From 89f028597d4e205d12e79983f58439e885c647c2 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 4 Aug 2023 22:19:59 +0200 Subject: [PATCH 1/4] Various changes for 6.1 kernel in MPTCP interface --- luci-app-mptcp/luasrc/controller/mptcp.lua | 6 ++++-- luci-app-mptcp/luasrc/model/cbi/mptcp.lua | 16 ++++++++-------- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/luci-app-mptcp/luasrc/controller/mptcp.lua b/luci-app-mptcp/luasrc/controller/mptcp.lua index 842adc6ef..89bc92c13 100644 --- a/luci-app-mptcp/luasrc/controller/mptcp.lua +++ b/luci-app-mptcp/luasrc/controller/mptcp.lua @@ -15,8 +15,10 @@ function index() entry({"admin", "network", "mptcp", "mptcp_check_trace"}, post("mptcp_check_trace")).leaf = true entry({"admin", "network", "mptcp", "mptcp_fullmesh"}, template("mptcp/mptcp_fullmesh"), _("MPTCP Fullmesh"), 5).leaf = true entry({"admin", "network", "mptcp", "mptcp_fullmesh_data"}, post("mptcp_fullmesh_data")).leaf = true - entry({"admin", "network", "mptcp", "mptcp_connections"}, template("mptcp/mptcp_connections"), _("Established connections"), 6).leaf = true - entry({"admin", "network", "mptcp", "mptcp_connections_data"}, post("mptcp_connections_data")).leaf = true + if nixio.uname().release:sub(1,4) ~= "5.15" and nixio.uname().release:sub(1,1) ~= "6" then + entry({"admin", "network", "mptcp", "mptcp_connections"}, template("mptcp/mptcp_connections"), _("Established connections"), 6).leaf = true + entry({"admin", "network", "mptcp", "mptcp_connections_data"}, post("mptcp_connections_data")).leaf = true + end entry({"admin", "network", "mptcp", "mptcp_monitor"}, template("mptcp/mptcp_monitor"), _("MPTCP monitoring"), 6).leaf = true entry({"admin", "network", "mptcp", "mptcp_monitor_data"}, post("mptcp_monitor_data")).leaf = true end diff --git a/luci-app-mptcp/luasrc/model/cbi/mptcp.lua b/luci-app-mptcp/luasrc/model/cbi/mptcp.lua index a36c3d391..d5fe52f9c 100644 --- a/luci-app-mptcp/luasrc/model/cbi/mptcp.lua +++ b/luci-app-mptcp/luasrc/model/cbi/mptcp.lua @@ -61,22 +61,22 @@ end -- if tonumber(uname.release:sub(1,4)) >= 5.15 then if uname.release:sub(1,4) == "5.15" or uname.release:sub(1,1) == "6" then - o = s:option(Value, "mptcp_subflows", translate("specifies the maximum number of additional subflows allowed for each MPTCP connection")) + o = s:option(Value, "mptcp_subflows", translate("Max subflows"),translate("specifies the maximum number of additional subflows allowed for each MPTCP connection")) o.datatype = "uinteger" o.rmempty = false o.default = 3 - - o = s:option(Value, "mptcp_add_addr_accepted", translate("specifies the maximum number of ADD_ADDR suboptions accepted for each MPTCP connection")) - o.datatype = "uinteger" - o.rmempty = false - o.default = 1 - o = s:option(Value, "mptcp_stale_loss_cnt", translate("The number of MPTCP-level retransmission intervals with no traffic and pending outstanding data on a given subflow required to declare it stale")) + o = s:option(Value, "mptcp_stale_loss_cnt", translate("Retranmission intervals"),translate("The number of MPTCP-level retransmission intervals with no traffic and pending outstanding data on a given subflow required to declare it stale")) o.datatype = "uinteger" o.rmempty = false o.default = 4 - o = s:option(Value, "mptcp_add_addr_timeout", translate("Set the timeout after which an ADD_ADDR control message will be resent to an MPTCP peer that has not acknowledged a previous ADD_ADDR message.")) + o = s:option(Value, "mptcp_add_addr_accepted", translate("Max add address"),translate("specifies the maximum number of ADD_ADDR (add address) suboptions accepted for each MPTCP connection")) + o.datatype = "uinteger" + o.rmempty = false + o.default = 1 + + o = s:option(Value, "mptcp_add_addr_timeout", translate("Control message timeout"),translate("Set