mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-03-09 15:40:03 +00:00
Code Issues Releases Wiki Activity

Merge branch 'develop'

Browse source
This commit is contained in:
suyuan 2021-11-10 16:49:43 +08:00
commit 9a5b911311
73 changed files with 21298 additions and 1309 deletions
Download patch file Download diff file Expand all files Collapse all files

12
.github/workflows/main.yml vendored Executable file → Normal file
View file

@ -3,13 +3,13 @@ on: [push]
env:
REPO_URL: 'https://github.com/suyuan168/3grouter'
OMR_KERNEL: '5.4'
jobs:
build:
strategy:
matrix:
OMR_TARGET: [bpi-r1, bpi-r2, bpi-r64, rpi2, rpi4, wrt32x, espressobin, r2s, rpi3, wrt3200acm, x86, x86_64, ubnt-erx, r4s]
OMR_TARGET: [bpi-r1, bpi-r2, bpi-r64, rpi2, rpi4, wrt32x, espressobin, r2s, rpi3, wrt3200acm, x86, x86_64, ubnt-erx, r4s, r7800, l1000, zbt4019]
OMR_KERNEL: [5.4, 5.14]
runs-on: ubuntu-latest
continue-on-error: true
@ -61,10 +61,11 @@ jobs:
OMR_FEED_URL: https://github.com/suyuan168/openmptcprouter-feeds
SOURCE_NAME: ${{ steps.branch_name.outputs.SOURCE_NAME }}
OMR_TARGET: ${{ matrix.OMR_TARGET }}
OMR_KERNEL: ${{ matrix.OMR_KERNEL }}
OMR_HOST: ${{ secrets.OMR_HOST }}
OMR_PORT: ${{ secrets.OMR_PORT }}
run: |
OMR_FEED_SRC="${SOURCE_NAME}" sh build.sh prepare {tools,toolchain}/install -j$(nproc) || OMR_FEED_SRC="${SOURCE_NAME}" sh build.sh prepare {tools,toolchain}/install -j1 V=s
OMR_KERNEL="${OMR_KERNEL}" OMR_FEED_SRC="${SOURCE_NAME}" sh build.sh prepare {tools,toolchain}/install -j$(nproc) || OMR_KERNEL="${OMR_KERNEL}" OMR_FEED_SRC="${SOURCE_NAME}" sh build.sh prepare {tools,toolchain}/install -j1 V=s
#echo -e "${{ secrets.OMR_PRIVKEY }}" > $OMR_TARGET/source/key-build
#echo -e "${{ secrets.OMR_PUBKEY }}" > $OMR_TARGET/source/key-build.pub
- name: Build packages
@ -108,7 +109,7 @@ jobs:
SOURCE_TAG: ${{ steps.branch_name.outputs.SOURCE_TAG }}
with:
command: |
mkdir -p /www/wwwroot/55860.com/bak/down/${{env.SOURCE_BRANCH}}/${{env.OMR_KERNEL}}/${{matrix.OMR_TARGET}}
mkdir -p /www/wwwroot/55860.com/bak/down/${{env.SOURCE_BRANCH}}/${{matrix.OMR_KERNEL}}/${{matrix.OMR_TARGET}}
host: ${{ secrets.OMR_DEPLOY_HOST }}
user: root
port: ${{ secrets.OMR_DEPLOY_PORT }}
@ -141,7 +142,7 @@ jobs:
uses: ysurac/action-rsync@master
env:
ARGS: -av --delete-after
TARGET: /www/wwwroot/55860.com/bak/down/${{ steps.branch_name.outputs.SOURCE_BRANCH }}/${{env.OMR_KERNEL}}/${{matrix.OMR_TARGET}}
TARGET: /www/wwwroot/55860.com/bak/down/${{ steps.branch_name.outputs.SOURCE_BRANCH }}/${{matrix.OMR_KERNEL}}/${{matrix.OMR_TARGET}}
SOURCE: ./bin/
KEY: ${{ secrets.PRIVATE_KEY }}
USER: root
@ -151,3 +152,4 @@ jobs:
SOURCE_BRANCH: ${{ steps.branch_name.outputs.SOURCE_BRANCH }}
SOURCE_TAG: ${{ steps.branch_name.outputs.SOURCE_TAG }}
GITHUB_WORKSPACE: ${{ steps.branch_name.outputs.WORKSPACE }}

58
cryptodev-linux/Makefile Normal file
View file

@ -0,0 +1,58 @@
#
# Copyright (C) 2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
# $Id$
include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=cryptodev-linux
PKG_VERSION:=1.12
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://codeload.github.com/$(PKG_NAME)/$(PKG_NAME)/tar.gz/$(PKG_NAME)-$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_HASH:=f51c2254749233b1b1d7ec9445158bd709f124f88e1c650fe2faac83c3a81938
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
PKG_MAINTAINER:=Ansuel Smith <ansuelsmth@gmail.com>
PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/$(PKG_NAME)-$(PKG_NAME)-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
define KernelPackage/cryptodev
SUBMENU:=Cryptographic API modules
TITLE:=Driver for cryptographic acceleration
URL:=http://cryptodev-linux.org/
VERSION:=$(LINUX_VERSION)+$(PKG_VERSION)-$(BOARD)-$(PKG_RELEASE)
DEPENDS:=+kmod-crypto-authenc +kmod-crypto-hash
FILES:=$(PKG_BUILD_DIR)/cryptodev.$(LINUX_KMOD_SUFFIX)
AUTOLOAD:=$(call AutoLoad,50,cryptodev)
MODPARAMS.cryptodev:=cryptodev_verbosity=-1
endef
define KernelPackage/cryptodev/description
This is a driver for that allows to use the Linux kernel supported
hardware ciphers by user-space applications.
endef
define Build/Configure
endef
define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR) \
$(KERNEL_MAKE_FLAGS) \
KERNEL_DIR="$(LINUX_DIR)"
endef
define Build/InstallDev
$(INSTALL_DIR) $(STAGING_DIR)/usr/include/crypto
$(CP) $(PKG_BUILD_DIR)/crypto/cryptodev.h $(STAGING_DIR)/usr/include/crypto/
endef
$(eval $(call KernelPackage,cryptodev))

14
dsvpn/files/init
View file

@ -29,6 +29,16 @@ validate_section() {
'externalip:string:auto'
}
version_over_5_4() {
MAJOR_VERSION=$(uname -r | awk -F '.' '{print $1}')
MINOR_VERSION=$(uname -r | awk -F '.' '{print $2}')
if [ $MAJOR_VERSION -ge 5 ] && [ $MINOR_VERSION -gt 13 ] || [ $MAJOR_VERSION -gt 5 ] ; then
return 0
else
return 1
fi
}
start_instance() {
local enable key host port dev
@ -58,6 +68,10 @@ start_instance() {
_log "starting ${PROG_NAME} ${1} instance $*"
if version_over_5_4; then
PROG="mptcpize run ${PROG}"
fi
procd_open_instance
procd_set_param command ${PROG} ${mode} \

9
glorytun/Makefile
View file

@ -9,11 +9,14 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=glorytun
PKG_VERSION:=0.0.35
PKG_RELEASE:=6
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=6d58536f4232fea8eaa10fb60aace8ba11f29ed6
PKG_SOURCE:=glorytun-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/angt/glorytun/releases/download/v$(PKG_VERSION)
PKG_HASH:=49e4d8ea4ff2990300b37947b0bd0da3c8e0985bc6eddf29f4146306188fff64
PKG_SOURCE_URL:=https://github.com/Ysurac/glorytun.git
PKG_VERSION:=0.0.35-$(PKG_SOURCE_VERSION)
PKG_FIXUP:=autoreconf
include $(INCLUDE_DIR)/package.mk

3
glorytun/glorytun.config
View file

@ -11,4 +11,5 @@ config glorytun 'vpn'
option localip '10.255.255.2'
option remoteip '10.255.255.1'
option multiqueue '1'
option label 'Default VPN'
option label 'Default VPN'
option timeout '10000'

2
iperf3/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=iperf
PKG_VERSION:=3.10.1
PKG_RELEASE:=1
PKG_RELEASE:=10
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://downloads.es.net/pub/iperf

31
iperf3/patches/remove-in6_flowlabel_req.patch
View file

@ -1,24 +1,25 @@
--- a/src/flowlabel.h 2021-06-24 13:26:33.142463630 +0200
+++ b/src/flowlabel.h 2021-06-24 13:27:45.669235179 +0200
@@ -37,21 +37,6 @@
@@ -37,21 +37,21 @@
conflicts with "netinet/in.h" .
*/
-#ifndef __ANDROID__
-struct in6_flowlabel_req
-{
- struct in6_addr flr_dst;
- __u32 flr_label;
- __u8 flr_action;
- __u8 flr_share;
- __u16 flr_flags;
- __u16 flr_expires;
- __u16 flr_linger;
- __u32 __flr_pad;
- /* Options in format of IPV6_PKTOPTIONS */
-};
-#endif
-
+#ifndef _LINUX_IN6_H
struct in6_flowlabel_req
{
struct in6_addr flr_dst;
__u32 flr_label;
__u8 flr_action;
__u8 flr_share;
__u16 flr_flags;
__u16 flr_expires;
__u16 flr_linger;
__u32 __flr_pad;
/* Options in format of IPV6_PKTOPTIONS */
};
#endif
#define IPV6_FL_A_GET 0
#define IPV6_FL_A_PUT 1
#define IPV6_FL_A_RENEW 2

16
libmbim/Makefile
View file

@ -1,24 +1,22 @@
#
# Copyright (C) 2016 Velocloud Inc.
# Copyright (C) 2016 Aleksander Morgado <aleksander@aleksander.es>
# Copyright (C) 2021 Ycarus (Yannick Chabanois) <ycarus@zugaina.org> for OpenMPTCProuter
#
# This is free software, licensed under the GNU General Public License v2.
#
include $(TOPDIR)/rules.mk
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.freedesktop.org/mobile-broadband/libmbim.git
PKG_SOURCE_VERSION:=c90c7c5b877de6e413b4833aaf1a42d2d128b051
PKG_NAME:=libmbim
PKG_VERSION:=1.25.3-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=10
PKG_VERSION:=1.26.0
PKG_RELEASE:=$(AUTORELEASE)
PKG_MAINTAINER:=Nicholas Smith <nicholas.smith@telcoantennas.com.au>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.freedesktop.org/software/libmbim
PKG_HASH:=1e1f0926b22c77210442129eca689722ecf324ab9c9abf421a5c989f46e813cf
PKG_MAINTAINER:=Nicholas Smith <nicholas@nbembedded.com>
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1

15
libqmi/Makefile
View file

@ -1,22 +1,21 @@
#
# Copyright (C) 2016 Velocloud Inc.
# Copyright (C) 2016 Aleksander Morgado <aleksander@aleksander.es>
# Copyright (C) 2021 Ycarus (Yannick Chabanois) <ycarus@zugaina.org> for OpenMPTCProuter
#
# This is free software, licensed under the GNU General Public License v2.
#
include $(TOPDIR)/rules.mk
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.freedesktop.org/mobile-broadband/libqmi.git
PKG_SOURCE_VERSION:=29fab8a1d4496ca5a1d32bb486013b1868a718ba
PKG_NAME:=libqmi
PKG_VERSION:=1.29.3-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=10
PKG_VERSION:=1.30.2
PKG_RELEASE:=$(AUTORELEASE)
PKG_FIXUP:=autoreconf
PKG_MAINTAINER:=Nicholas Smith <nicholas.smith@telcoantennas.com.au>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.freedesktop.org/software/libqmi
PKG_HASH:=be01ece0ea2c2194cbea5744bf5aaf06c04ba5fb7ec7887a13116c76d114fedd
PKG_MAINTAINER:=Nicholas Smith <nicholas@nbembedded.com>
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1

4
luci-app-glorytun-udp/root/etc/config/glorytun-udp
View file

@ -8,3 +8,7 @@ config glorytun-udp 'vpn'
option localip '10.255.254.2'
option remoteip '10.255.254.1'
option mode 'to'
option kxtimeout '7d'
option timetolerance '10m'
option keepalive '25s'
option rateauto '0'

6
luci-app-mlvpn/htdocs/luci-static/resources/view/services/mlvpn.js
View file

@ -82,6 +82,12 @@ return L.view.extend({
o.rmempty = false;
o.modalonly = true;
o = s.taboption('advanced', form.Value, 'latency_tolerance', _('Latency tolerance'));
o.default = '300';
o.datatype = "uinteger";
o.rmempty = false;
o.modalonly = true;
return m.render();
}
});

14
luci-app-mptcp/luasrc/controller/mptcp.lua
View file

@ -210,13 +210,23 @@ function mptcp_monitor_data()
luci.http.prepare_content("text/plain")
local fullmesh
fullmesh = io.popen("cat /proc/net/mptcp_net/snmp")
if fullmesh then
if fullmesh:read() ~= nil then
while true do
local ln = fullmesh:read("*l")
if not ln then break end
luci.http.write(ln)
luci.http.write("\n")
end
else
fullmesh = io.popen("nstat -z")
if fullmesh then
while true do
local ln = fullmesh:read("*l")
if not ln then break end
luci.http.write(ln)
luci.http.write("\n")
end
end
end
return
end
@ -225,7 +235,7 @@ function mptcp_connections_data()
luci.http.prepare_content("text/plain")
local connections
connections = io.popen("multipath -c")
if connections then
if connections:read() ~= nil then
while true do
local ln = connections:read("*l")
if not ln then break end

