER_DEVICE_GATEWAY6" ] && [ -n "$OMR_TRACKER_DEVICE" ] && [ "$(ip -6 r show table 6991337)" != "default via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE " ]; then ip -6 route replace default via $OMR_TRACKER_DEVICE_GATEWAY6 dev $OMR_TRACKER_DEVICE table 6991337 $initcwrwnd >/dev/null 2>&1 #ip -6 route flush cache >/dev/null 2>&1 fi diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index 64562ea41..72c1e0844 100644 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -93,7 +93,7 @@ MY_DEPENDS := \ (LINUX_5_4&&(TARGET_x86_64||TARGET_aarch64)):kmod-tcp-bbr2 \ TARGET_x86_64:kmod-atlantic \ !(LINUX_5_4||LINUX_6_1||TARGET_ramips||TARGET_ipq806x):mptcp-bpf-burst !(LINUX_5_4||LINUX_6_1||TARGET_ramips||TARGET_ipq806x):mptcp-bpf-first !(LINUX_5_4||LINUX_6_1||TARGET_ramips||TARGET_ipq806x):mptcp-bpf-red !(LINUX_5_4||LINUX_6_1||TARGET_ramips||TARGET_ipq806x):mptcp-bpf-rr !(LINUX_5_4||LINUX_6_1||TARGET_ramips||TARGET_ipq806x):bpftool-full \ - !(LINUX_6_10||LINUX_6_11||LINUX_6_12):kmod-ovpn-dco-v2 lspci + !(LINUX_6_10||LINUX_6_11||LINUX_6_12):kmod-ovpn-dco-v2 lspci TARGET_rockchip:kmod-r8125 # !TARGET_ipq40xx:kmod-rt2800-usb (TARGET_x86||TARGET_x86_64):kmod-iwlwifi (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl1000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl100 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl105 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl135 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl2000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl2030 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl3160 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl3168 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl5000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl5150 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2a (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2b (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6050 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7260 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7265 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7265d (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl8260c (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl8265 \ # !TARGET_ipq40xx:kmod-rtl8xxxu !TARGET_ipq40xx:kmod-rtl8192cu !TARGET_ipq40xx:kmod-net-rtl8192su !LINUX_6_1:kmod-rtl8812au-ct (TARGET_x86||TARGET_x86_64):kmod-r8169 (TARGET_x86||TARGET_x86_64):kmod-8139too (TARGET_x86||TARGET_x86_64):kmod-r8125 !TARGET_ipq40xx:kmod-rtl8187 kmod-rtl8xxxu (TARGET_x86||TARGET_x86_64):rtl8192eu-firmware diff --git a/openmptcprouter/files/etc/uci-defaults/1930-omr-shadowsocks b/openmptcprouter/files/etc/uci-defaults/1930-omr-shadowsocks index 7ddcc4e57..437ede096 100755 --- a/openmptcprouter/files/etc/uci-defaults/1930-omr-shadowsocks +++ b/openmptcprouter/files/etc/uci-defaults/1930-omr-shadowsocks @@ -116,6 +116,17 @@ if [ "$(uci -q get shadowsocks-libev.sss1)" = "" ]; then commit shadowsocks-libev EOF fi +if [ -z "$(uci -q get shadowsocks-rust.hi1.keep_alive)" ]; then + uci -q batch <<-EOF > /dev/null + set shadowsocks-rust.hi1.keep_alive=15 + set shadowsocks-rust.hi1.no_delay=1 + set shadowsocks-rust.hi1.fast_open=1 + set shadowsocks-rust.hi2.keep_alive=15 + set shadowsocks-rust.hi2.no_delay=1 + set shadowsocks-rust.hi2.fast_open=1 + commit shadowsocks-rust + EOF +fi rm -f /tmp/luci-indexcache exit 0 diff --git a/ovpn-dco/Makefile b/ovpn-dco/Makefile index d41d0b8e3..f474495d5 100644 --- a/ovpn-dco/Makefile +++ b/ovpn-dco/Makefile @@ -1,6 +1,6 @@ # # Copyright (C) 2021 Jianhui Zhao -# Copyright (C) 2023 Yannick Chabanois (Ycarus) for OpenMPTCProuter +# Copyright (C) 2023-2024 Yannick Chabanois (Ycarus) for OpenMPTCProuter # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -27,7 +27,7 @@ include $(INCLUDE_DIR)/package.mk define KernelPackage/ovpn-dco-v2 SUBMENU:=Network Support TITLE:=OpenVPN data channel offload - DEPENDS:=+kmod-crypto-aead +kmod-udptunnel4 +IPV6:kmod-udptunnel6 + DEPENDS:=+kmod-crypto-aead +kmod-udptunnel4 +IPV6:kmod-udptunnel6 @!LINUX_6_12 FILES:=$(PKG_BUILD_DIR)/drivers/net/ovpn-dco/ovpn-dco-v2.ko AUTOLOAD:=$(call AutoLoad,30,ovpn-dco-v2) endef diff --git a/shadowsocks-rust/files/shadowsocks-rust.config b/shadowsocks-rust/files/shadowsocks-rust.config index 47a10cfc4..498783762 100644 --- a/shadowsocks-rust/files/shadowsocks-rust.config +++ b/shadowsocks-rust/files/shadowsocks-rust.config @@ -4,13 +4,14 @@ config ss_redir hi1 option local_port '1100' option mode 'tcp_and_udp' option timeout '1000' - option fast_open 0 + option keep_alive '15' + option fast_open 1 option verbose 0 option syslog 1 option reuse_port 0 option mptcp 1 option ipv6_first 1 - option no_delay 0 + option no_delay 1 config ss_redir hi2 option server 'sss1' @@ -18,13 +19,14 @@ config ss_redir hi2 option local_port '1101' option mode 'tcp_and_udp' option timeout '1000' - option fast_open 0 + option keep_alive '15' + option fast_open 1 option verbose 0 option syslog 1 option reuse_port 0 option mptcp 1 option ipv6_first 1 - option no_delay 0 + option no_delay 1 config ss_rules 'ss_rules' option disabled 0 @@ -63,6 +65,7 @@ config ss_local 'tracker_sss0' option local_port '1111' option mode 'tcp_and_udp' option timeout '600' + option keep_alive '15' option fast_open '0' option syslog '0' option reuse_port '1' diff --git a/shadowsocks-rust/files/shadowsocks-rust.init-nft b/shadowsocks-rust/files/shadowsocks-rust.init-nft index 34b761aef..9add4eddd 100755 --- a/shadowsocks-rust/files/shadowsocks-rust.init-nft +++ b/shadowsocks-rust/files/shadowsocks-rust.init-nft @@ -87,6 +87,7 @@ ss_xxx() { [ -z "$mode" ] || json_add_string mode "$mode" [ -z "$mtu" ] || json_add_int mtu "$mtu" [ -z "$timeout" ] || json_add_int timeout "$timeout" + [ -z "$keep_alive" ] || json_add_int keep_alive "$keep_alive" [ -z "$user" ] || json_add_string user "$user" [ -z "$acl" ] || json_add_string acl "$acl" json_dump -i >"$confjson" @@ -369,6 +370,7 @@ validate_common_options_() { 'mode:or("tcp_only", "udp_only", "tcp_and_udp"):tcp_only' \ 'mtu:uinteger' \ 'timeout:uinteger' \ + 'keep_alive:uinteger' \ 'user:string' } diff --git a/xtables-addons/patches/302-fix-build-with-linux-6.12.patch b/xtables-addons/patches/302-fix-build-with-linux-6.12.patch new file mode 100644 index 000000000..020003dcc --- /dev/null +++ b/xtables-addons/patches/302-fix-build-with-linux-6.12.patch @@ -0,0 +1,14 @@ +--- a/extensions/xt_ipp2p.c 2024-10-08 14:14:40.759989875 +0200 ++++ b/extensions/xt_ipp2p.c 2024-10-08 14:16:04.042851316 +0200 +@@ -6,7 +6,11 @@ + #include + #include + #include ++#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 11, 0) + #include ++#else ++#include ++#endif + #include "xt_ipp2p.h" + #include "compat_xtables.h" +