mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
Merge branch 'develop'
This commit is contained in:
suyuan
commit
55640786a2
201 changed files with 36233 additions and 4723 deletions
35
openmptcprouter/files/bin/omr-speedtest
Executable file
35
openmptcprouter/files/bin/omr-speedtest
Executable file
|
|
@ -0,0 +1,35 @@
|
|||
#!/bin/sh
|
||||
INTERFACE="$1"
|
||||
echo "Download server list..."
|
||||
wget -q -O /tmp/speedtest.lst http://c.speedtest.net/speedtest-servers-static.php
|
||||
bestuploadurl=""
|
||||
besthost=""
|
||||
bestpinghost=""
|
||||
bestping="999"
|
||||
echo "Select best server..."
|
||||
while read line; do
|
||||
if [ "$(echo $line | grep url)" != "" ]; then
|
||||
pinghost=$(echo $line | awk -F'"' '{print $18}' | cut -d: -f1)
|
||||
host=$(echo $line | awk -F'"' '{print $18}')
|
||||
uploadurl=$(echo $line | awk -F'"' '{print $2}')
|
||||
ping=$(ping -c1 -w1 $pinghost | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
echo -n "."
|
||||
if [ -n "$ping" ] && [ "$ping" -lt "$bestping" ]; then
|
||||
bestping=$ping
|
||||
bestuploadurl=$uploadurl
|
||||
besthost=$host
|
||||
bestpinghost=$pinghost
|
||||
fi
|
||||
fi
|
||||
done < /tmp/speedtest.lst
|
||||
echo
|
||||
echo "Done: url: $bestuploadurl - host: $besthost - ping: $bestping"
|
||||
echo "Download test:"
|
||||
if [ -z "$INTERFACE" ]; then
|
||||
curl -4 $besthost/speedtest/random7000x7000.jpg >/dev/null || echo
|
||||
else
|
||||
hostip=$(dig +short $bestpinghost | tr -d "\n")
|
||||
ipset add ss_rules_dst_bypass_all $hostip
|
||||
curl -4 --interface $INTERFACE $besthost/speedtest/random7000x7000.jpg >/dev/null || echo
|
||||
ipset del ss_rules_dst_bypass_all $hostip
|
||||
fi
|
||||
|
|
@ -1,15 +1,34 @@
|
|||
#!/bin/sh
|
||||
# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :
|
||||
|
||||
INTERFACE="$1"
|
||||
HOST="proof.ovh.net"
|
||||
|
||||
echo "Select best test server..."
|
||||
HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://www.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin"
|
||||
bestping="999"
|
||||
for pinghost in $HOSTLST; do
|
||||
domain=$(echo $pinghost | awk -F/ '{print $3}')
|
||||
if [ -z "$INTERFACE" ]; then
|
||||
ping=$(ping -c1 -w2 $domain | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
else
|
||||
ping=$(ping -c1 -w2 -I $INTERFACE -B $domain | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
fi
|
||||
echo "host: $domain - ping: $ping"
|
||||
if [ -n "$ping" ] && [ "$ping" -lt "$bestping" ]; then
|
||||
bestping=$ping
|
||||
HOST=$pinghost
|
||||
fi
|
||||
done
|
||||
|
||||
[ -z "$HOST" ] && HOST="http://proof.ovh.net/files/10Gio.dat"
|
||||
|
||||
echo "Best server is $HOST, running test:"
|
||||
trap : HUP INT TERM
|
||||
if [ -z "$INTERFACE" ]; then
|
||||
curl -4 http://$HOST/files/10Gio.dat >/dev/null || echo
|
||||
curl -4 $HOST >/dev/null || echo
|
||||
else
|
||||
hostip=$(dig +short A $HOST | tr -d "\n")
|
||||
domain=$(echo $HOST | awk -F/ '{print $3}')
|
||||
hostip=$(dig +short A $domain | tr -d "\n")
|
||||
ipset add ss_rules_dst_bypass_all $hostip
|
||||
curl -4 --interface $INTERFACE http://$HOST/files/10Gio.dat >/dev/null || echo
|
||||
curl -4 $HOST >/dev/null || echo
|
||||
ipset del ss_rules_dst_bypass_all $hostip
|
||||
fi
|
||||
|
|
|
|||
150
openmptcprouter/files/bin/tcpping
Executable file
150
openmptcprouter/files/bin/tcpping
Executable file
|
|
@ -0,0 +1,150 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# tcpping: test response times using TCP SYN packets
|
||||
# URL: http://www.vdberg.org/~richard/tcpping.html
|
||||
#
|
||||
# uses tcptraceroute from http://michael.toren.net/code/tcptraceroute/
|
||||
#
|
||||
# (c) 2002-2005 Richard van den Berg <richard@vdberg.org> under the GPL
|
||||
# http://www.gnu.org/copyleft/gpl.html
|
||||
#
|
||||
# 2002/12/20 v1.0 initial version
|