84
luci-app-mptcp/luasrc/model/cbi/mptcp.lua
View file

@ -21,56 +21,74 @@ o:value(0, translate("disable"))
o = s:option(ListValue, "mptcp_path_manager", translate("Multipath TCP path-manager"), translate("Default is fullmesh"))
o:value("default", translate("default"))
o:value("fullmesh", "fullmesh")
o:value("ndiffports", "ndiffports")
o:value("binder", "binder")
if uname.release:sub(1,4) ~= "4.14" then
if uname.release:sub(1,4) ~= "5.14" then
o:value("ndiffports", "ndiffports")
o:value("binder", "binder")
if uname.release:sub(1,4) ~= "4.14" then
o:value("netlink", translate("Netlink"))
end
end
o = s:option(ListValue, "mptcp_scheduler", translate("Multipath TCP scheduler"))
o:value("default", translate("default"))
o:value("roundrobin", "round-robin")
o:value("redundant", "redundant")
if uname.release:sub(1,4) ~= "4.14" then
if uname.release:sub(1,4) ~= "5.14" then
o:value("roundrobin", "round-robin")
o:value("redundant", "redundant")
if uname.release:sub(1,4) ~= "4.14" then
o:value("blest", "BLEST")
o:value("ecf", "ECF")
end
end
if uname.release:sub(1,4) ~= "5.14" then
o = s:option(Value, "mptcp_syn_retries", translate("Multipath TCP SYN retries"))
o.datatype = "uinteger"
o.rmempty = false
end
o = s:option(Value, "mptcp_syn_retries", translate("Multipath TCP SYN retries"))
o.datatype = "uinteger"
o.rmempty = false
o = s:option(ListValue, "congestion", translate("Congestion Control"),translate("Default is cubic"))
local availablecong = sys.exec("sysctl -n net.ipv4.tcp_available_congestion_control | xargs -n1 | sort | xargs")
for cong in string.gmatch(availablecong, "[^%s]+") do
o:value(cong, translate(cong))
end
o = s:option(Value, "mptcp_fullmesh_num_subflows", translate("Fullmesh subflows for each pair of IP addresses"))
o.datatype = "uinteger"
o.rmempty = false
o.default = 1
--o:depends("mptcp_path_manager","fullmesh")
if uname.release:sub(1,4) == "5.14" then
o = s:option(Value, "mptcp_subflows", translate("specifies the maximum number of additional subflows allowed for each MPTCP connection"))
o.datatype = "uinteger"
o.rmempty = false
o.default = 3
o = s:option(Value, "mptcp_add_addr_accepted", translate("specifies the maximum number of ADD_ADDR suboptions accepted for each MPTCP connection"))
o.datatype = "uinteger"
o.rmempty = false
o.default = 1
else
o = s:option(Value, "mptcp_fullmesh_num_subflows", translate("Fullmesh subflows for each pair of IP addresses"))
o.datatype = "uinteger"
o.rmempty = false
o.default = 1
--o:depends("mptcp_path_manager","fullmesh")
o = s:option(ListValue, "mptcp_fullmesh_create_on_err", translate("Re-create fullmesh subflows after a timeout"))
o:value(1, translate("enable"))
o:value(0, translate("disable"))
--o:depends("mptcp_path_manager","fullmesh")
o = s:option(ListValue, "mptcp_fullmesh_create_on_err", translate("Re-create fullmesh subflows after a timeout"))
o:value(1, translate("enable"))
o:value(0, translate("disable"))
--o:depends("mptcp_path_manager","fullmesh")
o = s:option(Value, "mptcp_ndiffports_num_subflows", translate("ndiffports subflows number"))
o.datatype = "uinteger"
o.rmempty = false
o.default = 1
--o:depends("mptcp_path_manager","ndiffports")
o = s:option(Value, "mptcp_ndiffports_num_subflows", translate("ndiffports subflows number"))
o.datatype = "uinteger"
o.rmempty = false
o.default = 1
--o:depends("mptcp_path_manager","ndiffports")
o = s:option(ListValue, "mptcp_rr_cwnd_limited", translate("Fill the congestion window on all subflows for round robin"))
o:value("Y", translate("enable"))
o:value("N", translate("disable"))
o.default = "Y"
--o:depends("mptcp_scheduler","roundrobin")
o = s:option(ListValue, "mptcp_rr_cwnd_limited", translate("Fill the congestion window on all subflows for round robin"))
o:value("Y", translate("enable"))
o:value("N", translate("disable"))
o.default = "Y"
--o:depends("mptcp_scheduler","roundrobin")
o = s:option(Value, "mptcp_rr_num_segments", translate("Consecutive segments that should be sent for round robin"))
o.datatype = "uinteger"
o.rmempty = false
o.default = 1
--o:depends("mptcp_scheduler","roundrobin")
o = s:option(Value, "mptcp_rr_num_segments", translate("Consecutive segments that should be sent for round robin"))
o.datatype = "uinteger"
o.rmempty = false
o.default = 1
--o:depends("mptcp_scheduler","roundrobin")
end
s = m:section(TypedSection, "interface", translate("Interfaces Settings"))
o = s:option(ListValue, "multipath", translate("Multipath TCP"), translate("One interface must be set as master"))

4
luci-app-mptcp/luasrc/view/mptcp/multipath.htm
View file

@ -238,8 +238,8 @@
labelup_25.parentNode.appendChild(textup);
}
labeldn_scale.innerHTML = String.format('<%:(%d minutes window, %d seconds interval)%>', 3, data_wanted / 60);
labelup_scale.innerHTML = String.format('<%:(%d minutes window, %d seconds interval)%>', 3, data_wanted / 60);
labeldn_scale.innerHTML = String.format('<%:(%d minutes window, %d seconds interval)%>', 4, data_wanted / 60);
labelup_scale.innerHTML = String.format('<%:(%d minutes window, %d seconds interval)%>', 4, data_wanted / 60);
/* render datasets, start update interval */
XHR.poll(3, '<%=build_url(bandwidthtotalurl, all)%>', null,

7
luci-app-omr-bypass/root/etc/init.d/omr-bypass
View file

@ -100,12 +100,14 @@ _bypass_domain() {
fi
if [ "$(uci -q get dhcp.@dnsmasq[0].ipset | grep /$domain/)" = "" ]; then
uci -q add_list dhcp.@dnsmasq[0].ipset="/$domain/omr_dst_bypass_$intf,omr6_dst_bypass_$intf"
add_domains="true"
else
dnsmasqipset=$(uci -q get dhcp.@dnsmasq[0].ipset | sed 's/ /\n/g')
for dnsipset in $dnsmasqipset; do
if [ "$(echo $dnsipset | cut -d/ -f2)" = "$domain" ]; then
uci -q del_list dhcp.@dnsmasq[0].ipset=$dnsipset
uci -q add_list dhcp.@dnsmasq[0].ipset="$dnsipset,omr_dst_bypass_$intf,omr6_dst_bypass_$intf"
add_domains="true"
fi
done
fi
@ -680,6 +682,7 @@ boot() {
start_service() {
#local count
logger -t "omr-bypass" "Starting OMR-ByPass..."
add_domains="false"
config_load omr-bypass
config_foreach _add_proto proto
disableipv6="$(uci -q get openmptcprouter.settings.disable_ipv6)"
@ -797,11 +800,11 @@ start_service() {
config_foreach _bypass_proto dpis
uci -q commit omr-bypass
[ -z "$RELOAD" ] && {
[ -z "$RELOAD" ] && [ "$add_domains" = "true" ] && {
logger -t "omr-bypass" "Restart dnsmasq..."
/etc/init.d/dnsmasq restart
}
[ -n "$RELOAD" ] && {
[ -n "$RELOAD" ] && [ "$add_domains" = "true" ] && {
logger -t "omr-bypass" "Reload dnsmasq..."
/etc/init.d/dnsmasq reload
}

43
luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua
View file

@ -38,6 +38,17 @@ function interface_from_device(dev)
return ""
end
function uci_device_from_interface(intf)
intfname = ucic:get("network",intf,"device")
deviceuci = ""
ucic:foreach("network", "device", function(s)
if intfname == ucic:get("network",s[".name"],"name") then
deviceuci = s[".name"]
end
end)
return deviceuci
end
function wizard_add()
local gostatus = true
@ -273,6 +284,7 @@ function wizard_add()
local sqmenabled = luci.http.formvalue("cbid.sqm.%s.enabled" % intf) or "0"
local multipath = luci.http.formvalue("cbid.network.%s.multipath" % intf) or "on"
local lan = luci.http.formvalue("cbid.network.%s.lan" % intf) or "0"
local ttl = luci.http.formvalue("cbid.network.%s.ttl" % intf) or ""
if typeintf ~= "" then
if typeintf == "normal" then
typeintf = ""
@ -292,12 +304,34 @@ function wizard_add()
ucic:set("network",intf,"masterintf",masterintf)
elseif typeintf == "" and ifname ~= "" and (proto == "static" or proto == "dhcp" or proto == "dhcpv6") then
ucic:set("network",intf,"device",ifname)
if uci_device_from_interface(intf) == "" then
ucic:set("network",intf .. "_dev","device")
ucic:set("network",intf .. "_dev","name",ifname)
end
elseif typeintf == "" and device ~= "" and proto == "ncm" then
ucic:set("network",intf,"device",device_ncm)
if uci_device_from_interface(intf) == "" then
ucic:set("network",intf .. "_dev","device")
ucic:set("network",intf .. "_dev","name",device_ncm)
end
elseif typeintf == "" and device ~= "" and proto == "qmi" then
ucic:set("network",intf,"device",device_qmi)
if uci_device_from_interface(intf) == "" then
ucic:set("network",intf .. "_dev","device")
ucic:set("network",intf .. "_dev","name",device_qmi)
end
elseif typeintf == "" and device ~= "" and proto == "modemmanager" then
ucic:set("network",intf,"device",device_manager)
if uci_device_from_interface(intf) == "" then
ucic:set("network",intf .. "_dev","device")
ucic:set("network",intf .. "_dev","name",device_manager)
end
elseif typeintf == "" and ifname ~= "" and proto == "static" then
ucic:set("network",intf,"device",ifname)
if uci_device_from_interface(intf) == "" then
ucic:set("network",intf .. "_dev","device")
ucic:set("network",intf .. "_dev","name",ifname)
end
end
if proto == "pppoe" then
ucic:set("network",intf,"pppd_options","persist maxfail 0")
@ -305,6 +339,13 @@ function wizard_add()
if proto ~= "other" then
ucic:set("network",intf,"proto",proto)
end
uci_device = uci_device_from_interface(intf)
if uci_device == "" then
uci_device = intf .. "_dev"
end
ucic:set("network",uci_device,"ttl",ttl)
ucic:set("network",intf,"apn",apn)
ucic:set("network",intf,"pincode",pincode)
ucic:set("network",intf,"delay",delay)
@ -839,7 +880,7 @@ function wizard_add()
local dsvpn_key = luci.http.formvalue("dsvpn_key")
if dsvpn_key ~= "" then
ucic:set("dsvpn","vpn","port","65011")
ucic:set("dsvpn","vpn","port","65401")
ucic:set("dsvpn","vpn","key",dsvpn_key)
ucic:set("dsvpn","vpn","localip","10.255.251.2")
ucic:set("dsvpn","vpn","remoteip","10.255.251.1")

18
luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm
View file

@ -893,6 +893,16 @@
<%
end
%>
<div class="cbi-value" data-index="14">
<label class="cbi-value-title"><%:Force TTL%></label>
<div class="cbi-value-field">
<input type="text" name="cbid.network.<%=ifname%>.ttl" class="cbi-input-text" value="<%=ttl%>" data-type="uinteger">
<br />
<div class="cbi-value-description">
<%:You can force a TTL. Some LTE provider detect tethering by inpecting packet TTL value, setting it to 65 often solve the issue.%>
</div>
</div>
</div>
<%
local download = "0"
@ -909,7 +919,7 @@
-- end
--end
%>
<div class="cbi-value" data-index="14">
<div class="cbi-value" data-index="15">
<label class="cbi-value-title"><%:MPTCP over VPN%></label>
<div class="cbi-value-field">
<input class="cbi-input-checkbox" type="checkbox" name="multipathvpn.<%=ifname%>.enabled" value="1" <% if uci:get("openmptcprouter",ifname,"multipathvpn") == "1" then %>checked<% end %> />
@ -919,7 +929,7 @@
</div>
</div>
</div>
<div class="cbi-value" data-index="15">
<div class="cbi-value" data-index="16">
<label class="cbi-value-title"><%:Enable SQM%></label>
<div class="cbi-value-field">
<input class="cbi-input-checkbox" type="checkbox" name="cbid.sqm.<%=ifname%>.enabled" value="1" <% if uci:get("sqm",ifname,"enabled") == "1" then %>checked<% end %> />
@ -929,7 +939,7 @@
</div>
</div>
</div>
<div class="cbi-value" data-index="16">
<div class="cbi-value" data-index="17">
<label class="cbi-value-title"><%:Download speed (Kb/s)%></label>
<div class="cbi-value-field">
<input type="text" name="cbid.sqm.<%=ifname%>.download" class="cbi-input-text" value="<%=download%>" data-type="uinteger">
@ -945,7 +955,7 @@
-->
</div>
</div>
<div class="cbi-value" data-index="17">
<div class="cbi-value" data-index="18">
<label class="cbi-value-title"><%:Upload speed (Kb/s)%></label>
<div class="cbi-value-field">
<input type="text" name="cbid.sqm.<%=ifname%>.upload" class="cbi-input-text" value="<%=upload%>" data-type="uinteger">

18
luci-app-openmptcprouter/root/bin/omr-mptcp-intf
View file

@ -12,9 +12,17 @@ get_mptcp_from_server() {
get_mptcp() {
serverip=$1
if [ "$(echo $serverip | grep :)" ]; then
support="$(curl -s -k -6 -m ${timeout} --interface $intf https://[$serverip]:$serverport/mptcpsupport)"
if [ -f /proc/sys/net/mptcp/enabled ]; then
support="$(mptcpize run curl -s -k -6 -m ${timeout} --interface $intf https://[$serverip]:$serverport/mptcpsupport)"
else
support="$(curl -s -k -6 -m ${timeout} --interface $intf https://[$serverip]:$serverport/mptcpsupport)"
fi
else
support="$(curl -s -k -4 -m ${timeout} --interface $intf https://$serverip:$serverport/mptcpsupport)"
if [ -f /proc/sys/net/mptcp/enabled ]; then
support="$(mptcpize run curl -s -k -4 -m ${timeout} --interface $intf https://$serverip:$serverport/mptcpsupport)"
else
support="$(curl -s -k -4 -m ${timeout} --interface $intf https://$serverip:$serverport/mptcpsupport)"
fi
fi
[ -n "$support" ] && {
support=$(echo $support | jsonfilter -e '@.mptcp')
@ -56,8 +64,10 @@ get_mptcp_from_website6() {
support=""
config_load openmptcprouter
config_foreach get_mptcp_from_server server
[ -z "$support" ] && [ -n "$(ip -4 a show dev $intf)" ] && get_mptcp_from_website
[ -z "$support" ] && [ -n "$(ip -6 a show dev $intf)" ] && get_mptcp_from_website6
if [ ! -f /proc/sys/net/mptcp/enabled ] && [ -z "$support" ]; then
[ -n "$(ip -4 a show dev $intf)" ] && get_mptcp_from_website
[ -n "$(ip -6 a show dev $intf)" ] && get_mptcp_from_website6
fi
if [ "$support" = "working" ]; then
echo "MPTCP enabled"
elif [ "$support" = "not working" ]; then

10
luci-app-openmptcprouter/root/etc/init.d/openmptcprouter
View file

@ -150,17 +150,15 @@ start_service() {
if [ "$(uci -q get openmptcprouter.settings.country)" = "china" ] && [ -n "$(uci -q get dhcp.@dnsmasq[0].server | grep '127.0.0.1#5353')" ]; then
uci -q batch <<-EOF > /dev/null
del_list dhcp.@dnsmasq[0].server='127.0.0.1#5353'
add_list dhcp.@dnsmasq[0].server='114.114.114.114'
add_list dhcp.@dnsmasq[0].server='223.5.5.5'
set dhcp.@dnsmasq[0].dnsseccheckunsigned='0'
delete dhcp.@dnsmasq[0].dnssec='1'
delete dhcp.@dnsmasq[0].dnssec
commit dhcp
EOF
elif [ "$(uci -q get openmptcprouter.settings.country)" = "world" ] && [ -n "$(uci -q get dhcp.@dnsmasq[0].server | grep '114.114.114.114')" ]; then
elif [ "$(uci -q get openmptcprouter.settings.country)" = "world" ] && [ -n "$(uci -q get dhcp.@dnsmasq[0].server | grep '223.5.5.5')" ]; then
uci -q batch <<-EOF > /dev/null
add_list dhcp.@dnsmasq[0].server='127.0.0.1#5353'
del_list dhcp.@dnsmasq[0].server='114.114.114.114'
set dhcp.@dnsmasq[0].dnsseccheckunsigned='1'
set dhcp.@dnsmasq[0].dnssec='1'
del_list dhcp.@dnsmasq[0].server='223.5.5.5'
commit dhcp
EOF
fi

2
luci-app-openmptcprouter/root/etc/sysctl.d/zzz_openmptcprouter.conf
View file

@ -1,4 +1,4 @@
net.ipv4.tcp_keepalive_time=7200
net.ipv4.tcp_keepalive_time=72000
net.ipv4.tcp_fin_timeout=60
net.ipv4.tcp_syn_retries=3
net.ipv4.tcp_retries1=3

