From 21866054c6a6f857b8d1991754925e802c87c9b8 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 25 Mar 2021 16:24:14 +0100 Subject: [PATCH 1/8] Add -w to iptables where missing --- shadowsocks-libev/files/ss-rules | 4 ++-- shadowsocks-libev/files/ss-rules6 | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/shadowsocks-libev/files/ss-rules b/shadowsocks-libev/files/ss-rules index 2f4583e47..87973133f 100755 --- a/shadowsocks-libev/files/ss-rules +++ b/shadowsocks-libev/files/ss-rules @@ -112,7 +112,7 @@ ss_rules_parse_args() { __errmsg "Requires at least -l or -L option" return 1 fi - if [ -n "$o_dst_forward_recentrst" ] && ! iptables -m recent -h >/dev/null; then + if [ -n "$o_dst_forward_recentrst" ] && ! iptables -w -m recent -h >/dev/null; then __errmsg "Please install iptables-mod-conntrack-extra with opkg" return 1 fi @@ -166,7 +166,7 @@ ss_rules_iptchains_init() { } ss_rules_iptchains_init_mark() { - if [ "$(iptables -t mangle -L PREROUTING | grep ss_rules_dst_bypass_all)" = "" ]; then + if [ "$(iptables -w -t mangle -L PREROUTING | grep ss_rules_dst_bypass_all)" = "" ]; then iptables-restore -w --noflush <<-EOF *mangle -A PREROUTING -m set --match-set ss_rules_dst_bypass_all dst -j MARK --set-mark 0x539 diff --git a/shadowsocks-libev/files/ss-rules6 b/shadowsocks-libev/files/ss-rules6 index 3225573a1..21e257b10 100755 --- a/shadowsocks-libev/files/ss-rules6 +++ b/shadowsocks-libev/files/ss-rules6 @@ -95,7 +95,7 @@ ss_rules6_parse_args() { __errmsg "Requires at least -l or -L option" return 1 fi - if [ -n "$o_dst_forward_recentrst" ] && ! ip6tables -m recent -h >/dev/null; then + if [ -n "$o_dst_forward_recentrst" ] && ! ip6tables -w -m recent -h >/dev/null; then __errmsg "Please install ip6tables-mod-conntrack-extra with opkg" return 1 fi From 716f32fc10a0f83e636bf46b85ac4eb6092b70b2 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 25 Mar 2021 16:24:46 +0100 Subject: [PATCH 2/8] Change shadowsocks boot order --- shadowsocks-libev/files/shadowsocks-libev.init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shadowsocks-libev/files/shadowsocks-libev.init b/shadowsocks-libev/files/shadowsocks-libev.init index 3a453da4b..c524c37d0 100644 --- a/shadowsocks-libev/files/shadowsocks-libev.init +++ b/shadowsocks-libev/files/shadowsocks-libev.init @@ -9,7 +9,7 @@ USE_PROCD=1 EXTRA_COMMANDS="rules_up rules_down rules_exist" -START=99 +START=91 ss_confdir=/var/etc/shadowsocks-libev ss_bindir=/usr/bin From f943f64d14c4b978bab7927e66347f3bd7f45682 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 25 Mar 2021 16:35:12 +0100 Subject: [PATCH 3/8] Check httping each time result is ok --- omr-tracker/files/bin/omr-tracker | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker index f5d9ac653..7ec94ca61 100755 --- a/omr-tracker/files/bin/omr-tracker +++ b/omr-tracker/files/bin/omr-tracker @@ -375,7 +375,8 @@ while true; do OMR_TRACKER_STATUS="OK" break fi - elif [ "$server_ping" != false ] && [ "$OMR_TRACKER_TYPE" != "httping" ] && [ "$OMR_TRACKER_SERVER_HTTP_TEST" = "1" ]; then + fi + if [ "$server_ping" != false ] && && [ "$OMR_TRACKER_STATUS" = "OK" ] && [ "$OMR_TRACKER_TYPE" != "httping" ] && [ "$OMR_TRACKER_SERVER_HTTP_TEST" = "1" ]; then serverip_ping=false config_load openmptcprouter config_foreach _httping_server server $OMR_TRACKER_DEVICE_IP @@ -475,7 +476,8 @@ while true; do OMR_TRACKER_STATUS="OK" break fi - elif [ "$server_ping" != false ] && [ "$OMR_TRACKER_TYPE" != "httping" ] && [ "$OMR_TRACKER_SERVER_HTTP_TEST" = "1" ]; then + fi + if [ "$server_ping" != false ] && [ "$OMR_TRACKER_STATUS" = "OK" ] && [ "$OMR_TRACKER_TYPE" != "httping" ] && [ "$OMR_TRACKER_SERVER_HTTP_TEST" = "1" ]; then serverip_ping=false config_load openmptcprouter config_foreach _httping_server server $OMR_TRACKER_DEVICE_IP From 8b5816e4f98416948fc9323ae863b1f723f3efd2 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 25 Mar 2021 16:36:28 +0100 Subject: [PATCH 4/8] Fix link status in status page --- .../luasrc/view/openmptcprouter/wanstatus.htm | 16 ++++++++++++-- .../root/usr/libexec/rpcd/openmptcprouter | 21 +++++-------------- 2 files changed, 19 insertions(+), 18 deletions(-) diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm index 074a047db..0502faea3 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm @@ -428,11 +428,13 @@ local statuslogo = ucic:get("openmptcprouter","settings","statuslogo") or "openm var whois = mArray.wans[i].whois; var whois6 = mArray.wans[i].whois6; var signal = mArray.wans[i].signal; + var status = mArray.wans[i].status; var multipath = mArray.wans[i].multipath; if(multipath == 'master') { master++; } + var zonewan = mArray.wans[i].zonewan; var latency = mArray.wans[i].latency; var mtu = mArray.wans[i].mtu; var operator = mArray.wans[i].operator; @@ -568,12 +570,12 @@ local statuslogo = ucic:get("openmptcprouter","settings","statuslogo") or "openm { statusMessage += '<%:No Server http response after 1 second%>' + '
'; } - if (stat == 'Offline' && ipaddr != '' && ipaddr == mArray.wans[i].gateway) + if (status == 'ERROR' && ipaddr != '' && ipaddr == mArray.wans[i].gateway) { statusMessage += '<%:Wan IP and gateway are identical%>' + '
'; statusMessageClass = "error"; } - if (stat == 'Offline' && ip6addr != '' && ip6addr == mArray.wans[i].gateway6) + if (status == 'ERROR' && ip6addr != '' && ip6addr == mArray.wans[i].gateway6) { statusMessage += '<%:Wan IP and gateway are identical%>' + '
'; statusMessageClass = "error"; @@ -612,6 +614,11 @@ local statuslogo = ucic:get("openmptcprouter","settings","statuslogo") or "openm statusMessage += '<%:Network interface MAC address duplicated%>' + '
'; statusMessageClass = "error"; } + if(zonewan == "NO") + { + statusMessage += '<%:Network interface not in WAN firewall zone%>' + '
'; + statusMessageClass = "error"; + } if(ipv6_discover == 'DETECTED') { statusMessage += '<%:IPv6 route received%>' + '
' @@ -621,6 +628,11 @@ local statuslogo = ucic:get("openmptcprouter","settings","statuslogo") or "openm statusMessageClass = "warning"; statusIcon = "<%=resource%>/openmptcprouter/images/statusWarning.png"; } + if (statusMessage !== "" && statusMessageClass == "error") + { + statusMessageClass = "error"; + statusIcon = "<%=resource%>/openmptcprouter/images/statusError.png"; + } content += String.format('<%:multipath:%> %s
',multipath); if(mArray.wans[i].qos && mArray.wans[i].download > 0 && mArray.wans[i].upload > 0) { diff --git a/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter b/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter index 9ed558f76..b5c0a452f 100755 --- a/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter +++ b/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter @@ -1121,7 +1121,7 @@ function interfaces_status() local ipv6 = section["ipv6"] or "0" local mac = section ["macaddr"] or "" local itype = section ["type"] or "" - local state = section ["state"] or "" + local state = uci:get("openmptcprouter", interface, "state") or "" --if not ipaddr or not gateway then return end -- Don't show if0 in the overview @@ -1358,28 +1358,17 @@ function interfaces_status() if mArray.openmptcprouter["service_addr_ip"] ~= "" then server_http_test = sys.exec("httping -l " .. mArray.openmptcprouter["service_addr_ip"] .. ":" .. adminport .. " -y " .. ipaddr .. " -t 1 -c 1") server_http_result = ut.trim(sys.exec("echo '" .. server_http_test .. "' | grep '100.00% failed'")) - if server_http_result ~= "" then - server_http = "DOWN" - if connectivity == "OK" then - connectivity = "WARNING" - end - end - end - if mArray.openmptcprouter["service_addr_ip6"] ~= "" then + elseif mArray.openmptcprouter["service_addr_ip6"] ~= "" then server_http_test = sys.exec("httping -l [" .. mArray.openmptcprouter["service_addr_ip6"] .. "]:" .. adminport .. " -y " .. ipaddr .. " -t 1 -c 1") server_http_result = ut.trim(sys.exec("echo '" .. server_http_test .. "' | grep '100.00% failed'")) - if server_http_result ~= "" then - server_http = "DOWN" - if connectivity == "OK" then - connectivity = "WARNING" - end - end end if server_http_result ~= "" then server_http = "DOWN" if connectivity == "OK" then connectivity = "WARNING" end + else + server_http = "UP" end end end @@ -1401,7 +1390,7 @@ function interfaces_status() end local zonewan = "NO" - if ut.trim(sys.exec("uci -q get firewall.zone_wan.networks | grep '" .. interface .. "'")) ~= "" then + if ut.trim(sys.exec("uci -q get firewall.zone_wan.network | grep '" .. interface .. "'")) ~= "" then zonewan = "OK" end From cd5742537010a7326a2bb06898da27640ad3b1c7 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 25 Mar 2021 16:36:48 +0100 Subject: [PATCH 5/8] Set again gre tunnel if down --- omr-tracker/files/bin/omr-tracker-gre | 3 +++ 1 file changed, 3 insertions(+) diff --git a/omr-tracker/files/bin/omr-tracker-gre b/omr-tracker/files/bin/omr-tracker-gre index 0d0e8ff27..5c19e43cc 100755 --- a/omr-tracker/files/bin/omr-tracker-gre +++ b/omr-tracker/files/bin/omr-tracker-gre @@ -42,5 +42,8 @@ while true; do server_ping=false config_load network config_foreach _ping_tunnel interface + if [ "$server_ping" = false ]; then + /etc/init.d/openmptcprouter-vps set_gre_tunnel 2>&1 >/dev/null + fi sleep "${interval}" done From dc0b1a766f23c0880d502ae66ab885606203281e Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 25 Mar 2021 16:37:19 +0100 Subject: [PATCH 6/8] Fix GRE tunnel --- .../files/etc/init.d/openmptcprouter-vps | 23 ++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index 57ada41aa..8e057ab96 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -6,7 +6,7 @@ START=99 USE_PROCD=1 -EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key" +EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key set_gre_tunnel" . /usr/lib/unbound/iptools.sh @@ -503,6 +503,7 @@ _get_vps_config() { } _get_gre_tunnel() { + [ -z "$servername" ] && servername=$1 [ -z "$vps_config" ] && vps_config=$(_get_json "config") [ -z "$vps_config" ] && return gre_tunnel_state="$(echo "$vps_config" | jsonfilter -q -e '@.gre_tunnel.enabled')" @@ -515,7 +516,7 @@ _get_gre_tunnel() { peeraddr="$(echo $tunnel | jsonfilter -q -e '@.remote_ip')" ipaddr="$(echo $tunnel | jsonfilter -q -e '@.local_ip')" publicaddr="$(echo $tunnel | jsonfilter -q -e '@.public_ip')" - if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && ([ "$(uci -q get network.oip${i}.ipaddr)" != "$peeraddr" ] || [ "$(uci -q get network.oip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.oip${i}gre.ipaddr)" != "$vpnip_local" ]); then + if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && [ "$vpnip_local" != "" ] && ([ "$(uci -q get network.oip${i}.ipaddr)" != "$peeraddr" ] || [ "$(uci -q get network.oip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.oip${i}gre.ipaddr)" != "$vpnip_local" ]); then uci -q batch <<-EOF >/dev/null set network.oip${i}gre=interface set network.oip${i}gre.label="GRE tunnel for $publicaddr" @@ -529,6 +530,7 @@ _get_gre_tunnel() { set network.oip${i}gre.ip4table='vpn' set network.oip${i}gre.peeraddr="$publicaddr" set network.oip${i}gre.ipaddr="$vpnip_local" + set network.oip${i}gre.tunlink='omrvpn' set network.oip${i}=interface set network.oip${i}.label="Tunnel for $publicaddr" set network.oip${i}.proto=static @@ -594,6 +596,12 @@ _get_gre_tunnel() { fi } +set_gre_tunnel() { + config_load openmptcprouter + config_foreach _get_gre_tunnel server +} + + _get_pihole() { [ -z "$vps_config" ] && vps_config=$(_get_json "config") [ -z "$vps_config" ] && return @@ -1044,7 +1052,16 @@ _set_vps_firewall() { fw3 -q print | grep 'vpn.* -d' | while IFS=$"\n" read -r c; do eval $(echo $c | sed 's/iptables/iptables -w/' | sed 's/-A/-D/') 2>&1 >/dev/null - newrule=$(echo $c | sed 's/iptables/iptables -w/' | sed -E -e 's/ -d ([^ ])*//' -e 's/ -s ([^ ])*//') + publicip=$(echo $c | awk -F'-d' '{print $2}' | cut -d '/' -f1 | sed 's/ //g') + [ -n "$publicip" ] && { + greintf=$(uci show network | grep "Tunnel for $publicip" | cut -d '.' -f2 | tr -d "\n") + [ -n "$greintf" ] && greip=$(uci -q get network.