||||
# 2003/01/25 v1.1 added -c and -r options
|
||||
# now accepting all other tcptraceroute options
|
||||
# 2003/01/30 v1.2 removed double quotes around backquotes
|
||||
# 2003/03/25 v1.3 added -x option, courtesy of Alvin Austin <alvin@crlogic.com>
|
||||
# 2005/03/31 v1.4 added -C option, courtesy of Norman Rasmussen <norman@rasmussen.org>
|
||||
# 2007/01/11 v1.5 catch bad destination addresses
|
||||
# 2007/01/19 v1.6 catch non-root tcptraceroute
|
||||
# 2008/02/10 v1.7 make -C work when reverse lookup fails, courtesy of Fabrice Le Dorze <Fabrice.LeDorze@apx.fr>
|
||||
# 2010/06/04 v1.8 make -C work when ipaddress doesn't reply, courtesy of Yann Beulque
|
||||
|
||||
|
||||
ver="v1.8"
|
||||
format="%Y%m%d%H%M%S"
|
||||
d="no"
|
||||
c="no"
|
||||
C="no"
|
||||
ttl=255
|
||||
seq=0
|
||||
q=1
|
||||
r=1
|
||||
w=3
|
||||
topts=""
|
||||
|
||||
usage () {
|
||||
name=`basename $0`
|
||||
echo "tcpping $ver Richard van den Berg <richard@vdberg.org>"
|
||||
echo
|
||||
echo "Usage: $name [-d] [-c] [-C] [-w sec] [-q num] [-x count] ipaddress [port]"
|
||||
echo
|
||||
echo " -d print timestamp before every result"
|
||||
echo " -c print a columned result line"
|
||||
echo " -C print in the same format as fping's -C option"
|
||||
echo " -w wait time in seconds (defaults to 3)"
|
||||
echo " -r repeat every n seconds (defaults to 1)"
|
||||
echo " -x repeat n times (defaults to unlimited)"
|
||||
echo
|
||||
echo "See also: man tcptraceroute"
|
||||
echo
|
||||
}
|
||||
|
||||
_checksite() {
|
||||
ttr=`tcptraceroute -f ${ttl} -m ${ttl} -q ${q} -w ${w} $* 2>&1`
|
||||
if echo "${ttr}" | egrep -i "(bad destination|got roo)" >/dev/null 2>&1; then
|
||||
echo "${ttr}"
|
||||
exit
|
||||
fi
|
||||
}
|
||||
|
||||
_testsite() {
|
||||
myseq="${1}"
|
||||
shift
|
||||
[ "${c}" = "yes" ] && nows=`date +${format}`
|
||||
[ "${d}" = "yes" ] && nowd=`date`
|
||||
ttr=`tcptraceroute -f ${ttl} -m ${ttl} -q ${q} -w ${w} $* 2>/dev/null`
|
||||
host=`echo "${ttr}" | awk '{print $2 " " $3}'`
|
||||
rtt=`echo "${ttr}" | sed 's/.*] //' | awk '{print $1}'`
|
||||
not=`echo "${rtt}" | tr -d ".0123456789"`
|
||||
[ "${d}" = "yes" ] && echo "$nowd"
|
||||
if [ "${c}" = "yes" ]; then
|
||||
if [ "x${rtt}" != "x" -a "x${not}" = "x" ]; then
|
||||
echo "$myseq $nows $rtt $host"
|
||||
else
|
||||
echo "$myseq $nows $max $host"
|
||||
fi
|
||||
elif [ "${C}" = "yes" ]; then
|
||||
if [ "$myseq" = "0" ]; then
|
||||
echo -n "$1 :"
|
||||
fi
|
||||
if [ "x${rtt}" != "x" -a "x${not}" = "x" ]; then
|
||||
if [ $rtt != "255" ]; then
|
||||
echo -n " $rtt"
|
||||
else
|
||||
echo -n " -"
|
||||
fi
|
||||
else
|
||||
echo -n " -"
|
||||
fi
|
||||
if [ "$x" = "1" ]; then
|
||||
echo
|
||||
fi
|
||||
else
|
||||
echo "${ttr}" | sed -e "s/^.*\*.*$/seq $myseq: no response (timeout)/" -e "s/^$ttl /seq $myseq: tcp response from/"
|
||||
fi
|
||||
# echo "${ttr}"
|
||||
}
|
||||
|
||||
while getopts dhq:w:cr:nNFSAEi:f:l:m:p:s:x:C opt ; do
|
||||
case "$opt" in
|
||||
d|c|C) eval $opt="yes" ;;
|
||||
q|w|r|x) eval $opt="$OPTARG" ;;
|
||||
n|N|F|S|A|E) topt="$topt -$opt" ;;
|
||||
i|l|p|s) topt="$topt -$opt $OPTARG" ;;
|
||||
f|m) ttl="$OPTARG" ;;
|
||||
?) usage; exit ;;
|
||||
esac
|
||||
done
|
||||
|
||||
shift `expr $OPTIND - 1`
|
||||
|
||||
if [ "x$1" = "x" ]; then
|
||||
usage
|
||||
exit
|
||||
fi
|
||||
|
||||
max=`echo "${w} * 1000" | bc`
|
||||
|
||||
if [ `date +%s` != "%s" ]; then
|
||||
format="%s"
|
||||
fi
|
||||
|
||||
_checksite ${topt} $*
|
||||
|
||||
if [ "$x" = "" ]; then
|
||||
while [ 1 ] ; do
|
||||
_testsite ${seq} ${topt} $* &
|
||||
pid=$!
|
||||
if [ "${C}" = "yes" ]; then
|
||||
wait $pid
|
||||
fi
|
||||
seq=`expr $seq + 1`
|
||||
sleep ${r}
|
||||
done
|
||||
else
|
||||
while [ "$x" -gt 0 ] ; do
|
||||
_testsite ${seq} ${topt} $* &
|
||||
pid=$!
