mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
Merge branch 'develop'
This commit is contained in:
suyuan
commit
8af454a1db
147 changed files with 2964 additions and 2145 deletions
|
|
@ -1,5 +1,6 @@
|
|||
#!/bin/sh
|
||||
SERVER=$1
|
||||
shift
|
||||
[ -z "$SERVER" ] && SERVER="vps"
|
||||
KEY=$(uci -q get iperf.$SERVER.key)
|
||||
USER=$(uci -q get iperf.$SERVER.user)
|
||||
|
|
@ -9,7 +10,7 @@ PORTS=$(uci -q get iperf.$SERVER.ports | sed 's/,/ /g')
|
|||
PORT="${PORTS%% *}"
|
||||
echo $KEY | base64 -d > /tmp/iperf.pem
|
||||
if [ -n "$PASSWORD" ] && [ -n "$USER" ] && [ -n "$KEY" ]; then
|
||||
IPERF3_PASSWORD=$PASSWORD iperf3 --username $USER --rsa-public-key-path /tmp/iperf.pem -c $HOST -p $PORT ${@:2}
|
||||
IPERF3_PASSWORD=$PASSWORD iperf3 --username $USER --rsa-public-key-path /tmp/iperf.pem -c $HOST -p $PORT ${@}
|
||||
else
|
||||
iperf3 -c $HOST -p $PORT ${@:2}
|
||||
iperf3 -c $HOST -p $PORT ${@}
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -27,8 +27,8 @@ if [ -z "$INTERFACE" ]; then
|
|||
curl -4 $HOST >/dev/null || echo
|
||||
else
|
||||
domain=$(echo $HOST | awk -F/ '{print $3}')
|
||||
hostip=$(dig +short A $domain | tr -d "\n")
|
||||
hostip=$(dig +nocmd +noall +answer A $domain | grep -v CNAME | awk '{print $5}' | tr -d "\n")
|
||||
ipset add ss_rules_dst_bypass_all $hostip
|
||||
curl -4 $HOST >/dev/null || echo
|
||||
curl -4 --interface $INTERFACE $HOST >/dev/null || echo
|
||||
ipset del ss_rules_dst_bypass_all $hostip
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -132,11 +132,17 @@ start_service()
|
|||
uci -q batch <<-EOF >/dev/null
|
||||
set shadowsocks-libev.sss0.disabled='1'
|
||||
set glorytun.vpn.host='10.255.250.1'
|
||||
set glorytun-udp.vpn.host='10.255.250.1'
|
||||
commit glorytun
|
||||
commit glorytun-udp
|
||||
EOF
|
||||
elif [ "$(uci -q get glorytun.vpn.host)" = "10.255.250.1" ] && [ "$nbintf" != "$nbintfvpn" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
delete shadowsocks-libev.sss0.disabled
|
||||
set glorytun.vpn.host="$(uci -q get openmptcprouter.vps.ip)"
|
||||
set glorytun-udp.vpn.host="$(uci -q get openmptcprouter.vps.ip)"
|
||||
commit glorytun
|
||||
commit glorytun-udp
|
||||
EOF
|
||||
fi
|
||||
NBCPU=$(grep -c '^processor' /proc/cpuinfo | tr -d "\n")
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ START=99
|
|||
|
||||
USE_PROCD=1
|
||||
|
||||
EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall"
|
||||
EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key"
|
||||
|
||||
_parse_result() {
|
||||
result=$("echo $1 | jsonfilter -q -e '@.result'")
|
||||
|
|
@ -114,6 +114,27 @@ _set_openvpn_vps() {
|
|||
fi
|
||||
}
|
||||
|
||||
get_openvpn_key() {
|
||||
servername=$2
|
||||
[ -z "$vps_config" ] && vps_config=$(_get_json "config")
|
||||
[ -z "$vps_config" ] && return
|
||||
openvpn_client_key="$(echo "$vps_config" | jsonfilter -q -e '@.openvpn.client_key')"
|
||||
[ -n "$openvpn_client_key" ] && {
|
||||
echo $openvpn_client_key | base64 -d > /etc/luci-uploads/client.key
|
||||
}
|
||||
openvpn_client_crt="$(echo "$vps_config" | jsonfilter -q -e '@.openvpn.client_crt')"
|
||||
[ -n "$openvpn_client_crt" ] && {
|
||||
echo $openvpn_client_crt | base64 -d > /etc/luci-uploads/client.crt
|
||||
}
|
||||
openvpn_client_ca="$(echo "$vps_config" | jsonfilter -q -e '@.openvpn.client_ca')"
|
||||
[ -n "$openvpn_client_ca" ] && {
|
||||
echo $openvpn_client_ca | base64 -d > /etc/luci-uploads/ca.crt
|
||||
}
|
||||
[ -n "$openvpn_client_key" ] && [ -n "$openvpn_client_crt" ] && [ -n "$openvpn_client_ca" ] && {
|
||||
/etc/init.d/openvpn restart
|
||||
}
|
||||
}
|
||||
|
||||
_get_ss_redir() {
|
||||
config_get cf_ebpf $1 ebpf
|
||||
[ "$cf_ebpf" = "1" ] && ebpf="true"
|
||||
|
|
@ -132,14 +153,15 @@ _get_ss_server() {
|
|||
|
||||
_set_ss_server_vps() {
|
||||
local disabled port key method
|
||||
config_get disabled $1 disabled
|
||||