the timeout after which an ADD_ADDR (add address) control message will be resent to an MPTCP peer that has not acknowledged a previous ADD_ADDR message.")) o.datatype = "uinteger" o.rmempty = false o.default = 120 From 2b59c7ae22fb7d0bfee56e369900825e49428034 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 4 Aug 2023 22:22:51 +0200 Subject: [PATCH 2/4] Fix, add proxy in status json and add encryption in uci settings --- .../luasrc/controller/openmptcprouter.lua | 10 ++++++++-- .../luasrc/view/openmptcprouter/wizard.htm | 9 +++++++-- .../root/usr/libexec/rpcd/openmptcprouter | 4 +++- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua index 5a0cb0566..592abcc89 100644 --- a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua +++ b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua @@ -552,7 +552,7 @@ function wizard_add() ucic:set("network","omrvpn","proto","bonding") end if downloadmax ~= 0 and uploadmax ~= 0 then - ucic:set("sqm","omrvpn","enabled","1") + --ucic:set("sqm","omrvpn","enabled","1") ucic:set("sqm","omrvpn","max_download",downloadmax) ucic:set("sqm","omrvpn","max_upload",uploadmax) ucic:set("sqm","omrvpn","download",math.ceil(downloadmax*50/100)) @@ -619,7 +619,7 @@ function wizard_add() ucic:set("openmptcprouter",server,"username",openmptcprouter_vps_username:gsub("%s+", "")) ucic:set("openmptcprouter",server,"password",openmptcprouter_vps_key:gsub("%s+", "")) ucic:set("openmptcprouter",server,"disabled",openmptcprouter_vps_disabled) - if ucic:get("openmptcprouter",server,"ip") ~= aserverips then + if ucic:get_list("openmptcprouter",server,"ip") ~= aserverips then ucic:set_list("openmptcprouter",server,"ip",aserverips) if ucic:get("openmptcprouter",server,"master") == "1" then ucic:set("openmptcprouter",server,"get_config","1") @@ -805,6 +805,7 @@ function wizard_add() local encryption = luci.http.formvalue("encryption") if encryption == "none" then + ucic:set("openmptcprouter","settings","encryption","none") ucic:set("shadowsocks-libev","sss0","method","none") ucic:set("shadowsocks-libev","sss1","method","none") ucic:set("openvpn","omr","cipher","none") @@ -812,6 +813,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_vmess_user_security","none") ucic:set("v2ray","omrout","s_vless_user_security","none") elseif encryption == "aes-256-gcm" then + ucic:set("openmptcprouter","settings","encryption","aes-256-gcm") ucic:set("shadowsocks-libev","sss0","method","aes-256-gcm") ucic:set("shadowsocks-libev","sss1","method","aes-256-gcm") ucic:set("glorytun","vpn","chacha20","0") @@ -821,6 +823,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_vmess_user_security","aes-128-gcm") ucic:set("v2ray","omrout","s_vless_user_security","aes-128-gcm") elseif encryption == "aes-256-cfb" then + ucic:set("openmptcprouter","settings","encryption","aes-256-cfb") ucic:set("shadowsocks-libev","sss0","method","aes-256-cfb") ucic:set("shadowsocks-libev","sss1","method","aes-256-cfb") ucic:set("glorytun","vpn","chacha20","0") @@ -830,6 +833,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_vmess_user_security","aes-128-gcm") ucic:set("v2ray","omrout","s_vless_user_security","aes-128-gcm") elseif encryption == "chacha20-ietf-poly1305" then + ucic:set("openmptcprouter","settings","encryption","chacha20") ucic:set("shadowsocks-libev","sss0","method","chacha20-ietf-poly1305") ucic:set("shadowsocks-libev","sss1","method","chacha20-ietf-poly1305") ucic:set("glorytun","vpn","chacha20","1") @@ -838,6 +842,8 @@ function wizard_add() ucic:set("mlvpn","general","cleartext_data","0") ucic:set("v2ray","omrout","s_vmess_user_security","chacha20-poly1305") ucic:set("v2ray","omrout","s_vless_user_security","chacha20-poly1305") + else + ucic:set("openmptcprouter","settings","encryption","other") end ucic:save("openvpn") ucic:save("glorytun") diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm index 69d7b5a81..6b005fe5b 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm @@ -269,13 +269,18 @@

