From 5b10fe3bd5785ff9c9b496c90f4d7f64465778bd Mon Sep 17 00:00:00 2001 From: Ycarus Date: Sun, 13 Jan 2019 11:10:05 +0100 Subject: [PATCH] Various fix for IPv6, disable Shadowsocks for IPv6 with ss-redir --- .../luasrc/controller/openmptcprouter.lua | 27 +++++++++++++++++++ .../root/etc/init.d/openmptcprouter | 4 ++- mptcp/files/etc/init.d/mptcp | 10 +++---- .../share/omr/post-tracking.d/post-tracking | 4 +-- omr-6in4/files/bin/omr-6in4 | 13 ++++++++- .../files/etc/init.d/openmptcprouter-vps | 3 +++ .../files/etc/uci-defaults/1920-omr-network | 10 +++---- .../files/shadowsocks-libev.init | 2 +- 8 files changed, 58 insertions(+), 15 deletions(-) diff --git a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua index 9b4807954..c2968e46d 100644 --- a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua +++ b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua @@ -178,6 +178,33 @@ function wizard_add() local downloadspeed = luci.http.formvalue("cbid.sqm.%s.download" % intf) or "0" local uploadspeed = luci.http.formvalue("cbid.sqm.%s.upload" % intf) or "0" + + if ucic:get("qos",intf) == "" then + ucic:set("qos",intf,"interface") + ucic:set("qos",intf,"classgroup","Default") + ucic:set("qos",intf,"enabled","0") + ucic:set("qos",intf,"upload","4000") + ucic:set("qos",intf,"download","100000") + end + + if ucic:get("sqm",intf) == "" then + local defif = ucic:get("network",intf .. "_dev","ifname") or "" + if defif == "" then + defif = ucic:get("network",intf,"ifname") or "" + end + ucic:set("sqm",intf,"queue") + ucic:set("sqm",intf,"interface",defif) + ucic:set("sqm",intf,"qdisc","fq_codel") + ucic:set("sqm",intf,"script","simple.qos") + ucic:set("sqm",intf,"qdisc_advanced","0") + ucic:set("sqm",intf,"linklayer","none") + ucic:set("sqm",intf,"enabled","0") + ucic:set("sqm",intf,"debug_logging","0") + ucic:set("sqm",intf,"verbosity","5") + ucic:set("sqm",intf,"download","0") + ucic:set("sqm",intf,"upload","0") + end + if downloadspeed ~= "0" and uploadspeed ~= "0" then ucic:set("sqm",intf,"download",downloadspeed) ucic:set("sqm",intf,"upload",uploadspeed) diff --git a/luci-app-openmptcprouter/root/etc/init.d/openmptcprouter b/luci-app-openmptcprouter/root/etc/init.d/openmptcprouter index 0518cff32..ea8d99216 100755 --- a/luci-app-openmptcprouter/root/etc/init.d/openmptcprouter +++ b/luci-app-openmptcprouter/root/etc/init.d/openmptcprouter @@ -41,6 +41,7 @@ set_ipv6_state() { else uci -q set shadowsocks-libev.hi.local_address="::" fi + uci -q commit shadowsocks-libev uci -q commit dhcp #if [ "$disable_ipv6" == "1" ]; then # /etc/init.d/odhcpd stop >/dev/null 2>&1 @@ -76,9 +77,10 @@ start_service() { done } config_get disable_ipv6 settings disable_ipv6 "0" - if [ "$(sysctl net.ipv6.conf.all.disable_ipv6 | tr -d '\n')" != "$disable_ipv6" ]; then + if [ "$(uci -q get firewall.