config_load shadowsocks-libev
|
||||
config_get disabled sss0 disabled
|
||||
[ "$disabled" = "1" ] && return
|
||||
config_get port $1 server_port
|
||||
config_get port sss0 server_port
|
||||
#config_get server $1 server
|
||||
config_get key $1 key
|
||||
config_get key sss0 key
|
||||
key="$(echo $key | sed 's/+/-/g; s/\//_/g;')"
|
||||
[ -z "$key" ] && return
|
||||
config_get method $1 method
|
||||
config_get method sss0 method
|
||||
local current_port current_key current_method
|
||||
[ -z "$vps_config" ] && vps_config=$(_get_json "config")
|
||||
[ -z "$vps_config" ] && return
|
||||
|
|
@ -166,7 +188,7 @@ _set_ss_server_vps() {
|
|||
if [ "$current_obfs_plugin" != "$obfs_plugin" ] || [ "$current_obfs_type" != "$obfs_type" ] || [ "$current_port" != "$port" ] || [ "$current_method" != "$method" ] || [ "$current_key" != "$key" ] || [ "$current_ebpf" != "$ebpf" ] || [ "$current_obfs" != "$obfs" ] || [ "$current_fast_open" != "$fast_open" ] || [ "$current_no_delay" != "$no_delay" ]; then
|
||||
local settings
|
||||
settings='{"port": '$port',"method":"'$method'","fast_open":'$fast_open',"reuse_port":true,"no_delay":'$no_delay',"mptcp":true,"key":"'$key'","ebpf":'$ebpf',"obfs":'$obfs',"obfs_plugin":"'$obfs_plugin'","obfs_type":"'$obfs_type'"}'
|
||||
echo $(_set_json "shadowsocks" "$settings")
|
||||
_set_json "shadowsocks" "$settings"
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
@ -274,20 +296,20 @@ _get_vps_config() {
|
|||
fi
|
||||
if [ "$vpn" = "glorytun_udp" ]; then
|
||||
glorytun_state=1
|
||||
uci -q set glorytun.vpn.proto='udp'
|
||||
#uci -q set glorytun.vpn.proto='udp'
|
||||
client_ip="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.udp.client_ip')"
|
||||
host_ip="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.udp.host_ip')"
|
||||
port="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.port')"
|
||||
if [ "$(uci -q get glorytun.vpn.port)" != "$port" ] && [ "$port" != "" ]; then
|
||||
if [ "$(uci -q get glorytun-udp.vpn.port)" != "$port" ] && [ "$port" != "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun.vpn.port=$port
|
||||
set glorytun-udp.vpn.port=$port
|
||||
EOF
|
||||
fi
|
||||
if [ "$client_ip" != "dhcp" ] && [ -n "$client_ip" ]; then
|
||||
if [ "$host_ip" != "$(uci -q get glorytun.vpn.remoteip)" ] || [ "$client_ip" != "$(uci -q get glorytun.vpn.localip)" ]; then
|
||||
if [ "$host_ip" != "$(uci -q get glorytun-udp.vpn.remoteip)" ] || [ "$client_ip" != "$(uci -q get glorytun-udp.vpn.localip)" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun.vpn.localip=$client_ip
|
||||
set glorytun.vpn.remoteip=$host_ip
|
||||
set glorytun-udp.vpn.localip=$client_ip
|
||||
set glorytun-udp.vpn.remoteip=$host_ip
|
||||
EOF
|
||||
glorytun_change=1
|
||||
fi
|
||||
|
|
@ -299,10 +321,10 @@ _get_vps_config() {
|
|||
glorytun_change=1
|
||||
fi
|
||||
else
|
||||
if [ "$(uci -q get glorytun.vpn.remoteip)" != "" ] || [ "$(uci -q get glorytun.vpn.localip)" != "" ]; then
|
||||
if [ "$(uci -q get glorytun-udp.vpn.remoteip)" != "" ] || [ "$(uci -q get glorytun-udp.vpn.localip)" != "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
delete glorytun.vpn.localip
|
||||
delete glorytun.vpn.remoteip
|
||||
delete glorytun-udp.vpn.localip
|
||||
delete glorytun-udp.vpn.remoteip
|
||||
EOF
|
||||
glorytun_change=1
|
||||
fi
|
||||
|
|
@ -381,14 +403,24 @@ _get_vps_config() {
|
|||
EOF
|
||||
glorytun_change=1
|
||||
fi
|
||||
if [ "$(uci -q get glorytun-udp.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get glorytun-udp.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun-udp.vpn.host="$vpsip"
|
||||
EOF
|
||||
glorytun_change=1
|
||||
fi
|
||||
|
||||
if [ "$glorytun_change" != "0" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
commit glorytun
|
||||
commit glorytun-udp
|
||||
EOF
|
||||
if [ "$(uci -q get glorytun.vpn.enable)" = "1" ]; then
|
||||
logger -t "OMR-VPS" "Restart glorytun..."