diff --git a/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter b/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter index 8dade3146..fc7a71dec 100755 --- a/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter +++ b/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter @@ -1035,7 +1035,9 @@ function interfaces_status() mArray.openmptcprouter["multi_vpn"] = true end end - + if uci:get("openmptcprouter","settings","vpn") ~= "none" then + mArray.openmptcprouter["vpn"]= uci:get("openmptcprouter","settings","vpn") + end -- check Shadowsocks is running mArray.openmptcprouter["shadowsocks_service"] = false if string.find(sys.exec("/usr/bin/pgrep ss-redir"), "%d+") then From 8e2f33ac32df446f200c5e25a05fe454b64434c9 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 4 Aug 2023 22:23:43 +0200 Subject: [PATCH 3/4] Some fix on encryption --- .../files/etc/init.d/openmptcprouter-vps | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index 2a953d748..8955b5ff2 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -107,6 +107,7 @@ _set_json() { _set_glorytun_vps() { local enabled port key enabled="$(uci -q get glorytun.vpn.enable)" + [ "$enabled" != "1" ] && enabled="$(uci -q get glorytun-udp.vpn.enable)" [ "$enabled" != "1" ] && echo "Glorytun disabled" && return port="$(uci -q get glorytun.vpn.port)" key="$(uci -q get glorytun.vpn.key)" @@ -1909,17 +1910,16 @@ _config_service() { [ "$(uci -q get openmptcprouter.${servername}.master)" = "1" ] && { _get_vps_config } - [ -z "$vps_config" ] && vps_config=$(_get_json "config") - [ -z "$vps_config" ] && return - user_permission="$(echo "$vps_config" | jsonfilter -q -e '@.user.permission')" if [ "$(uci -q get openmptcprouter.settings.firstboot)" != "0" ]; then - [ -n "$vps_config" ] && [ -n "$(cat /proc/cpuinfo | grep aes)" ] && { + [ -n "$(cat /proc/cpuinfo | grep aes)" ] && { vps_aes="$(echo "$vps_config" | jsonfilter -q -e '@.vps.aes')" if [ "$vps_aes" != "false" ] && [ "$user_permission" != "ro" ]; then logger -t "OMR-VPS" "CPU support AES, set it by default" method="$(uci -q get shadowsocks-libev.sss0.method)" uci -q batch <<-EOF >/dev/null + set openmptcprouter.settings.encryption="aes-256-gcm" + commit openmptcprouter set glorytun.vpn.chacha20="0" commit glorytun set glorytun-udp.vpn.chacha="0" @@ -1934,6 +1934,11 @@ _config_service() { fi } fi + + [ -z "$vps_config" ] && vps_config=$(_get_json "config") + [ -z "$vps_config" ] && return + user_permission="$(echo "$vps_config" | jsonfilter -q -e '@.user.permission')" + if [ "$user_permission" != "ro" ]; then #config_load shadowsocks-libev #config_foreach _set_ss_server_vps server From b67619a38ba8d6dc807256938d0aa622fcdc5704 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 4 Aug 2023 22:24:01 +0200 Subject: [PATCH 4/4] Change diag website --- openmptcprouter/files/etc/uci-defaults/1950-omr-diag | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openmptcprouter/files/etc/uci-defaults/1950-omr-diag b/openmptcprouter/files/etc/uci-defaults/1950-omr-diag index cd944c24f..efefd08a7 100755 --- a/openmptcprouter/files/etc/uci-defaults/1950-omr-diag +++ b/openmptcprouter/files/etc/uci-defaults/1950-omr-diag @@ -2,9 +2,9 @@ uci -q batch <<-EOF >/dev/null set luci.diag=internal - set luci.diag.ping="openmptcprouter.com" - set luci.diag.dns="openmptcprouter.com" - set luci.diag.route="openmptcprouter.com" + set luci.diag.ping="www.openmptcprouter.com" + set luci.diag.dns="www.openmptcprouter.com" + set luci.diag.route="www.openmptcprouter.com" set luci.diag.iperf3="ping-ams1.online.net" set luci.diag.getip="ip.openmptcprouter.com" commit luci