|
||||
if [ "${C}" = "yes" ]; then
|
||||
wait $pid
|
||||
fi
|
||||
seq=`expr $seq + 1`
|
||||
x=`expr $x - 1`
|
||||
if [ "$x" -gt 0 ]; then
|
||||
sleep ${r}
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
exit
|
||||
|
||||
|
|
@ -11,8 +11,10 @@ _setup_rules() {
|
|||
_setup_routes() {
|
||||
config_get lookup $1 lookup
|
||||
config_get gateway $1 gateway
|
||||
intf=$(ifstatus | jsonfilter -e '@.l3_device' | tr -d "\n")
|
||||
ip route replace default via $gateway dev $intf table $lookup
|
||||
intf=$(ifstatus $1 | jsonfilter -e '@.l3_device' | tr -d "\n")
|
||||
if [ -n "$lookup" ] && [ -n "$intf" ] && [ -n "$gateway" ]; then
|
||||
ip route replace default via $gateway dev $intf table $lookup
|
||||
fi
|
||||
}
|
||||
config_load network
|
||||
config_foreach _setup_rules interface
|
||||
|
|
|
|||
|
|
@ -16,12 +16,27 @@ mptcp_over_vpn() {
|
|||
local interface=$1
|
||||
nbintf=$(($nbintf+1))
|
||||
if [ "$(uci -q get openmptcprouter.${interface}.multipathvpn)" = "1" ]; then
|
||||
if [ "$(uci -q get network.${interface})" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
delete openmptcprouter.${interface}
|
||||
delete network.ovpn${interface}
|
||||
delete openvpn.${interface}
|
||||
commit openvpn
|
||||
delete openmptcprouter.${interface}
|
||||
delete openmptcprouter.ovpn${interface}
|
||||
commit openmptcprouter
|
||||
commit network
|
||||
del_list firewall.zone_vpn.network="ovpn${interface}"
|
||||
commit firewall
|
||||
EOF
|
||||
return
|
||||
fi
|
||||
nbintfvpn=$(($nbintfvpn+1))
|
||||
if [ "$(uci -q get network.ovpn${interface})" = "" ]; then
|
||||
logger -t "MPTCPoverVPN" "Enable MPTCP over VPN for ${interface}"
|
||||
id=$(uci -q get network.${interface}.metric)
|
||||
remoteip=""
|
||||
config_load_openmptcprouter
|
||||
config_load openmptcprouter
|
||||
config_foreach _getremoteip server
|
||||
localip=$(ubus call network.interface.$interface status | jsonfilter -e '@["ipv4-address"][0].address' | tr -d "\n")
|
||||
[ -z "$(uci -q get openmptcprouter.ovpn${interface}.multipath)" ] && multipath=$(uci -q get network.${interface}.multipath)
|
||||
|
|
@ -64,6 +79,13 @@ mptcp_over_vpn() {
|
|||
add_list firewall.zone_vpn.network="ovpn${interface}"
|
||||
commit firewall
|
||||
EOF
|
||||
else
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set network.${interface}.multipath='off'
|
||||
commit network
|
||||
set openmptcprouter.${interface}.multipath="off"
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
fi
|
||||
elif [ "$(uci -q get openmptcprouter.ovpn${interface})" != "" ]; then
|
||||
logger -t "MPTCPoverVPN" "Disable MPTCP over VPN for ${interface}"
|
||||
|
|
@ -82,6 +104,21 @@ mptcp_over_vpn() {
|
|||
del_list firewall.zone_vpn.network="ovpn${interface}"
|
||||
commit firewall
|
||||
EOF
|
||||
elif [ "$(uci -q get openmptcprouter.${interface}.vpn)" = "1" ]; then
|
||||
intf="$(echo ${interface} | sed 's/ovpn//g')"
|
||||
if [ -n "$intf" ] && [ "$intf" != "$interface" ] && [ "$(uci -q get network.${intf})" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
delete network.${interface}
|
||||
delete openvpn.${intf}
|
||||
commit openvpn
|
||||
delete openmptcprouter.${intf}
|
||||
delete openmptcprouter.${interface}
|
||||
commit openmptcprouter
|
||||
commit network
|
||||
del_list firewall.zone_vpn.network="${interface}"
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -218,7 +218,7 @@ _get_vps_config() {
|
|||
client_ip="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.tcp.client_ip')"
|
||||
host_ip="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.tcp.host_ip')"
|
||||
port="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.port')"
|
||||
if [ "$(uci -q get glorytun.vpn.port)" != "$port" ]; then
|
||||
if [ "$(uci -q get glorytun.vpn.port)" != "$port" ] && [ "$port" != "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun.vpn.port=$port
|
||||
EOF
|
||||
|
|
@ -262,7 +262,7 @@ _get_vps_config() {
|
|||
client_ip="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.udp.client_ip')"
|
||||
host_ip="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.udp.host_ip')"
|
||||
port="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.port')"
|
||||
if [ "$(uci -q get glorytun.vpn.port)" != "$port" ]; then
|
||||
if [ "$(uci -q get glorytun.vpn.port)" != "$port" ] && [ "$port" != "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun.vpn.port=$port
|
||||
EOF
|
||||
|
|
@ -310,6 +310,17 @@ _get_vps_config() {
|
|||
/etc/init.d/shadowsocks-libev restart
|
||||
fi
|
||||
fi
|
||||
if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ] && [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set v2ray.omrout.s_vmess_address="$vpsip"
|
||||
set v2ray.omrout.s_vless_address="$vpsip"
|
||||
commit v2ray
|
||||
EOF
|
||||
if [ "$(uci -q get v2ray.main.enabled)" = "1" ]; then
|
||||
logger -t "OMR-VPS" "Restart V2Ray..."