@defaults[0].disable_ipv6)" != "$disable_ipv6" ]; then set_ipv6_state $disable_ipv6 fi + # remove sysctl already defined in /etc/sysctl.d/ sed -i -e '/tcp_fin_timeout/d' -e '/tcp_keepalive_time/d' -e '/nf_conntrack_max/d' -e '/tcp_syn_retries/d' /etc/sysctl.conf sed -i -e '/tcp_fin_timeout/d' -e '/tcp_keepalive_time/d' -e '/nf_conntrack_max/d' -e '/tcp_syn_retries/d' /etc/sysctl.d/10-default.conf diff --git a/mptcp/files/etc/init.d/mptcp b/mptcp/files/etc/init.d/mptcp index 462e85a5c..9fec67780 100755 --- a/mptcp/files/etc/init.d/mptcp +++ b/mptcp/files/etc/init.d/mptcp @@ -162,7 +162,7 @@ interface_multipath_settings() { ifconfig $iface txqueuelen 10000 > /dev/null 2>&1 } fi - if [ "$(sysctl -n net.ipv6.conf.all.disable_ipv6 | tr -d '\n')" != "1" ]; then + if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "1" ] && [ "$config" != "omr6in4" ]; then # IPv6 Updates: local ip6addr local ipaddr6 @@ -179,12 +179,12 @@ interface_multipath_settings() { ip6addr=$(ip -6 addr show dev $iface | grep -v 'scope link' | grep inet6 | awk '{print $2}' | cut -d/ -f1 | tr -d "\n") gateway6=$(ip -6 r list dev $iface | grep -v default | awk '/proto static/ {print $1}' | tr -d "\n") [ -z "$gateway6" ] && gateway6=$(uci -q get "network.$config.ip6gw") - [ -z "$gateway6" ] && gateway6=$(ubus call network.interface.$config status | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::/0"].nexthop' | tr -d "\n") + [ -z "$gateway6" ] && gateway6=$(ubus call network.interface.$config status | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n") if [ -z "$gateway6" ] || [ "$( valid_subnet6 $gateway6 )" != "ok" ]; then - gateway6=$(ubus call network.interface.$config status | jsonfilter -q -e '@.route[@.target="::/0"].nexthop' | tr -d "\n") + gateway6=$(ubus call network.interface.$config status | jsonfilter -q -e '@.route[@.target="::"].nexthop' | tr -d "\n") fi if [ -z "$gateway6" ] || [ "$( valid_subnet6 $gateway6 )" != "ok" ]; then - gateway6=$(ubus call network.interface.${config}_6 status 2>/dev/null | jsonfilter -q -e '@.inactive.route[@.target="::/0"].nexthop' | tr -d "\n") + gateway6=$(ubus call network.interface.${config}_6 status 2>/dev/null | jsonfilter -q -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n") fi netmask6=$(ip -6 addr show dev $iface | grep -v 'scope link' | grep inet6 | awk '{print $2}' | cut -d/ -f2 | tr -d "\n") network6=`ipcalc $ip6addr | sed -n '/NETWORK=/{;s/.*=//;s/ .*//;p;}'` @@ -207,7 +207,7 @@ interface_multipath_settings() { delete network.${config}_route6_default set network.${config}_route6_default=route6 set network.${config}_route6_default.interface=${config} - set network.${config}_route6_default.target='::/0' + set network.${config}_route6_default.target='::' set network.${config}_route6_default.gateway=$gateway6 set network.${config}_route6_default.table=6${id} commit network diff --git a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking index a02acce35..83f70bcbf 100755 --- a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking +++ b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking @@ -332,8 +332,8 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($( /etc/init.d/odhcpd enable > /dev/null 2>&1 elif [ -z "$ip6addr" ] && [ "$(uci -q set dhcp.lan.ra_default)" = 1 ]; then _log "Disable IPv6 RA" - uci -q del dhcp.lan.ra - uci -q del dhcp.lan.dhcpv6 + uci -q delete dhcp.lan.ra + uci -q delete dhcp.lan.dhcpv6 /etc/init.d/odhcpd start > /dev/null 2>&1 /etc/init.d/odhcpd enable > /dev/null 2>&1 fi diff --git a/omr-6in4/files/bin/omr-6in4 b/omr-6in4/files/bin/omr-6in4 index c3e5294b0..052da3d09 100755 --- a/omr-6in4/files/bin/omr-6in4 +++ b/omr-6in4/files/bin/omr-6in4 @@ -17,7 +17,7 @@ while true; do [ -z "$peer" ] && peer=$(ubus call network.interface.omrvpn status | jsonfilter -q -e '@.