${greintf}.ipaddr) + } + if [ -z "$greip" ]; then + newrule=$(echo $c | sed 's/iptables/iptables -w/' | sed -E -e 's/ -d ([^ ])*//' -e 's/ -s ([^ ])*//') + else + newrule=$(echo $c | sed 's/iptables/iptables -w/' | sed -E -e "s/ -d ([^ ])*/ -d ${greip}\/255.255.255.252/" -e 's/ -s ([^ ])*//') + fi eval $(echo $newrule | sed 's/-A/-D/') || true eval $newrule done From ac5f2b2e1e9fb55b3a803d5c25ae2b8dd9f6eb92 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 25 Mar 2021 19:48:00 +0100 Subject: [PATCH 7/8] Force remove server ip route --- mptcp/files/usr/share/omr/post-tracking.d/post-tracking | 1 + 1 file changed, 1 insertion(+) diff --git a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking index 580991545..7d6c2315a 100755 --- a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking +++ b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking @@ -522,6 +522,7 @@ del_server_route() { metric=$(uci -q get network.$OMR_TRACKER_INTERFACE.metric) [ -n "$(ip route show $serverip dev $OMR_TRACKER_DEVICE metric $metric)" ] && ip route del $serverip dev $OMR_TRACKER_DEVICE metric $metric >/dev/null 2>&1 [ -n "$(ip route show $serverip dev $OMR_TRACKER_DEVICE)" ] && ip route del $serverip dev $OMR_TRACKER_DEVICE >/dev/null 2>&1 + [ -n "$(ip route show $serverip | grep $OMR_TRACKER_DEVICE)" ] && ip route del $serverip dev $OMR_TRACKER_DEVICE >/dev/null 2>&1 } config_list_foreach $server ip remove_route if [ -n "$OMR_TRACKER_DEVICE_GATEWAY" ]; then From 07d5d434eacd3a5406675056fd5c4ff3f9df9aa8 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 25 Mar 2021 20:34:10 +0100 Subject: [PATCH 8/8] Remove iproute2 --- iproute2/Makefile | 209 ------------------ iproute2/files/15-teql | 23 -- iproute2/patches/100-configure.patch | 12 - iproute2/patches/110-darwin_fixes.patch | 59 ----- .../patches/115-add-config-xtlibdir.patch | 12 - iproute2/patches/120-no_arpd.patch | 15 -- iproute2/patches/130-no_netem.patch | 11 - iproute2/patches/140-allow_pfifo_fast.patch | 9 - .../patches/140-keep_libmnl_optional.patch | 11 - .../patches/145-keep_libelf_optional.patch | 11 - .../patches/150-keep_libcap_optional.patch | 11 - iproute2/patches/160-libnetlink-pic.patch | 11 - iproute2/patches/170-ip_tiny.patch | 108 --------- .../patches/175-reduce-dynamic-syms.patch | 44 ---- iproute2/patches/180-drop_FAILED_POLICY.patch | 41 ---- .../patches/200-drop_libbsd_dependency.patch | 19 -- .../patches/300-selinux-configurable.patch | 11 - 17 files changed, 617 deletions(-) delete mode 100644 iproute2/Makefile delete mode 100644 iproute2/files/15-teql delete mode 100644 iproute2/patches/100-configure.patch delete mode 100644 iproute2/patches/110-darwin_fixes.patch delete mode 100644 iproute2/patches/115-add-config-xtlibdir.patch delete mode 100644 iproute2/patches/120-no_arpd.patch delete mode 100644 iproute2/patches/130-no_netem.patch delete mode 100644 iproute2/patches/140-allow_pfifo_fast.patch delete mode 100644 iproute2/patches/140-keep_libmnl_optional.patch delete mode 100644 iproute2/patches/145-keep_libelf_optional.patch delete mode 100644 iproute2/patches/150-keep_libcap_optional.patch delete mode 100644 iproute2/patches/160-libnetlink-pic.patch delete mode 100644 iproute2/patches/170-ip_tiny.patch delete mode 100644 iproute2/patches/175-reduce-dynamic-syms.patch delete mode 100644 iproute2/patches/180-drop_FAILED_POLICY.patch delete mode 100644 iproute2/patches/200-drop_libbsd_dependency.patch delete mode 100644 iproute2/patches/300-selinux-configurable.patch diff --git a/iproute2/Makefile b/iproute2/Makefile deleted file mode 100644 index ee86eb6c1..000000000 --- a/iproute2/Makefile +++ /dev/null @@ -1,209 +0,0 @@ -# -# Copyright (C) 2006-2015 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=iproute2 -PKG_VERSION:=5.10.0 -PKG_RELEASE:=2 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=@KERNEL/linux/utils/net/iproute2 -PKG_HASH:=a54a34ae309c0406b2d1fb3a46158613ffb83d33fefd5d4a27f0010237ac53e9 -PKG_BUILD_PARALLEL:=1 -PKG_BUILD_DEPENDS:=iptables -PKG_LICENSE:=GPL-2.0 -PKG_CPE_ID:=cpe:/a:iproute2_project:iproute2 - -include $(INCLUDE_DIR)/kernel.mk -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk - -define Package/iproute2/Default - SECTION:=net - CATEGORY:=Network - URL:=http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2 - SUBMENU:=Routing and Redirection - MAINTAINER:=Russell Senior -endef - -define Package/ip-tiny -$(call Package/iproute2/Default) - TITLE:=Routing control utility (Minimal) - VARIANT:=tiny - DEFAULT_VARIANT:=1 - PROVIDES:=ip - ALTERNATIVES:=200:/sbin/ip:/usr/libexec/ip-tiny - DEPENDS:=+libnl-tiny +(PACKAGE_devlink||PACKAGE_rdma):libmnl -endef - -define Package/ip-full -$(call Package/iproute2/Default) - TITLE:=Routing control utility (Full) - VARIANT:=full - PROVIDES:=ip - ALTERNATIVES:=300:/sbin/ip:/usr/libexec/ip-full - DEPENDS:=+libnl-tiny +libelf +(PACKAGE_devlink||PACKAGE_rdma):libmnl -endef - -define Package/tc -$(call Package/iproute2/Default) - TITLE:=Traffic control utility - VARIANT:=tc - PROVIDES:=tc - DEPENDS:=+kmod-sched-core +libxtables +libelf +(PACKAGE_devlink||PACKAGE_rdma):libmnl -endef - -define Package/genl -$(call Package/iproute2/Default) - TITLE:=General netlink utility frontend - DEPENDS:=+libnl-tiny +(PACKAGE_devlink||PACKAGE_rdma):libmnl +(PACKAGE_tc||PACKAGE_ip-full):libelf -endef - -define Package/ip-bridge -$(call Package/iproute2/Default) - TITLE:=Bridge configuration utility from iproute2 - DEPENDS:=+libnl-tiny +(PACKAGE_devlink||PACKAGE_rdma):libmnl +(PACKAGE_tc||PACKAGE_ip-full):libelf -endef - -define Package/ss -$(call Package/iproute2/Default) - TITLE:=Socket statistics utility - DEPENDS:=+libnl-tiny +(PACKAGE_devlink||PACKAGE_rdma):libmnl +(PACKAGE_tc||PACKAGE_ip-full):libelf +kmod-netlink-diag -endef - -define Package/nstat -$(call Package/iproute2/Default) - TITLE:=Network statistics utility - DEPENDS:=+libnl-tiny +(PACKAGE_devlink||PACKAGE_rdma):libmnl +(PACKAGE_tc||PACKAGE_ip-full):libelf -endef - -define Package/devlink -$(call Package/iproute2/Default) - TITLE:=Network devlink utility - DEPENDS:=+libmnl +(PACKAGE_tc||PACKAGE_ip-full):libelf -endef - -define Package/rdma -$(call Package/iproute2/Default) - TITLE:=Network rdma utility - DEPENDS:=+libmnl +(PACKAGE_tc||PACKAGE_ip-full):libelf -endef - -ifeq ($(BUILD_VARIANT),tiny) - IP_CONFIG_TINY:=y -endif - -ifeq ($(BUILD_VARIANT),full) - HAVE_ELF:=y - HAVE_CAP:=n -endif - -ifeq ($(BUILD_VARIANT),tc) - HAVE_ELF:=y - SHARED_LIBS:=y -endif - -ifdef CONFIG_PACKAGE_devlink - HAVE_MNL:=y -endif - -ifdef CONFIG_PACKAGE_rdma - HAVE_MNL:=y -endif - -define Build/Configure - echo "static const char SNAPSHOT[] = \"$(PKG_VERSION)-$(PKG_RELEASE)-openwrt\";" \ - > $(PKG_BUILD_DIR)/include/SNAPSHOT.h -endef - -TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto -TARGET_LDFLAGS += -Wl,--gc-sections -TARGET_CPPFLAGS += -I$(STAGING_DIR)/usr/include/libnl-tiny - -MAKE_FLAGS += \ - KERNEL_INCLUDE="$(LINUX_DIR)/user_headers/include" \ - SHARED_LIBS=$(SHARED_LIBS) \ - IP_CONFIG_TINY=$(IP_CONFIG_TINY) \ - HAVE_ELF=$(HAVE_ELF) \ - HAVE_MNL=$(HAVE_MNL) \ - HAVE_CAP=$(HAVE_CAP) \ - IPT_LIB_DIR=/usr/lib/iptables \ - XT_LIB_DIR=/usr/lib/iptables \ - FPIC="$(FPIC)" - -define Build/Compile - +$(MAKE_VARS) $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) $(MAKE_FLAGS) -endef - -define Build/InstallDev - $(INSTALL_DIR) $(1)/usr/include - $(CP) $(PKG_BUILD_DIR)/include/{libgenl,libnetlink}.h $(1)/usr/include/ - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_BUILD_DIR)/lib/libnetlink.a $(1)/usr/lib/ -endef - -define Package/ip-tiny/install - $(INSTALL_DIR) $(1)/usr/libexec - $(INSTALL_BIN) $(PKG_BUILD_DIR)/ip/ip $(1)/usr/libexec/ip-tiny -endef - -define Package/ip-full/install - $(INSTALL_DIR) $(1)/usr/libexec - $(INSTALL_BIN) $(PKG_BUILD_DIR)/ip/ip $(1)/usr/libexec/ip-full -endef - -define