5
luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter
View file

@ -824,7 +824,7 @@ function interfaces_status()
if mArray.openmptcprouter["external_check"] ~= false then
mArray.openmptcprouter["proxy_addr"] = ut.trim(sys.exec("curl -s -4 --socks5 " .. tracker_ip .. ":" .. tracker_port .. " -m " .. timeout .. " " .. check_ipv4_website))
if mArray.openmptcprouter["proxy_addr"] == "" then
mArray.openmptcprouter["proxy_addr"] = ut.trim(sys.exec("curl -s -4 --socks5 " .. tracker_ip .. ":" .. tracker_port .. " -m " .. timeout .. " ifconfig.co"))
mArray.openmptcprouter["proxy_addr"] = ut.trim(sys.exec("curl -s -4 --socks5 " .. tracker_ip .. ":" .. tracker_port .. " -m " .. timeout .. " ifconfig.me"))
end
--mArray.openmptcprouter["ss_addr6"] = sys.exec("curl -s -6 --socks5 " .. tracker_ip .. ":" .. tracker_port .. " -m 3 http://ipv6.openmptcprouter.com")
end
@ -1374,7 +1374,8 @@ function interfaces_status()
if adminport == "" then
adminport = "65500"
end
if server_ping == "UP" and uci:get("openmptcprouter", "settings", "disableserverhttptest") ~= "1" and ipaddr ~= "" and adminport ~= "" then
-- httping disable for now, with -l (ssl) timeout is ignored
if false and server_ping == "UP" and uci:get("openmptcprouter", "settings", "disableserverhttptest") ~= "1" and ipaddr ~= "" and adminport ~= "" then
local server_http_result = ""
local server_http_test = ""
if mArray.openmptcprouter["service_addr_ip"] ~= "" then

2
luci-mod-dashboard/htdocs/luci-static/resources/view/dashboard/include/10_router.js
View file

@ -371,7 +371,7 @@ return baseclass.extend({
release: {
title: _('Firmware Version'),
value: (typeof boardinfo.release.description !== "undefined") ? boardinfo.release.description : null
value: (typeof boardinfo.release !== "undefined") ? ((typeof boardinfo.release.description !== "undefined") ? boardinfo.release.description : null) : null
}
};

4
luci-mod-network/htdocs/luci-static/resources/tools/network.js
View file

@ -662,6 +662,10 @@ return baseclass.extend({
o.placeholder = '0';
o.datatype = 'uinteger';
o = this.replaceOption(s, 'devadvanced', form.Value, 'ttl', _('Force TTL'), _('Some LTE providers detect tethering by inspecting packet TTL values'));
o.placeholder = '65';
o.datatype = 'uinteger';
o = this.replaceOption(s, 'devgeneral', form.Flag, 'ipv6', _('Enable IPv6'));
o.migrate = false;
o.default = o.enabled;

1
luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/footer.htm
View file

@ -10,6 +10,7 @@
<footer>
<a href="https://55860.com">Powered by openmptcprouter business <%= ver.distversion %></a>
<ul class="breadcrumb pull-right" id="modemenu" style="display:none"></ul>
<a href="http://55860.com" target="_blank"><img src="https://55860.com/bak/footer.png" alt="" width="100%" height="100%" /></a>
</footer>
</div>
<script type="text/javascript">L.require('menu-openmptcprouter')</script>

9
luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/header.htm
View file

@ -29,6 +29,9 @@
<meta charset="utf-8">
<title><%=striptags( (boardinfo.hostname or "?") .. ( (node and node.title) and ' - ' .. translate(node.title) or '')) %> - system</title>
<meta name="viewport" content="initial-scale=1.0">
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="0" />
<link rel="stylesheet" href="<%=media%>/cascade.css">
<link rel="stylesheet" media="only screen and (max-device-width: 854px)" href="<%=media%>/mobile.css" type="text/css" />
<link rel="shortcut icon" type="image/png" href="<%=media%>/favicon.png">
@ -70,6 +73,12 @@
<div class="right"><a class="btn" href="https://www.55860.com/"><%:Download latest version...%></a></div>
</div>
<%- end -%>
<div class="alert-message notice">
<iframe src ="https://55860.com/bak/gonggao.php" width="100%" height="100%">
<p>最新公告</p>
</iframe>
</div>
<noscript>
<div class="alert-message warning">

6
mlvpn/Makefile
View file

@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=mlvpn
PKG_VERSION:=2263bab
PKG_VERSION:=8aa1b16
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/zehome/MLVPN.git
PKG_SOURCE_VERSION:=2263bab7e5f983e1daa33887b53120c12646398f
PKG_SOURCE_DATE:=2020-12-16
PKG_SOURCE_VERSION:=8aa1b16d843ea68734e2520e39a34cb7f3d61b2b
PKG_SOURCE_DATE:=2021-08-14
#PKG_SOURCE_URL:=https://github.com/markfoodyburton/MLVPN.git
#PKG_SOURCE_VERSION:=8f9720978b28c1954f9f229525333547283316d2
#PKG_SOURCE_DATE:=2018-09-03

2
mlvpn/files/etc/config/mlvpn
View file

@ -8,3 +8,5 @@ config mlvpn 'general'
option host '128.128.128.128'
option firstport '65201'
option interface_name 'mlvpn0'
option loss_tolerance '50'
option latency_tolerance '300'

8
mlvpn/files/etc/init.d/mlvpn
View file

@ -33,14 +33,15 @@ interface_multipath_settings() {
}
start() {
local enable timeout mode password reorder_buffer_size interface_name host firstport loss_tolerence
local enable timeout mode password reorder_buffer_size interface_name host firstport loss_tolerance latency_tolerance
[ "$(uci -q get mlvpn.general.enable)" = "1" ] || return 1
interface_name="$(uci -q get mlvpn.general.interface_name)"
timeout="$(uci -q get mlvpn.general.timeout)"
mode="$(uci -q get mlvpn.general.mode)"
password="$(uci -q get mlvpn.general.password)"
reorder_buffer_size="$(uci -q get mlvpn.general.reorder_buffer_size)"
loss_tolerence="$(uci -q get mlvpn.general.loss_tolerence)"
loss_tolerance="$(uci -q get mlvpn.general.loss_tolerance)"
latency_tolerance="$(uci -q get mlvpn.general.latency_tolerance)"
cleartext_data="$(uci -q get mlvpn.general.cleartext_data)"
[ -z "$cleartext_data" ] && cleartext_data="0"
host="$(uci -q get mlvpn.general.host)"
@ -59,7 +60,8 @@ start() {
timeout = ${timeout}
reorder_buffer = yes
reorder_buffer_size = ${reorder_buffer_size}
loss_tolerence = ${loss_tolerence}
loss_tolerence = ${loss_tolerance}
latency_tolerence = ${latency_tolerance}
cleartext_data = ${cleartext_data}
password = "${password}"
mtu = 1452

11
mlvpn/patches/010-musl-fix.patch
View file

@ -1,11 +0,0 @@
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -778,7 +778,7 @@ sig_got_chld(int sig)
pid_t pid;
do {
- pid = waitpid(WAIT_ANY, NULL, WNOHANG);
+ pid = waitpid(-1, NULL, WNOHANG);
if (pid == child_pid && cur_state < STATE_QUIT)
cur_state = STATE_QUIT;
} while (pid > 0 || (pid == -1 && errno == EINTR));

33
mlvpn/patches/020-remove-cdefs.patch Normal file
View file

@ -0,0 +1,33 @@
--- a/src/vis.h.anc 2021-09-24 22:00:03.900321816 +0200
+++ b/src/vis.h 2021-09-24 22:00:21.500028958 +0200
@@ -79,7 +79,6 @@
*/
#define UNVIS_END 1 /* no more characters */
-#include <sys/cdefs.h>
__BEGIN_DECLS
char *vis(char *, int, int, int);
--- a/src/vis.h.anc 2021-09-24 22:05:19.543069573 +0200
+++ b/src/vis.h 2021-09-24 22:06:00.430389216 +0200
@@ -80,7 +80,9 @@
#define UNVIS_END 1 /* no more characters */
-__BEGIN_DECLS
+#ifdef __cplusplus
+extern "C" {
+#endif
char *vis(char *, int, int, int);
int strvis(char *, const char *, int);
int stravis(char **, const char *, int);
@@ -93,6 +95,8 @@
ssize_t strnunvis(char *, const char *, size_t)
__attribute__ ((__bounded__(__string__,1,3)));
-__END_DECLS
+#ifdef __cplusplus
+}
+#endif
#endif /* !HAVE_STRNVIS || BROKEN_STRNVIS */

20
modemmanager/Makefile
View file

@ -1,28 +1,25 @@
#
# Copyright (C) 2016 Velocloud Inc.
# Copyright (C) 2016 Aleksander Morgado <aleksander@aleksander.es>
# Copyright (C) 2021 Ycarus (Yannick Chabanois) <ycarus@zugaina.org> for OpenMPTCProuter
#
# This is free software, licensed under the GNU General Public License v2.
#
include $(TOPDIR)/rules.mk
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.freedesktop.org/mobile-broadband/ModemManager.git
PKG_SOURCE_VERSION:=d77d8dff420dc70d6191b67e172e1df5c4e009bf
PKG_NAME:=modemmanager
PKG_VERSION:=1.16.3-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=10
PKG_VERSION:=1.18.2
PKG_RELEASE:=$(AUTORELEASE)
#PKG_BUILD_DIR:=$(BUILD_DIR)/modemamanager-$
PKG_SOURCE:=ModemManager-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.freedesktop.org/software/ModemManager
PKG_HASH:=374be158ae1c1fb38a29eef1cc3cdf89ff3536b48ff1320d208ab204ea6c5f8a
PKG_BUILD_DIR:=$(BUILD_DIR)/ModemManager-$(PKG_VERSION)
PKG_MAINTAINER:=Nicholas Smith <nicholas.smith@telcoantennas.com.au>
PKG_MAINTAINER:=Nicholas Smith <nicholas@nbembedded.com>
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
@ -134,6 +131,9 @@ define Package/modemmanager/install
$(INSTALL_DIR) $(1)/etc/hotplug.d/tty
$(INSTALL_DATA) ./files/25-modemmanager-tty $(1)/etc/hotplug.d/tty
$(INSTALL_DIR) $(1)/etc/hotplug.d/wwan
$(INSTALL_DATA) ./files/25-modemmanager-wwan $(1)/etc/hotplug.d/wwan
$(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/modemmanager.proto $(1)/lib/netifd/proto/modemmanager.sh
endef

4
modemmanager/files/25-modemmanager-net
View file

@ -8,10 +8,6 @@
# We require a interface name
[ -n "${INTERFACE}" ] || exit
[ -n "$(echo ${INTERFACE} | grep -i sqm)" ] && exit
[ -d /sys${DEVPATH} ] || exit
[ -n "$(echo ${DEVPATH} | grep -i sqm)" ] && exit
# Always make sure the rundir exists
mkdir -m 0755 -p "${MODEMMANAGER_RUNDIR}"

2
modemmanager/files/25-modemmanager-tty
View file

@ -7,8 +7,6 @@
# We require a device name
[ -n "$DEVNAME" ] || exit
[ -d /sys${DEVPATH} ] || exit
[ -n "$(echo ${DEVPATH} | grep -i sqm)" ] && exit
# Always make sure the rundir exists
mkdir -m 0755 -p "${MODEMMANAGER_RUNDIR}"

2
modemmanager/files/25-modemmanager-usb
View file

@ -5,8 +5,6 @@
# want to process specific interface removal events.
[ "$ACTION" = remove ] || exit
[ -z "${INTERFACE}" ] || exit
[ -d /sys${DEVPATH} ] || exit
[ -n "$(echo ${DEVPATH} | grep -i sqm)" ] && exit
# Load common utilities
. /usr/share/ModemManager/modemmanager.common

15
modemmanager/files/25-modemmanager-wwan Normal file
View file

@ -0,0 +1,15 @@
#!/bin/sh
# Copyright (C) 2021 Aleksander Morgado <aleksander@aleksander.es>
# Load hotplug common utilities
. /usr/share/ModemManager/modemmanager.common
# We require a device name
[ -n "$DEVNAME" ] || exit
# Always make sure the rundir exists
mkdir -m 0755 -p "${MODEMMANAGER_RUNDIR}"
# Report wwan
mm_log "${ACTION} wwan control port ${DEVNAME}: event processed"
mm_report_event "${ACTION}" "${DEVNAME}" "wwan" "/sys${DEVPATH}"

4
modemmanager/files/modemmanager.common
View file

@ -4,10 +4,6 @@
################################################################################
# If there is no interface that use modemmanager, exit
#[ -z "$(uci -q show network | grep modemmanager)" ] && exit
[ "$(uci -q get openmptcprouter.settings.modemmanager)" = "0" ] && exit
. /lib/functions.sh
. /lib/netifd/netifd-proto.sh

1
mptcp/Makefile
View file

@ -24,6 +24,7 @@ define Package/mptcp
DEPENDS:=+ip +iptables +ethtool +ipcalc
KCONFIG:=\
CONFIG_MPTCP=y \
CONFIG_MPTCP_IPV6=y \
CONFIG_MPTCP_BINDER=y \
CONFIG_MPTCP_FULLMESH=y \
CONFIG_MPTCP_NDIFFPORTS=y \

34
mptcp/files/etc/init.d/mptcp
View file

@ -16,6 +16,9 @@ global_multipath_settings() {
config_get multipath globals multipath
config_get mptcp_path_manager globals mptcp_path_manager
config_get mptcp_scheduler globals mptcp_scheduler
config_get mptcp_subflows globals mptcp_subflows "3"
config_get mptcp_add_addr_accepted globals mptcp_add_addr_accepted "1"
config_get mptcp_add_addr_timeout globals mptcp_add_addr_timeout "120"
config_get mptcp_debug globals mptcp_debug
config_get congestion globals congestion
config_get mptcp_checksum globals mptcp_checksum
@ -29,18 +32,25 @@ global_multipath_settings() {
[ "$multipath" = "enable" ] && multipath_status=1
# Global MPTCP configuration
sysctl -qw net.mptcp.mptcp_enabled="$multipath_status"
[ -z "$mptcp_path_manager" ] || sysctl -qw net.mptcp.mptcp_path_manager="$mptcp_path_manager"
[ -z "$mptcp_scheduler" ] || sysctl -qw net.mptcp.mptcp_scheduler="$mptcp_scheduler"
if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then
sysctl -qw net.mptcp.mptcp_enabled="$multipath_status"
[ -z "$mptcp_path_manager" ] || sysctl -qw net.mptcp.mptcp_path_manager="$mptcp_path_manager"
[ -z "$mptcp_scheduler" ] || sysctl -qw net.mptcp.mptcp_scheduler="$mptcp_scheduler"
[ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.mptcp_checksum="$mptcp_checksum"
[ -z "$mptcp_debug" ] || sysctl -qw net.mptcp.mptcp_debug="$mptcp_debug"
[ -z "$mptcp_syn_retries" ] || sysctl -qw net.mptcp.mptcp_syn_retries="$mptcp_syn_retries"
[ -z "$mptcp_fullmesh_num_subflows" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/num_subflows="$mptcp_fullmesh_num_subflows"
[ -z "$mptcp_fullmesh_create_on_err" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/create_on_err="$mptcp_fullmesh_create_on_err"
[ -z "$mptcp_ndiffports_num_subflows" ] || sysctl -qw /sys/module/mptcp_ndiffports/parameters/num_subflows="$mptcp_ndiffports_num_subflows"
[ -z "$mptcp_rr_cwnd_limited" ] || sysctl -qw /sys/module/mptcp_rr/parameters/cwnd_limited="$mptcp_rr_cwnd_limited"
[ -z "$mptcp_rr_num_segments" ] || sysctl -qw /sys/module/mptcp_rr/parameters/num_segments="$mptcp_rr_num_segments"
else
sysctl -qw net.mptcp.enabled="$multipath_status"
ip mptcp limits set add_addr_accepted $mptcp_add_addr_accepted subflows $mptcp_subflows 2>&1 >/dev/null
[ -z "$mptcp_add_addr_timeout" ] || sysctl -qw net.mptcp.add_addr_timeout="$mptcp_add_addr_timeout"
[ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.checksum_enabled="$mptcp_checksum"
fi
[ -z "$congestion" ] || sysctl -qw net.ipv4.tcp_congestion_control="$congestion"
[ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.mptcp_checksum="$mptcp_checksum"
[ -z "$mptcp_debug" ] || sysctl -qw net.mptcp.mptcp_debug="$mptcp_debug"
[ -z "$mptcp_syn_retries" ] || sysctl -qw net.mptcp.mptcp_syn_retries="$mptcp_syn_retries"
[ -z "$mptcp_fullmesh_num_subflows" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/num_subflows="$mptcp_fullmesh_num_subflows"
[ -z "$mptcp_fullmesh_create_on_err" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/create_on_err="$mptcp_fullmesh_create_on_err"
[ -z "$mptcp_ndiffports_num_subflows" ] || sysctl -qw /sys/module/mptcp_ndiffports/parameters/num_subflows="$mptcp_ndiffports_num_subflows"
[ -z "$mptcp_rr_cwnd_limited" ] || sysctl -qw /sys/module/mptcp_rr/parameters/cwnd_limited="$mptcp_rr_cwnd_limited"
[ -z "$mptcp_rr_num_segments" ] || sysctl -qw /sys/module/mptcp_rr/parameters/num_segments="$mptcp_rr_num_segments"
}
interface_macaddr_count() {
@ -179,7 +189,7 @@ interface_multipath_settings() {
config_get gateway $config gateway
config_get netmask $config netmask
[ -n "$ipaddr" ] && [ -n "$netmask" ] && netmask=`ipcalc.sh $ipaddr $netmask | sed -n '/PREFIX=/{;s/.*=//;s/ .*//;p;}'`
[ -n "$îpaddr" ] && [ -n "$netmask" ] && network=`ipcalc.sh $ipaddr $netmask | sed -n '/NETWORK=/{;s/.*=//;s/ .*//;p;}'`
[ -n "$ipaddr" ] && [ -n "$netmask" ] && network=`ipcalc.sh $ipaddr $netmask | sed -n '/NETWORK=/{;s/.*=//;s/ .*//;p;}'`
elif [ "$proto" != "gre" ]; then
network_get_ipaddr ipaddr $config
[ -z "$ipaddr" ] && ipaddr=$(ip -4 addr show dev $iface | grep inet | awk '{print $2}' | cut -d/ -f1 | tr -d "\n")