|
||||
/etc/init.d/v2ray restart
|
||||
fi
|
||||
fi
|
||||
if [ "$(uci -q get openvpn.omr.remote)" != "127.0.0.1" ] && [ "$(uci -q get openvpn.omr.remote)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openvpn.omr.remote="$vpsip"
|
||||
|
|
@ -380,7 +391,7 @@ _get_gre_tunnel() {
|
|||
peeraddr="$(echo $tunnel | jsonfilter -q -e '@.remote_ip')"
|
||||
ipaddr="$(echo $tunnel | jsonfilter -q -e '@.local_ip')"
|
||||
publicaddr="$(echo $tunnel | jsonfilter -q -e '@.public_ip')"
|
||||
if [ "$(uci -q get network.omrip${i}.peeraddr)" != "$peeraddr" ] || [ "$(uci -q get network.omrip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.omrip${i}gre.ipaddr)" != "$vpnip_local" ]; then
|
||||
if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && ([ "$(uci -q get network.omrip${i}.peeraddr)" != "$peeraddr" ] || [ "$(uci -q get network.omrip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.omrip${i}gre.ipaddr)" != "$vpnip_local" ]); then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set network.omrip${i}gre=interface
|
||||
set network.omrip${i}gre.label="GRE tunnel for $publicaddr"
|
||||
|
|
@ -472,6 +483,7 @@ _get_pihole() {
|
|||
if [ "$pihole" = "true" ] && [ -z "$(uci -q get dhcp.@dnsmasq[0].server | grep $host_ip)" ]; then
|
||||
uci -q del_list dhcp.@dnsmasq[0].server="$(uci -q get dhcp.@dnsmasq[0].server | tr ' ' '\n' | grep '#53' | grep '10.2')"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
del_list dhcp.@dnsmasq[0].server="127.0.0.1#5353"
|
||||
add_list dhcp.@dnsmasq[0].server="$host_ip#53"
|
||||
set dhcp.@dnsmasq[0].rebind_protection='0'
|
||||
commit dhcp
|
||||
|
|
@ -485,6 +497,7 @@ _get_pihole() {
|
|||
if [ "$pihole" = "true" ] && [ -z "$(uci -q get dhcp.@dnsmasq[0].server | grep $host_ip)" ]; then
|
||||
uci -q del_list dhcp.@dnsmasq[0].server="$(uci -q get dhcp.@dnsmasq[0].server | tr ' ' '\n' | grep '#53' | grep '10.2')"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
del_list dhcp.@dnsmasq[0].server="127.0.0.1#5353"
|
||||
add_list dhcp.@dnsmasq[0].server="$host_ip#53"
|
||||
set dhcp.@dnsmasq[0].rebind_protection='0'
|
||||
commit dhcp
|
||||
|
|
@ -498,6 +511,7 @@ _get_pihole() {
|
|||
if [ "$pihole" = "true" ] && [ -z "$(uci -q get dhcp.@dnsmasq[0].server | grep $host_ip)" ]; then
|
||||
uci -q del_list dhcp.@dnsmasq[0].server="$(uci -q get dhcp.@dnsmasq[0].server | tr ' ' '\n' | grep '#53' | grep '10.2')"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
del_list dhcp.@dnsmasq[0].server="127.0.0.1#5353"
|
||||
add_list dhcp.@dnsmasq[0].server="$host_ip#53"
|
||||
set dhcp.@dnsmasq[0].rebind_protection='0'
|
||||
commit dhcp
|
||||
|
|
@ -511,6 +525,7 @@ _get_pihole() {
|
|||
if [ "$pihole" = "true" ] && [ -z "$(uci -q get dhcp.@dnsmasq[0].server | grep $host_ip)" ]; then
|
||||
uci -q del_list dhcp.@dnsmasq[0].server="$(uci -q get dhcp.@dnsmasq[0].server | tr ' ' '\n' | grep '#53' | grep '10.2')"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
del_list dhcp.@dnsmasq[0].server="127.0.0.1#5353"
|
||||
add_list dhcp.@dnsmasq[0].server="$host_ip#53"
|
||||
set dhcp.@dnsmasq[0].rebind_protection='0'
|
||||
commit dhcp
|
||||
|
|
@ -524,6 +539,7 @@ _get_pihole() {
|
|||
if [ "$pihole" = "true" ] && [ -z "$(uci -q get dhcp.@dnsmasq[0].server | grep $host_ip)" ]; then
|
||||
uci -q del_list dhcp.@dnsmasq[0].server="$(uci -q get dhcp.@dnsmasq[0].server | tr ' ' '\n' | grep '#53' | grep '10.2')"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
del_list dhcp.@dnsmasq[0].server="127.0.0.1#5353"
|
||||
add_list dhcp.@dnsmasq[0].server="$host_ip#53"
|
||||
set dhcp.@dnsmasq[0].rebind_protection='0'
|
||||
commit dhcp
|
||||
|
|
@ -594,6 +610,20 @@ _set_vpn_vps() {
|
|||
fi
|
||||
}
|
||||
|
||||
_set_proxy_vps() {
|
||||
local settings
|
||||
[ -z "$vps_config" ] && vps_config=$(_get_json "config")
|
||||
[ -z "$vps_config" ] && return
|
||||
proxy_current="$(echo "$vps_config" | jsonfilter -q -e '@.proxy.current')"
|
||||
proxy="$(uci -q get openmptcprouter.settings.proxy)"
|
||||
if [ "$proxy_current" != "$proxy" ]; then
|
||||
settings='{"proxy" : "'$proxy'"}'
|
||||
echo $(_set_json "proxy" "$settings")
|
||||
else
|
||||
echo 1
|
||||
fi
|
||||
}
|
||||
|
||||
_get_local_wan_ip() {
|
||||
wanip="$(uci -q get openmptcprouter.$1.publicip)"
|
||||
[ -n "$wanip" ] && {
|
||||
|
|
@ -638,6 +668,7 @@ _set_vpn_ip() {
|
|||
vpnip_remote=$(ip -4 r list dev ${vpnifname} | grep via | grep -v default | grep -v / | grep -v metric | awk '{print $1}' | tr -d "\n")
|
||||
[ -z "$vpnip_remote" ] && vpnip_remote=$(ip -4 r list dev ${vpnifname} | grep kernel | awk '{print $1}' | tr -d "\n")
|
||||
[ -z "$vpnip_remote" ] && vpnip_remote=$(ip -4 r list dev ${vpnifname} | grep "proto static src" | awk '{print $3}' | tr -d "\n")
|
||||
[ -z "$vpnip_remote" ] && vpnip_remote=$(ifstatus omrvpn | jsonfilter -e '@.route[0].nexthop')
|
||||
ula="$(uci -q get network.globals.ula_prefix)"
|
||||
ula_current="$(echo "$vps_config" | jsonfilter -q -e '@.ip6in4.ula')"
|
||||
if [ "$vpnip_remote" != "" ] && [ "$vpnip_local" != "" ] && ([ "$vpnip_remote" != "$vpnip_remote_current" ] || [ "$vpnip_local" != "$vpnip_local_current" ] || [ "$ula" != "$ula_current" ]); then
|
||||
|
|
@ -684,158 +715,125 @@ _vps_firewall_redirect_port() {
|
|||
config_get family $1 family "ipv4"
|
||||
config_get enabled $1 enabled "1"
|
||||
config_get src_dip $1 src_dip
|
||||
config_get dest_ip $1 dest_ip
|
||||
config_get dest_port $1 dest_port
|
||||
config_get src_ip $1 src_ip