|
||||
/etc/init.d/glorytun restart >/dev/null 2>&1
|
||||
fi
|
||||
if [ "$(uci -q get glorytun-udp.vpn.enable)" = "1" ]; then
|
||||
logger -t "OMR-VPS" "Restart glorytun-udp..."
|
||||
/etc/init.d/glorytun-udp restart >/dev/null 2>&1
|
||||
fi
|
||||
fi
|
||||
|
|
@ -407,7 +439,7 @@ _get_gre_tunnel() {
|
|||
peeraddr="$(echo $tunnel | jsonfilter -q -e '@.remote_ip')"
|
||||
ipaddr="$(echo $tunnel | jsonfilter -q -e '@.local_ip')"
|
||||
publicaddr="$(echo $tunnel | jsonfilter -q -e '@.public_ip')"
|
||||
if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && ([ "$(uci -q get network.omrip${i}.peeraddr)" != "$peeraddr" ] || [ "$(uci -q get network.omrip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.omrip${i}gre.ipaddr)" != "$vpnip_local" ]); then
|
||||
if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && ([ "$(uci -q get network.omrip${i}.ipaddr)" != "$peeraddr" ] || [ "$(uci -q get network.omrip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.omrip${i}gre.ipaddr)" != "$vpnip_local" ]); then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set network.omrip${i}gre=interface
|
||||
set network.omrip${i}gre.label="GRE tunnel for $publicaddr"
|
||||
|
|
@ -435,6 +467,13 @@ _get_gre_tunnel() {
|
|||
set network.omrip${i}.netmask="255.255.255.252"
|
||||
set network.omrip${i}.lookup="667${i}"
|
||||
commit network
|
||||
EOF
|
||||
allintf=$(uci -q get firewall.zone_vpn.network)
|
||||
uci -q del firewall.zone_vpn.network
|
||||
for intf in $allintf; do
|
||||
uci -q add_list firewall.zone_vpn.network=$intf
|
||||
done
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
add_list firewall.zone_vpn.network="omrip${i}gre"
|
||||
add_list firewall.zone_vpn.network="omrip${i}"
|
||||
commit firewall
|
||||
|
|
@ -724,7 +763,8 @@ _set_client2client() {
|
|||
}
|
||||
|
||||
_vps_firewall_redirect_port() {
|
||||
local src proto src_dport
|
||||
local src proto src_dport section
|
||||
section=$1
|
||||
config_get src $1 src
|
||||
config_get proto $1 proto "tcp udp"
|
||||
config_get src_dport $1 src_dport
|
||||
|
|
@ -735,6 +775,14 @@ _vps_firewall_redirect_port() {
|
|||
config_get dest_port $1 dest_port
|
||||
config_get src_ip $1 src_ip
|
||||
config_get v2ray $1 v2ray "0"
|
||||
config_get dmz $1 dmz "0"
|
||||
if [ "$dmz" = "1" ] && [ "$src_dport" != "2-64999" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.${section}.src_dport='2-64999'
|
||||
commit firewall
|
||||
EOF
|
||||
src_dport='2-64999'
|
||||
fi
|
||||
if [ -n "$src_dport" ] && [ "$(echo $src_dport | cut -d'-' -f2)" -ge "65000" ]; then
|
||||
logger -t "OMR-VPS" "You can't redirect ports >= 65000, they are needed by OpenMPTCProuter Server part"
|
||||
enabled="0"
|
||||
|
|
@ -906,7 +954,7 @@ _set_vps_firewall() {
|
|||
vps_config=""
|
||||
_login
|
||||
[ -z "$token" ] && {
|
||||
logger -t "OMR-VPS" "Can't get token, try later"
|
||||
logger -t "OMR-VPS" "Can't get ${fwservername} token, try later"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openmptcprouter.${fwservername}.admin_error=1
|
||||
EOF
|
||||
|
|
@ -967,7 +1015,7 @@ _set_config_from_vps() {
|
|||
[ -z "$vps_config" ] && vps_config=$(_get_json "config")
|
||||
[ -z "$vps_config" ] && return
|
||||
|
||||
logger -t "OMR-VPS" "Get config from VPS..."