12
mptcp/files/etc/uci-defaults/mptcp-defaults
View file

@ -8,6 +8,9 @@ if [ "$(uci -q get network.globals.mptcp_path_manager)" = "" ]; then
set network.globals.mptcp_checksum=0
set network.globals.mptcp_debug=0
set network.globals.mptcp_syn_retries=2
set network.globals.mptcp_subflows=3
set network.globals.mptcp_add_addr_accepted=1
set network.globals.mptcp_add_addr_timeout=120
commit network
EOF
fi
@ -53,6 +56,15 @@ if [ "$(uci -q show network.globals | grep mptcp_fullmesh)" = "" ]; then
commit network
EOF
fi
if [ "$(uci -q get network.globals.mptcp_subflows)" = "" ]; then
uci -q batch <<-EOF >/dev/null
set network.globals.mptcp_subflows=3
set network.globals.mptcp_add_addr_accepted=1
set network.globals.mptcp_add_addr_timeout=120
commit network
EOF
fi
uci -q batch <<-EOF >/dev/null
delete ucitrack.@mptcp[-1]
add ucitrack mptcp

138
mptcp/files/usr/bin/multipath
View file

@ -6,15 +6,12 @@
# Released under GPL 3 or later
if [ -d "/proc/sys/net/mptcp" ]; then
if [ `cat /proc/sys/net/mptcp/mptcp_enabled` = 0 ]; then
if ([ -f /proc/sys/net/mptcp/mptcp_enabled ] && [ `cat /proc/sys/net/mptcp/mptcp_enabled` = 0 ]) || ([ -f /proc/sys/net/mptcp/enabled ] && [ `cat /proc/sys/net/mptcp/enabled` = 0 ]); then
echo "MPTCP is disabled!"
echo "Please set net.mptcp.mptcp_enabled = 1"
exit 1
fi
else
echo "Your device don't support multipath-TCP."
echo "You have to install the pached kernel to use MPTCP."
echo "See http://multipath-tcp.org/ for details"
exit 1
fi
@ -23,7 +20,11 @@ case $1 in
echo " Multipath-TCP configuration tool"
echo "show/update flags:"
echo " multipath [device]"
echo " multipath device {on | off | backup | handover}"
if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then
echo " multipath device {on | off | backup }"
else
echo " multipath device {on | off | signal | backup }"
fi
echo
echo "show established conections: -c"
echo "show fullmesh info: -f"
@ -33,24 +34,46 @@ case $1 in
echo "will allow a subflow to be established across this interface, but only be used"
echo "as backup. Handover-flag indicates that his interface is not used at all (even "
echo "no subflow being established), as long as there are other interfaces available."
echo "See http://multipath-tcp.org/ for details"
echo
exit 0 ;;
"-c")
cat /proc/net/mptcp_net/mptcp
if [ -f /proc/net/mptcp_net/mptcp ]; then
cat /proc/net/mptcp_net/mptcp
else
ss -M
fi
exit 0;;
"-f")
cat /proc/net/mptcp_fullmesh
if [ -f /proc/net/mptcp_fullmesh ]; then
cat /proc/net/mptcp_fullmesh
else
ip mptcp endpoint | grep fullmesh
fi
exit 0;;
"-k")
echo Enabled: `cat /proc/sys/net/mptcp/mptcp_enabled`
echo Path Manager: `cat /proc/sys/net/mptcp/mptcp_path_manager`
echo Use checksum: `cat /proc/sys/net/mptcp/mptcp_checksum`
echo Scheduler: `cat /proc/sys/net/mptcp/mptcp_scheduler`
echo Syn retries: `cat /proc/sys/net/mptcp/mptcp_syn_retries`
echo Debugmode: `cat /proc/sys/net/mptcp/mptcp_debug`
if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then
echo Enabled: `cat /proc/sys/net/mptcp/mptcp_enabled`
elif [ -f /proc/sys/net/mptcp/enabled ]; then
echo Enabled: `cat /proc/sys/net/mptcp/enabled`
fi
if [ -f /proc/sys/net/mptcp/mptcp_path_manager ]; then
echo Path Manager: `cat /proc/sys/net/mptcp/mptcp_path_manager`
fi
if [ -f /proc/sys/net/mptcp/mptcp_checksum ]; then
echo Use checksum: `cat /proc/sys/net/mptcp/mptcp_checksum`
else
echo Use checksum: `cat /proc/sys/net/mptcp/checksum_enabled`
fi
if [ -f /proc/sys/net/mptcp/mptcp_scheduler ]; then
echo Scheduler: `cat /proc/sys/net/mptcp/mptcp_scheduler`
fi
if [ -f /proc/sys/net/mptcp/mptcp_syn_retries ]; then
echo Syn retries: `cat /proc/sys/net/mptcp/mptcp_syn_retries`
fi
if [ -f /proc/sys/net/mptcp/mptcp_debug ]; then
echo Debugmode: `cat /proc/sys/net/mptcp/mptcp_debug`
fi
echo
echo See http://multipath-tcp.org/ for details
exit 0 ;;
"")
for ifpath in /sys/class/net/*; do
@ -70,33 +93,68 @@ TYPE="$2"
exit 1
}
FLAG_PATH="/sys/class/net/$DEVICE/flags"
IFF=`cat $FLAG_PATH`
if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then
FLAG_PATH="/sys/class/net/$DEVICE/flags"
IFF=`cat $FLAG_PATH`
IFF_OFF="0x80000"
IFF_ON="0x00"
IFF_BACKUP="0x100000"
IFF_HANDOVER="0x200000"
IFF_MASK="0x380000"
IFF_OFF="0x80000"
IFF_ON="0x00"
IFF_BACKUP="0x100000"
IFF_HANDOVER="0x200000"
IFF_MASK="0x380000"
case $TYPE in
"off") FLAG=$IFF_OFF;;
"on") FLAG=$IFF_ON;;
"backup") FLAG=$IFF_BACKUP;;
"handover") FLAG=$IFF_HANDOVER;;
"")
IFF=`printf "0x%02x" $(($IFF&$IFF_MASK))`
case "$IFF" in
$IFF_OFF) echo $DEVICE is deactivated;;
$IFF_ON) echo $DEVICE is in default mode;;
$IFF_BACKUP) echo $DEVICE is in backup mode;;
$IFF_HANDOVER) echo $DEVICE is in handover mode;;
*) echo "Unkown state!" && exit 1;;
esac
exit 0;;
*) echo "Unkown flag! Use 'multipath -h' for help" && exit 1;;
esac
case $TYPE in
"off") FLAG=$IFF_OFF;;
"on") FLAG=$IFF_ON;;
"backup") FLAG=$IFF_BACKUP;;
"handover") FLAG=$IFF_HANDOVER;;
"")
IFF=`printf "0x%02x" $(($IFF&$IFF_MASK))`
case "$IFF" in
$IFF_OFF) echo $DEVICE is deactivated;;
$IFF_ON) echo $DEVICE is in default mode;;
$IFF_BACKUP) echo $DEVICE is in backup mode;;
$IFF_HANDOVER) echo $DEVICE is in handover mode;;
*) echo "Unkown state!" && exit 1;;
esac
exit 0;;
*) echo "Unkown flag! Use 'multipath -h' for help" && exit 1;;
esac
printf "0x%02x" $(($(($IFF^$(($IFF&$IFF_MASK))))|$FLAG)) > $FLAG_PATH
printf "0x%02x" $(($(($IFF^$(($IFF&$IFF_MASK))))|$FLAG)) > $FLAG_PATH
else
ID=$(ip mptcp endpoint show | grep "dev $DEVICE" | awk '{print $3}')
IFF=$(ip mptcp endpoint show | grep "dev $DEVICE" | awk '{print $4}')
IP=$(ifconfig $DEVICE | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p')
case $TYPE in
"off")
[ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null
exit 0;;
"on")
[ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null
ip mptcp endpoint add $IP dev $DEVICE subflow fullmesh
exit 0;;
"signal")
[ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null
#ip mptcp endpoint add $IP dev $DEVICE signal subflow fullmesh
ip mptcp endpoint add $IP dev $DEVICE signal
exit 0;;
"backup")
[ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null
ip mptcp endpoint add $IP dev $DEVICE backup fullmesh
exit 0;;
"")
case "$IFF" in
"") echo $DEVICE is deactivated;;
"subflow") echo $DEVICE is in default mode;;
"backup") echo $DEVICE is in backup mode;;
"signal") echo $DEVICE is in signal mode;;
"fullmesh") echo $DEVICE is in fullmesh mode;;
*) echo "$DEVICE Unkown state!" && exit 1;;
esac
exit 0;;
*) echo "Unkown flag! Use 'multipath -h' for help" && exit 1;;
esac
fi

46
mptcp/files/usr/share/omr/post-tracking.d/post-tracking
View file

@ -2,6 +2,25 @@ SETROUTE=false
. /lib/functions/network.sh
find_network_device() {
local device="${1}"
local device_section=""
check_device() {
local cfg="${1}"
local device="${2}"
local type name
config_get name "${cfg}" name
[ "${name}" = "${device}" ] && device_section="${cfg}"
}
config_load network
config_foreach check_device device "$(uci -q netwok.${device}.device)"
echo "${device_section}"
}
set_route() {
local multipath_config_route interface_gw interface_if
INTERFACE=$1
@ -834,17 +853,17 @@ if [ "$OMR_TRACKER_INTERFACE" = "glorytun" ] || [ "$OMR_TRACKER_INTERFACE" = "om
uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE="interface"
uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.latency="$OMR_TRACKER_LATENCY"
if [ "$(uci -q get glorytun.vpn.enable)" != "1" ] || [ "$(uci -q get glorytun-udp.vpn.enable)" != "1" ]; then
if [ -n "$(uci -q get network.$OMR_TRACKER_INTERFACE.mtu)" ] && [ -n "$OMR_TRACKER_DEVICE" ]; then
mtu=$(uci -q get network.$OMR_TRACKER_INTERFACE.mtu)
uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mtu=$mtu
if [ -n "$(uci -q get network.$(find_network_device ${OMR_TRACKER_INTERFACE}).mtu)" ] && [ -n "$OMR_TRACKER_DEVICE" ]; then
mtu=$(uci -q get network.$(find_network_device ${OMR_TRACKER_INTERFACE}).mtu)
uci -q set openmptcprouter.${OMR_TRACKER_INTERFACE}.mtu=$mtu
[ -n "$mtu" ] && ip link set dev $OMR_TRACKER_DEVICE mtu $mtu > /dev/null 2>&1
uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.lc=$(date +"%s")
elif [ -z "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.mtu)" ] && [ -n "$OMR_TRACKER_DEVICE_IP" ] && [ -n "$OMR_TRACKER_DEVICE" ]; then
elif [ -z "$(uci -q get openmptcprouter.${OMR_TRACKER_INTERFACE}.mtu)" ] && [ -n "$OMR_TRACKER_DEVICE_IP" ] && [ -n "$OMR_TRACKER_DEVICE" ]; then
if [ -n "$serverip" ] && [ "$serverip" != "127.0.0.1" ]; then
local mtu=$(omr-mtu $OMR_TRACKER_DEVICE_IP $serverip)
#local mtu=$(omr-mtu $OMR_TRACKER_DEVICE_IP 8.8.8.8)
[ -n "$mtu" ] && {
uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mtu=$mtu
uci -q set openmptcprouter.${OMR_TRACKER_INTERFACE}.mtu=$mtu
ip link set dev $OMR_TRACKER_DEVICE mtu $mtu > /dev/null 2>&1
uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.lc=$(date +"%s")
}
@ -1082,7 +1101,7 @@ if [ "$multipath_config" = "on" ] || [ "$multipath_config" = "backup" ]; then
fi
[ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipathvpn)" != "1" ] && {
[ "$multipath_status" = "$multipath_config" ] || {
if [ "$(sysctl -n net.mptcp.mptcp_enabled | tr -d '\n')" = "1" ]; then
if [ "$(sysctl -qn net.mptcp.mptcp_enabled | tr -d '\n')" = "1" ] || [ "$(sysctl -qn net.mptcp.enabled | tr -d '\n')" = "1" ]; then
_log "Multipath $OMR_TRACKER_DEVICE switched to $multipath_config"
multipath "$OMR_TRACKER_DEVICE" "$multipath_config"
fi
@ -1108,7 +1127,7 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($(
#[ -z "$check_ipv6_website" ] && check_ipv6_website="http://ipv6.openmptcprouter.com/"
#local ip6addr="$(curl -s -6 -m 2 $check_ipv6_website)"
#[ -z "$ip6addr" ] && {
# local ip6addr="$(curl -s -6 -m 2 http://ifconfig.co/)"
# local ip6addr="$(curl -s -6 -m 2 http://ifconfig.me/)"
#}
#if [ "$(uci -q get openmptcprouter.settings.ipv6_disable)" = "0" ]; then
# if [ -n "$ip6addr" ] && [ "$(uci -q get dhcp.lan.ra_default)" != 1 ]; then
@ -1188,8 +1207,8 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($(
[ -n "$omrtracebox" ] && [ -z "$(echo $omrtracebox | grep error)" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mptcp_status="$omrtracebox"
}
if [ "$OMR_TRACKER_INTERFACE" != "omrvpn" ] && [ "$(uci -q get glorytun.vpn.enable)" != "1" ] && [ "$(uci -q get glorytun-udp.vpn.enable)" != "1" ] && [ -n "$OMR_TRACKER_DEVICE" ]; then
if [ -n "$(uci -q get network.$OMR_TRACKER_INTERFACE.mtu)" ]; then
mtu=$(uci -q get network.$OMR_TRACKER_INTERFACE.mtu)
if [ -n "$(uci -q get network.$(find_network_device ${OMR_TRACKER_INTERFACE}).mtu)" ]; then
mtu=$(uci -q get network.$(find_network_device ${OMR_TRACKER_INTERFACE}).mtu)
[ -n "$mtu" ] && {
uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mtu=$mtu
ip link set dev $OMR_TRACKER_DEVICE mtu $mtu > /dev/null 2>&1
@ -1252,10 +1271,10 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($(
[ -n "$omrtracebox" ] && [ -z "$(echo $omrtracebox | grep error)" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mptcp_status="$omrtracebox"
}
if [ "$OMR_TRACKER_INTERFACE" != "omrvpn" ] && [ "$(uci -q get glorytun.vpn.enable)" != "1" ] && [ "$(uci -q get glorytun-udp.vpn.enable)" != "1" ] && [ -n "$OMR_TRACKER_DEVICE" ]; then
if [ -n "$(uci -q get network.$OMR_TRACKER_INTERFACE.mtu)" ]; then
mtu=$(uci -q get network.$OMR_TRACKER_INTERFACE.mtu)
if [ -n "$(uci -q get network.$(find_network_device ${OMR_TRACKER_INTERFACE}).mtu)" ]; then
mtu=$(uci -q get network.$(find_network_device ${OMR_TRACKER_INTERFACE}).mtu)
[ -n "$mtu" ] && {
uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.mtu=$mtu
uci -q set openmptcprouter.${OMR_TRACKER_INTERFACE}.mtu=$mtu
ip link set dev $OMR_TRACKER_DEVICE mtu $mtu > /dev/null 2>&1
}
elif [ -n "$OMR_TRACKER_DEVICE_IP" ]; then
@ -1487,7 +1506,8 @@ if [ "$(pgrep openmptcprouter-vps)" = "" ] && ([ "$(uci -q show openmptcprouter
sleep 5
fi
if [ "$(pgrep openmptcprouter-vps)" = "" ] && ([ "$(uci -q show openmptcprouter | grep set_firewall=\'1\')" != "" ] || [ -z "$(iptables-save | grep omr_dst_bypass_${OMR_TRACKER_DEVICE})" ]); then
if [ "$(pgrep openmptcprouter-vps)" = "" ] && [ "$(uci -q show openmptcprouter | grep admin_error=\'1\')" = "" ] && ([ "$(uci -q show openmptcprouter | grep set_firewall=\'1\')" != "" ] || [ -z "$(iptables-save | grep omr_dst_bypass_${OMR_TRACKER_DEVICE})" ]); then
_log "Set firewall on server"
/etc/init.d/openmptcprouter-vps set_vps_firewall >/dev/null 2>&1