Package/tc/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/tc/tc $(1)/usr/sbin/ - $(INSTALL_DIR) $(1)/etc/hotplug.d/iface - $(INSTALL_BIN) ./files/15-teql $(1)/etc/hotplug.d/iface/ -ifeq ($(SHARED_LIBS),y) - $(INSTALL_DIR) $(1)/usr/lib/tc - $(CP) $(PKG_BUILD_DIR)/tc/*.so $(1)/usr/lib/tc -endif -endef - -define Package/genl/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/genl/genl $(1)/usr/sbin/ -endef - -define Package/ip-bridge/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/bridge/bridge $(1)/usr/sbin/ -endef - -define Package/ss/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/misc/ss $(1)/usr/sbin/ -endef - -define Package/nstat/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/misc/nstat $(1)/usr/sbin/ -endef - -define Package/devlink/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/devlink/devlink $(1)/usr/sbin/ -endef - -define Package/rdma/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/rdma/rdma $(1)/usr/sbin/ -endef - -$(eval $(call BuildPackage,ip-tiny)) -$(eval $(call BuildPackage,ip-full)) -$(eval $(call BuildPackage,tc)) -$(eval $(call BuildPackage,genl)) -$(eval $(call BuildPackage,ip-bridge)) -$(eval $(call BuildPackage,ss)) -$(eval $(call BuildPackage,nstat)) -$(eval $(call BuildPackage,devlink)) -$(eval $(call BuildPackage,rdma)) diff --git a/iproute2/files/15-teql b/iproute2/files/15-teql deleted file mode 100644 index a0c0e503a..000000000 --- a/iproute2/files/15-teql +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh - -. /lib/functions.sh - -if [ "$ACTION" != "ifup" ]; then - exit -fi - -config_load network - -config_get teql $INTERFACE teql - -if [ "$teql" != "" ]; then - logger Adding device $DEVICE to TEQL master $teql - insmod sch_teql - tc qdisc add dev $DEVICE root $teql - - # The kernel doesn't let us bring it up until it has at least one - # slave. So bring it up now, if it isn't already. - if ! cat /sys/class/net/$teql/carrier &>/dev/null; then - ifup $teql & - fi -fi diff --git a/iproute2/patches/100-configure.patch b/iproute2/patches/100-configure.patch deleted file mode 100644 index 0c19b2086..000000000 --- a/iproute2/patches/100-configure.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/configure -+++ b/configure -@@ -34,7 +34,8 @@ int main(int argc, char **argv) { - } - EOF - -- if $CC -I$INCLUDE -o $TMPDIR/atmtest $TMPDIR/atmtest.c -latm >/dev/null 2>&1; then -+# OpenWrt: disable ATM support even if present on host system -+ if [ 1 -eq 0 ]; then - echo "TC_CONFIG_ATM:=y" >>$CONFIG - echo yes - else diff --git a/iproute2/patches/110-darwin_fixes.patch b/iproute2/patches/110-darwin_fixes.patch deleted file mode 100644 index 1f3eb101e..000000000 --- a/iproute2/patches/110-darwin_fixes.patch +++ /dev/null @@ -1,59 +0,0 @@ ---- a/netem/maketable.c -+++ b/netem/maketable.c -@@ -10,7 +10,9 @@ - #include - #include - #include -+#if !defined(__APPLE__) && !defined(__FreeBSD__) - #include -+#endif - #include - #include - #include ---- a/netem/normal.c -+++ b/netem/normal.c -@@ -8,8 +8,12 @@ - #include - #include - -+#if !defined(__APPLE__) && !defined(__FreeBSD__) - #include - #include -+#else -+#define NETEM_DIST_SCALE 8192 -+#endif - - #define TABLESIZE 16384 - #define TABLEFACTOR NETEM_DIST_SCALE ---- a/netem/pareto.c -+++ b/netem/pareto.c -@@ -7,8 +7,12 @@ - #include - #include - -+#if !defined(__APPLE__) && !defined(__FreeBSD__) - #include - #include -+#else -+#define NETEM_DIST_SCALE 8192 -+#endif - - static const double a=3.0; - #define TABLESIZE 16384 ---- a/netem/paretonormal.c -+++ b/netem/paretonormal.c -@@ -14,10 +14,13 @@ - #include - #include - #include -+#if !defined(__APPLE__) && !defined(__FreeBSD__) - #include -- - #include - #include -+#else -+#define NETEM_DIST_SCALE 8192 -+#endif - - #define TABLESIZE 16384 - #define TABLEFACTOR NETEM_DIST_SCALE diff --git a/iproute2/patches/115-add-config-xtlibdir.patch b/iproute2/patches/115-add-config-xtlibdir.patch deleted file mode 100644 index 8702d5fd2..000000000 --- a/iproute2/patches/115-add-config-xtlibdir.