|
||||
logger -t "OMR-VPS" "Get config from server ${servername}..."
|
||||
noerror=1
|
||||
# get VPS ip
|
||||
vpsip="$(uci -q get openmptcprouter.${servername}.ip)"
|
||||
|
|
@ -1033,6 +1081,15 @@ _set_config_from_vps() {
|
|||
set openmptcprouter.settings.shadowsocks_disable=1
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
elif [ "$current_proxy" = "none" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set shadowsocks-libev.sss0.disabled=1
|
||||
commit shadowsocks-libev
|
||||
set v2ray.main.enabled=0
|
||||
commit shadowsocks-libev
|
||||
set openmptcprouter.settings.shadowsocks_disable=1
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
|
@ -1126,9 +1183,6 @@ _set_config_from_vps() {
|
|||
if [ "$vpn" = "glorytun_tcp" ]; then
|
||||
glorytun_state=1
|
||||
fi
|
||||
if [ "$vpn" = "glorytun_udp" ]; then
|
||||
glorytun_state=1
|
||||
fi
|
||||
[ -z "$glorytun_port" ] && glorytun_port="65001"
|
||||
glorytun_chacha="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.chacha')"
|
||||
[ -z "$glorytun_chacha" ] || [ "$glorytun_chacha" = "true" ] && glorytun_chacha=1
|
||||
|
|
@ -1145,6 +1199,28 @@ _set_config_from_vps() {
|
|||
uci -q commit glorytun
|
||||
logger -t "OMR-VPS" "Glorytun restart..."
|
||||
/etc/init.d/glorytun restart >/dev/null 2>&1
|
||||
fi
|
||||
if ([ -n "$glorytun_key" ] && [ "$glorytun_key" != "$(uci -q get glorytun-udp.vpn.key)" ]) || ([ -n "$glorytun_port" ] || [ "$glorytun_port" != "$(uci -q get glorytun-udp.vpn.port)" ]); then
|
||||
vpn="$(uci -q get openmptcprouter.settings.vpn)"
|
||||
glorytun_state=0
|
||||
if [ "$vpn" = "glorytun_udp" ]; then
|
||||
glorytun_state=1
|
||||
fi
|
||||
[ -z "$glorytun_port" ] && glorytun_port="65001"
|
||||
glorytun_chacha="$(echo "$vps_config" | jsonfilter -q -e '@.glorytun.chacha')"
|
||||
[ -z "$glorytun_chacha" ] || [ "$glorytun_chacha" = "true" ] && glorytun_chacha=1
|
||||
[ "$glorytun_chacha" = "false" ] && glorytun_chacha=0
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun-udp.vpn.port=$glorytun_port
|
||||
set glorytun-udp.vpn.key=$glorytun_key
|
||||
set glorytun-udp.vpn.enable=$glorytun_state
|
||||
set glorytun-udp.vpn.chacha=$glorytun_chacha
|
||||
EOF
|
||||
if [ "$(uci -q get glorytun-udp.vpn.host)" != "127.0.0.1" ]; then
|
||||
uci -q set glorytun-udp.vpn.host="$vpsip"
|
||||
fi
|
||||
uci -q commit glorytun-udp
|
||||
logger -t "OMR-VPS" "Glorytun UDP restart..."