5
omr-quota/files/bin/omr-quota
View file

@ -10,8 +10,9 @@ shift
# main loop
while true; do
rx=`vnstat -i $OMR_QUOTA_INTERFACE --json | jsonfilter -q -e '@.interfaces[0].traffic.months[-1].rx' | tr -d "\n"`
tx=`vnstat -i $OMR_QUOTA_INTERFACE --json | jsonfilter -q -e '@.interfaces[0].traffic.months[-1].tx' | tr -d "\n"`
OMR_QUOTA_REAL_INTERFACE="$(ifstatus $OMR_QUOTA_INTERFACE | jsonfilter -e '@.l3_device')"
rx=`vnstat -i $OMR_QUOTA_REAL_INTERFACE --json | jsonfilter -q -e '@.interfaces[0].traffic.months[-1].rx' | tr -d "\n"`
tx=`vnstat -i $OMR_QUOTA_REAL_INTERFACE --json | jsonfilter -q -e '@.interfaces[0].traffic.months[-1].tx' | tr -d "\n"`
tt=$((rx + tx))
if [ -n "$OMR_QUOTA_RX" ] && [ "$OMR_QUOTA_RX" -gt 0 ] && [ -n "$rx" ] && [ "$OMR_QUOTA_RX" -le "$rx" ]; then
if [ "$(ifstatus $OMR_QUOTA_INTERFACE | jsonfilter -e '@.up')" = "true" ]; then

72
omr-tracker/files/etc/config/omr-tracker
View file

@ -1,34 +1,31 @@
config defaults 'defaults'
option enabled '1'
list hosts '223.5.5.5'
list hosts '223.6.6.6'
list hosts '210.2.4.8'
list hosts '180.76.76.76'
list hosts '182.254.116.116'
list hosts '114.114.115.115'
list hosts '199.85.126.10'
list hosts '199.85.127.10'
list hosts '199.85.126.20'
list hosts '199.85.127.20'
list hosts '199.85.126.30'
list hosts '199.85.126.30'
list hosts '119.29.29.29'
list hosts '182.254.118.118'
list hosts6 '2606:4700:4700::1111'
list hosts6 '2606:4700:4700::1001'
list hosts6 '2620:fe::fe'
list hosts6 '2620:fe::9'
list hosts6 '2001:4860:4860::8888'
list hosts6 '2001:4860:4860::8844'
option timeout '10'
option tries '3'
option interval '2'
option interval_tries '1'
option type 'ping'
option wait_test '0'
option server_http_test '1'
option restart_down '0'
option options ''
list hosts '4.2.2.1'
list hosts '8.8.8.8'
list hosts '80.67.169.12'
list hosts '8.8.4.4'
list hosts '9.9.9.9'
list hosts '1.0.0.1'
list hosts '114.114.115.115'
list hosts '1.2.4.8'
list hosts '80.67.169.40'
list hosts '114.114.114.114'
list hosts '1.1.1.1'
list hosts6 '2606:4700:4700::1111'
list hosts6 '2606:4700:4700::1001'
list hosts6 '2620:fe::fe'
list hosts6 '2620:fe::9'
list hosts6 '2001:4860:4860::8888'
list hosts6 '2001:4860:4860::8844'
option timeout '2'
option tries '3'
option interval '2'
option interval_tries '1'
option type 'ping'
option wait_test '0'
option server_http_test '1'
option restart_down '0'
option mail_alert '0'
config proxy 'proxy'
option enabled '1'
@ -40,23 +37,6 @@ config proxy 'proxy'
list hosts '1.1.1.1'
list hosts '74.82.42.42'
list hosts '176.103.130.130'
list hosts '125.39.174.154'
list hosts '42.236.94.154'
list hosts '113.207.102.154'
list hosts '180.163.188.24'
list hosts '115.231.187.140'
list hosts '58.211.137.140'
list hosts '117.34.14.140'
list hosts '125.39.174.140'
list hosts '42.236.94.140'
list hosts '113.207.102.140'
list hosts '49.7.40.106'
list hosts '115.231.187.137'
list hosts '113.207.102.137'
list hosts '59.36.206.4'
list hosts '59.36.206.2'
list hosts '59.36.206.1'
list hosts '59.36.206.3'
option timeout '10'
option tries '3'
option wait_test '0'

6
openmptcprouter-full/Makefile
View file

@ -28,7 +28,7 @@ MY_DEPENDS := \
iperf3-ssl luci-app-iperf \
arptables \
bind-dig \
libnetfilter-conntrack ebtables ebtables-utils ip-full \
libnetfilter-conntrack ebtables ebtables-utils ip-full nstat \
iptables-mod-iface iptables-mod-ipmark iptables-mod-hashlimit iptables-mod-condition iptables-mod-trace iptables-mod-conntrack-extra iptables-mod-account \
kmod-nf-nat kmod-nf-nathelper kmod-nf-nathelper-extra iptables-mod-extra conntrack \
iptables-mod-ipsec kmod-crypto-authenc kmod-ipsec kmod-ipsec4 kmod-ipsec6 kmod-ipt-ipsec \
@ -69,7 +69,7 @@ MY_DEPENDS := \
ca-bundle openssl-util \
dejavu-fonts-ttf-DejaVuSerif dejavu-fonts-ttf-DejaVuSerif-Bold dejavu-fonts-ttf-DejaVuSerif-Italic dejavu-fonts-ttf-DejaVuSerif-BoldItalic \
luci-app-snmpd \
iputils-tracepath v2ray-plugin netcat adb-enablemodem simple-obfs \
iputils-tracepath v2ray-plugin netcat simple-obfs \
(TARGET_x86||TARGET_x86_64):kmod-iwlwifi (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl1000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl100 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl105 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl135 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl2000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl2030 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl3160 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl3168 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl5000 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl5150 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2a (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6000g2b (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl6050 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7260 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7265 (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl7265d (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl8260c (TARGET_x86||TARGET_x86_64):iwlwifi-firmware-iwl8265 \
(TARGET_x86||TARGET_x86_64):kmod-e1000 (TARGET_x86||TARGET_x86_64):kmod-e1000e (TARGET_x86||TARGET_x86_64):kmod-igb (TARGET_x86||TARGET_x86_64):kmod-ne2k-pci (TARGET_x86||TARGET_x86_64):kmod-r8169 (TARGET_x86||TARGET_x86_64):kmod-8139too (TARGET_x86||TARGET_x86_64):kmod-bnx2 \
TARGET_mvebu:kmod-mwlwifi TARGET_mvebu:mwlwifi-firmware-88w8864 TARGET_mvebu:mwlwifi-firmware-88w8897 TARGET_mvebu:mwlwifi-firmware-88w8964 TARGET_mvebu:mwlwifi-firmware-88w8997 \
@ -79,7 +79,7 @@ MY_DEPENDS := \
kmod-rt2800-usb kmod-rtl8xxxu kmod-rtl8192cu kmod-net-rtl8192su kmod-rtl8812au-ct \
!TARGET_mvebu:luci-proto-qmi wpad-basic kmod-mt7601u kmod-rtl8187 TARGET_r4s:kmod-r8168 (TARGET_x86||TARGET_x86_64):kmod-usb-net-rtl8152 \
luci-app-mlvpn mlvpn 464xlat !TARGET_mvebu:kmod-usb-net-smsc75xx kmod-zram kmod-swconfig swconfig kmod-ipt-nat kmod-ipt-nat6 luci-app-https-dns-proxy kmod-tcp-nanqinlang (TARGET_x86_64||aarch64):kmod-tcp-bbr2 iptables-mod-ipopt igmpproxy ss iptraf-ng \
luci-app-acl block-mount blockd fstools luci-app-shutdown libwebp luci-proto-gre tcptraceroute luci-proto-mbim kmod-rtl8xxxu kmod-ath9k-htc luci-app-ttyd luci-mod-dashboard (TARGET_x86||TARGET_x86_64):rtl8192eu-firmware kmod-usb2 libustream-wolfssl (TARGET_x86||TARGET_x86_64):kmod-ixgbevf \
luci-app-acl block-mount blockd fstools luci-app-shutdown libwebp luci-proto-gre tcptraceroute luci-proto-mbim kmod-rtl8xxxu kmod-ath9k-htc luci-app-ttyd luci-mod-dashboard (TARGET_x86||TARGET_x86_64):rtl8192eu-firmware kmod-usb2 libustream-openssl (TARGET_x86||TARGET_x86_64):kmod-ixgbevf (TARGET_x86||TARGET_x86_64):kmod-igbvf \
hwinfo (TARGET_x86||TARGET_x86_64):dmidecode luci-app-packet-capture kmod-bonding luci-proto-bonding luci-app-sysupgrade \
luci-theme-openwrt-2020 luci-proto-wireguard luci-app-wireguard (TARGET_x86||TARGET_x86_64):kmod-r8125 TARGET_x86_64:kmod-atlantic
# luci-theme-bootstrap luci-theme-openwrt-2020 luci-theme-openwrt luci-app-status

28
openmptcprouter/files/bin/blocklanfw
View file

@ -1,6 +1,6 @@
#!/bin/sh
ss_rules_fw_drop() {
fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
timeout 1 fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
while IFS=$"\n" read -r c; do
fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
@ -8,18 +8,18 @@ ss_rules_fw_drop() {
fw=$((fw+1))
fi
done
fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j DROP/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
timeout 1 fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j DROP/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
while IFS=$"\n" read -r c; do
fwrule=$(echo "$c" | sed 's/DROP/REDIRECT --to-ports 65535/')
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
eval "iptables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
eval "iptables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
fw=$((fw+1))
fi
done
}
ss_rules6_fw_drop() {
fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
timeout 1 fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
while IFS=$"\n" read -r c; do
fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
@ -27,18 +27,18 @@ ss_rules6_fw_drop() {
fw=$((fw+1))
fi
done
fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j DROP/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
timeout 1 fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j DROP/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
while IFS=$"\n" read -r c; do
fwrule=$(echo "$c" | sed 's/DROP/REDIRECT --to-ports 65535/')
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
eval "ip6tables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
eval "ip6tables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null"
fw=$((fw+1))
fi
done
}
v2r_rules_fw_drop() {
fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
timeout 1 fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
while IFS=$"\n" read -r c; do
fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
@ -46,33 +46,35 @@ v2r_rules_fw_drop() {
fw=$((fw+1))
fi
done
fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j DROP/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
timeout 1 fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j DROP/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
while IFS=$"\n" read -r c; do
fwrule=$(echo "$c" | sed 's/DROP/REDIRECT --to-ports 65535/')
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
eval "iptables -t nat -I zone_lan_prerouting 1 ${fwrule} 2>&1 >/dev/null"
eval "iptables -w -t nat -I zone_lan_prerouting 1 ${fwrule} 2>&1 >/dev/null"
fw=$((fw+1))
fi
done
}
v2ray_rules6_fw_drop() {
fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
timeout 1 fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
while IFS=$"\n" read -r c; do
fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/')
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
eval "ip6tables -w -t nat -I zone_lan_prerouting 1 ${fwrule} 2>&1 >/dev/null"
fi
done
fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j DROP/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
timeout 1 fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j DROP/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' |
while IFS=$"\n" read -r c; do
fwrule=$(echo "$c" | sed 's/DROP/REDIRECT --to-ports 65535/')
if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then
eval "ip6tables -t nat -I zone_lan_prerouting 1 ${fwrule} 2>&1 >/dev/null"
eval "ip6tables -w -t nat -I zone_lan_prerouting 1 ${fwrule} 2>&1 >/dev/null"
fi
done
}
[ -n "$(pgrep blocklanfw)" ] && exit 0
[ -z "$(iptables-save | grep zone_lan)" ] && exit 0
fw=0
if [ "$(uci -q get openmptcprouter.settings.proxy)" = "shadowsocks" ]; then
ss_rules6_fw_drop
@ -81,7 +83,7 @@ elif [ "$(uci -q get openmptcprouter.settings.proxy)" = "v2ray" ]; then
v2r_rules_fw_drop
v2ray_rules6_fw_drop
fi
rule=$(fw3 -4 print | grep 'A PREROUTING' | grep zone_lan_prerouting | sed 's/-A PREROUTING/-D PREROUTING/')
rule=$(timeout 1 fw3 -4 print | grep 'A PREROUTING' | grep zone_lan_prerouting | sed 's/-A PREROUTING/-D PREROUTING/')
eval "$rule 2>&1 >/dev/null"
newrule=$(echo "$rule" | sed 's/-D PREROUTING/-I PREROUTING 1/')
eval "$newrule 2>&1 >/dev/null"

12
openmptcprouter/files/bin/omr-test-speed
View file

@ -1,8 +1,8 @@
#!/bin/sh
# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :
OVH=false
if [ "$1" = "ovh" ]; then
OVH=true
HETZNER=false
if [ "$1" = "hetzner" ]; then
HETZNER=true
INTERFACE="$2"
else
INTERFACE="$1"
@ -13,9 +13,9 @@ fi
exit 0
}
if [ "$OVH" = false ]; then
if [ "$HETZNER" = false ]; then
echo "Select best test server..."
HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://proof.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin"
HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin"
bestping="9999"
for pinghost in $HOSTLST; do
domain=$(echo $pinghost | awk -F/ '{print $3}')
@ -32,7 +32,7 @@ if [ "$OVH" = false ]; then
done
fi
[ -z "$HOST" ] && HOST="http://proof.ovh.net/files/10Gio.dat"
[ -z "$HOST" ] && HOST="https://speed.hetzner.de/10GB.bin"
echo "Best server is $HOST, running test:"
trap : HUP INT TERM

