Add openmptcprouter main package

openmptcprouter/Makefile

@@ -0,0 +1,47 @@
+#
+# Copyright (C) 2018 Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=openmptcprouter
+PKG_VERSION:=0.52
+PKG_RELEASE:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+MY_DEPENDS := \
+    mptcp       \
+    unbound     \
+    netifd      \
+    mc          \
+    omr-tracker \
+    luci-mod-admin-full luci-app-firewall luci-app-glorytun luci-app-shadowsocks-libev luci-app-unbound luci-theme-bootstrap luci-base
+
+
+define Package/$(PKG_NAME)
+SECTION:=OMR
+CATEGORY:=OpenMPTCProuter
+DEPENDS:=$(foreach p,$(MY_DEPENDS),+$(p))
+TITLE:=OpenMPTCProuter Full Package
+endef
+
+define Package/$(PKG_NAME)/description
+OpenMPTCProuter package
+endef
+
+define Package/$(PKG_NAME)/conffiles
+/etc/config/$(PKG_NAME)
+endef
+
+define Build/Compile
+endef
+
+define Package/$(PKG_NAME)/install
+	$(CP) ./files/* $(1)/
+endef
+
+$(eval $(call BuildPackage,$(PKG_NAME)))

openmptcprouter/files/bin/otb-test-download-shadowsocks

@@ -0,0 +1,24 @@
+#!/bin/sh
+# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :
+
+HOST="proof.ovh.net"
+
+_ipt() {
+	iptables -w -t nat "$1" socks_emitted_by_myself \
+		-d "$HOST" -j socks_redir -m comment --comment "Test download proof"
+}
+
+_chain_exists() {
+	iptables -w -t nat -nL "$1" 1>/dev/null 2>/dev/null
+}
+
+if ! _chain_exists "socks_emitted_by_myself" || ! _chain_exists "socks_redir"; then
+	echo "Couldn't find the iptables chain to plug myself into. Is ss-redir running?"
+	return 1
+fi
+
+trap : HUP INT TERM
+
+_ipt -A
+curl http://$HOST/files/10Gio.dat >/dev/null || echo
+_ipt -D

openmptcprouter/files/etc/sysctl.d/default.conf

@@ -0,0 +1,2 @@
+net.ipv4.tcp_ecn=1
+net.netfilter.nf_conntrack_helper=1

openmptcprouter/files/etc/sysctl.d/ipv6default.conf

@@ -0,0 +1 @@
+net.ipv6.conf.all.disable_ipv6=1

openmptcprouter/files/etc/uci-defaults/1910-otb-network

@@ -0,0 +1,131 @@
+#!/bin/sh
+# shellcheck disable=SC1091,SC2039
+# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :
+
+. /lib/functions.sh
+
+[ "$(uci -q get "network.lan.proto")" = static ] || \
+	uci -q batch <<-EOF
+	set network.lan=interface
+	set network.lan.proto=static
+	set network.lan.ipaddr=192.168.100.1
+	set network.lan.netmask=255.255.255.0
+	set network.lan.ifname=eth0
+	EOF
+
+uci -q batch <<EOF
+delete network.none
+delete network.if6rd
+reorder network.loopback=0
+reorder network.globals=1
+reorder network.lan=2
+set network.globals.multipath=enable
+EOF
+
+# Set the ip rule for the lan with a pref of 100
+uci -q show network.lan_rule >/dev/null || \
+	uci -q batch <<-EOF
+	set network.lan_rule=rule
+	set network.lan_rule.lookup=lan
+	set network.lan_rule.priority=100
+	EOF
+
+if [ "$(uci -q get network.vpn0.proto)" = "none" ]; then
+	uci -q delete network.vpn0
+fi
+
+_setup_multipath() {
+	uci -q get "network.$1.multipath" >/dev/null && return
+	uci -q set "network.$1.multipath=$2"
+}
+
+_setup_macaddr() {
+	uci -q get "network.$1_dev.macaddr" >/dev/null && return
+	uci -q set "network.$1_dev.macaddr=$2"
+}
+
+_setup_dhcp() {
+	uci -q get "network.$1.ipaddr" >/dev/null && return
+	uci -q set "network.$1.proto=dhcp"
+}
+
+_setup_macvlan() {
+	uci -q get "network.$1_dev.ifname" >/dev/null && return
+
+	# do not create macvlan for vlan
+	local _ifname
+	_ifname=$(uci -q get "network.$1.ifname")
+	case "$_ifname" in
+	eth*.*) return ;;
+	esac
+
+	uci -q batch <<-EOF
+	set network.$1_dev=device
+	set network.$1_dev.name=$1
+	set network.$1_dev.type=macvlan
+	set network.$1_dev.ifname=eth0
+	set network.$1.ifname=$1
+	EOF
+	_macaddr=$(uci -q get "network.$1.macaddr")
+	_setup_macaddr "$1" "${_macaddr:-auto$(date +%s)}"
+	uci -q set "network.$1.type=macvlan"  # legacy
+}
+
+
+config_load network
+
+_setup() {
+	case "$1" in
+	wan)
+		uci -q batch <<-EOF
+		set network.$1.metric=${1#wan}
+		set network.$1.ip4table=$((200+${1#wan}))
+		del_list firewall.wan.network=$1
+		add_list firewall.wan.network=$1
+		EOF
+		_setup_multipath "$1" on
+		_setup_dhcp "$1"
+		;;
+	wan*)
+		uci -q batch <<-EOF
+		set network.$1.metric=${1#wan}
+		set network.$1.ip4table=$((200+${1#wan}))
+		del_list firewall.wan.network=$1
+		add_list firewall.wan.network=$1
+		EOF
+		_setup_multipath "$1" on
+		_setup_macvlan "$1"
+		;;
+	if0)
+		proto=$(uci -q get "network.$1.proto")
+		[ "$proto" = "none" ] || proto="dhcp"
+		uci -q batch <<-EOF
+		set network.$1.proto=$proto
+		set network.$1.metric=2000
+		del_list firewall.wan.network=$1
+		add_list firewall.wan.network=$1
+		EOF
+		_setup_multipath "$1" off
+		_setup_macvlan "$1"
+		_setup_macvlan lan
+		;;
+	glorytun)
+		proto=$(uci -q get "network.$1.proto")
+		uci -q batch <<-EOF
+		set network.$1.metric=5000
+		EOF
+		_setup_multipath "$1" off
+		;;
+	*)
+		_setup_multipath "$1" off
+		;;
+	esac
+}
+config_load network
+config_foreach _setup interface
+
+# Add the lan as a named routing table
+if ! grep -s -q "lan" /etc/iproute2/rt_tables; then
+	echo "50 lan" >> /etc/iproute2/rt_tables
+fi
+uci -q set network.lan.ip4table='lan'

openmptcprouter/files/etc/uci-defaults/omr-uhttpd.defaults

@@ -0,0 +1,6 @@
+#!/bin/sh
+# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :
+
+# Do not redirect http to https, allow both
+
+uci -q set "uhttpd.main.redirect_https='0'"