|
||||
[ "$(echo $src_dport | cut -d'-' -f2)" -ge "65000" ] && {
|
||||
config_get v2ray $1 v2ray "0"
|
||||
if [ -n "$src_dport" ] && [ "$(echo $src_dport | cut -d'-' -f2)" -ge "65000" ]; then
|
||||
logger -t "OMR-VPS" "You can't redirect ports >= 65000, they are needed by OpenMPTCProuter Server part"
|
||||
enabled="0"
|
||||
#uci -q delete firewall.$1
|
||||
#return
|
||||
enabled="0"
|
||||
}
|
||||
fi
|
||||
[ "$(uci -q get v2ray.main.enabled)" = "0" ] && v2ray="0"
|
||||
[ "$proto" = "all" ] && proto="tcp udp"
|
||||
[ "$proto" = "" ] && proto="tcp udp"
|
||||
[ "$src" = "vpn" ] && [ -n "$proto" ] && [ -n "$src_dport" ] && [ "$enabled" != "0" ] && {
|
||||
if [ "$proto" = "tcp udp" ] || [ "$proto" = "all" ]; then
|
||||
checkfw=""
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port tcp")
|
||||
for protoi in $proto; do
|
||||
if [ "$v2ray" = "0" ]; then
|
||||
checkfw=""
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && {
|
||||
comment=" to $src_dip"
|
||||
iptables-save --counters | sed "s:-d $src_dip/32::g" | iptables-restore -w
|
||||
}
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port tcp${comment}")
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
fi
|
||||
if [ "$checkfw" = "" ]; then
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "'$protoi'","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||
_set_json "shorewallopen" "$settings"
|
||||
fi
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
|
||||
else
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port tcp")
|
||||
checkfw=""
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username open router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && {
|
||||
comment=" to $src_dip"
|
||||
iptables-save --counters | sed "s:-d $src_dip/32::g" | iptables-restore -w
|
||||
}
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username open router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port tcp${comment}")
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username open router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username open router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
fi
|
||||
if [ "$checkfw" = "" ]; then
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "'$protoi'","fwtype" : "ACCEPT","ipproto" : "'$family'"}'
|
||||
_set_json "shorewallopen" "$settings"
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","destip" : "'$dest_ip'","destport" : "'$dest_port'","proto" : "'$protoi'"}'
|
||||
_set_json "v2rayredirect" "$settings"
|
||||
fi
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username open router $src_dport port $protoi")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR open router $src_dport port $protoi")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username open router $src_dport port $protoi${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR open router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username open router $src_dport port $protoi")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR open router $src_dport port $protoi")
|
||||
else
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username open router $src_dport port $protoi${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR open router $src_dport port $protoi${comment}")
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
if [ "$checkfw" = "" ]; then
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "tcp","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||
_set_json "shorewallopen" "$settings"
|
||||
fi
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port tcp")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port tcp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port tcp${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port tcp${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port tcp")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port tcp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port tcp${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port tcp${comment}")
|
||||
fi
|
||||
fi
|
||||
|
||||
checkfw=""
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port udp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port udp${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port udp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port udp to${comment}")
|
||||
fi
|
||||
fi
|
||||
if [ "$checkfw" = "" ]; then
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "udp","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||
_set_json "shorewallopen" "$settings"
|
||||
fi
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port udp")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port udp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port udp${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port udp${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port udp")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port udp")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port udp${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port udp${comment}")
|
||||
fi
|
||||
fi
|
||||
else
|
||||
checkfw=""
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port $proto")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port $proto${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $proto")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port $proto${comment}")
|
||||
fi
|
||||
fi
|
||||