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/tc/Makefile -+++ b/tc/Makefile -@@ -128,6 +128,9 @@ CFLAGS += -DCONFIG_GACT -DCONFIG_GACT_PR - ifneq ($(IPT_LIB_DIR),) - CFLAGS += -DIPT_LIB_DIR=\"$(IPT_LIB_DIR)\" - endif -+ifneq ($(XT_LIB_DIR),) -+ CFLAGS += -DXT_LIB_DIR=\"$(XT_LIB_DIR)\" -+endif - - LEX := flex - CFLAGS += -DYY_NO_INPUT diff --git a/iproute2/patches/120-no_arpd.patch b/iproute2/patches/120-no_arpd.patch deleted file mode 100644 index 772398140..000000000 --- a/iproute2/patches/120-no_arpd.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- a/misc/Makefile -+++ b/misc/Makefile -@@ -6,9 +6,9 @@ TARGETS=ss nstat ifstat rtacct lnstat - - include ../config.mk - --ifeq ($(HAVE_BERKELEY_DB),y) -- TARGETS += arpd --endif -+#ifeq ($(HAVE_BERKELEY_DB),y) -+# TARGETS += arpd -+#endif - - all: $(TARGETS) - diff --git a/iproute2/patches/130-no_netem.patch b/iproute2/patches/130-no_netem.patch deleted file mode 100644 index aa93366f2..000000000 --- a/iproute2/patches/130-no_netem.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Makefile -+++ b/Makefile -@@ -55,7 +55,7 @@ WFLAGS += -Wmissing-declarations -Wold-s - CFLAGS := $(WFLAGS) $(CCOPTS) -I../include -I../include/uapi $(DEFINES) $(CFLAGS) - YACCFLAGS = -d -t -v - --SUBDIRS=lib ip tc bridge misc netem genl tipc devlink rdma man -+SUBDIRS=lib ip tc bridge misc genl tipc devlink rdma man - - LIBNETLINK=../lib/libutil.a ../lib/libnetlink.a - LDLIBS += $(LIBNETLINK) diff --git a/iproute2/patches/140-allow_pfifo_fast.patch b/iproute2/patches/140-allow_pfifo_fast.patch deleted file mode 100644 index bb898a40d..000000000 --- a/iproute2/patches/140-allow_pfifo_fast.patch +++ /dev/null @@ -1,9 +0,0 @@ ---- a/tc/q_fifo.c -+++ b/tc/q_fifo.c -@@ -99,5 +99,6 @@ struct qdisc_util pfifo_head_drop_qdisc_ - - struct qdisc_util pfifo_fast_qdisc_util = { - .id = "pfifo_fast", -+ .parse_qopt = fifo_parse_opt, - .print_qopt = prio_print_opt, - }; diff --git a/iproute2/patches/140-keep_libmnl_optional.patch b/iproute2/patches/140-keep_libmnl_optional.patch deleted file mode 100644 index 20cd0766a..000000000 --- a/iproute2/patches/140-keep_libmnl_optional.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/configure -+++ b/configure -@@ -257,7 +257,7 @@ check_selinux() - - check_mnl() - { -- if ${PKG_CONFIG} libmnl --exists; then -+ if [ "${HAVE_MNL}" = "y" ] && ${PKG_CONFIG} libmnl --exists; then - echo "HAVE_MNL:=y" >>$CONFIG - echo "yes" - diff --git a/iproute2/patches/145-keep_libelf_optional.patch b/iproute2/patches/145-keep_libelf_optional.patch deleted file mode 100644 index d25c719f8..000000000 --- a/iproute2/patches/145-keep_libelf_optional.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/configure -+++ b/configure -@@ -230,7 +230,7 @@ EOF - - check_elf() - { -- if ${PKG_CONFIG} libelf --exists; then -+ if [ "${HAVE_ELF}" = "y" ] && ${PKG_CONFIG} libelf --exists; then - echo "HAVE_ELF:=y" >>$CONFIG - echo "yes" - diff --git a/iproute2/patches/150-keep_libcap_optional.patch b/iproute2/patches/150-keep_libcap_optional.patch deleted file mode 100644 index d15549e3d..000000000 --- a/iproute2/patches/150-keep_libcap_optional.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/configure -+++ b/configure -@@ -315,7 +315,7 @@ EOF - - check_cap() - { -- if ${PKG_CONFIG} libcap --exists; then -+ if [ "${HAVE_CAP}" = "y" ] && ${PKG_CONFIG} libcap --exists; then - echo "HAVE_CAP:=y" >>$CONFIG - echo "yes" - diff --git a/iproute2/patches/160-libnetlink-pic.patch b/iproute2/patches/160-libnetlink-pic.patch deleted file mode 100644 index aad87a1e4..000000000 --- a/iproute2/patches/160-libnetlink-pic.