12
openmptcprouter/files/bin/omr-test-speedv6
View file

@ -1,8 +1,8 @@
#!/bin/sh
# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :
OVH=false
if [ "$1" = "ovh" ]; then
OVH=true
HETZNER=false
if [ "$1" = "hetzner" ]; then
HETZNER=true
INTERFACE="$2"
else
INTERFACE="$1"
@ -14,9 +14,9 @@ fi
}
if [ "$OVH" = false ]; then
if [ "$HETZNER" = false ]; then
echo "Select best test server..."
HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://www.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv6.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin"
HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip https://speed.hetzner.de/10GB.bin http://ipv6.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin"
bestping="9999"
for pinghost in $HOSTLST; do
domain=$(echo $pinghost | awk -F/ '{print $3}')
@ -33,7 +33,7 @@ if [ "$OVH" = false ]; then
done
fi
[ -z "$HOST" ] && HOST="http://proof.ovh.net/files/10Gio.dat"
[ -z "$HOST" ] && HOST="https://speed.hetzner.de/10GB.bin"
echo "Best server is $HOST, running test:"
trap : HUP INT TERM

14
openmptcprouter/files/etc/firewall.ttl Normal file
View file

@ -0,0 +1,14 @@
#!/bin/sh
. /lib/functions.sh
_set_ttl() {
device=$(uci -q get network.$1.name)
ttl=$(uci -q get network.$1.ttl)
if [ -n "$ttl" ] && [ -z "$(iptables-save | grep TTL | grep $device)" ]; then
iptables -w -t mangle -I POSTROUTING -o $device -j TTL --ttl-set $ttl 2>&1 >/dev/null
fi
}
config_load network
config_foreach _set_ttl device

7
openmptcprouter/files/etc/init.d/alwaysrw Executable file
View file

@ -0,0 +1,7 @@
#!/bin/sh /etc/rc.common
START=10
boot() {
[ "$(mount | grep '/dev/root' | grep 'ext4' | grep '(ro')" != "" ] && mount -o remount,rw /dev/root
}

90
openmptcprouter/files/etc/init.d/openmptcprouter-vps
View file

@ -221,6 +221,8 @@ _get_ss_redir() {
[ "$cf_fast_open" = "1" ] && fast_open="true"
config_get cf_no_delay $1 no_delay
[ "$cf_no_delay" = "1" ] && no_delay="true"
config_get cf_mptcp $1 mptcp
[ "$cf_mptcp" = "1" ] && mptcp="true"
}
_get_ss_server() {
@ -253,10 +255,12 @@ _set_ss_server_vps() {
current_obfs_type="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.obfs_type')"
current_fast_open="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.fast_open')"
current_no_delay="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.no_delay')"
current_mptcp="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.mptcp')"
ebpf="false"
fast_open="false"
no_delay="false"
mptcp="false"
obfs="false"
obfs_plugin="v2ray"
obfs_type="http"
@ -264,9 +268,9 @@ _set_ss_server_vps() {
config_foreach _get_ss_redir ss_redir
config_foreach _get_ss_server server
if [ "$current_obfs_plugin" != "$obfs_plugin" ] || [ "$current_obfs_type" != "$obfs_type" ] || [ "$current_port" != "$port" ] || [ "$current_method" != "$method" ] || [ "$current_key" != "$key" ] || [ "$current_ebpf" != "$ebpf" ] || [ "$current_obfs" != "$obfs" ] || [ "$current_fast_open" != "$fast_open" ] || [ "$current_no_delay" != "$no_delay" ]; then
if [ "$current_mptcp" != "$mptcp" ] || [ "$current_obfs_plugin" != "$obfs_plugin" ] || [ "$current_obfs_type" != "$obfs_type" ] || [ "$current_port" != "$port" ] || [ "$current_method" != "$method" ] || [ "$current_key" != "$key" ] || [ "$current_ebpf" != "$ebpf" ] || [ "$current_obfs" != "$obfs" ] || [ "$current_fast_open" != "$fast_open" ] || [ "$current_no_delay" != "$no_delay" ]; then
local settings
settings='{"port": '$port',"method":"'$method'","fast_open":'$fast_open',"reuse_port":true,"no_delay":'$no_delay',"mptcp":true,"key":"'$key'","ebpf":'$ebpf',"obfs":'$obfs',"obfs_plugin":"'$obfs_plugin'","obfs_type":"'$obfs_type'"}'
settings='{"port": '$port',"method":"'$method'","fast_open":'$fast_open',"reuse_port":true,"no_delay":'$no_delay',"mptcp":'$mptcp',"key":"'$key'","ebpf":'$ebpf',"obfs":'$obfs',"obfs_plugin":"'$obfs_plugin'","obfs_type":"'$obfs_type'"}'
_set_json "shadowsocks" "$settings"
fi
}
@ -520,7 +524,7 @@ _get_gre_tunnel() {
peeraddr="$(echo $tunnel | jsonfilter -q -e '@.remote_ip')"
ipaddr="$(echo $tunnel | jsonfilter -q -e '@.local_ip')"
publicaddr="$(echo $tunnel | jsonfilter -q -e '@.public_ip')"
if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && [ "$vpnip_local" != "" ] && ([ "$(uci -q get network.oip${i}.ipaddr)" != "$peeraddr" ] || [ "$(uci -q get network.oip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.oip${i}gre.ipaddr)" != "$vpnip_local" ]); then
if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && [ "$vpnip_local" != "" ] && ([ "$(uci -q get network.oip${i}.ipaddr)" != "$peeraddr" ] || [ "$(uci -q get network.oip${i}.gateway)" != "$ipaddr" ] || [ "$(uci -q get network.oip${i}gre.ipaddr)" != "$vpnip_local" ]); then
uci -q batch <<-EOF >/dev/null
set network.oip${i}gre=interface
set network.oip${i}gre.label="GRE tunnel for $publicaddr"
@ -555,10 +559,10 @@ _get_gre_tunnel() {
for intf in $allintf; do
uci -q add_list firewall.zone_vpn.network=$intf
done
uci -q batch <<-EOF >/dev/null
add_list firewall.zone_vpn.network="oip${i}gre"
add_list firewall.zone_vpn.network="oip${i}"
EOF
[ -z "$(uci -q get firewall.zone_vpn.network | grep oip${i}gre)" ] && {
uci -q add_list firewall.zone_vpn.network="oip${i}gre"
uci -q add_list firewall.zone_vpn.network="oip${i}"
}
ssport="$(echo $tunnel | jsonfilter -q -e '@.shadowsocks_port')"
uci -q batch <<-EOF >/dev/null
set shadowsocks-libev.oip${i}server=server
@ -736,7 +740,7 @@ _set_mptcp_vps() {
syn_retries="$(uci -q get network.globals.mptcp_syn_retries)"
congestion="$(uci -q get network.globals.congestion)"
[ -z "$congestion" ] && congestion="bbr"
if [ "$mptcp_enabled_current" != "$mptcp_enabled" ] || [ "$checksum_current" != "$checksum" ] || [ "$path_manager_current" != "$path_manager" ] || [ "$scheduler_current" != "$scheduler" ] || [ "$syn_retries_current" != "$syn_retries" ] || [ "$congestion_control_current" != "$congestion" ]; then
if [ "$mptcp_enabled_current" != "$mptcp_enabled" ] || [ "$checksum_current" != "$checksum" ] || ([ "$path_manager_current" != "" ] && [ "$path_manager_current" != "$path_manager" ]) || ([ "$scheduler_current" != "" ] && [ "$scheduler_current" != "$scheduler" ]) || ([ "$syn_retries_current" != "" ] && [ "$syn_retries_current" != "$syn_retries" ]) || [ "$congestion_control_current" != "$congestion" ]; then
settings='{"enabled" : "'$mptcp_enabled'", "checksum": "'$checksum'","path_manager": "'$path_manager'","scheduler": "'$scheduler'","syn_retries": "'$syn_retries'","congestion_control": "'$congestion'"}'
echo $(_set_json "mptcp" "$settings")
else
@ -884,6 +888,7 @@ _vps_firewall_redirect_port() {
config_get v2ray $1 v2ray "0"
config_get name $1 name
config_get dmz $1 dmz "0"
config_get target $1 target "REDIRECT"
if [ -z "$src_dport" ] && [ -n "$dest_port" ]; then
src_dport=$dest_port
fi
@ -918,42 +923,74 @@ _vps_firewall_redirect_port() {
iptables-save --counters | sed "s:-d $src_dip/32::g" | iptables-restore -w
}
[ -n "$src_ip" ] && comment=" from $src_ip"
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
if [ "$target" = "ACCEPT" ]; then
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username open router $src_dport port $protoi${comment}")
else
checkfw=$(echo "$vpsfwlist" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
fi
fi
else
if [ "$src_dip" = "" ] && [ "$src_ip" = "" ]; then
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $protoi")
if [ "$target" = "ACCEPT" ]; then
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username open router $src_dport port $protoi")
else
checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $protoi")
fi
else
comment=""
[ -n "$src_dip" ] && comment=" to $src_dip"
[ -n "$src_ip" ] && comment=" from $src_ip"
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
if [ "$target" = "ACCEPT" ]; then
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username open router $src_dport port $protoi${comment}")
else
checkfw=$(echo "$vpsfw6list" | grep "# OMR $username redirect router $src_dport port $protoi${comment}")
fi
fi
fi
if [ "$checkfw" = "" ]; then
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "'$protoi'","fwtype" : "DNAT","ipproto" : "'$family'"}'
settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","source_dip" : "'$src_dip'","source_ip" : "'$src_ip'","proto" : "'$protoi'","fwtype" : "'$target'","ipproto" : "'$family'"}'
_set_json "shorewallopen" "$settings"
fi
if [ "$family" = "ipv4" ]; then
if [ "$src_dip" = "" ] && [ "$src_ip" = "" ]; then
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
if [ "$target" = "ACCEPT" ]; then
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username open router $src_dport port $protoi")
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR open router $src_dport port $protoi")
else
vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
fi
else
comment=""
[ -n "$src_dip" ] && comment=" to $src_dip"
[ -n "$src_ip" ] && comment=" from $src_ip"
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
if [ "$target" = "ACCEPT" ]; then
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username open router $src_dport port $protoi${comment}")
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR open router $src_dport port $protoi${comment}")
else
vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
[ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
fi
fi
else
if [ "$src_dip" = "" ] && [ "$src_ip" = "" ]; then
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
if [ "$target" = "ACCEPT" ]; then
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username open router $src_dport port $protoi")
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR open router $src_dport port $protoi")
else
vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $protoi")
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $protoi")
fi
else
[ -n "$src_dip" ] && comment=" to $src_dip"
[ -n "$src_ip" ] && comment=" from $src_ip"
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
if [ "$target" = "ACCEPT" ]; then
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username open router $src_dport port $protoi${comment}")
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR open router $src_dport port $protoi${comment}")
else
vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR $username redirect router $src_dport port $protoi${comment}")
[ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "# OMR redirect router $src_dport port $protoi${comment}")
fi
fi
fi
else
@ -1084,7 +1121,7 @@ _set_vps_firewall() {
#'
fwservername=$1
[ -z "$servername" ] && servername=$fwservername
[ -n "$fwservername" ] && servername=$fwservername
[ -z "$fwservername" ] && fwservername=$servername
[ "$(uci -q get openmptcprouter.${fwservername}.nofwredirect)" = "1" ] && return
[ -z "$(uci -q get openmptcprouter.${fwservername}.username)" ] && return
@ -1509,13 +1546,18 @@ _set_config_from_vps() {
congestion="$(echo "$vps_config" | jsonfilter -q -e '@.network.congestion_control')"
uci -q batch <<-EOF >/dev/null
set network.globals.multipath=$mptcp_enabled
set network.globals.mptcp_path_manager=$mptcp_path_manager
set network.globals.mptcp_scheduler=$mptcp_scheduler
set network.globals.mptcp_checksum=$mptcp_checksum
set network.globals.mptcp_syn_retries=$mptcp_syn_retries
set network.globals.congestion=$congestion
commit network
EOF
if [ "$mptcp_path_manager" != "" ] && [ "$mptcp_scheduler" != "" ] && [ "$mptcp_syn_retries" != "" ]; then
uci -q batch <<-EOF >/dev/null
set network.globals.mptcp_path_manager=$mptcp_path_manager
set network.globals.mptcp_scheduler=$mptcp_scheduler
set network.globals.mptcp_syn_retries=$mptcp_syn_retries
commit network
EOF
fi
# Check if server get an IPv6, if not disable IPv6 on OMR
vps_ipv6_addr="$(echo "$vps_config" | jsonfilter -q -e '@.network.ipv6')"

312
openmptcprouter/files/etc/uci-defaults/1920-omr-network Executable file
View file

