Various fix for IPv6, disable Shadowsocks for IPv6 with ss-redir

2025-03-09 15:40:03 +00:00 · 2019-01-13 11:10:05 +01:00 · 2019-01-13 11:10:05 +01:00 · 5b10fe3bd5
commit 5b10fe3bd5
parent 0ef3754412
8 changed files with 58 additions and 15 deletions
--- a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua
+++ b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua
@ -178,6 +178,33 @@ function wizard_add()

 		local downloadspeed = luci.http.formvalue("cbid.sqm.%s.download" % intf) or "0"
 		local uploadspeed = luci.http.formvalue("cbid.sqm.%s.upload" % intf) or "0"
+
+		if ucic:get("qos",intf) == "" then
+			ucic:set("qos",intf,"interface")
+			ucic:set("qos",intf,"classgroup","Default")
+			ucic:set("qos",intf,"enabled","0")
+			ucic:set("qos",intf,"upload","4000")
+			ucic:set("qos",intf,"download","100000")
+		end
+
+		if ucic:get("sqm",intf) == "" then
+			local defif = ucic:get("network",intf .. "_dev","ifname") or ""
+			if defif == "" then
+				defif = ucic:get("network",intf,"ifname") or ""
+			end
+			ucic:set("sqm",intf,"queue")
+			ucic:set("sqm",intf,"interface",defif)
+			ucic:set("sqm",intf,"qdisc","fq_codel")
+			ucic:set("sqm",intf,"script","simple.qos")
+			ucic:set("sqm",intf,"qdisc_advanced","0")
+			ucic:set("sqm",intf,"linklayer","none")
+			ucic:set("sqm",intf,"enabled","0")
+			ucic:set("sqm",intf,"debug_logging","0")
+			ucic:set("sqm",intf,"verbosity","5")
+			ucic:set("sqm",intf,"download","0")
+			ucic:set("sqm",intf,"upload","0")
+		end
+
 		if downloadspeed ~= "0" and uploadspeed ~= "0" then
 			ucic:set("sqm",intf,"download",downloadspeed)
 			ucic:set("sqm",intf,"upload",uploadspeed)
--- a/luci-app-openmptcprouter/root/etc/init.d/openmptcprouter
+++ b/luci-app-openmptcprouter/root/etc/init.d/openmptcprouter
@ -41,6 +41,7 @@ set_ipv6_state() {
 	else
 		uci -q set shadowsocks-libev.hi.local_address="::"
 	fi
+	uci -q commit shadowsocks-libev
 	uci -q commit dhcp
 	#if [ "$disable_ipv6" == "1" ]; then
 	#	/etc/init.d/odhcpd stop >/dev/null 2>&1
@ -76,9 +77,10 @@ start_service() {
 		done
 	}
 	config_get disable_ipv6 settings disable_ipv6 "0"
-	if [ "$(sysctl net.ipv6.conf.all.disable_ipv6 | tr -d '\n')" != "$disable_ipv6" ]; then
+	if [ "$(uci -q get firewall.@defaults[0].disable_ipv6)" != "$disable_ipv6" ]; then
 		set_ipv6_state $disable_ipv6
 	fi
+	
 	# remove sysctl already defined in /etc/sysctl.d/
 	sed -i -e '/tcp_fin_timeout/d' -e '/tcp_keepalive_time/d' -e '/nf_conntrack_max/d' -e '/tcp_syn_retries/d' /etc/sysctl.conf
 	sed -i -e '/tcp_fin_timeout/d' -e '/tcp_keepalive_time/d' -e '/nf_conntrack_max/d' -e '/tcp_syn_retries/d' /etc/sysctl.d/10-default.conf
--- a/mptcp/files/etc/init.d/mptcp
+++ b/mptcp/files/etc/init.d/mptcp
@ -162,7 +162,7 @@ interface_multipath_settings() {
 			ifconfig $iface txqueuelen 10000 > /dev/null 2>&1
 		}
 	fi
-	if [ "$(sysctl -n net.ipv6.conf.all.disable_ipv6 | tr -d '\n')" != "1" ]; then
+	if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "1" ] && [ "$config" != "omr6in4" ]; then
 		# IPv6 Updates:
 		local ip6addr
 		local ipaddr6
@ -179,12 +179,12 @@ interface_multipath_settings() {
 				ip6addr=$(ip -6 addr show dev $iface | grep -v 'scope link' | grep inet6 | awk '{print $2}' | cut -d/ -f1 | tr -d "\n")
 				gateway6=$(ip -6 r list dev $iface | grep -v default | awk '/proto static/ {print $1}' | tr -d "\n")
 				[ -z "$gateway6" ] && gateway6=$(uci -q get "network.$config.ip6gw")
-				[ -z "$gateway6" ] && gateway6=$(ubus call network.interface.$config status | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::/0"].nexthop' | tr -d "\n")
+				[ -z "$gateway6" ] && gateway6=$(ubus call network.interface.$config status | jsonfilter -q -l 1 -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n")
 				if [ -z "$gateway6" ] || [ "$( valid_subnet6 $gateway6 )" != "ok" ]; then 
-					gateway6=$(ubus call network.interface.$config status | jsonfilter -q -e '@.route[@.target="::/0"].nexthop' | tr -d "\n")
+					gateway6=$(ubus call network.interface.$config status | jsonfilter -q -e '@.route[@.target="::"].nexthop' | tr -d "\n")
 				fi
 				if [ -z "$gateway6" ] || [ "$( valid_subnet6 $gateway6 )" != "ok" ]; then
-					gateway6=$(ubus call network.interface.${config}_6 status 2>/dev/null | jsonfilter -q -e '@.inactive.route[@.target="::/0"].nexthop' | tr -d "\n")
+					gateway6=$(ubus call network.interface.${config}_6 status 2>/dev/null | jsonfilter -q -e '@.inactive.route[@.target="::"].nexthop' | tr -d "\n")