|
||||
/etc/init.d/glorytun-udp restart >/dev/null 2>&1
|
||||
fi
|
||||
|
||||
|
|
@ -1371,7 +1447,7 @@ _backup_send() {
|
|||
vps_config=""
|
||||
_login
|
||||
[ -z "$token" ] && {
|
||||
logger -t "OMR-VPS" "Can't get token, try later"
|
||||
logger -t "OMR-VPS" "Can't get ${servername} token, try later"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openmptcprouter.${servername}.admin_error=1
|
||||
EOF
|
||||
|
|
@ -1412,7 +1488,7 @@ _backup_get_and_apply() {
|
|||
vps_config=""
|
||||
_login
|
||||
[ -z "$token" ] && {
|
||||
logger -t "OMR-VPS" "Can't get token, try later"
|
||||
logger -t "OMR-VPS" "Can't get ${servername} token, try later"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openmptcprouter.${servername}.admin_error=1
|
||||
EOF
|
||||
|
|
@ -1446,7 +1522,7 @@ _backup_list() {
|
|||
vps_config=""
|
||||
_login
|
||||
[ -z "$token" ] && {
|
||||
logger -t "OMR-VPS" "Can't get token, try later"
|
||||
logger -t "OMR-VPS" "Can't get ${servername} token, try later"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openmptcprouter.${servername}.admin_error=1
|
||||
EOF
|
||||
|
|
@ -1483,6 +1559,7 @@ _config_service() {
|
|||
[ -z "$(uci -q get openmptcprouter.${servername}.password)" ] && return
|
||||
[ -z "$(uci -q get openmptcprouter.${servername}.port)" ] && return
|
||||
[ -z "$(uci -q get openmptcprouter.${servername}.ip)" ] && return
|
||||
[ "$(uci -q get openmptcprouter.${servername}.disabled)" = "1" ] && return
|
||||
token=""
|
||||
vps_config=""
|
||||
_login
|
||||
|
|
@ -1491,9 +1568,9 @@ _config_service() {
|
|||
_ping_server
|
||||
status=$?
|
||||
if $(exit $status); then
|
||||
reason="can ping server"
|
||||
reason="can ping server ${servername}"
|
||||
else
|
||||
reason="can't ping server"
|
||||
reason="can't ping server ${servername}"
|
||||
fi
|
||||
port="$(uci -q get openmptcprouter.${servername}.port)"
|
||||
server="$(uci -q get openmptcprouter.${servername}.ip)"
|
||||
|
|
@ -1505,19 +1582,29 @@ _config_service() {
|
|||
if [ "$(uci -q get openmptcprouter.${servername}.username)" != "openmptcprouter" ]; then
|
||||
reason="$reason, custom username"
|
||||
fi
|
||||
logger -t "OMR-VPS" "Can't get token, try later ($reason)"
|
||||
logger -t "OMR-VPS" "Can't get ${servername} token, try later ($reason)"
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openmptcprouter.${servername}.admin_error=1
|
||||
EOF
|
||||
return
|
||||
}
|
||||
error=0
|
||||
[ "$(uci -q get openmptcprouter.${servername}.get_config)" = "1" ] && {
|
||||
if [ -n "$serial" ]; then
|
||||
[ -z "$vps_config" ] && vps_config=$(_get_json "config?serial=${serial}")
|
||||
if [ -n "$vps_config" ] && [ "$( echo "$vps_config" | jsonfilter -q -e '@.error')" = "False serial number" ]; then
|
||||
logger -t "OMR-VPS" "Invalid serial number"
|
||||
sed -i "s:${server}::g" /etc/config/*
|
||||
return
|
||||
fi
|
||||
fi
|
||||
[ "$(uci -q get openmptcprouter.${servername}.get_config)" = "1" ] && [ "$(uci -q get openmptcprouter.${servername}.master)" = "1" ] && {
|
||||
_set_config_from_vps
|
||||
_get_gre_tunnel
|
||||
}
|
||||
|
||||
_get_vps_config
|
||||
[ "$(uci -q get openmptcprouter.${servername}.master)" = "1" ] && {
|
||||
_get_vps_config
|
||||
}
|
||||
[ -z "$vps_config" ] && vps_config=$(_get_json "config")
|
||||
[ -z "$vps_config" ] && return
|
||||
user_permission="$(echo "$vps_config" | jsonfilter -q -e '@.user.permission')"
|
||||
|
|
@ -1530,6 +1617,8 @@ _config_service() {
|
|||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun.vpn.chacha20="0"
|
||||
commit glorytun
|
||||
set glorytun-udp.vpn.chacha="0"
|
||||
commit glorytun-udp
|
||||
EOF
|
||||
config_foreach _set_ss_server server "method" "aes-256-gcm"
|
||||
uci -q commit shadowsocks-libev
|
||||
|
|
@ -1538,8 +1627,9 @@ _config_service() {
|
|||