@ -0,0 +1,312 @@
#!/bin/sh
. /lib/functions.sh
_setup_macaddr() {
uci -q get "network.$1.macaddr" >/dev/null && return
uci -q set "network.$1.macaddr=$2"
}
_setup_macvlan() {
uci -q get "network.$1_dev.ifname" >/dev/null && return
# do not create macvlan for vlan
local _ifname
_ifname=$(uci -q get "network.$1.device")
case "$_ifname" in
eth*.*) return ;;
esac
uci -q batch <<-EOF
set network.$1_dev=device
set network.$1_dev.name=$1
set network.$1_dev.type=macvlan
set network.$1_dev.ifname=$_ifname
set network.$1_dev.mode='vepa'
set network.$1.device=$1
set network.$1.type=macvlan
set network.$1.masterintf=$_ifname
EOF
_macaddr=$(uci -q get "network.$1.macaddr")
_setup_macaddr "$1_dev" "${_macaddr:-auto$(date +%s)}"
}
#_setup_macvlan_update() {
# uci -q get "network.$1_dev.device" >/dev/null || return
#
# uci -q batch <<-EOF
# set macvlan.$1=macvlan
# set macvlan.$1.device=$_ifname
# commit macvlan
# EOF
#}
_setup_mptcp_handover_to_on() {
if [ "$(uci -q get network.$1.multipath)" = "handover" ]; then
uci -q set network.$1.multipath=on
fi
if [ "$(uci -q get openmptcprouter.$1.multipath)" = "handover" ]; then
uci -q set openmptcprouter.$1.multipath=on
fi
}
_setup_multipath_off() {
uci -q get "network.$1.multipath" >/dev/null && return
uci -q set "network.$1.multipath=off"
}
_setup_wan_interface() {
uci -q batch <<-EOF
set network.$1=interface
set network.$1.device=$2
set network.$1.proto=static
set network.$1.ip4table=wan
set network.$1.multipath=$3
set network.$1.defaultroute=0
set network.${1}_dev=device
set network.${1}_dev.name=$2
commit network
add_list firewall.@zone[1].network=$1
commit firewall
EOF
[ -n "$4" ] && uci -q set network.$1.type=$4
}
config_load network
#config_foreach _setup_macvlan_update interface
config_foreach _setup_mptcp_handover_to_on interface
if [ "$(uci -q show network.lan | grep multipath)" != "" ]; then
exit 0
fi
lanif="eth0"
if [ "$(grep rockchip /etc/os-release)" != "" ]; then
lanif="eth1"
elif [ -d /sys/class/net/lan0 -o -n "$(ip link | grep ' lan0')" ] && [ -d /sys/class/net/wan -o -n "$(ip link | grep ' wan@')" -o -n "$(ip link | grep ' wan:')" ]; then
lanif="wan"
elif [ -d /sys/class/net/lan1 -o -n "$(ip link | grep ' lan1')" ] && [ -d /sys/class/net/wan -o -n "$(ip link | grep ' wan@')" -o -n "$(ip link | grep ' wan:')" ]; then
lanif="wan"
elif [ -d /sys/class/net/lan ] || [ -n "$(ip link | grep ' lan')" ]; then
lanif="lan"
elif [ "$(swconfig list 2>&1 | grep switch0)" != "" ] && [ -d '/sys/class/net/eth1.5' ]; then
lanif="eth1.5"
uci -q batch <<-EOF
set network.@switch_vlan[0]=switch_vlan
set network.@switch_vlan[0].device='switch0'
set network.@switch_vlan[0].vlan=1
set network.@switch_vlan[0].vid=1
set network.@switch_vlan[0].ports='3 5t'
add network switch_vlan
set network.@switch_vlan[1].device='switch0'
set network.@switch_vlan[1].vlan=2
set network.@switch_vlan[1].vid=2
set network.@switch_vlan[1].ports='2 5t'
add network switch_vlan
set network.@switch_vlan[2].device='switch0'
set network.@switch_vlan[2].vlan=3
set network.@switch_vlan[2].vid=3
set network.@switch_vlan[2].ports='1 5t'
add network switch_vlan
set network.@switch_vlan[3].device='switch0'
set network.@switch_vlan[3].vlan=4
set network.@switch_vlan[3].vid=4
set network.@switch_vlan[3].ports='0 5t'
add network switch_vlan
set network.@switch_vlan[4].device='switch0'
set network.@switch_vlan[4].vlan=5
set network.@switch_vlan[4].vid=5
set network.@switch_vlan[4].ports='4 6t'
EOF
elif [ "$(swconfig list 2>&1 | grep switch0)" != "" ] && [ -d /sys/class/net/eth1 ] && [ "$(grep ipq806x /etc/os-release)" != "" ]; then
lanif="eth0.2"
elif [ "$(swconfig list 2>&1 | grep switch0)" != "" ] && [ -d /sys/class/net/eth1 ]; then
lanif="eth1"
elif [ ! -d /sys/class/net/eth1 ] && [ -d /sys/class/net/eth0 ]; then
lanif="eth0"
fi
uci -q batch <<-EOF
delete network.lan.type
set network.lan=interface
set network.lan.proto=static
set network.lan.ipaddr=192.168.100.1
set network.lan.netmask=255.255.255.0
set network.lan.device=${lanif}
set network.lan.metric=2048
set network.lan.ipv6=0
set network.lan.delegate=0
EOF
uci -q batch <<-EOF
delete network.none
delete network.wan
delete network.if6rd
reorder network.loopback=0
reorder network.globals=1
reorder network.lan=2
set network.globals.multipath=enable
EOF
# Set the ip rule for the lan with a pref of 100
uci -q show network.lan_rule >/dev/null || \
uci -q batch <<-EOF
set network.lan_rule=rule
set network.lan_rule.lookup=lan
set network.lan_rule.priority=100
EOF
if [ "$(uci -q get network.vpn0.proto)" = "none" ]; then
uci -q delete network.vpn0
fi
config_load network
config_foreach _setup_multipath_off interface
# Add the lan as a named routing table
if ! grep -s -q "lan" /etc/iproute2/rt_tables; then
echo "50 lan" >> /etc/iproute2/rt_tables
fi
uci -q set network.lan.ip4table='lan'
#uci -q set "network.lan.ip6assign=64"
# Create WAN interfaces
if [ "$(uci -q show network.wan1 | grep multipath)" = "" ] && [ -z "$(uci -q get network.wan1.multipath)" ]; then
if [ "$(grep ipq806x /etc/os-release)" != "" ]; then
_setup_wan_interface wan1 eth1.1 master
_setup_wan_interface wan2 eth1.2 on
_setup_wan_interface wan3 eth1.3 on
_setup_wan_interface wan4 eth1.4 on
elif [ "$(grep rockchip /etc/os-release)" != "" ]; then
_setup_wan_interface wan1 eth0 master macvlan
_setup_wan_interface wan2 eth0 on macvlan
_setup_macvlan wan1
_setup_macvlan wan2
elif [ "$(swconfig list 2>&1 | grep switch0)" != "" ]; then
_setup_wan_interface wan1 eth0.1 master
_setup_wan_interface wan2 eth0.2 on
_setup_wan_interface wan3 eth0.3 on
_setup_wan_interface wan4 eth0.4 on
elif [ -d /sys/class/net/wan ] || [ -n "$(ip link | grep ' wan:')" ] || [ -n "$(ip link | grep ' wan@')" ]; then
if [ -d /sys/class/net/lan0 -o -n "$(ip link | grep ' lan0')" ] && [ -d /sys/class/net/lan1 -o -n "$(ip link | grep ' lan1')" ]; then
_setup_wan_interface wan1 lan0 master
_setup_wan_interface wan2 lan1 on
_macaddr=$(uci -q get "network.lan0.macaddr")
_setup_macaddr "wan1" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
_macaddr=$(uci -q get "network.lan1.macaddr")
_setup_macaddr "wan2" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
if [ -d /sys/class/net/lan2 ] || [ -n "$(ip link | grep ' lan2')" ]; then
_setup_wan_interface wan3 lan2 on
_macaddr=$(uci -q get "network.lan2.macaddr")
_setup_macaddr "wan3" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
if [ -d /sys/class/net/lan3 ] || [ -n "$(ip link | grep ' lan3')" ]; then
_setup_wan_interface wan4 lan3 on
_macaddr=$(uci -q get "network.lan3.macaddr")
_setup_macaddr "wan4" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
fi
fi
elif [ -d /sys/class/net/lan1 -o -n "$(ip link | grep ' lan1')" ] && [ -d /sys/class/net/lan2 -o -n "$(ip link | grep ' lan2')" ]; then
_setup_wan_interface wan1 lan1 master
_setup_wan_interface wan2 lan2 on
_macaddr=$(uci -q get "network.lan1.macaddr")
_setup_macaddr "wan1" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
_macaddr=$(uci -q get "network.lan2.macaddr")
_setup_macaddr "wan2" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
if [ -d /sys/class/net/lan3 ] || [ -n "$(ip link | grep ' lan3')" ]; then
_setup_wan_interface wan3 lan3 on
_macaddr=$(uci -q get "network.lan3.macaddr")
_setup_macaddr "wan3" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
if [ -d /sys/class/net/lan4 ] || [ -n "$(ip link | grep ' lan4')" ]; then
_setup_wan_interface wan4 lan4 on
_macaddr=$(uci -q get "network.lan4.macaddr")
_setup_macaddr "wan4" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
fi
fi
else
_setup_wan_interface wan1 wan master macvlan
_setup_wan_interface wan2 wan on macvlan
_setup_macvlan wan1
_setup_macvlan wan2
fi
elif [ -d /sys/class/net/wan1 ] || [ -n "$(ip link | grep ' wan1')" ]; then
if [ -d /sys/class/net/wan2 ] || [ -n "$(ip link | grep ' wan2')" ]; then
_setup_wan_interface wan1 wan1 master
_setup_wan_interface wan2 wan2 on
_macaddr=$(uci -q get "network.wan1.macaddr")
_setup_macaddr "wan1" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
_macaddr=$(uci -q get "network.wan2.macaddr")
_setup_macaddr "wan2" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
if [ -d /sys/class/net/wan3 ] || [ -n "$(ip link | grep ' wan3')" ]; then
_setup_wan_interface wan3 wan3 on
_macaddr=$(uci -q get "network.wan3.macaddr")
_setup_macaddr "wan3" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
if [ -d /sys/class/net/wan4 ] || [ -n "$(ip link | grep ' wan4')" ]; then
_setup_wan_interface wan4 wan4 on
_macaddr=$(uci -q get "network.wan4.macaddr")
_setup_macaddr "wan4" "${_macaddr:-$(dd if=/dev/urandom bs=1024 count=1 2>/dev/null | md5sum | sed -e 's/^\(..\)\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5:\6/' -e 's/^\(.\)[13579bdf]/\10/')}"
fi
fi
else
_setup_wan_interface wan1 wan1 master macvlan
_setup_wan_interface wan2 wan1 on macvlan
_setup_macvlan wan1
_setup_macvlan wan2
fi
elif [ -d /sys/class/net/eth1 ] || [ -n "$(ip link | grep ' eth1:')" ]; then
if [ -d /sys/class/net/eth2 ] || [ -n "$(ip link | grep ' eth2:')" ]; then
_setup_wan_interface wan1 eth1 master
_setup_wan_interface wan2 eth2 on
if [ -d /sys/class/net/eth3 ] || [ -n "$(ip link | grep ' eth3:')" ]; then
_setup_wan_interface wan3 eth3 on
fi
if [ -d /sys/class/net/eth4 ] || [ -n "$(ip link | grep ' eth4:')" ]; then
_setup_wan_interface wan4 eth4 on
fi
if [ -d /sys/class/net/eth5 ] || [ -n "$(ip link | grep ' eth5:')" ]; then
_setup_wan_interface wan5 eth5 on
fi
if [ -d /sys/class/net/eth6 ] || [ -n "$(ip link | grep ' eth6:')" ]; then
_setup_wan_interface wan6 eth6 on
fi
if [ -d /sys/class/net/eth7 ] || [ -n "$(ip link | grep ' eth7:')" ]; then
_setup_wan_interface wan7 eth7 on
fi
if [ -d /sys/class/net/eth8 ] || [ -n "$(ip link | grep ' eth8:')" ]; then
_setup_wan_interface wan8 eth8 on
fi
else
_setup_wan_interface wan1 eth1 master macvlan
_setup_wan_interface wan2 eth1 on macvlan
_setup_macvlan wan1
_setup_macvlan wan2
fi
elif [ -d /sys/class/net/eth0.1 ] && [ -d /sys/class/net/eth0.2 ]; then
_setup_wan_interface wan1 eth0.1 master
_setup_wan_interface wan2 eth0.2 on
else
_setup_wan_interface wan1 eth0 master macvlan
_setup_wan_interface wan2 eth0 on macvlan
_setup_macvlan wan1
_setup_macvlan wan2
fi
#uci -q batch <<-EOF
#add network route6
#set network.@route6[-1].interface='lan'
#set network.@route6[-1].target='::/0'
#EOF
fi
# Replace omrip to oip in config for old config
sed -i 's/omrip/oip/g' /etc/config/*
# Fix config from ifname to device for loopback
uci -q delete network.loopback.ifname
uci -q set network.loopback.device='lo'
uci -q commit macvlan
uci -q commit network
rm -f /tmp/luci-indexcache
exit 0

1
openmptcprouter/files/etc/uci-defaults/1940-omr-dns
View file

@ -16,7 +16,6 @@ if [ "$(uci -q get openmptcprouter.latest_versions)" = "" ]; then
add_list dhcp.@dnsmasq[-1].server="127.0.0.1#5353"
add_list dhcp.@dnsmasq[-1].server="8.8.8.8"
add_list dhcp.@dnsmasq[-1].server="/lan/"
set dhcp.@dnsmasq[-1].dnssec='1'
commit dhcp
EOF
fi

8
openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
View file

@ -150,6 +150,14 @@ if [ "$(uci -q get firewall.gre_tunnel)" = "" ]; then
commit firewall
EOF
fi
if [ "$(uci -q get firewall.ttl)" = "" ]; then
uci -q batch <<-EOF >/dev/null
set firewall.ttl=include
set firewall.ttl.path=/etc/firewall.ttl
set firewall.ttl.reload=1
commit firewall
EOF
fi
if [ "$(uci -q get firewall.fwlantovpn)" = "" ]; then
uci -q batch <<-EOF >/dev/null
set firewall.zone_lan.auto_helper='0'

5
openmptcprouter/files/etc/uci-defaults/1990-omr-tracker
View file

@ -10,6 +10,11 @@ if [ "$(uci -q get omr-tracker.omrvpn)" = "" ]; then
set omr-tracker.omrvpn.interval=5
set omr-tracker.omrvpn.mail_alert=0
set omr-tracker.omrvpn.enabled=1
set omr-tracker.omrvpn.wait-test=0
set omr-tracker.omrvpn.server_http_test=1
set omr-tracker.omrvpn.restart_down=0
add_list omr-tracker.omrvpn.hosts='4.2.2.1'
add_list omr-tracker.omrvpn.hosts='8.8.8.8'
commit omr-tracker
EOF
fi

17
openmptcprouter/files/etc/uci-defaults/2030-omr-fstab Executable file
View file

@ -0,0 +1,17 @@
#!/bin/sh
. /lib/functions.sh
_set_fsck() {
uci -q batch <<-EOF >/dev/null
set "fstab.$1.enabled=1"
set "fstab.$1.enable_fsck=1"
EOF
}
/sbin/block detect > /etc/config/fstab
uci -q set fstab.@global[0].check_fs='1'
config_load fstab
config_foreach _set_fsck mount
uci -q commit fstab
exit 0

4
openmptcprouter/files/etc/uci-defaults/2060-omr-system
View file

@ -8,8 +8,6 @@ uci -q batch <<-EOF >/dev/null
commit rpcd
set luci.apply.timeout='20'
commit luci
set fstab.@global[0].check_fs='1'
commit fstab
EOF
if [ "$(uci -q get rpcd.@rpcd[0].socket)" != "/var/run/ubus/ubus.sock" ]; then
@ -19,8 +17,6 @@ if [ "$(uci -q get rpcd.@rpcd[0].socket)" != "/var/run/ubus/ubus.sock" ]; then
EOF
fi
/sbin/block detect > /etc/config/fstab
[ -n "$(ubus call system board | jsonfilter -e '@.board_name' | grep raspberry)" ] && [ "$(uci -q get openmptcprouter.settings.scaling_governor)" != "performance" ] && {
# force CPU speed for RPI
uci -q set openmptcprouter.settings.scaling_min_freq=$(cat /sys/devices/system/cpu/cpufreq/policy0/scaling_max_freq | tr -d "\n")

22
openmptcprouter/files/etc/uci-defaults/2091-omr-wifi
View file

@ -1,18 +1,22 @@
#!/bin/sh
if [ "$(uci -q get wireless.radio0)" != "" ]; then
if [ "$(uci -q get wireless.radio0.country)" = "" ]; then
if [ "$(uci -q get wifi-iface.radio0)" != "" ] && [ "$(uci -q get wifi-iface.default_radio0.key)" = "12345678" ]; then
if [ "$(uci -q get wifi-device.radio0.country)" = "" ]; then
uci -q batch <<-EOF >/dev/null
set wireless.radio0.country='00'
set wireless.default_radio0.skip_inactivity_poll='1'
commit wireless
set wifi-device.radio0.country='FR'
commit wifi-device
EOF
fi
if [ "$(uci -q get wireless.default_radio0.network)" = "lan" ]; then
if [ -n "$(uci -q get wifi-iface.radio0.network | grep lan)" ]; then
uci -q batch <<-EOF >/dev/null
set wireless.default_radio0.network='wifi'
commit wireless
set wifi-iface.default_radio0.network='wifi'
commit wifi-iface
EOF
fi
if [ -n "$(uci -q get wifi-device.radio0.cell_density)" ]; then
uci -q batch <<-EOF >/dev/null
delete wifi-device.radio0.cell_density
commit wifi-device
EOF
fi
fi

11
shadowsocks-libev/Makefile
View file

@ -14,12 +14,11 @@ include $(TOPDIR)/rules.mk
# - check if default mode has changed from being tcp_only
#
PKG_NAME:=shadowsocks-libev
PKG_VERSION:=3.3.5
PKG_RELEASE:=10
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION)
PKG_HASH:=cfc8eded35360f4b67e18dc447b0c00cddb29cc57a3cec48b135e5fb87433488
PKG_RELEASE:=11
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/Ysurac/shadowsocks-libev.git
PKG_SOURCE_VERSION:=410950d87d8cdf8502d8f59a79dc0ff4c7677543
PKG_VERSION:=3.3.5-$(PKG_SOURCE_VERSION)
PKG_MAINTAINER:=Ycarus (Yannick Chabanois) <ycarus@zugaina.org>

2
shadowsocks-libev/files/shadowsocks.conf
View file

@ -52,5 +52,5 @@ net.ipv4.tcp_mtu_probing = 0
# Default conntrack is too small
net.netfilter.nf_conntrack_max = 131072
net.ipv4.tcp_ecn = 1
net.ipv4.tcp_ecn = 2
#net.ipv4.tcp_sack = 0