if [ "$checkfw" = "" ]; then
|
||||
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "'$proto'","fwtype" : "DNAT","ipproto" : "'$family'"}'
|
||||
_set_json "shorewallopen" "$settings"
|
||||
fi
|
||||
if [ "$family" = "ipv4" ]; then
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $proto")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $proto")
|
||||
else
|
||||
comment=""
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port $proto${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port $proto${comment}")
|
||||
fi
|
||||
else
|
||||
if [ "$src_dip" = "" ]; then
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $proto")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $proto")
|
||||
else
|
||||
[ -n "$src_dip" ] && comment=" to $src_dip"
|
||||
[ -n "$src_ip" ] && comment=" from $src_ip"
|
||||
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port $proto${comment}")
|
||||
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port $proto${comment}")
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -907,6 +905,7 @@ _set_vps_firewall() {
|
|||
vpsfw6list=$(echo $fw6_list | jsonfilter -q -e '@.list[*]' | sed '/^[[:space:]]*$/d')
|
||||
config_load firewall
|
||||
config_foreach _vps_firewall_redirect_port redirect
|
||||
config_foreach _vps_firewall_redirect_port rule
|
||||
[ -n "$vpsfwlist" ] || [ -n "$vpsfw6list" ] && {
|
||||
logger -t "OMR-VPS" "Remove old firewall rules"
|
||||
_vps_firewall_close_port
|
||||
|
|
@ -957,6 +956,9 @@ _set_config_from_vps() {
|
|||
# get VPS ip
|
||||
vpsip="$(uci -q get openmptcprouter.${servername}.ip)"
|
||||
vps_lastchange="$(echo "$vps_config" | jsonfilter -q -e '@.vps.lastchange')"
|
||||
lastchange="$(uci -q get openmptcprouter.${servername}.lastchange)"
|
||||
[ -z "$lastchange" ] && lastchange=0
|
||||
#[ -n "$lastchange" ] && [ -n "$vps_lastchange" ] && [ "$lastchange" -gt "$vps_lastchange" ] && return
|
||||
user_permission="$(echo "$vps_config" | jsonfilter -q -e '@.user.permission')"
|
||||
[ -z "$user_permission" ] && user_permission="rw"
|
||||
|
||||
|
|
@ -978,7 +980,7 @@ _set_config_from_vps() {
|
|||
|
||||
# Set current VPN
|
||||
current_vpn="$(uci -q get openmptcprouter.settings.vpn)"
|
||||
if [ -z "$current_vpn" ] || [ -n "$vps_lastchange" ] || [ "$user_permission" = "ro" ]; then
|
||||
if [ -z "$current_vpn" ] || ([ -n "$vps_lastchange" ] && [ "$vps_lastchange" -gt "$lastchange" ]) || [ "$user_permission" = "ro" ]; then
|
||||
current_vpn="$(echo "$vps_config" | jsonfilter -q -e '@.vpn.current')"
|
||||
if [ -n "$current_vpn" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
|
|
@ -988,6 +990,37 @@ _set_config_from_vps() {
|
|||
fi
|
||||
fi
|
||||
|
||||
# Set current Proxy
|
||||
current_proxy="$(uci -q get openmptcprouter.settings.proxy)"
|
||||
if [ -z "$current_proxy" ] || ([ -n "$vps_lastchange" ] && [ "$vps_lastchange" -gt "$lastchange" ]) || [ "$user_permission" = "ro" ]; then
|
||||
current_proxy="$(echo "$vps_config" | jsonfilter -q -e '@.proxy.current')"
|
||||
if [ -n "$current_proxy" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openmptcprouter.settings.proxy=${current_proxy}
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
if [ "$current_proxy" = "shadowsocks" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set shadowsocks-libev.sss0.disabled=0
|
||||
commit shadowsocks-libev
|
||||
set v2ray.main.enabled=0
|
||||
commit shadowsocks-libev
|
||||
set openmptcprouter.settings.shadowsocks_disable=0
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
elif [ "$current_proxy" = "v2ray" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set shadowsocks-libev.sss0.disabled=1
|
||||
commit shadowsocks-libev
|
||||
set v2ray.main.enabled=1
|
||||
commit shadowsocks-libev
|
||||
set openmptcprouter.settings.shadowsocks_disable=1
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# Shadowsocks settings
|
||||
shadowsocks_disabled="$(uci -q get openmptcprouter.settings.shadowsocks_disable)"
|
||||
[ -z "$shadowsocks_disabled" ] && shadowsocks_disabled=0
|
||||
|
|
@ -1042,8 +1075,30 @@ _set_config_from_vps() {
|
|||
config_foreach _set_ss_server server "server" $vpsip
|
||||
fi
|
||||
uci -q commit shadowsocks-libev
|
||||
logger -t "OMR-VPS" "Shadowsocks restart..."
|
||||
/etc/init.d/shadowsocks-libev restart >/dev/null 2>&1
|
||||
if [ "$(uci -q get shadowsocks-libev.sss0.disabled)" != "1" ]; then
|
||||
logger -t "OMR-VPS" "Shadowsocks restart..."
|
||||
/etc/init.d/shadowsocks-libev restart >/dev/null 2>&1
|
||||
fi
|
||||
fi
|
||||
|
||||
# V2Ray settings
|
||||
v2ray_key="$(echo "$vps_config" | jsonfilter -q -e '@.v2ray.config.key')"
|
||||
#v2ray_port="$(echo "$vps_config" | jsonfilter -q -e '@.v2ray.config.port')"
|
||||
v2ray_port="65228"
|
||||
if ([ -n "$v2ray_key" ] && [ "$v2ray_key" != "$(uci -q get v2ray.omrout.s_vmess_user_id)" ]) || ([ -n "$v2ray_port" ] && [ "$v2ray_port" != "$(uci -q get v2ray.omrout.s_vmess.port)" ]); then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set v2ray.omrout.s_vmess_user_id="$v2ray_key"
|
||||
set v2ray.omrout.s_vmess_port="$v2ray_port"
|
||||
set v2ray.omrout.s_vless_user_id="$v2ray_key"
|
||||
set v2ray.omrout.s_vless_port="$v2ray_port"
|
||||
EOF
|
||||
if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ]; then
|
||||
uci -q set v2ray.omrout.s_vmess_address="$vpsip"
|
||||
uci -q set v2ray.omrout.s_vless_address="$vpsip"
|
||||
fi
|
||||
uci -q commit v2ray
|
||||
logger -t "OMR-VPS" "V2ray restart..."