[ -n "$vps_config" ] && uci -q set openmptcprouter.settings.firstboot=0
|
||||
fi
|
||||
if [ "$user_permission" != "ro" ]; then
|
||||
config_load shadowsocks-libev
|
||||
config_foreach _set_ss_server_vps server
|
||||
#config_load shadowsocks-libev
|
||||
#config_foreach _set_ss_server_vps server
|
||||
_set_ss_server_vps
|
||||
_set_v2ray_server_vps
|
||||
[ -z "$(_set_glorytun_vps)" ] && error=1
|
||||
[ -z "$(_set_openvpn_vps)" ] && error=1
|
||||
|
|
@ -1605,6 +1695,9 @@ set_pihole() {
|
|||
start_service() {
|
||||
serversnb=0
|
||||
wanips=""
|
||||
serial=$(cat /proc/cpuinfo | grep Serial | awk '{print $3}')
|
||||
[ -z "$serial" ] && [ -f "/usr/sbin/dmidecode" ] && serial=$(/usr/sbin/dmidecode -t 1 | egrep 'Serial' | awk '{print $3}')
|
||||
uci -q set openmptcprouter.settings.serial=${serial}
|
||||
config_load openmptcprouter
|
||||
config_foreach _count_server server
|
||||
config_foreach _get_local_wan_ip interface
|
||||
|
|
@ -1616,6 +1709,6 @@ start_service() {
|
|||
}
|
||||
|
||||
service_triggers() {
|
||||
procd_add_reload_trigger openmptcprouter shadowsocks-libev glorytun mlvpn openvpn network upnpd dsvpn v2ray firewall
|
||||
procd_add_reload_trigger openmptcprouter shadowsocks-libev glorytun glorytun-udp mlvpn openvpn network upnpd dsvpn v2ray firewall
|
||||
#procd_add_reload_trigger openmptcprouter shadowsocks-libev network upnpd
|
||||
}
|
||||
103
openmptcprouter/files/etc/init.d/openvpnbonding
Executable file
103
openmptcprouter/files/etc/init.d/openvpnbonding
Executable file
|
|
@ -0,0 +1,103 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2020 Ycarus (Yannick Chabanois) <ycarus@zugaina.org> for OpenMPTCProuter
|
||||
# Released under GPL 3. See LICENSE for the full terms.
|
||||
|
||||
{
|
||||
START=70
|
||||
STOP=10
|
||||
USE_PROCD=1
|
||||
}
|
||||
|
||||
_getremoteip() {
|
||||
[ "$(uci -q get openmptcprouter.$1.master)" = "1" ] && remoteip=$(uci -q get openmptcprouter.$1.ip)
|
||||
}
|
||||
|
||||
_openvpnbonding() {
|
||||
local interface=$1
|
||||
if [ "$(uci -q get openmptcprouter.${interface}.multipath)" = "master" ] || [ "$(uci -q get openmptcprouter.${interface}.multipath)" = "on" ]; then
|
||||
nbintf=$(($nbintf+1))
|
||||
remoteip=""
|
||||
config_load openmptcprouter
|
||||
config_foreach _getremoteip server
|
||||
if [ -n "$remoteip" ]; then
|
||||
localip=$(ubus call network.interface.$interface status | jsonfilter -e '@["ipv4-address"][0].address' | tr -d "\n")
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openvpn.omr_bonding_${interface}=openvpn
|
||||
set openvpn.omr_bonding_${interface}.dev="bond${interface}"
|
||||
set openvpn.omr_bonding_${interface}.dev_type="tap"
|
||||
set openvpn.omr_bonding_${interface}.cipher='AES-256-CBC'
|
||||
set openvpn.omr_bonding_${interface}.port="6535${nbintf}"
|
||||
set openvpn.omr_bonding_${interface}.remote="${remoteip}"
|
||||
set openvpn.omr_bonding_${interface}.local="${localip}"
|
||||
set openvpn.omr_bonding_${interface}.lport='0'
|
||||
set openvpn.omr_bonding_${interface}.ncp_disable='1'
|
||||
set openvpn.omr_bonding_${interface}.auth_nocache='1'
|
||||
set openvpn.omr_bonding_${interface}.proto='udp'
|
||||
set openvpn.omr_bonding_${interface}.client='1'
|
||||
set openvpn.omr_bonding_${interface}.tls_client='1'
|
||||
set openvpn.omr_bonding_${interface}.enabled='1'
|
||||
set openvpn.omr_bonding_${interface}.persist_tun='1'
|
||||
set openvpn.omr_bonding_${interface}.key='/etc/luci-uploads/client.key'
|
||||
set openvpn.omr_bonding_${interface}.cert='/etc/luci-uploads/client.crt'
|
||||
set openvpn.omr_bonding_${interface}.ca='/etc/luci-uploads/ca.crt'
|
||||
commit openvpn
|
||||
EOF
|
||||
if [ "$(uci -q get network.omrvpn.slaves | grep bond${interface})" = "" ]; then
|
||||
uci -q add_list network.omrvpn.slaves="bond${interface}"
|
||||
fi
|
||||
/etc/init.d/openvpn start omr_bonding_${interface}
