From f05cf9bd16520517a4c2b10e0a05b29b72b4c5b5 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 4 Dec 2020 15:02:45 +0100 Subject: [PATCH 01/11] Update whois --- whois/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/whois/Makefile b/whois/Makefile index ab5bf1153..0f4253993 100644 --- a/whois/Makefile +++ b/whois/Makefile @@ -2,13 +2,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=whois -PKG_VERSION:=5.4.3 +PKG_VERSION:=5.5.7 PKG_RELEASE:=1 PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/w/whois -PKG_HASH:=fefa84029f70985db19743e51c4a8b318a169426babeaa824a27110c26090fc3 +PKG_HASH:=3efa700dbf38d127c31b21af3176cd6e5a69f96a056be60ac1dcd13df7717393 PKG_CAT:=xzcat PKG_INSTALL:=1 From 8fa69941af0a3025d32915fb0b7c687ef030bede Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 4 Dec 2020 15:46:27 +0100 Subject: [PATCH 02/11] Fix whois package --- whois/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/whois/Makefile b/whois/Makefile index 0f4253993..ae17cb7f7 100644 --- a/whois/Makefile +++ b/whois/Makefile @@ -5,7 +5,7 @@ PKG_NAME:=whois PKG_VERSION:=5.5.7 PKG_RELEASE:=1 -PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) +PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)/$(PKG_NAME) PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/w/whois PKG_HASH:=3efa700dbf38d127c31b21af3176cd6e5a69f96a056be60ac1dcd13df7717393 From 3bf770dc0969f6043e4c421959fd06c6e01dcd55 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 4 Dec 2020 16:25:04 +0100 Subject: [PATCH 03/11] Add VPN translation templates --- luci-app-dsvpn/po/templates/dsvpn.pot | 59 +++++++++++ .../po/templates/glorytun-tcp.pot | 87 ++++++++++++++++ .../po/templates/glorytun-udp.pot | 99 +++++++++++++++++++ luci-app-mlvpn/po/templates/mlvpn.pot | 71 +++++++++++++ 4 files changed, 316 insertions(+) create mode 100644 luci-app-dsvpn/po/templates/dsvpn.pot create mode 100644 luci-app-glorytun-tcp/po/templates/glorytun-tcp.pot create mode 100644 luci-app-glorytun-udp/po/templates/glorytun-udp.pot create mode 100644 luci-app-mlvpn/po/templates/mlvpn.pot diff --git a/luci-app-dsvpn/po/templates/dsvpn.pot b/luci-app-dsvpn/po/templates/dsvpn.pot new file mode 100644 index 000000000..8f77636dc --- /dev/null +++ b/luci-app-dsvpn/po/templates/dsvpn.pot @@ -0,0 +1,59 @@ +msgid "" +msgstr "Content-Type: text/plain; charset=UTF-8" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:35 +msgid "Client" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:24 +#: luci-app-dsvpn/root/usr/share/luci/menu.d/luci-app-dsvpn.json:3 +msgid "DSVPN" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:31 +msgid "Enabled" +msgstr "" + +#: luci-app-dsvpn/root/usr/share/rpcd/acl.d/luci-app-dsvpn.json:3 +msgid "Grant access to DSVPN" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:39 +msgid "Host" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:26 +msgid "Instances" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:49 +msgid "Interface name" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:45 +msgid "Key" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:61 +msgid "Label" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:53 +msgid "Local IP" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:34 +msgid "Mode" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:42 +msgid "Port" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:57 +msgid "Remote IP" +msgstr "" + +#: luci-app-dsvpn/htdocs/luci-static/resources/view/services/dsvpn.js:36 +msgid "Server" +msgstr "" diff --git a/luci-app-glorytun-tcp/po/templates/glorytun-tcp.pot b/luci-app-glorytun-tcp/po/templates/glorytun-tcp.pot new file mode 100644 index 000000000..4f7759dc3 --- /dev/null +++ b/luci-app-glorytun-tcp/po/templates/glorytun-tcp.pot @@ -0,0 +1,87 @@ +msgid "" +msgstr "Content-Type: text/plain; charset=UTF-8" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:32 +msgid "Advanced Settings" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:38 +msgid "Client" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:34 +msgid "Enabled" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:68 +msgid "Force fallback cipher" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:31 +msgid "General Settings" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:24 +#: luci-app-glorytun-tcp/root/usr/share/luci/menu.d/luci-app-glorytun-tcp.json:3 +msgid "Glorytun TCP" +msgstr "" + +#: luci-app-glorytun-tcp/root/usr/share/rpcd/acl.d/luci-app-glorytun-tcp.json:3 +msgid "Grant access to glorytun TCP" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:42 +msgid "Host" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:26 +msgid "Instances" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:52 +msgid "Interface name" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:48 +msgid "Key" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:82 +msgid "Label" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:56 +msgid "Local IP" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:64 +msgid "MPTCP" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:37 +msgid "Mode" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:77 +msgid "Multiqueue" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:45 +msgid "Port" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:60 +msgid "Remote IP" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:39 +msgid "Server" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:72 +msgid "Timeout" +msgstr "" + +#: luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js:68 +msgid "chacha" +msgstr "" diff --git a/luci-app-glorytun-udp/po/templates/glorytun-udp.pot b/luci-app-glorytun-udp/po/templates/glorytun-udp.pot new file mode 100644 index 000000000..04edec275 --- /dev/null +++ b/luci-app-glorytun-udp/po/templates/glorytun-udp.pot @@ -0,0 +1,99 @@ +msgid "" +msgstr "Content-Type: text/plain; charset=UTF-8" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:40 +msgid "Advanced Settings" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:46 +msgid "Client" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:85 +msgid "Clock sync tolerance" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:95 +msgid "Dynamic rate detection" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:42 +msgid "Enabled" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:76 +msgid "Force fallback cipher" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:39 +msgid "General Settings" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:32 +#: luci-app-glorytun-udp/root/usr/share/luci/menu.d/luci-app-glorytun-udp.json:3 +msgid "Glorytun UDP" +msgstr "" + +#: luci-app-glorytun-udp/root/usr/share/rpcd/acl.d/luci-app-glorytun-udp.json:3 +msgid "Grant access to glorytun UDP" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:50 +msgid "Host" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:34 +msgid "Instances" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:60 +msgid "Interface name" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:90 +msgid "Keep alive timeout" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:72 +msgid "Keep the tunnel device after exiting" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:56 +msgid "Key" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:80 +msgid "Key rotation timeout" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:99 +msgid "Label" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:64 +msgid "Local IP" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:45 +msgid "Mode" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:72 +msgid "Persist" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:53 +msgid "Port" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:68 +msgid "Remote IP" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:47 +msgid "Server" +msgstr "" + +#: luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js:76 +msgid "chacha" +msgstr "" diff --git a/luci-app-mlvpn/po/templates/mlvpn.pot b/luci-app-mlvpn/po/templates/mlvpn.pot new file mode 100644 index 000000000..45e559267 --- /dev/null +++ b/luci-app-mlvpn/po/templates/mlvpn.pot @@ -0,0 +1,71 @@ +msgid "" +msgstr "Content-Type: text/plain; charset=UTF-8" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:32 +msgid "Advanced Settings" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:38 +msgid "Client" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:34 +msgid "Enabled" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:45 +msgid "First Port" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:31 +msgid "General Settings" +msgstr "" + +#: luci-app-mlvpn/root/usr/share/rpcd/acl.d/luci-app-mlvpn.json:3 +msgid "Grant UCI access for luci-app-mlvpn" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:42 +msgid "Host" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:26 +msgid "Instances" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:54 +msgid "Interface name" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:78 +msgid "Label" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:72 +msgid "Loss tolerance" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:24 +#: luci-app-mlvpn/root/usr/share/luci/menu.d/luci-app-mlvpn.json:3 +msgid "MLVPN" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:37 +msgid "Mode" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:50 +msgid "Password" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:66 +msgid "Reorder buffer size" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:39 +msgid "Server" +msgstr "" + +#: luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js:60 +msgid "Timeout (s)" +msgstr "" From d6fb86ed7a50452e65b5d26c5e6ae19fc8790dd7 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 8 Dec 2020 09:24:57 +0100 Subject: [PATCH 04/11] Add case when proxy is none --- openmptcprouter/files/etc/init.d/openmptcprouter-vps | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index b84667234..08ce14400 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -1065,6 +1065,15 @@ _set_config_from_vps() { set openmptcprouter.settings.shadowsocks_disable=1 commit openmptcprouter EOF + elif [ "$current_proxy" = "none" ]; then + uci -q batch <<-EOF >/dev/null + set shadowsocks-libev.sss0.disabled=1 + commit shadowsocks-libev + set v2ray.main.enabled=0 + commit shadowsocks-libev + set openmptcprouter.settings.shadowsocks_disable=1 + commit openmptcprouter + EOF fi fi fi From 66658d24274d89556a4d506e0a828c51a6197f7b Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 8 Dec 2020 09:25:24 +0100 Subject: [PATCH 05/11] Check openvpn available using init script --- luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm index 0973622ab..d8cda41f8 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm @@ -305,7 +305,7 @@ <% elseif vpn == "ubond" then %> <% if nixio.fs.access("/usr/sbin/ubond") then %><% end %> <% elseif vpn == "openvpn" then %> - <% if nixio.fs.access("/usr/sbin/openvpn") then %><% end %> + <% if nixio.fs.access("/etc/init.d/openvpn") then %><% end %> <% end end From 6ae061e10bfcddb220b096e29d39b3c2300bdce9 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 8 Dec 2020 09:26:00 +0100 Subject: [PATCH 06/11] Replace luci-app-glorytun by luci-app-glorytun-tcp and luci-app-glorytun-udp in mini Makefile --- openmptcprouter-mini/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openmptcprouter-mini/Makefile b/openmptcprouter-mini/Makefile index dc35d60b5..96a01ac3a 100644 --- a/openmptcprouter-mini/Makefile +++ b/openmptcprouter-mini/Makefile @@ -35,7 +35,7 @@ MY_DEPENDS := \ wireless-tools \ libiwinfo-lua \ ca-bundle ca-certificates libustream-openssl \ - luci-mod-admin-full luci-app-firewall luci-app-glorytun luci-app-shadowsocks-libev luci-app-unbound luci-theme-openmptcprouter luci-base \ + luci-mod-admin-full luci-app-firewall luci-app-glorytun-tcp luci-app-glorytun-udp luci-app-shadowsocks-libev luci-app-unbound luci-theme-openmptcprouter luci-base \ luci-app-omr-tracker luci-app-omr-dscp \ luci-app-sqm sqm-scripts-extra \ luci-app-vnstat2 omr-quota luci-app-omr-quota \ From 19dde3a38a6b0e13ec629387c3b09fcb0b1477d7 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Wed, 9 Dec 2020 14:27:15 +0100 Subject: [PATCH 07/11] Update v2ray core --- v2ray-core/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/v2ray-core/Makefile b/v2ray-core/Makefile index 70a5cf50f..206aa724f 100644 --- a/v2ray-core/Makefile +++ b/v2ray-core/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=v2ray-core -PKG_VERSION:=4.28.2 +PKG_VERSION:=4.31.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/v2ray/v2ray-core/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=13d985f7c1d5eb8fa991562eb4b815cb73c15f67f91e36b36b3cf5901529243e +PKG_HASH:=4e475c700863320b92689cb36ef993133e9c799375bbfc4a2811da2283c3673f PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE @@ -67,7 +67,7 @@ define Package/v2ray-core SECTION:=net CATEGORY:=Network SUBMENU:=Project V - DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle + DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle +protobuf endef define Package/v2ray-core/config From 93694b59832923d16f205f423ea9731a4c87c566 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Wed, 9 Dec 2020 14:53:48 +0100 Subject: [PATCH 08/11] Add luci-app-packet-capture --- luci-app-packet-capture/Makefile | 14 + .../resources/view/packet_capture/tcpdump.js | 287 ++++++++++++++++++ .../root/etc/config/packet_capture | 1 + .../root/usr/libexec/packet_capture | 64 ++++ .../root/usr/libexec/packet_capture_start | 69 +++++ .../root/usr/libexec/packet_capture_stop | 9 + .../luci/menu.d/luci-app-packet-capture.json | 18 ++ .../rpcd/acl.d/luci-app-packet-capture.json | 25 ++ openmptcprouter-full/Makefile | 4 +- 9 files changed, 489 insertions(+), 2 deletions(-) create mode 100644 luci-app-packet-capture/Makefile create mode 100644 luci-app-packet-capture/htdocs/luci-static/resources/view/packet_capture/tcpdump.js create mode 100644 luci-app-packet-capture/root/etc/config/packet_capture create mode 100755 luci-app-packet-capture/root/usr/libexec/packet_capture create mode 100755 luci-app-packet-capture/root/usr/libexec/packet_capture_start create mode 100755 luci-app-packet-capture/root/usr/libexec/packet_capture_stop create mode 100644 luci-app-packet-capture/root/usr/share/luci/menu.d/luci-app-packet-capture.json create mode 100644 luci-app-packet-capture/root/usr/share/rpcd/acl.d/luci-app-packet-capture.json diff --git a/luci-app-packet-capture/Makefile b/luci-app-packet-capture/Makefile new file mode 100644 index 000000000..ef6370df3 --- /dev/null +++ b/luci-app-packet-capture/Makefile @@ -0,0 +1,14 @@ +# Copyright 2020 Wojciech Jowsa (wojciech.jowsa@gmail.com) +# This is free software, licensed under the Apache License, Version 2.0 + +include $(TOPDIR)/rules.mk + +LUCI_TITLE:=Packet capture application +LUCI_DEPENDS:=+luci-mod-admin-full +tcpdump +uhttpd-mod-ubus +coreutils +coreutils-timeout + +PKG_MAINTAINER:=Wojciech Jowsa +PKG_LICENSE:=Apache-2.0 + +include $(TOPDIR)/feeds/luci/luci.mk + +# call BuildPackage - OpenWrt buildroot signatureet diff --git a/luci-app-packet-capture/htdocs/luci-static/resources/view/packet_capture/tcpdump.js b/luci-app-packet-capture/htdocs/luci-static/resources/view/packet_capture/tcpdump.js new file mode 100644 index 000000000..6bf42cc3f --- /dev/null +++ b/luci-app-packet-capture/htdocs/luci-static/resources/view/packet_capture/tcpdump.js @@ -0,0 +1,287 @@ +'use strict'; +'require rpc'; +'require uci'; +'require ui'; +'require fs'; +'require form'; +'require network'; +'require tools.widgets as widgets'; + +var eventSource, + captureFilePoll, + hostName; + +function stopTcpdump() { + fs.exec("/usr/libexec/packet_capture_stop").then(function(replay) { + if (eventSource) + eventSource.close(); + }.bind(this)).catch(function(error) { + console.log(error); + }); +} + +window.addEventListener('beforeunload', stopTcpdump); + +var callLuciProcessList = rpc.declare({ + object: 'luci', + method: 'getProcessList', + expect: { result: [] } +}); + +var callInitAction = rpc.declare({ + object: 'luci', + method: 'setInitAction', + params: [ 'name', 'action' ], + expect: { result: false } +}); + +function addOutput() { + var tcpdumpOut = document.querySelectorAll('[id$="tcpdump_out"]')[0]; + if (tcpdumpOut) + return; + + var frameEl = E('div', {'class': 'cbi-value'}); + + frameEl.appendChild(E('textarea', { + 'id': 'tcpdump_out', + 'class': 'cbi-input-textarea', + 'readonly': '', + 'style': 'width:100%', + 'rows': 30, + })); + + frameEl.firstElementChild.style.fontFamily = 'monospace'; + + var downloadBtn = document.querySelectorAll('[id$="download_file"]')[0]; + if (downloadBtn) + downloadBtn.parentNode.insertBefore(frameEl, downloadBtn.nextSibling); +} + +var downloadCaptureFile = function(ev) { + var form = E('form', { + method: 'post', + action: '/cgi-bin/cgi-download', + enctype: 'application/x-www-form-urlencoded' + }, E('input', { type: 'hidden', name: 'sessionid', value: rpc.getSessionID()}, + E('input', { type: 'hidden', name: 'path', value: "/tmp/capture.pcap"}, + E('input', { type: 'hidden', name: 'filename', value: hostName + "-" + Date.now() + ".pcap"}, + E('input', { type: 'hidden', name: 'mimetype', value: 'application/vnd.tcpdump.pcap'} + ))))); + + ev.currentTarget.parentNode.appendChild(form); + form.submit(); + form.parentNode.removeChild(form); +} + +function subscribeTcpdump() { + if (eventSource) + eventSource.close(); + + eventSource = new EventSource('/ubus/subscribe/tcpdump' + '?' + rpc.getSessionID()); + eventSource.onerror = function(event) { + eventSource.close(); + console.log(event); + }; + + addOutput(); + var textOut = document.querySelectorAll('[id$="tcpdump_out"]')[0]; + textOut.value = ""; + eventSource.addEventListener("tcpdump.data", function(event) { + textOut.value = textOut.value + "\n" + JSON.parse(event.data).data; + }); +} + +function updateButtons() { + var tasks = []; + tasks.push(fs.stat("/var/run/packet_capture.pid").then(L.bind(function(res) { + var downloadBtn = document.querySelectorAll('[id$="download_file"]')[0]; + if (!downloadBtn) + return; + if (!eventSource || eventSource.readyState == 2) + subscribeTcpdump(); + var textOut = document.querySelectorAll('[id$="tcpdump_out"]')[0]; + if (textOut) + textOut.style.borderColor = "green"; + var startBtn = document.querySelectorAll('[id$="start_tcpdump"]')[0]; + if (startBtn) + startBtn.hidden = true; + var stopBtn = document.querySelectorAll('[id$="stop_tcpdump"]')[0]; + if (stopBtn) + stopBtn.hidden = false; + return; + })).catch(function(error) { + var textOut = document.querySelectorAll('[id$="tcpdump_out"]')[0]; + if (textOut) + textOut.style.borderColor = "red"; + var startBtn = document.querySelectorAll('[id$="start_tcpdump"]')[0]; + if (startBtn) + startBtn.hidden = false; + var stopBtn = document.querySelectorAll('[id$="stop_tcpdump"]')[0]; + if (stopBtn) + stopBtn.hidden = true; + if (eventSource) + eventSource.close(); + })); + + return Promise.all(tasks); +} + +function updatePollCheckCaptureFileExists() { + checkCaptureFileExists(); + L.Poll.remove(captureFilePoll); + L.Poll.add(L.bind(checkCaptureFileExists, m),5); +} + +function checkCaptureFileExists() { + var tasks = []; + tasks.push(fs.stat("/tmp/capture.pcap").then(L.bind(function(res) { + var downloadBtn = document.querySelector('[data-action="download"]'); + if (!downloadBtn) + return; + var downloadCheckBox = document.querySelectorAll('[data-widget-id$="file"]')[0].checked; + if (!downloadCheckBox) { + fs.remove("/tmp/capture.pcap").then(function(replay) { + downloadBtn.disabled = true;; + }.bind(this)).catch(function(error) { + console.log(error); + }); + } else { + downloadBtn.disabled = false; + } + })).catch(function(error) { + var downloadBtn = document.querySelector('[data-action="download"]'); + if (downloadBtn) + downloadBtn.disabled = true; + })); + + return Promise.all(tasks); +} + +return L.view.extend({ + + load: function() { + return Promise.all([ + uci.load('system') + ]); + }, + + handleDownload: function(ev) { + downloadCaptureFile(ev); + }, + + render: function(processes) { + var m, s, o; + + hostName = uci.get('system', '@system[0]', 'hostname'); + + m = new form.Map('packet_capture', _('Packet Capture - Tcpdump'), _('Capture packets with tcpdump.')); + s = m.section(form.TypedSection, 'tcpdump'); + s.anonymous = 1; + + o = s.option(widgets.DeviceSelect, 'interface', _('Interface'), _('')); + o.noaliases = true; + o.modalonly = true; + o.rmempty = false; + o.filter = function(section_id, value) { + return