|
||||
/etc/init.d/v2ray restart >/dev/null 2>&1
|
||||
fi
|
||||
|
||||
# Glorytun settings
|
||||
|
|
@ -1310,10 +1365,11 @@ _backup_send() {
|
|||
backup_data="$(cat /tmp/backup.tar.gz | base64 | tr -d '\n')"
|
||||
backup_sha256sum="$(sha256sum /tmp/backup.tar.gz | awk '{print $1}')"
|
||||
[ -n "$backup_data" ] && {
|
||||
logger -t "OMR-VPS" "Send backup file to server"
|
||||
logger -t "OMR-VPS" "Send backup file to server $servername"
|
||||
local backupjson
|
||||
backupjson='{"data": "'$backup_data'","sha256sum": "'$backup_sha256sum'"}'
|
||||
_set_json "backuppost" "$backupjson"
|
||||
uci -q set openmptcprouter.$servername.lastbackup=$(date +%s)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1352,7 +1408,7 @@ _backup_get_and_apply() {
|
|||
backup_sha256sum="$(echo "$vps_backup" | jsonfilter -q -e '@.sha256sum')"
|
||||
[ -n "$backup_data" ] && {
|
||||
echo $backup_data | base64 -d > /tmp/backup.tar.gz
|
||||
sysupgrade -t /tmp/backup.tar.gz
|
||||
sysupgrade -r /tmp/backup.tar.gz
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1447,6 +1503,7 @@ _config_service() {
|
|||
|
||||
_get_vps_config
|
||||
[ -z "$vps_config" ] && vps_config=$(_get_json "config")
|
||||
[ -z "$vps_config" ] && return
|
||||
user_permission="$(echo "$vps_config" | jsonfilter -q -e '@.user.permission')"
|
||||
|
||||
if [ "$(uci -q get openmptcprouter.settings.firstboot)" != "0" ]; then
|
||||
|
|
@ -1480,6 +1537,7 @@ _config_service() {
|
|||
[ -z "$(_set_redirect_ports_from_vps $redirect_port)" ] && error=1
|
||||
[ -z "$(_set_mptcp_vps)" ] && error=1
|
||||
[ -z "$(_set_vpn_vps)" ] && error=1
|
||||
[ -z "$(_set_proxy_vps)" ] && error=1
|
||||
fi
|
||||
[ "$(uci -q get shadowsocks-libev.sss0.key)" = "" ] && uci -q set openmptcprouter.${servername}.get_config=1
|
||||
|
||||
|
|
@ -1541,6 +1599,6 @@ start_service() {
|
|||
}
|
||||
|
||||
service_triggers() {
|
||||
procd_add_reload_trigger openmptcprouter shadowsocks-libev glorytun mlvpn openvpn network upnpd dsvpn
|
||||
procd_add_reload_trigger openmptcprouter shadowsocks-libev glorytun mlvpn openvpn network upnpd dsvpn v2ray firewall
|
||||
#procd_add_reload_trigger openmptcprouter shadowsocks-libev network upnpd
|
||||
}
|
||||
|
|
@ -26,7 +26,7 @@ backup_database() {
|
|||
backup="false"
|
||||
config_load omr-quota
|
||||
config_foreach _chk_omrquota interface
|
||||
[ "$(uci -q get vnstat.@vnstat[0].backup)" = "1" ] && backup="true"
|
||||
[ "$(uci -q get openmptcprouter.settings.vnstat_backup)" = "1" ] && backup="true"
|
||||
if [ "$backup" = "true" ]; then
|
||||
if [ ! -d $VNSTAT_DIR ]; then
|
||||
logger -t $LOGGER_TAG -p err "cannot backup, data directory $VNSTAT_DIR does not exist (yet)"
|
||||
|
|
|
|||
|
|
@ -16,16 +16,16 @@ if [ "$(uci -q get firewall.@zone[2].name)" = "vpn" ]; then
|
|||
fi
|
||||
|
||||
if [ "$(uci -q get firewall.zone_vpn)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.zone_vpn=zone
|
||||
set firewall.zone_vpn.name=vpn
|
||||
set firewall.zone_vpn.network=glorytun
|
||||
set firewall.zone_vpn.masq=1
|
||||
set firewall.zone_vpn.input=REJECT
|
||||
set firewall.zone_vpn.forward=ACCEPT
|
||||
set firewall.zone_vpn.output=ACCEPT
|
||||
commit firewall
|
||||
EOF
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.zone_vpn=zone
|
||||
set firewall.zone_vpn.name=vpn
|
||||
set firewall.zone_vpn.network=glorytun
|
||||
set firewall.zone_vpn.masq=1
|
||||
set firewall.zone_vpn.input=REJECT
|
||||
set firewall.zone_vpn.forward=ACCEPT
|
||||
set firewall.zone_vpn.output=ACCEPT
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q get firewall.@rule[5].name)" = "Allow-ICMPv6-Input" ]; then
|
||||
|
|
@ -122,10 +122,39 @@ if [ "$(uci -q get firewall.gre_tunnel)" = "" ]; then
|
|||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
if [ "$(uci -q get firewall.fwlantovpn)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.@zone[0].auto_helper='0'
|
||||
set firewall.fwlantovpn=forwarding
|
||||
set firewall.fwlantovpn.src='lan'
|
||||
set firewall.fwlantovpn.dest='vpn'
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q get firewall.blockquicproxy)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.blockquicproxy=rule
|
||||
set firewall.blockquicproxy.name='Block QUIC Proxy'
|
||||
set firewall.blockquicproxy.proto='udp'
|
||||
set firewall.blockquicproxy.dest_port='443'
|
||||
set firewall.blockquicproxy.target='DROP'
|
||||
set firewall.blockquicproxy.src='lan'
|
||||
set firewall.blockquicall=rule
|
||||
set firewall.blockquicall.name='Block QUIC All'
|
||||