|
||||
ip link set bond${interface} master bonding-omrvpn
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
_disable_openvpnbonding()
|
||||
{
|
||||
name=$1
|
||||
if [ "$(echo $name | grep omr_bonding)" != "" ]; then
|
||||
uci -q set openvpn.${name}.enabled='0'
|
||||
fi
|
||||
}
|
||||
|
||||
start_service()
|
||||
{
|
||||
if [ "$(uci -q get openmptcprouter.settings.vpn)" = "openvpn_bonding" ]; then
|
||||
nbintf=0
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set network.omrvpn.proto='bonding'
|
||||
set network.omrvpn.bonding_policy='balance-rr'
|
||||
set network.omrvpn.packets_per_slave='1'
|
||||
set network.omrvpn.xmit_hash_policy='layer2'
|
||||
set network.omrvpn.all_slaves_active='0'
|
||||
set network.omrvpn.netmask='255.255.255.0'
|
||||
set network.omrvpn.ipaddr='10.255.248.2'
|
||||
set network.omrvpn.link_monitoring='mii'
|
||||
set network.omrvpn.miimon='10'
|
||||
set network.omrvpn.downdelay='100'
|
||||
set network.omrvpn.updelay='20'
|
||||
set network.omrvpn.use_carrier='1'
|
||||
set network.omrvpn.mtu='1440'
|
||||
set network.omrvpn.ifname= 'bonding-omrvpn'
|
||||
set network.omrvpn.force_link='1'
|
||||
commit network
|
||||
EOF
|
||||
if [ "$(ip link show bonding-omrvpn)" = "" ]; then
|
||||
/etc/init.d/network restart
|
||||
sleep 10
|
||||
fi
|
||||
config_load openmptcprouter
|
||||
config_foreach _openvpnbonding interface
|
||||
ip link set bonding-omrvpn up
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
commit network
|
||||
EOF
|
||||
else
|
||||
config_load openvpn
|
||||
config_foreach _disable_openvpnbonding
|
||||
uci -q commit openvpn
|
||||
fi
|
||||
}
|
||||
|
||||
service_triggers() {
|
||||
procd_add_reload_trigger "openvpn" "network"
|
||||
}
|
||||
|
|
@ -13,6 +13,11 @@ if [ "$(uci -q get openmptcprouter.latest_versions)" = "" ]; then
|
|||
uci -q batch <<-EOF >/dev/null
|
||||
add_list dhcp.@dnsmasq[-1].server="127.0.0.1#5353"
|
||||
add_list dhcp.@dnsmasq[-1].server="/lan/"
|
||||
#add_list dhcp.@dnsmasq[-1].server="223.5.5.5#53"
|
||||
#add_list dhcp.@dnsmasq[-1].server="223.6.6.6#53"
|
||||
#add_list dhcp.@dnsmasq[-1].server="180.76.76.76#53"
|
||||
#add_list dhcp.@dnsmasq[-1].server="208.67.222.222#5353"
|
||||
#add_list dhcp.@dnsmasq[-1].server="208.67.220.220#5353"
|
||||
commit dhcp
|
||||
EOF
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -157,6 +157,11 @@ uci -q del firewall.@zone[1].network
|
|||
for intf in $allintf; do
|
||||
uci -q add_list firewall.@zone[1].network=$intf
|
||||
done
|
||||
allintf=$(uci -q get firewall.zone_vpn.network)
|
||||
uci -q del firewall.zone_vpn.network
|
||||
for intf in $allintf; do
|
||||
uci -q add_list firewall.zone_vpn.network=$intf
|
||||
done
|
||||
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.@zone[0].mtu_fix='1'
|
||||
|
|
|
|||
|
|
@ -2,8 +2,9 @@
|
|||
|
||||
if [ "$(uci -q get openmptcprouter.settings.disable_ipv6)" != "0" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set dhcp.lan.ra_default=1
|
||||
set dhcp.lan.dhcpv6=server
|
||||
delete dhcp.lan.ra_default
|
||||
delete dhcp.lan.dhcpv6
|
||||
delete dhcp.lan.ra
|
||||
set dhcp.lan.force=1
|
||||
commit dhcp
|
||||
EOF
|
||||
|
|
|
|||
|
|
@ -24,6 +24,13 @@ if [ "$(uci -q get glorytun.vpn.localip)" = "10.0.0.2" ]; then
|
|||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q get network.omrvpn.txqueuelen)" = "1000" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set network.omrvpn.txqueuelen=100
|
||||
commit network
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q get openvpn.omr.proto)" != "tcp-client" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set openvpn.omr=openvpn
|
||||
|
|
@ -67,11 +74,18 @@ if [ "$(uci -q get dsvpn.vpn)" = "" ]; then
|
|||
set dsvpn.vpn.port=65011
|
||||
set dsvpn.vpn.localip=10.255.251.2
|
||||
set dsvpn.vpn.remoteip=10.255.251.1