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/lib/Makefile -+++ b/lib/Makefile -@@ -1,7 +1,7 @@ - # SPDX-License-Identifier: GPL-2.0 - include ../config.mk - --CFLAGS += -fPIC -+CFLAGS += $(FPIC) - - UTILOBJ = utils.o rt_names.o ll_map.o ll_types.o ll_proto.o ll_addr.o \ - inet_proto.o namespace.o json_writer.o json_print.o \ diff --git a/iproute2/patches/170-ip_tiny.patch b/iproute2/patches/170-ip_tiny.patch deleted file mode 100644 index c9b28dfe7..000000000 --- a/iproute2/patches/170-ip_tiny.patch +++ /dev/null @@ -1,108 +0,0 @@ ---- a/ip/Makefile -+++ b/ip/Makefile -@@ -17,6 +17,13 @@ RTMONOBJ=rtmon.o - - include ../config.mk - -+STATIC_SYM_FILTER:= -+ifeq ($(IP_CONFIG_TINY),y) -+ STATIC_SYM_FILTER:=iplink_can.c iplink_ipoib.c iplink_vxlan.c -+ CFLAGS += -DIPROUTE2_TINY -+endif -+STATIC_SYM_SOURCES:=$(filter-out $(STATIC_SYM_FILTER),$(wildcard *.c)) -+ - ALLOBJ=$(IPOBJ) $(RTMONOBJ) - SCRIPTS=ifcfg rtpr routel routef - TARGETS=ip rtmon -@@ -46,7 +53,7 @@ else - - ip: static-syms.o - static-syms.o: static-syms.h --static-syms.h: $(wildcard *.c) -+static-syms.h: $(STATIC_SYM_SOURCES) - files="$^" ; \ - for s in `grep -B 3 '\ $@ - -+else -+ -+tc: dynsyms.list -+dynsyms.list: $(wildcard *.c) -+ files="$(filter-out $(patsubst %.so,%.c,$(TCSO)), $^)" ; \ -+ echo "{" > $@ ; \ -+ for s in `grep -B 3 '\> $@ ; \ -+ echo "show_stats; print_nl; print_tm; parse_rtattr; parse_rtattr_flags; get_u32; matches; addattr_l; addattr_nest; addattr_nest_end; };" >> $@ -+ - endif diff --git a/iproute2/patches/180-drop_FAILED_POLICY.patch b/iproute2/patches/180-drop_FAILED_POLICY.patch deleted file mode 100644 index 95b37ae44..000000000 --- a/iproute2/patches/180-drop_FAILED_POLICY.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 4e7dbf76227e8c7be7897dc81def3011f637864d Mon Sep 17 00:00:00 2001 -From: Jonas Gorski -Date: Thu, 30 May 2013 11:54:04 +0200 -Subject: [PATCH] add support for dropping with FAILED_POLICY - ---- - include/linux/fib_rules.h | 4 ++++ - include/linux/rtnetlink.h | 1 + - ip/rtm_map.c | 4 ++++ - 3 files changed, 9 insertions(+) - ---- a/ip/rtm_map.c -+++ b/ip/rtm_map.c -@@ -54,6 +54,8 @@ char *rtnl_rtntype_n2a(int id, char *buf - return "nat"; - case RTN_XRESOLVE: - return "xresolve"; -+ case RTN_FAILED_POLICY: -+ return "failed_policy"; - default: - snprintf(buf, len, "%d", id); - return buf; -@@ -89,6 +91,8 @@ int rtnl_rtntype_a2n(int *id, char *arg) - res = RTN_UNICAST; - else if (strcmp(arg, "throw") == 0) - res = RTN_THROW; -+ else if (strcmp(arg, "failed_policy") == 0) -+ res = RTN_FAILED_POLICY; - else { - res = strtoul(arg, &end, 0); - if (!end || end == arg || *end || res > 255) ---- a/include/uapi/linux/rtnetlink.h -+++ b/include/uapi/linux/rtnetlink.h -@@ -249,6 +249,7 @@ enum { - RTN_THROW, /* Not in this table */ - RTN_NAT, /* Translate this address */ - RTN_XRESOLVE, /* Use external resolver */ -+ RTN_FAILED_POLICY, /* Source address failed policy */ - __RTN_MAX - }; - diff --git a/iproute2/patches/200-drop_libbsd_dependency.patch b/iproute2/patches/200-drop_libbsd_dependency.patch deleted file mode 100644 index 0d3cbe8df..000000000 --- a/iproute2/patches/200-drop_libbsd_dependency.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- a/configure -+++ b/configure -@@ -301,14 +301,8 @@ EOF - if $CC -I$INCLUDE -o $TMPDIR/strtest $TMPDIR/strtest.c >/dev/null 2>&1; then - echo "no" - else -- if ${PKG_CONFIG} libbsd --exists; then -- echo 'CFLAGS += -DHAVE_LIBBSD' `${PKG_CONFIG} libbsd --cflags` >>$CONFIG -- echo 'LDLIBS +=' `${PKG_CONFIG} libbsd --libs` >> $CONFIG -- echo "no" -- else -- echo 'CFLAGS += -DNEED_STRLCPY' >>$CONFIG -- echo "yes" -- fi -+ echo 'CFLAGS += -DNEED_STRLCPY' >>$CONFIG -+ echo "yes" - fi - rm -f $TMPDIR/strtest.c $TMPDIR/strtest - } diff --git a/iproute2/patches/300-selinux-configurable.patch b/iproute2/patches/300-selinux-configurable.patch deleted file mode 100644 index 4cda30f97..000000000 --- a/iproute2/patches/300-selinux-configurable.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/configure -+++ b/configure -@@ -244,7 +244,7 @@ check_elf() - check_selinux() - # SELinux is a compile time option in the ss utility - { -- if ${PKG_CONFIG} libselinux --exists; then -+ if [ "${HAVE_SELINUX}" = "y" ] && ${PKG_CONFIG} libselinux --exists; then - echo "HAVE_SELINUX:=y" >>$CONFIG - echo "yes" -