set firewall.blockquicall.proto='udp'
|
||||
set firewall.blockquicall.src='*'
|
||||
set firewall.blockquicall.dest='*'
|
||||
set firewall.blockquicall.dest_port='443'
|
||||
set firewall.blockquicall.target='DROP'
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.@zone[0].mtu_fix='1'
|
||||
set firewall.zone_vpn.mtu_fix='1'
|
||||
commit firewall
|
||||
EOF
|
||||
|
||||
rm -f /tmp/luci-indexcache
|
||||
|
|
|
|||
|
|
@ -1,11 +1,13 @@
|
|||
#!/bin/sh
|
||||
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set dhcp.lan.ra_default=0
|
||||
set dhcp.lan.dhcpv6=disabled
|
||||
set dhcp.lan.force=1
|
||||
commit dhcp
|
||||
EOF
|
||||
rm -f /tmp/luci-indexcache
|
||||
if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "0" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set dhcp.lan.ra_default=1
|
||||
set dhcp.lan.dhcpv6=server
|
||||
set dhcp.lan.force=1
|
||||
commit dhcp
|
||||
EOF
|
||||
rm -f /tmp/luci-indexcache
|
||||
fi
|
||||
|
||||
exit 0
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ if [ "$(uci -q get network.omrvpn)" = "" ]; then
|
|||
set network.omrvpn.multipath=off
|
||||
set network.omrvpn.leasetime=12h
|
||||
set network.omrvpn.type=tunnel
|
||||
set network.omrvpn.txqueuelen=1000
|
||||
set network.omrvpn.txqueuelen=100
|
||||
set network.omrvpn.metric=1200
|
||||
commit network
|
||||
EOF
|
||||
|
|
|
|||
|
|
@ -16,8 +16,8 @@ if [ "$(uci -q get openmptcprouter.settings.version)" = "" ]; then
|
|||
set sqm.wan1.upload='0'
|
||||
set sqm.wan1.debug_logging='0'
|
||||
set sqm.wan1.verbosity='5'
|
||||
set sqm.wan1.iqdisc_opts='autorate-ingress nat dual-dsthost'
|
||||
set sqm.wan1.eqdisc_opts='nat dual-srchost'
|
||||
set sqm.wan1.iqdisc_opts='autorate-ingress dual-dsthost'
|
||||
set sqm.wan1.eqdisc_opts='dual-srchost'
|
||||
set sqm.wan2=queue
|
||||
set sqm.wan2.qdisc="fq_codel"
|
||||
set sqm.wan2.script="simple.qos"
|
||||
|
|
@ -29,8 +29,8 @@ if [ "$(uci -q get openmptcprouter.settings.version)" = "" ]; then
|
|||
set sqm.wan2.upload='0'
|
||||
set sqm.wan2.debug_logging='0'
|
||||
set sqm.wan2.verbosity='5'
|
||||
set sqm.wan2.iqdisc_opts='autorate-ingress nat dual-dsthost'
|
||||
set sqm.wan2.eqdisc_opts='nat dual-srchost'
|
||||
set sqm.wan2.iqdisc_opts='autorate-ingress dual-dsthost'
|
||||
set sqm.wan2.eqdisc_opts='dual-srchost'
|
||||
commit sqm
|
||||
EOF
|
||||
if [ "$(uci -q get network.wan3)" != "" ]; then
|
||||
|
|
@ -47,8 +47,8 @@ if [ "$(uci -q get openmptcprouter.settings.version)" = "" ]; then
|
|||
set sqm.wan3.upload='0'
|
||||
set sqm.wan3.debug_logging='0'
|
||||
set sqm.wan3.verbosity='5'
|
||||
set sqm.wan3.iqdisc_opts='autorate-ingress nat dual-dsthost'
|
||||
set sqm.wan3.eqdisc_opts='nat dual-srchost'
|
||||
set sqm.wan3.iqdisc_opts='autorate-ingress dual-dsthost'
|
||||
set sqm.wan3.eqdisc_opts='dual-srchost'
|
||||
commit sqm
|
||||
EOF
|
||||
fi
|
||||
|
|
@ -66,8 +66,8 @@ if [ "$(uci -q get openmptcprouter.settings.version)" = "" ]; then
|
|||
set sqm.wan4.upload='0'
|
||||
set sqm.wan4.debug_logging='0'
|
||||
set sqm.wan4.verbosity='5'
|
||||
set sqm.wan4.iqdisc_opts='autorate-ingress nat dual-dsthost'
|
||||
set sqm.wan4.eqdisc_opts='nat dual-srchost'
|
||||
set sqm.wan4.iqdisc_opts='autorate-ingress dual-dsthost'
|
||||
set sqm.wan4.eqdisc_opts='dual-srchost'
|
||||
commit sqm
|
||||
EOF
|
||||
fi
|
||||
|
|
@ -87,8 +87,8 @@ fi
|
|||
# set sqm.omrvpn.upload='0'
|
||||
# set sqm.omrvpn.debug_logging='0'
|
||||
# set sqm.omrvpn.verbosity='5'
|
||||
# set sqm.omrvpn.iqdisc_opts='autorate-ingress nat dual-dsthost'
|
||||
# set sqm.omrvpn.eqdisc_opts='nat dual-srchost'
|
||||
# set sqm.omrvpn.iqdisc_opts='autorate-ingress dual-dsthost'
|
||||
# set sqm.omrvpn.eqdisc_opts='dual-srchost'
|
||||
# commit sqm
|
||||
# EOF
|
||||
#fi
|
||||
|
|
|
|||
19
openmptcprouter/files/etc/uci-defaults/2091-omr-wifi
Executable file
19
openmptcprouter/files/etc/uci-defaults/2091-omr-wifi
Executable file
|
|
@ -0,0 +1,19 @@
|
|||
#!/bin/sh
|
||||
if [ "$(uci -q get wireless.radio0)" != "" ]; then
|
||||
if [ "$(uci -q get wireless.radio0.country)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set wireless.radio0.country='00'
|
||||
set wireless.default_radio0.skip_inactivity_poll='1'
|
||||
commit wireless
|
||||
EOF
|
||||
fi
|
||||
if [ "$(uci -q get wireless.default_radio0.network)" = "lan" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set wireless.default_radio0.network='wifi'
|
||||
commit wireless
|
||||
EOF
|
||||
|
||||
fi
|
||||
fi
|
||||
|
||||
exit 0
|
||||
Loading…
Add table
Add a link
Reference in a new issue