|
||||
set dsvpn.vpn.mode=client
|
||||
set dsvpn.vpn.enable=0
|
||||
commit dsvpn
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q get dsvpn.vpn.mode)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set dsvpn.vpn.mode=client
|
||||
commit dsvpn
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q show firewall | grep omrvpn)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
|
|
@ -93,6 +107,12 @@ if [ "$(uci -q get ucitrack.@network[-1].affects | grep glorytun)" = "" ]; then
|
|||
commit ucitrack
|
||||
EOF
|
||||
fi
|
||||
if [ "$(uci -q get ucitrack.@network[-1].affects | grep glorytun-udp)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
add_list ucitrack.@network[-1].affects="glorytun-udp"
|
||||
commit ucitrack
|
||||
EOF
|
||||
fi
|
||||
if [ "$(uci -q get ucitrack.@network[-1].affects | grep dsvpn)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
add_list ucitrack.@network[-1].affects="dsvpn"
|
||||
|
|
@ -105,6 +125,28 @@ if [ "$(uci -q get ucitrack.@glorytun[-1].affects | grep openmptcprouter-vps)" =
|
|||
commit ucitrack
|
||||
EOF
|
||||
fi
|
||||
if [ "$(uci -q get ucitrack.@glorytun-udp[-1].affects | grep openmptcprouter-vps)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
add_list ucitrack.@glorytun-udp[-1].affects="openmptcprouter-vps"
|
||||
commit ucitrack
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q get glorytun-udp.vpn.key)" = "" ] && [ "$(uci -q get glorytun.vpn.key)" != "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun-udp.vpn.key=$(uci -q get glorytun.vpn.key)
|
||||
set glorytun-udp.vpn.host=$(uci -q get glorytun.vpn.host)
|
||||
EOF
|
||||
if [ "$(uci -q get glorytun-udp.vpn.proto)" = "udp" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set glorytun-udp.vpn.enable=1
|
||||
set glorytun.vpn.enable=0
|
||||
commit glorytun
|
||||
EOF
|
||||
fi
|
||||
uci -q commit glorytun-udp
|
||||
fi
|
||||
|
||||
|
||||
|
||||
rm -f /tmp/luci-indexcache
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
#!/bin/sh
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set uhttpd.main.redirect_https=0
|
||||
set uhttpd.main.script_timeout=240
|
||||
set uhttpd.main.network_timeout=240
|
||||
set uhttpd.main.http_keepalive=0
|
||||
EOF
|
||||
if [ "$(uci -q get openmptcprouter.settings.version)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set uhttpd.main.redirect_https=0
|
||||
set uhttpd.main.script_timeout=240
|
||||
set uhttpd.main.network_timeout=240
|
||||
set uhttpd.main.http_keepalive=0
|
||||
EOF
|
||||
fi
|
||||
exit 0
|
||||
|
|
@ -6,17 +6,27 @@ uci -q batch <<-EOF >/dev/null
|
|||
commit system
|
||||
set rpcd.@rpcd[0].timeout=120
|
||||
commit rpcd
|
||||
luci.apply.timeout='20'
|
||||
set luci.apply.timeout='20'
|
||||
commit luci
|
||||
fstab.@global[0].check_fs='1'
|
||||
set fstab.@global[0].check_fs='1'
|
||||
commit fstab
|
||||
EOF
|
||||
|
||||
if [ "$(uci -q get rpcd.@rpcd[0].socket)" != "/var/run/ubus/ubus.sock" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set rpcd.@rpcd[0].socket='/var/run/ubus/ubus.sock'
|
||||
commit rpcd
|
||||
EOF
|
||||
fi
|
||||
|
||||
/sbin/block detect > /etc/config/fstab
|
||||
|
||||
[ -n "$(ubus call system board | jsonfilter -e '@.board_name' | grep raspberry)" ] && [ "$(uci -q get openmptcprouter.settings.scaling_governor)" != "performance" ] && {
|
||||
# force CPU speed for RPI
|
||||
uci -q set openmptcprouter.settings.scaling_min_freq=$(cat /sys/devices/system/cpu/cpufreq/policy0/scaling_max_freq | tr -d "\n")
|
||||
uci -q set openmptcprouter.settings.scaling_max_freq=$(cat /sys/devices/system/cpu/cpufreq/policy0/scaling_max_freq | tr -d "\n")
|
||||
uci -q set openmptcprouter.settings.scaling_governor='performance'
|
||||
uci -q commit openmptcprouter
|
||||
}
|
||||
|
||||
exit 0
|
||||
Loading…
Add table
Add a link
Reference in a new issue