true; + } + + o = s.option(form.Value, 'filter', _('Filter'), _('Tcpdump filter like protocol, port etc.')); + o.modalonly = false; + o.datatype = 'and(minlength(1),maxlength(1024))'; + + o = s.option(form.Value, 'duration', _('Duration'), _('Duration of packet capturing in seconds.')); + o.modalonly = false; + o.datatype = 'range(1,4294967296)'; + + o = s.option(form.Value, 'packets', _('Packets'), _('Number of packets to be captured.')); + o.modalonly = false; + o.datatype = 'range(1,4294967296)'; + + o = s.option(form.Flag, 'domains', _('Resolve domains'), _("Convert host addresses to names.")); + + o = s.option(form.Flag, 'verbose', _('Verbose output'), _("Print the link-level header on each dump line.")); + + o = s.option(form.Flag, 'file', _('Save to file'), _("Save capture to pcap file.")); + + o = s.option(form.Button, 'start_tcpdump', _('Start tcpdump'), _('')); + o.inputstyle = 'apply'; + o.onclick = ui.createHandlerFn(this, function(section_id, ev) { + var downloadBtn = document.querySelector('[data-action="download"]'); + if (!downloadBtn) + return; + fs.remove("/tmp/capture.pcap").then(function(replay) { + downloadBtn.disabled = true;; + }.bind(this)).catch(function(error) { + console.log(error); + }); + + var iface = document.querySelectorAll('[id$="interface"]')[1].value, + filter = document.querySelectorAll('[id$="filter"]')[2].value, + packets = document.querySelectorAll('[id$="packets"]')[2].value, + duration = document.querySelectorAll('[id$="duration"]')[2].value, + verbose = document.querySelectorAll('[data-widget-id$="verbose"]')[0].checked, + domains = document.querySelectorAll('[data-widget-id$="domains"]')[0].checked, + file = document.querySelectorAll('[data-widget-id$="file"]')[0].checked + + var args = { + "interface": iface, + "filter": filter, + "packets": packets, + "duration": duration, + "verbose": verbose, + "domains": domains, + "file": file + } + + return fs.exec_direct('/usr/libexec/packet_capture_start', [JSON.stringify(args)]).then(function(replay) { + var error_position = replay.search("error:"); + if (error_position != -1){ + ui.showModal(_(replay.substring(error_position + 6, replay.length)), [ + E('div', { 'class': 'right' }, [ + E('button', { + 'class': 'cbi-button cbi-button-negative important', + 'click': function(ev) { + ui.hideModal(); + } + }, _('Close')), + ]) + ]); + return; + } + rpc.list.apply(rpc).then(function(res) { + for (var k in res) { + if (res[k] == "tcpdump" ) + subscribeTcpdump() + } + }.bind(this)); + }.bind(this)).catch(function(error) { + console.log(error); + }); + }); + + o = s.option(form.Button, 'stop_tcpdump', _('Stop tcpdump'), _('')); + o.inputstyle = 'apply'; + o.onclick = ui.createHandlerFn(this, function(section_id, ev) { + if (!eventSource) + return; + return fs.exec("/usr/libexec/packet_capture_stop").then(function(replay) { + eventSource.close(); + }.bind(this)).catch(function(error) { + console.log(error); + }); + }); + + o = s.option(form.Button, 'download_file', _('Download capture file')); + o.inputstyle = 'action important'; + o.inputtitle = _('Download'); + o.data_action = 'download' + o.onclick = this.handleDownload; + + L.Poll.add(L.bind(updateButtons, m),1); + captureFilePoll = L.bind(updatePollCheckCaptureFileExists, m); + L.Poll.add(captureFilePoll,1); + + return m.render(); + }, +}); diff --git a/luci-app-packet-capture/root/etc/config/packet_capture b/luci-app-packet-capture/root/etc/config/packet_capture new file mode 100644 index 000000000..105a0dc30 --- /dev/null +++ b/luci-app-packet-capture/root/etc/config/packet_capture @@ -0,0 +1 @@ +config tcpdump \ No newline at end of file diff --git a/luci-app-packet-capture/root/usr/libexec/packet_capture b/luci-app-packet-capture/root/usr/libexec/packet_capture new file mode 100755 index 000000000..e1ecf23f7 --- /dev/null +++ b/luci-app-packet-capture/root/usr/libexec/packet_capture @@ -0,0 +1,64 @@ +#!/usr/bin/env lua + +local ubus = require "ubus" +local fs = require "nixio.fs" + +local conn = ubus.connect() +if not conn then + error("Failed to connect to ubus") + return +end + +local args = "-n" +local duration = "" + +if arg[1] ~= nil then + args = arg[1] + if arg[2] ~= "" then + duration = arg[2] + end +end + +local filter = fs.stat("/tmp/tcpdump_filter") +if filter then + args = args .. " -F /tmp/tcpdump_filter" +end + +local ubus_objects = { + tcpdump = { + } +} + +conn:add( ubus_objects ) + +os.execute("sleep 1") + +local command = "tcpdump -l " .. args .. " 2>&1" + +if duration ~= "" then + command = "timeout " .. duration .. " " .. command +end + +local pipe = io.popen(command) + +for line in pipe:lines() do + local params = { + data = line + } + conn:notify(ubus_objects.tcpdump.__ubusobj, "tcpdump.data", params) +end + +local pcap = fs.stat("/tmp/capture.pcap0") +if pcap then + fs.move("/tmp/capture.pcap0","/tmp/capture.pcap") + fs.remove("/tmp/capture.pcap1") +end + +if filter then + fs.remove("/tmp/tcpdump_filter") +end + +conn:close() +pipe:close() + +fs.remove("/var/run/packet_capture.pid") diff --git a/luci-app-packet-capture/root/usr/libexec/packet_capture_start b/luci-app-packet-capture/root/usr/libexec/packet_capture_start new file mode 100755 index 000000000..acdf89152 --- /dev/null +++ b/luci-app-packet-capture/root/usr/libexec/packet_capture_start @@ -0,0 +1,69 @@ +#!