 				fi
 				netmask6=$(ip -6 addr show dev $iface | grep -v 'scope link' | grep inet6 | awk '{print $2}' | cut -d/ -f2 | tr -d "\n")
 				network6=`ipcalc $ip6addr | sed -n '/NETWORK=/{;s/.*=//;s/ .*//;p;}'`
@ -207,7 +207,7 @@ interface_multipath_settings() {
 				delete network.${config}_route6_default
 				set network.${config}_route6_default=route6
 				set network.${config}_route6_default.interface=${config}
-				set network.${config}_route6_default.target='::/0'
+				set network.${config}_route6_default.target='::'
 				set network.${config}_route6_default.gateway=$gateway6
 				set network.${config}_route6_default.table=6${id}
 				commit network
--- a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking
+++ b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking
@ -332,8 +332,8 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($(
 				/etc/init.d/odhcpd enable > /dev/null 2>&1
 			elif [ -z "$ip6addr" ] && [ "$(uci -q set dhcp.lan.ra_default)" = 1 ]; then
 				_log "Disable IPv6 RA"
-				uci -q del dhcp.lan.ra
-				uci -q del dhcp.lan.dhcpv6
+				uci -q delete dhcp.lan.ra
+				uci -q delete dhcp.lan.dhcpv6
 				/etc/init.d/odhcpd start > /dev/null 2>&1
 				/etc/init.d/odhcpd enable > /dev/null 2>&1
 			fi
--- a/omr-6in4/files/bin/omr-6in4
+++ b/omr-6in4/files/bin/omr-6in4
@ -17,7 +17,7 @@ while true; do
 		[ -z "$peer" ] && peer=$(ubus call network.interface.omrvpn status | jsonfilter -q -e '@.route[@.target="0.0.0.0"].nexthop' | tr -d "\n")
 		[ -z "$peer" ] && [ -n "$iface" ] && peer=$(ip -4 r list dev $iface | grep kernel | awk '/proto kernel/ {print $1}' | grep -v / | tr -d "\n")
 		[ -n "$addr" ] && [ -n "$peer" ] && {
-			if [ "$addr" != "$(uci -q get network.omr6in4.ipaddr)" ] || [ "$peer" != "$(uci -q get network.omr6in4.peeraddr)" ]; then
+			if [ "$addr" != "$(uci -q get network.omr6in4.ipaddr)" ] || [ "$peer" != "$(uci -q get network.omr6in4.peeraddr)" ] || [ "$(uci -q get network.omr6in4_route6_default)" = "" ]; then
 				logger -t "omr6in4" "Set network for OMR 6in4 to local $addr peer $peer"
 				uci -q batch <<-EOF
 					set network.omr6in4.ipaddr=$addr
@ -29,6 +29,17 @@ while true; do
 				else
 					ifup omr6in4
 				fi
+				sleep 5
+				ipv6_gw=$(ubus call network.interface.6in4-omr6in4 status | jsonfilter -q -e '@.route[@.target="::"].nexthop' | tr -d "\n")
+				[ -z "$ipv6_gw" ] && ipv6_gw='fe80::a00:1'
+				ip -6 route replace default via ${ipv6_gw} dev 6in4-omr6in4
+				uci -q batch <<-EOF
+					set network.omr6in4_route6_default=route6
+					set network.omr6in4_route6_default.interface=omr6in4
+					set network.omr6in4_route6_default.target='::'
+					set network.omr6in4_route6_default.gateway=$ipv6_gw
+					commit network
+				EOF
 			fi
 		}
 	fi
--- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps
+++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps
@ -364,6 +364,9 @@ _set_config_from_vps() {
 	# Check if server get an IPv6, if not disable IPv6 on OMR
 	vps_ipv6_addr="$(echo "$vps_config" | jsonfilter -q -e '@.network.ipv6')"
 	if [ -z "$vps_ipv6_addr" ]; then
+		if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" = "0" ]; then
+			logger -t "OMR-VPS" "No IPv6 support on VPS side. IPv6 disabled."
+		fi
 		uci -q batch <<-EOF >/dev/null
 			set openmptcprouter.settings.disable_ipv6=1
 		EOF
--- a/openmptcprouter/files/etc/uci-defaults/1920-omr-network
+++ b/openmptcprouter/files/etc/uci-defaults/1920-omr-network
@ -212,11 +212,11 @@ if [ "$(uci -q get network.wan1.multipath)" = "" ]; then
 		_setup_macvlan wan1
 		_setup_macvlan wan2
 	fi
-	uci -q batch <<-EOF
-	add network route6
-	set network.@route6[-1].interface='lan'
-	set network.@route6[-1].target='::/0'
-	EOF
+	#uci -q batch <<-EOF
+	#add network route6
+	#set network.@route6[-1].interface='lan'
+	#set network.@route6[-1].target='::/0'
+	#EOF
 fi
 uci -q commit network
 rm -f /tmp/luci-indexcache
--- a/shadowsocks-libev/files/shadowsocks-libev.init
+++ b/shadowsocks-libev/files/shadowsocks-libev.init
@ -344,7 +344,7 @@ rules_up() {
 		config_foreach ss_rules_restart "$cfgtype" "$cfgtype"
 	done
 	ss_rules
-	[ "$(sysctl -n net.ipv6.conf.all.disable_ipv6 | tr -d '\n')" = "1" ] || ss_rules6
+	#[ "$(uci -q get openmptcprouter.settings.disable_ipv6)" = "1" ] || ss_rules6
 	[ -f /etc/init.d/omr-bypass ] && /etc/init.d/omr-bypass reload
 }