From c483ee357e23559447b9bd156c0cb748a7a5e57a Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Wed, 28 Aug 2024 17:44:34 +0200
Subject: [PATCH 1/5] Fix OMR-DSCP

---
 omr-dscp/files/etc/init.d/omr-dscp-nft | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/omr-dscp/files/etc/init.d/omr-dscp-nft b/omr-dscp/files/etc/init.d/omr-dscp-nft
index 7768360a5..ed93e0371 100755
--- a/omr-dscp/files/etc/init.d/omr-dscp-nft
+++ b/omr-dscp/files/etc/init.d/omr-dscp-nft
@@ -123,10 +123,10 @@ _add_dscp_rules() {
 	src_port="$(echo $src_port | sed 's/,/ /g')"
 	dest_port="$(echo $dest_port | sed 's/,/ /g')"
 	for port in $src_port; do
-		uci -q add_list firewall.omr_dscp_rule$count.src_port="$src_port"
+		uci -q add_list firewall.omr_dscp_rule$count.src_port="$port"
 	done
-	for port in $src_port; do
-		uci -q add_list firewall.omr_dscp_rule$count.dest_port="$dest_port"
+	for port in $dest_port; do
+		uci -q add_list firewall.omr_dscp_rule$count.dest_port="$port"
 	done
 	#_add_dscp_rule -m multiport --sports "$src_port" -m multiport --dports "$dest_port"
 	uci -q commit firewall

From aa1a5ed651c960e114446b24e7d4dcb745a1af8c Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Wed, 28 Aug 2024 17:45:39 +0200
Subject: [PATCH 2/5] Disable DCO on OpenVPN MPTCP over VPN as DCO is not
 available for now on latest VPS kernels

---
 openmptcprouter/files/etc/init.d/mptcpovervpn | 1 +
 1 file changed, 1 insertion(+)

diff --git a/openmptcprouter/files/etc/init.d/mptcpovervpn b/openmptcprouter/files/etc/init.d/mptcpovervpn
index 14a955c82..1b3bebcff 100755
--- a/openmptcprouter/files/etc/init.d/mptcpovervpn
+++ b/openmptcprouter/files/etc/init.d/mptcpovervpn
@@ -88,6 +88,7 @@ mptcp_over_vpn() {
 					set openvpn.${interface}.proto='udp'
 					set openvpn.${interface}.client='1'
 					set openvpn.${interface}.enabled='1'
+					set openvpn.${interface}.disable_dco='1'
 					set openvpn.${interface}.allow_recursive_routing='1'
 					set openvpn.${interface}.key='/etc/luci-uploads/client.key'
 					set openvpn.${interface}.cert='/etc/luci-uploads/client.crt'

From 8a73c7f9936ba402c8a66c767b6a3addba443fc0 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Wed, 28 Aug 2024 20:22:53 +0200
Subject: [PATCH 3/5] Remove unused setting in firewall

---
 .../files/etc/uci-defaults/1980-omr-firewall           | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
index 3d06a87e8..1b08a4541 100755
--- a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
+++ b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
@@ -140,7 +140,6 @@ if [ "$(uci -q get firewall.omr_server)" = "" ]; then
 	uci -q batch <<-EOF >/dev/null
 		set firewall.omr_server=include
 		set firewall.omr_server.path=/etc/firewall.omr-server
-		set firewall.omr_server.reload=1
 		commit firewall
 	EOF
 fi
@@ -149,7 +148,6 @@ if [ "$(uci -q get firewall.gre_tunnel)" = "" ]; then
 	uci -q batch <<-EOF >/dev/null
 		set firewall.gre_tunnel=include
 		set firewall.gre_tunnel.path=/etc/firewall.gre-tunnel
-		set firewall.gre_tunnel.reload=0
 		commit firewall
 	EOF
 fi
@@ -157,7 +155,6 @@ if [ "$(uci -q get firewall.ttl)" = "" ]; then
 	uci -q batch <<-EOF >/dev/null
 		set firewall.ttl=include
 		set firewall.ttl.path=/etc/firewall.ttl
-		set firewall.ttl.reload=1
 		commit firewall
 	EOF
 fi
@@ -242,7 +239,6 @@ done
 uci -q batch <<-EOF >/dev/null
 	set firewall.zone_lan.mtu_fix='1'
 	set firewall.zone_vpn.mtu_fix='1'
-	set firewall.@include[0].reload='1'
 	commit firewall
 EOF
 if [ -z "$(uci -q get openmptcprouter.settings.sipalg)" ]; then
@@ -271,6 +267,12 @@ fi
 # Remove mtu_fix check, doesn't work on kernel 6.6
 sed -i 's/if (zone\.mtu_fix && this\.kernel < 0x040a0000) {/if (zone.mtu_fix \&\& this.kernel < 0x040a0000 \&\& false) {/' /usr/share/ucode/fw4.uc
 
