From 7840a05a8a0480e139dac39bdfcc66f00b666b3d Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 28 May 2021 17:48:24 +0200 Subject: [PATCH] Add option to enable/disable nDPI --- .../root/etc/init.d/omr-bypass | 40 ++++++++++--------- .../luasrc/controller/openmptcprouter.lua | 4 ++ .../luasrc/view/openmptcprouter/settings.htm | 10 +++++ 3 files changed, 35 insertions(+), 19 deletions(-) diff --git a/luci-app-omr-bypass/root/etc/init.d/omr-bypass b/luci-app-omr-bypass/root/etc/init.d/omr-bypass index 164f6e42e..2b8f56972 100755 --- a/luci-app-omr-bypass/root/etc/init.d/omr-bypass +++ b/luci-app-omr-bypass/root/etc/init.d/omr-bypass @@ -341,31 +341,33 @@ _bypass_proto() { [ -z "$intf" ] && intf="all" [ -z "$proto" ] && return - if [ "$intf" = "all" ]; then - iptables-restore -w --wait=60 --noflush <<-EOF - *mangle - -A omr-bypass-dpi -m ndpi --proto $proto -j MARK --set-mark 0x539 - COMMIT - EOF - if [ "$disableipv6" = "0" ]; then - ip6tables-restore -w --wait=60 --noflush <<-EOF + if [ "$(uci -q get openmptcprouter.settings.ndpi)" != "0" ]; then + if [ "$intf" = "all" ]; then + iptables-restore -w --wait=60 --noflush <<-EOF *mangle - -A omr-bypass6-dpi -m ndpi --proto $proto -j MARK --set-mark 0x6539 + -A omr-bypass-dpi -m ndpi --proto $proto -j MARK --set-mark 0x539 COMMIT EOF - fi - else - iptables-restore -w --wait=60 --noflush <<-EOF - *mangle - -A omr-bypass-dpi -m ndpi --proto $proto -j MARK --set-mark 0x539$intfid - COMMIT - EOF - if [ "$disableipv6" = "0" ]; then - ip6tables-restore -w --wait=60 --noflush <<-EOF + if [ "$disableipv6" = "0" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6-dpi -m ndpi --proto $proto -j MARK --set-mark 0x6539 + COMMIT + EOF + fi + else + iptables-restore -w --wait=60 --noflush <<-EOF *mangle - -A omr-bypass6-dpi -m ndpi --proto $proto -j MARK --set-mark 0x6539$intfid + -A omr-bypass-dpi -m ndpi --proto $proto -j MARK --set-mark 0x539$intfid COMMIT EOF + if [ "$disableipv6" = "0" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6-dpi -m ndpi --proto $proto -j MARK --set-mark 0x6539$intfid + COMMIT + EOF + fi fi fi # Use dnsmasq ipset to bypass domains of the proto diff --git a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua index 7c354b690..3d243b210 100644 --- a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua +++ b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua @@ -1041,6 +1041,10 @@ function settings_add() local shadowsocksudp = luci.http.formvalue("shadowsocksudp") or "0" ucic:set("openmptcprouter","settings","shadowsocksudp",shadowsocksudp) + -- Enable/disable nDPI + local ndpi = luci.http.formvalue("ndpi") or "1" + ucic:set("openmptcprouter","settings","ndpi",ndpi) + -- Enable/disable fast open local disablefastopen = luci.http.formvalue("disablefastopen") or "0" if disablefastopen == "0" then diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm index 67bfa50c1..c866f921e 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm @@ -331,6 +331,16 @@ +
+ +
+ checked<% end %>> +
+
+ <%:Disable nDPI, used for protocols in OMR-ByPass%> +
+
+