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") [ -z "$peer" ] && [ -n "$iface" ] && peer=$(ip -4 r list dev $iface | grep kernel | awk '/proto kernel/ {print $1}' | grep -v / | tr -d "\n") [ -n "$addr" ] && [ -n "$peer" ] && { - if [ "$addr" != "$(uci -q get network.omr6in4.ipaddr)" ] || [ "$peer" != "$(uci -q get network.omr6in4.peeraddr)" ]; then + if [ "$addr" != "$(uci -q get network.omr6in4.ipaddr)" ] || [ "$peer" != "$(uci -q get network.omr6in4.peeraddr)" ] || [ "$(uci -q get network.omr6in4_route6_default)" = "" ]; then logger -t "omr6in4" "Set network for OMR 6in4 to local $addr peer $peer" uci -q batch <<-EOF set network.omr6in4.ipaddr=$addr @@ -29,6 +29,17 @@ while true; do else ifup omr6in4 fi + sleep 5 + ipv6_gw=$(ubus call network.interface.6in4-omr6in4 status | jsonfilter -q -e '@.route[@.target="::"].nexthop' | tr -d "\n") + [ -z "$ipv6_gw" ] && ipv6_gw='fe80::a00:1' + ip -6 route replace default via ${ipv6_gw} dev 6in4-omr6in4 + uci -q batch <<-EOF + set network.omr6in4_route6_default=route6 + set network.omr6in4_route6_default.interface=omr6in4 + set network.omr6in4_route6_default.target='::' + set network.omr6in4_route6_default.gateway=$ipv6_gw + commit network + EOF fi } fi diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index f220708b2..e5fb46916 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -364,6 +364,9 @@ _set_config_from_vps() { # Check if server get an IPv6, if not disable IPv6 on OMR vps_ipv6_addr="$(echo "$vps_config" | jsonfilter -q -e '@.network.ipv6')" if [ -z "$vps_ipv6_addr" ]; then + if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" = "0" ]; then + logger -t "OMR-VPS" "No IPv6 support on VPS side. IPv6 disabled." + fi uci -q batch <<-EOF >/dev/null set openmptcprouter.settings.disable_ipv6=1 EOF diff --git a/openmptcprouter/files/etc/uci-defaults/1920-omr-network b/openmptcprouter/files/etc/uci-defaults/1920-omr-network index efe7e502b..4f882f5c7 100755 --- a/openmptcprouter/files/etc/uci-defaults/1920-omr-network +++ b/openmptcprouter/files/etc/uci-defaults/1920-omr-network @@ -212,11 +212,11 @@ if [ "$(uci -q get network.wan1.multipath)" = "" ]; then _setup_macvlan wan1 _setup_macvlan wan2 fi - uci -q batch <<-EOF - add network route6 - set network.@route6[-1].interface='lan' - set network.@route6[-1].target='::/0' - EOF + #uci -q batch <<-EOF + #add network route6 + #set network.@route6[-1].interface='lan' + #set network.@route6[-1].target='::/0' + #EOF fi uci -q commit network rm -f /tmp/luci-indexcache diff --git a/shadowsocks-libev/files/shadowsocks-libev.init b/shadowsocks-libev/files/shadowsocks-libev.init index 506362612..43bbf1027 100644 --- a/shadowsocks-libev/files/shadowsocks-libev.init +++ b/shadowsocks-libev/files/shadowsocks-libev.init @@ -344,7 +344,7 @@ rules_up() { config_foreach ss_rules_restart "$cfgtype" "$cfgtype" done ss_rules - [ "$(sysctl -n net.ipv6.conf.all.disable_ipv6 | tr -d '\n')" = "1" ] || ss_rules6 + #[ "$(uci -q get openmptcprouter.settings.disable_ipv6)" = "1" ] || ss_rules6 [ -f /etc/init.d/omr-bypass ] && /etc/init.d/omr-bypass reload }