+uci -q batch <<-EOF >/dev/null
+	del firewall.omr_server.reload
+	del firewall.gre_tunnel.reload
+	del firewall.ttl.reload
+EOF
+
 rm -f /tmp/luci-indexcache
 
 exit 0

From f0f710123d6decff2a40c7ff4af63a99f33acac9 Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Wed, 28 Aug 2024 20:23:27 +0200
Subject: [PATCH 4/5] Remove unused setting in omr6in4 for firewall

---
 omr-6in4/files/etc/init.d/omr-6in4 | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/omr-6in4/files/etc/init.d/omr-6in4 b/omr-6in4/files/etc/init.d/omr-6in4
index 17195708e..c8af18ae8 100755
--- a/omr-6in4/files/etc/init.d/omr-6in4
+++ b/omr-6in4/files/etc/init.d/omr-6in4
@@ -28,10 +28,10 @@ set_ipv6_state() {
 	sed -i "s:^net.ipv6.conf.all.disable_ipv6=[0-9]*::" /etc/sysctl.d/zzz_openmptcprouter.conf
 	sysctl -qw net.ipv6.conf.all.disable_ipv6=0
 
-	uci -q batch <<-EOF >/dev/null
-		set firewall.@defaults[0].disable_ipv6=$disable_ipv6
-		commit firewall
-	EOF
+	#uci -q batch <<-EOF >/dev/null
+	#	set firewall.@defaults[0].disable_ipv6=$disable_ipv6
+	#	commit firewall
+	#EOF
 
 	if [ "$disable_ipv6" = "1" ]; then
 		logger -t "omr-6in4" "Disable IPv6"

From 03e3bc44040c5941ca08a1e706b6630b744d515f Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Wed, 28 Aug 2024 20:24:06 +0200
Subject: [PATCH 5/5] Detect if interface is up via another method in
 omr-tracker

---
 omr-tracker/files/bin/omr-tracker | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker
index ccb3df7e7..e1fc27928 100755
--- a/omr-tracker/files/bin/omr-tracker
+++ b/omr-tracker/files/bin/omr-tracker
@@ -285,7 +285,8 @@ while true; do
 	}
 
 	if [ -n "$OMR_TRACKER_DEVICE" ] && [ -d "/sys/class/net/$OMR_TRACKER_DEVICE" ]; then
-		if [ -n "$(ip link show $OMR_TRACKER_DEVICE | grep 'state UP')" ] || [ -n "$(ip link show $OMR_TRACKER_DEVICE | grep 'state UNKNOWN')" ]; then
+		#if [ -n "$(ip link show $OMR_TRACKER_DEVICE | grep 'state UP')" ] || [ -n "$(ip link show $OMR_TRACKER_DEVICE | grep 'state UNKNOWN')" ]; then
+		if [ "$(ifstatus $OMR_TRACKER_INTERFACE | jsonfilter -e '@.up')" == "true" ] || [ "$OMR_TRACKER_INTERFACE" = "omrvpn" ]; then
 			# retrieve iface ip and gateway
 			if { [ "$OMR_TRACKER_FAMILY" = "ipv4" ] || [ "$OMR_TRACKER_FAMILY" = "ipv4ipv6" ]; } && [ "$OMR_TRACKER_INTERFACE_PROTO" != "dhcpv6" ]; then
 				OMR_TRACKER_DEVICE_IP=$(ip -4 -br addr ls dev "$OMR_TRACKER_DEVICE" | awk -F'[ /]+' '{print $3}')