/bin/sh + +. /usr/share/libubox/jshn.sh + +PIDFILE="/var/run/packet_capture.pid" + +if [ -f "$PIDFILE"];then + echo "error: Packet capture is running" + exit 1 +fi + +json_load "$1" +json_get_var interface interface +json_get_var filter filter +json_get_var duration duration +json_get_var packets packets +json_get_var verbose verbose +json_get_var domains domains +json_get_var file file + +args="-n" + +if [ "$domains" == "1" ];then + args="" +fi + +if [ -n "$interface" ];then + ip a show "$interface" > /dev/null 2>&1 + if [ "$?" == "1" ]; then + echo "error: Incorrect format of an interface" + exit 1 + fi + + args="$args -i $interface" +fi + +if [ -n "$packets" ];then + echo "$packets" | egrep '^[0-9]*$' + if [ "$?" -eq 0 ];then + args="$args -c $packets" + else + echo "error: Incorrect packets argument" + exit 1 + fi +fi + +if [ "$verbose" == "1" ];then + args="$args -e" +fi + +if [ "$file" == "1" ];then + mem=$(awk '/MemTotal/ {print $2}' /proc/meminfo) + args="$args -W 2 -C $((mem/(1024 * 10))) -w /tmp/capture.pcap -z /usr/libexec/packet_capture_stop" +fi + +if [ -n "$filter" ];then + tcpdump -i lo -d "$filter" >/dev/null 2>/dev/null + if [ $? -eq 1 ];then + echo "error: Incorrect filter argument" + exit 1 + fi + echo "$filter" > /tmp/tcpdump_filter +fi + +(/usr/libexec/packet_capture "$args" "$duration")& + +echo $! > /var/run/packet_capture.pid + +exit 0 diff --git a/luci-app-packet-capture/root/usr/libexec/packet_capture_stop b/luci-app-packet-capture/root/usr/libexec/packet_capture_stop new file mode 100755 index 000000000..bce650346 --- /dev/null +++ b/luci-app-packet-capture/root/usr/libexec/packet_capture_stop @@ -0,0 +1,9 @@ +#!/bin/sh + +pid=$(cat /var/run/packet_capture.pid) +if [ -n "$pid" ] && grep -sq packet_capture "/proc/$pid/cmdline"; then + ppid=$(pgrep -P $pid) + kill -TERM $ppid +fi + +exit 0 diff --git a/luci-app-packet-capture/root/usr/share/luci/menu.d/luci-app-packet-capture.json b/luci-app-packet-capture/root/usr/share/luci/menu.d/luci-app-packet-capture.json new file mode 100644 index 000000000..304fe5431 --- /dev/null +++ b/luci-app-packet-capture/root/usr/share/luci/menu.d/luci-app-packet-capture.json @@ -0,0 +1,18 @@ +{ + "admin/services/packet_capture": { + "title": "Packet Capture", + "order": 90, + "action": { + "type": "view", + "path": "packet_capture/tcpdump" + }, + "depends" : { + "acl": [ "luci-app-packet-capture" ], + "uci": { "packet_capture": true }, + "fs": { "/usr/libexec/packet_capture": "executable", + "/usr/libexec/packet_capture_start": "executable", + "/usr/libexec/packet_capture_stop": "executable" + } + } + } +} diff --git a/luci-app-packet-capture/root/usr/share/rpcd/acl.d/luci-app-packet-capture.json b/luci-app-packet-capture/root/usr/share/rpcd/acl.d/luci-app-packet-capture.json new file mode 100644 index 000000000..f59d4060b --- /dev/null +++ b/luci-app-packet-capture/root/usr/share/rpcd/acl.d/luci-app-packet-capture.json @@ -0,0 +1,25 @@ +{ + "luci-app-packet-capture": { + "description": "Grant access to tcpdump ubus object", + "read": { + "cgi-io": [ "download", "exec" ], + "ubus": { + "tcpdump": [ "*" ], + "luci": [ "getProcessList" ] + }, + "uci": [ "packet_capture", "system" ], + "file": { + "/tmp/capture.pcap": [ "read" ] + } + }, + "write": { + "uci": [ "packet_capture" ], + "file": { + "/usr/libexec/packet_capture_start": [ "exec" ], + "/usr/libexec/packet_capture_stop": [ "exec" ], + "/usr/libexec/packet_capture": [ "exec" ], + "/tmp/capture.pcap": [ "write" ] + } + } + } +} diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index 0ab4f84fd..8578a2d95 100644 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -78,9 +78,9 @@ MY_DEPENDS := \ !TARGET_mvebu:kmod-usb-net-huawei-cdc-ncm !TARGET_mvebu:kmod-usb-net-rndis !TARGET_mvebu:kmod-usb-net-cdc-ether !TARGET_mvebu:kmod-usb-net-ipheth !TARGET_mvebu:usbmuxd \ kmod-rt2800-usb kmod-rtl8xxxu kmod-rtl8192cu kmod-net-rtl8192su \ !TARGET_mvebu:luci-proto-qmi wpad-basic kmod-mt7601u kmod-rtl8187 \ - luci-app-mlvpn mlvpn 464xlat !TARGET_mvebu:kmod-usb-net-smsc75xx kmod-zram kmod-swconfig swconfig kmod-ipt-nat kmod-ipt-nat6 luci-app-https-dns-proxy kmod-tcp-nanqinlang kmod-tcp-bbr2 iptables-mod-ipopt igmpproxy ss iptraf-ng \ + luci-app-mlvpn mlvpn 464xlat !TARGET_mvebu:kmod-usb-net-smsc75xx kmod-zram kmod-swconfig swconfig kmod-ipt-nat kmod-ipt-nat6 luci-app-https-dns-proxy kmod-tcp-nanqinlang (TARGET_x86_64||TARGET_arm64):kmod-tcp-bbr2 iptables-mod-ipopt igmpproxy ss iptraf-ng \ luci-app-acl block-mount blockd fstools luci-app-shutdown libwebp luci-proto-gre tcptraceroute luci-proto-mbim kmod-rtl8xxxu kmod-ath9k-htc luci-app-ttyd luci-mod-dashboard (TARGET_x86||TARGET_x86_64):rtl8192eu-firmware kmod-usb2 libustream-wolfssl (TARGET_x86||TARGET_x86_64):kmod-ixgbevf \ - hwinfo (TARGET_x86||TARGET_x86_64):dmidecode + hwinfo (TARGET_x86||TARGET_x86_64):dmidecode luci-app-packet-capture # luci-theme-bootstrap luci-theme-openwrt-2020 luci-theme-openwrt luci-app-status # luci-proto-bonding luci-app-statistics luci-proto-gre # softethervpn5-client softethervpn5-server luci-app-nginx-ha From 8f2b608c2cdec5ebd54f7e72f0b4d447084f3298 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Wed, 9 Dec 2020 14:59:23 +0100 Subject: [PATCH 09/11] Disable all ipv6 settings by default --- openmptcprouter/files/etc/uci-defaults/2000-omr-dhcp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/openmptcprouter/files/etc/uci-defaults/2000-omr-dhcp b/openmptcprouter/files/etc/uci-defaults/2000-omr-dhcp index 82d955677..5ad19ac9e 100755 --- a/openmptcprouter/files/etc/uci-defaults/2000-omr-dhcp +++ b/openmptcprouter/files/etc/uci-defaults/2000-omr-dhcp @@ -2,8 +2,9 @@ if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "0" ]; then uci -q batch <<-EOF >/dev/null - set dhcp.lan.ra_default=1 - set dhcp.lan.dhcpv6=server + delete dhcp.lan.ra_default + delete dhcp.lan.dhcpv6 + delete dhcp.lan.ra set dhcp.lan.force=1 commit dhcp EOF From 0f87c62f36edef002791473244d312a422d4962a Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 11 Dec 2020 21:38:50 +0100 Subject: [PATCH 10/11] Fix for gre tunnel --- openmptcprouter/files/etc/init.d/openmptcprouter-vps | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index 08ce14400..4806ea137 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -439,7 +439,7 @@ _get_gre_tunnel() { peeraddr="$(echo $tunnel | jsonfilter -q -e '@.remote_ip')" ipaddr="$(echo $tunnel | jsonfilter -q -e '@.local_ip')" publicaddr="$(echo $tunnel | jsonfilter -q -e '@.public_ip')" - if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && ([ "$(uci -q get network.omrip${i}.peeraddr)" != "$peeraddr" ] || [ "$(uci -q get network.omrip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.omrip${i}gre.ipaddr)" != "$vpnip_local" ]); then + if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && ([ "$(uci -q get network.omrip${i}.ipaddr)" != "$peeraddr" ] || [ "$(uci -q get network.omrip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.omrip${i}gre.ipaddr)" != "$vpnip_local" ]); then uci -q batch <<-EOF >/dev/null set network.omrip${i}gre=interface set network.omrip${i}gre.label="GRE tunnel for $publicaddr" From 8ef4df91e747905976ed59dabfa23df737cd29eb Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 11 Dec 2020 21:39:49 +0100 Subject: [PATCH 11/11] Add OpenVPN Bonding support --- .../luasrc/controller/openmptcprouter.lua | 13 ++- .../luasrc/view/openmptcprouter/wizard.htm | 5 +- openmptcprouter-full/Makefile | 2 +- .../files/etc/init.d/openvpnbonding | 95 +++++++++++++++++++ 4 files changed, 108 insertions(+), 7 deletions(-) create mode 100755 openmptcprouter/files/etc/init.d/openvpnbonding diff --git a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua index b294af40c..c9a264ed8 100644 --- a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua +++ b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua @@ -631,8 +631,8 @@ function wizard_add() ucic:set("glorytun","vpn","remoteip","10.255.255.1") ucic:set("network","omr6in4","ipaddr","10.255.255.2") ucic:set("network","omr6in4","peeraddr","10.255.255.1") + ucic:set("network","omrvpn","proto","none") end - ucic:set("network","omrvpn","proto","none") else ucic:set("glorytun","vpn","key","") --ucic:set("glorytun","vpn","enable",0) @@ -656,8 +656,8 @@ function wizard_add() ucic:set("glorytun-udp","vpn","remoteip","10.255.254.1") ucic:set("network","omr6in4","ipaddr","10.255.254.2") ucic:set("network","omr6in4","peeraddr","10.255.254.1") + ucic:set("network","omrvpn","proto","none") end - ucic:set("network","omrvpn","proto","none") else ucic:set("glorytun-udp","vpn","key","") end @@ -677,9 +677,11 @@ function wizard_add() ucic:set("dsvpn","vpn","key",dsvpn_key) ucic:set("dsvpn","vpn","localip","10.255.251.2") ucic:set("dsvpn","vpn","remoteip","10.255.251.1") - ucic:set("network","omr6in4","ipaddr","10.255.251.2") - ucic:set("network","omr6in4","peeraddr","10.255.251.1") - ucic:set("network","omrvpn","proto","none") + if default_vpn == "dsvpn" then + ucic:set("network","omr6in4","ipaddr","10.255.251.2") + ucic:set("network","omr6in4","peeraddr","10.255.251.1") + ucic:set("network","omrvpn","proto","none") + end else ucic:set("dsvpn","vpn","key","") --ucic:set("dsvpn","vpn","enable",0) @@ -770,6 +772,7 @@ function wizard_add() luci.sys.call("/etc/init.d/mlvpn restart >/dev/null 2>/dev/null") --luci.sys.call("/etc/init.d/ubond restart >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/openvpn restart >/dev/null 2>/dev/null") + luci.sys.call("/etc/init.d/openvpnbonding restart >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/dsvpn restart >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/omr-tracker start >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/omr-6in4 restart >/dev/null 2>/dev/null") diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm index d8cda41f8..66a5b2b00 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm @@ -306,6 +306,8 @@ <% if nixio.fs.access("/usr/sbin/ubond") then %><% end %> <% elseif vpn == "openvpn" then %> <% if nixio.fs.access("/etc/init.d/openvpn") then %><% end %> + <% elseif vpn == "openvpn_bonding" then %> + <% if nixio.fs.access("/etc/init.d/openvpnbonding") then %><% end %> <% end end @@ -319,7 +321,8 @@ <% if nixio.fs.access("/usr/sbin/dsvpn") then %><% end %> <% if nixio.fs.access("/usr/sbin/mlvpn") then %><% end %> <% if nixio.fs.access("/usr/sbin/ubond") then %><% end %> - <% if nixio.fs.access("/usr/sbin/openvpn") then %><% end %> + <% if nixio.fs.access("/etc/init.d/openvpn") then %><% end %> + <% if nixio.fs.access("/etc/init.d/openvpnbonding") then %><% end %> <% end diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index 8578a2d95..9625904b5 100644 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -80,7 +80,7 @@ MY_DEPENDS := \ !TARGET_mvebu:luci-proto-qmi wpad-basic kmod-mt7601u kmod-rtl8187 \ luci-app-mlvpn mlvpn 464xlat !TARGET_mvebu:kmod-usb-net-smsc75xx kmod-zram kmod-swconfig swconfig kmod-ipt-nat kmod-ipt-nat6 luci-app-https-dns-proxy kmod-tcp-nanqinlang (TARGET_x86_64||TARGET_arm64):kmod-tcp-bbr2 iptables-mod-ipopt igmpproxy ss iptraf-ng \ luci-app-acl block-mount blockd fstools luci-app-shutdown libwebp luci-proto-gre tcptraceroute luci-proto-mbim kmod-rtl8xxxu kmod-ath9k-htc luci-app-ttyd luci-mod-dashboard (TARGET_x86||TARGET_x86_64):rtl8192eu-firmware kmod-usb2 libustream-wolfssl (TARGET_x86||TARGET_x86_64):kmod-ixgbevf \ - hwinfo (TARGET_x86||TARGET_x86_64):dmidecode luci-app-packet-capture + hwinfo (TARGET_x86||TARGET_x86_64):dmidecode luci-app-packet-capture kmod-bonding luci-proto-bonding # luci-theme-bootstrap luci-theme-openwrt-2020 luci-theme-openwrt luci-app-status # luci-proto-bonding luci-app-statistics luci-proto-gre # softethervpn5-client softethervpn5-server luci-app-nginx-ha diff --git a/openmptcprouter/files/etc/init.d/openvpnbonding b/openmptcprouter/files/etc/init.d/openvpnbonding new file mode 100755 index 000000000..f0ba915fa --- /dev/null +++ b/openmptcprouter/files/etc/init.d/openvpnbonding @@ -0,0 +1,95 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2020 Ycarus (Yannick Chabanois) for OpenMPTCProuter +# Released under GPL 3. See LICENSE for the full terms. + +{ + START=70 + STOP=10 + USE_PROCD=1 +} + +_getremoteip() { + [ "$(uci -q get openmptcprouter.$1.master)" = "1" ] && remoteip=$(uci -q get openmptcprouter.$1.ip) +} + +_openvpnbonding() { + local interface=$1 + if [ "$(uci -q get openmptcprouter.${interface}.multipath)" = "master" ] || [ "$(uci -q get openmptcprouter.${interface}.multipath)" = "on" ]; then + nbintf=$(($nbintf+1)) + remoteip="" + config_load openmptcprouter + config_foreach _getremoteip server + if [ -n "$remoteip" ]; then + localip=$(ubus call network.interface.$interface status | jsonfilter -e '@["ipv4-address"][0].address' | tr -d "\n") + uci -q batch <<-EOF >/dev/null + set openvpn.omr_bonding_${interface}=openvpn + set openvpn.omr_bonding_${interface}.dev="bond${interface}" + set openvpn.omr_bonding_${interface}.dev_type="tap" + set openvpn.omr_bonding_${interface}.cipher='AES-256-CBC' + set openvpn.omr_bonding_${interface}.port="6535${nbintf}" + set openvpn.omr_bonding_${interface}.remote="${remoteip}" + set openvpn.omr_bonding_${interface}.local="${localip}" + set openvpn.omr_bonding_${interface}.lport='0' + set openvpn.omr_bonding_${interface}.ncp_disable='1' + set openvpn.omr_bonding_${interface}.auth_nocache='1' + set openvpn.omr_bonding_${interface}.proto='udp' + set openvpn.omr_bonding_${interface}.client='1' + set openvpn.omr_bonding_${interface}.tls_client='1' + set openvpn.omr_bonding_${interface}.enabled='1' + set openvpn.omr_bonding_${interface}.key='/etc/luci-uploads/client.key' + set openvpn.omr_bonding_${interface}.cert='/etc/luci-uploads/client.crt' + set openvpn.omr_bonding_${interface}.ca='/etc/luci-uploads/ca.crt' + commit openvpn + EOF + if [ "$(uci -q get network.omrvpn.slaves | grep bond${interface})" = "" ]; then + uci -q add_list network.omrvpn.slaves="bond${interface}" + fi + /etc/init.d/openvpn start omr_bonding_${interface} + ip link set bond${interface} master bonding-omrvpn + fi + fi +} + +_disable_openvpnbonding() +{ + name=$1 + if [ "$(echo $name | grep omr_bonding)" != "" ]; then + uci -q set openvpn.${name}.enabled='0' + fi +} + +start_service() +{ + if [ "$(uci -q get openmptcprouter.settings.vpn)" = "openvpn_bonding" ]; then + nbintf=0 + uci -q batch <<-EOF >/dev/null + set network.omrvpn.proto='bonding' + set network.omrvpn.bonding_policy='balance-rr' + set network.omrvpn.packets_per_slave='1' + set network.omrvpn.xmit_hash_policy='layer2' + set network.omrvpn.all_slaves_active='0' + set network.omrvpn.netmask='255.255.255.0' + set network.omrvpn.ipaddr='10.255.248.2' + set network.omrvpn.link_monitoring='mii' + set network.omrvpn.miimon='10' + set network.omrvpn.downdelay='100' + set network.omrvpn.updelay='20' + set network.omrvpn.use_carrier='1' + commit network + EOF + config_load openmptcprouter + config_foreach _openvpnbonding interface + ip link set bonding-omrvpn up + uci -q batch <<-EOF >/dev/null + commit network + EOF + else + config_load openvpn + config_foreach _disable_openvpnbonding + uci -q commit openvpn + fi +} + +service_triggers() { + procd_add_reload_trigger "openvpn" "network" +} \ No newline at end of file