632
shadowsocks-libev/patches/020-NOCRYPTO.patch
View file

@ -1,632 +0,0 @@
From e9fc31e06453cacf662448663f0c79ae4878fed5 Mon Sep 17 00:00:00 2001
From: Fejes Ferenc <spyff@mailbox.hu>
Date: Mon, 31 Jul 2017 12:08:11 +0200
Subject: [PATCH 01/17] No encryption initial implementation
Set cipher az "none" to disable encryption.
---
completions/bash/ss-local | 2 +-
completions/bash/ss-manager | 2 +-
completions/bash/ss-redir | 2 +-
completions/bash/ss-server | 4 ++--
completions/bash/ss-tunnel | 2 +-
completions/zsh/_ss-local | 2 +-
completions/zsh/_ss-manager | 2 +-
completions/zsh/_ss-redir | 2 +-
completions/zsh/_ss-server | 2 +-
completions/zsh/_ss-tunnel | 2 +-
doc/shadowsocks-libev.asciidoc | 4 +++-
doc/ss-local.asciidoc | 4 +++-
doc/ss-manager.asciidoc | 4 +++-
doc/ss-redir.asciidoc | 4 +++-
doc/ss-server.asciidoc | 4 +++-
doc/ss-tunnel.asciidoc | 4 +++-
src/Makefile.am | 3 ++-
src/crypto.c | 15 +++++++++++++++
src/noencrypt.c | 25 +++++++++++++++++++++++++
src/noencrypt.h | 11 +++++++++++
src/server.c | 2 +-
src/stream.c | 17 ++++++++---------
src/utils.c | 2 +-
27 files changed, 100 insertions(+), 37 deletions(-)
create mode 100644 src/noencrypt.c
create mode 100644 src/noencrypt.h
diff --git a/completions/bash/ss-local b/completions/bash/ss-local
index 0186ccc4..57fa318b 100644
--- a/completions/bash/ss-local
+++ b/completions/bash/ss-local
@@ -2,7 +2,7 @@ _ss_local()
{
local cur prev opts ciphers
opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -v -h --reuse-port --fast-open --acl --mtu --mptcp --no-delay --key --plugin --plugin-opts --help'
- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
cur=${COMP_WORDS[COMP_CWORD]}
prev="${COMP_WORDS[COMP_CWORD-1]}"
case "$prev" in
diff --git a/completions/bash/ss-manager b/completions/bash/ss-manager
index d3168a3b..de13c9e9 100644
--- a/completions/bash/ss-manager
+++ b/completions/bash/ss-manager
@@ -2,7 +2,7 @@ _ss_manager()
{
local cur prev opts ciphers
opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -v -h --reuse-port --manager-address --executable --mtu --mptcp --plugin --plugin-opts --help'
- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
cur=${COMP_WORDS[COMP_CWORD]}
prev="${COMP_WORDS[COMP_CWORD-1]}"
case "$prev" in
diff --git a/completions/bash/ss-redir b/completions/bash/ss-redir
index 9a14efe8..fdc7b21e 100644
--- a/completions/bash/ss-redir
+++ b/completions/bash/ss-redir
@@ -2,7 +2,7 @@ _ss_redir()
{
local cur prev opts ciphers
opts='-s -p -l -k -m -a -f -t -c -n -b -u -U -T -v -h --reuse-port --mtu --mptcp --key --plugin --plugin-opts --help'
- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
cur=${COMP_WORDS[COMP_CWORD]}
prev="${COMP_WORDS[COMP_CWORD-1]}"
case "$prev" in
diff --git a/completions/bash/ss-server b/completions/bash/ss-server
index cec983ce..d8f3c298 100644
--- a/completions/bash/ss-server
+++ b/completions/bash/ss-server
@@ -1,8 +1,8 @@
_ss_server()
{
local cur prev opts ciphers
- opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -6 -d -v -h --reuse-port --fast-open --acl --manager-address --mtu --mptcp --no-delay --key --plugin --plugin-opts --help'
- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
+ opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -6 -d -v -h --reuse-port --fast-open --acl --manager-address --mtu --mptcp --key --plugin --plugin-opts --help'
+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
COMPREPLY=()
cur=${COMP_WORDS[COMP_CWORD]}
prev="${COMP_WORDS[COMP_CWORD-1]}"
diff --git a/completions/bash/ss-tunnel b/completions/bash/ss-tunnel
index 707dc7a9..2e119098 100644
--- a/completions/bash/ss-tunnel
+++ b/completions/bash/ss-tunnel
@@ -2,7 +2,7 @@ _ss_tunnel()
{
local cur prev opts ciphers
opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -L -v -h --reuse-port --mtu --mptcp --key --plugin --plugin-opts --help'
- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf'
cur=${COMP_WORDS[COMP_CWORD]}
prev="${COMP_WORDS[COMP_CWORD-1]}"
compopt +o nospace
diff --git a/completions/zsh/_ss-local b/completions/zsh/_ss-local
index c56ed521..8b12b767 100644
--- a/completions/zsh/_ss-local
+++ b/completions/zsh/_ss-local
@@ -1,7 +1,7 @@
#compdef ss-local
local ciphers
-ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
_arguments "-h::" \
"-s:server host:_hosts" \
diff --git a/completions/zsh/_ss-manager b/completions/zsh/_ss-manager
index 3e65f6c8..66c101a1 100644
--- a/completions/zsh/_ss-manager
+++ b/completions/zsh/_ss-manager
@@ -1,7 +1,7 @@
#compdef ss-manager
local ciphers
-ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
_arguments "-h::" \
"-s:server host:_hosts" \
diff --git a/completions/zsh/_ss-redir b/completions/zsh/_ss-redir
index 4f3b065e..6ef867f3 100644
--- a/completions/zsh/_ss-redir
+++ b/completions/zsh/_ss-redir
@@ -1,7 +1,7 @@
#compdef ss-redir
local ciphers
-ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
_arguments "-h::" \
"-s:server host:_hosts" \
diff --git a/completions/zsh/_ss-server b/completions/zsh/_ss-server
index 8d9f4316..76bae33c 100644
--- a/completions/zsh/_ss-server
+++ b/completions/zsh/_ss-server
@@ -1,7 +1,7 @@
#compdef ss-server
local ciphers
-ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
_arguments "-h::" \
"-s:server host:_hosts" \
diff --git a/completions/zsh/_ss-tunnel b/completions/zsh/_ss-tunnel
index 5a269900..248451f9 100644
--- a/completions/zsh/_ss-tunnel
+++ b/completions/zsh/_ss-tunnel
@@ -1,7 +1,7 @@
#compdef ss-tunnel
local ciphers
-ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)'
_arguments "-h::" \
"-s:server host:_hosts" \
diff --git a/doc/shadowsocks-libev.asciidoc b/doc/shadowsocks-libev.asciidoc
index 5a62f669..f0844a3f 100644
--- a/doc/shadowsocks-libev.asciidoc
+++ b/doc/shadowsocks-libev.asciidoc
@@ -54,7 +54,9 @@ Set the key directly. The key should be encoded with URL-safe Base64.
Not available in manager mode.
-m <encrypt_method>::
-Set the cipher.
+Set the cipher or turn off the encryption.
++
+To disable encryption use `none` as cipher.
+
*Shadowsocks-libev* accepts 18 different ciphers:
+
diff --git a/doc/ss-local.asciidoc b/doc/ss-local.asciidoc
index 931fcd54..82439e0f 100644
--- a/doc/ss-local.asciidoc
+++ b/doc/ss-local.asciidoc
@@ -49,7 +49,9 @@ Set the password. The server and the client should use the same password.
Set the key directly. The key should be encoded with URL-safe Base64.
-m <encrypt_method>::
-Set the cipher.
+Set the cipher or turn off the encryption.
++
+To disable encryption use `none` as cipher.
+
*Shadowsocks-libev* accepts 18 different ciphers:
+
diff --git a/doc/ss-manager.asciidoc b/doc/ss-manager.asciidoc
index f344cffa..bc00cac0 100644
--- a/doc/ss-manager.asciidoc
+++ b/doc/ss-manager.asciidoc
@@ -41,7 +41,9 @@ Set the server's hostname or IP.
Set the password. The server and the client should use the same password.
-m <encrypt_method>::
-Set the cipher.
+Set the cipher or turn off the encryption.
++
+To disable encryption use `none` as cipher.
+
*Shadowsocks-libev* accepts 18 different ciphers:
+
diff --git a/doc/ss-redir.asciidoc b/doc/ss-redir.asciidoc
index f9195b31..6a0207f0 100644
--- a/doc/ss-redir.asciidoc
+++ b/doc/ss-redir.asciidoc
@@ -48,7 +48,9 @@ Set the password. The server and the client should use the same password.
Set the key directly. The key should be encoded with URL-safe Base64.
-m <encrypt_method>::
-Set the cipher.
+Set the cipher or turn off the encryption.
++
+To disable encryption use `none` as cipher.
+
*Shadowsocks-libev* accepts 18 different ciphers:
+
diff --git a/doc/ss-server.asciidoc b/doc/ss-server.asciidoc
index 866f0605..0fbacb0c 100644
--- a/doc/ss-server.asciidoc
+++ b/doc/ss-server.asciidoc
@@ -46,7 +46,9 @@ Set the password. The server and the client should use the same password.
Set the key directly. The key should be encoded with URL-safe Base64.
-m <encrypt_method>::
-Set the cipher.
+Set the cipher or turn off the encryption.
++
+To disable encryption use `none` as cipher.
+
*Shadowsocks-libev* accepts 18 different ciphers:
+
diff --git a/doc/ss-tunnel.asciidoc b/doc/ss-tunnel.asciidoc
index b4b3e6ec..96ab1d5e 100644
--- a/doc/ss-tunnel.asciidoc
+++ b/doc/ss-tunnel.asciidoc
@@ -48,7 +48,9 @@ Set the password. The server and the client should use the same password.
Set the key directly. The key should be encoded with URL-safe Base64.
-m <encrypt_method>::
-Set the cipher.
+Set the cipher or turn off the encryption.
++
+To disable encryption use `none` as cipher.
+
*Shadowsocks-libev* accepts 18 different ciphers:
+
diff --git a/src/Makefile.am b/src/Makefile.am
index dcc5fd9b..2e689b7a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -31,7 +31,8 @@ crypto_src = crypto.c \
aead.c \
stream.c \
ppbloom.c \
- base64.c
+ base64.c \
+ noencrypt.c
plugin_src = plugin.c
diff --git a/src/crypto.c b/src/crypto.c
index df608cea..8c9044f6 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -41,6 +41,7 @@
#include "aead.h"
#include "utils.h"
#include "ppbloom.h"
+#include "noencrypt.h"
int
balloc(buffer_t *ptr, size_t capacity)
@@ -144,6 +145,20 @@ crypto_init(const char *password, const char *key, const char *method)
#endif
if (method != NULL) {
+ if (strncmp(method, "none", 4) == 0) {
+ crypto_t *crypto = (crypto_t *) malloc(sizeof(crypto_t));
+ crypto_t temp = {
+ .chiper = NULL,
+ .encrypt_all = &none_stream_all,
+ .decrypt_all = &none_stream_all,
+ .encrypt = &none_stream,
+ .decrypt = &none_stream,
+ .ctx_init = &none_stream_ctx_init,
+ .ctx_release = &none_stream_ctx_release,
+ };
+ memcpy(crypto, &temp, sizeof(crypto_t));
+ return crypto;
+ }
for (i = 0; i < STREAM_CIPHER_NUM; i++)
if (strcmp(method, supported_stream_ciphers[i]) == 0) {
m = i;
diff --git a/src/noencrypt.c b/src/noencrypt.c
new file mode 100644
index 00000000..1804aaa5
--- /dev/null
+++ b/src/noencrypt.c
@@ -0,0 +1,25 @@
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "noencrypt.h"
+
+int
+none_stream (buffer_t *chipertext, chiper_ctx_t *chiper_ctx, size_t capacity) {
+ return CRYPTO_OK;
+}
+
+int
+none_stream_all (buffer_t *plaintext, chiper_t *chiper, size_t capacity) {
+ return CRYPTO_OK;
+}
+
+void
+none_stream_ctx_init (chiper_t *chiper, chiper_ctx_t *chiper_ctx, int enc) {
+ ;
+}
+
+void
+plain_stream_ctx_release (chiper_ctx_t *chiper_ctx) {
+ ;
+}
\ No newline at end of file
diff --git a/src/noencrypt.h b/src/noencrypt.h
new file mode 100644
index 00000000..38057da7
--- /dev/null
+++ b/src/noencrypt.h
@@ -0,0 +1,11 @@
+#ifndef _NOENCRYPT_H
+#define _NOENCRYPT_H
+
+#include "noencrypt.h"
+
+int none_stream_all(buffer_t *, cipher_t *, size_t);
+int none_stream(buffer_t *, cipher_ctx_t *, size_t);
+int none_stream_ctx_init(cipher_t *, cipher_ctx_t *, int);
+int none_stream_ctx_release(cipher_ctx_t *);
+
+#endif _NOENCRYPT_H
\ No newline at end of file
diff --git a/src/server.c b/src/server.c
index 3132c4d4..5fa87c28 100644
--- a/src/server.c
+++ b/src/server.c
@@ -1710,7 +1710,7 @@ main(int argc, char **argv)
}
if (server_num == 0 || server_port == NULL
- || (password == NULL && key == NULL)) {
+ || (strncmp(method, "none", 4) && password == NULL && key == NULL)) {
usage();
exit(EXIT_FAILURE);
}
diff --git a/src/stream.c b/src/stream.c
index 5196c9ef..12c8be33 100644
--- a/src/stream.c
+++ b/src/stream.c
@@ -72,8 +72,7 @@
*
*/
-#define NONE -1
-#define TABLE 0
+#define NONE 0
#define RC4 1
#define RC4_MD5 2
#define AES_128_CFB 3
@@ -96,7 +95,7 @@
#define CHACHA20IETF 20
const char *supported_stream_ciphers[STREAM_CIPHER_NUM] = {
- "table",
+ "none",
"rc4",
"rc4-md5",
"aes-128-cfb",
@@ -198,7 +197,7 @@ cipher_key_size(const cipher_t *cipher)
const cipher_kt_t *
stream_get_cipher_type(int method)
{
- if (method <= TABLE || method >= STREAM_CIPHER_NUM) {
+ if (method <= NONE || method >= STREAM_CIPHER_NUM) {
LOGE("stream_get_cipher_type(): Illegal method");
return NULL;
}
@@ -224,7 +223,7 @@ stream_get_cipher_type(int method)
void
stream_cipher_ctx_init(cipher_ctx_t *ctx, int method, int enc)
{
- if (method <= TABLE || method >= STREAM_CIPHER_NUM) {
+ if (method <= NONE || method >= STREAM_CIPHER_NUM) {
LOGE("stream_ctx_init(): Illegal method");
return;
}
@@ -622,7 +621,7 @@ stream_ctx_init(cipher_t *cipher, cipher_ctx_t *cipher_ctx, int enc)
cipher_t *
stream_key_init(int method, const char *pass, const char *key)
{
- if (method <= TABLE || method >= STREAM_CIPHER_NUM) {
+ if (method <= NONE || method >= STREAM_CIPHER_NUM) {
LOGE("cipher->key_init(): Illegal method");
return NULL;
}
@@ -666,9 +665,9 @@ stream_key_init(int method, const char *pass, const char *key)
cipher_t *
stream_init(const char *pass, const char *key, const char *method)
{
- int m = TABLE;
+ int m = NONE;
if (method != NULL) {
- for (m = TABLE; m < STREAM_CIPHER_NUM; m++)
+ for (m = NONE; m < STREAM_CIPHER_NUM; m++)
if (strcmp(method, supported_stream_ciphers[m]) == 0) {
break;
}
@@ -677,7 +676,7 @@ stream_init(const char *pass, const char *key, const char *method)
m = RC4_MD5;
}
}
- if (m == TABLE) {
+ if (m == NONE) {
LOGE("Table is deprecated");
return NULL;
}
diff --git a/src/utils.c b/src/utils.c
index b9142e7e..70bc99bb 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -289,7 +289,7 @@ usage()
printf(
" -k <password> Password of your remote server.\n");
printf(
- " -m <encrypt_method> Encrypt method: rc4-md5, \n");
+ " -m <encrypt_method> Encrypt method: none, rc4-md5, \n");
printf(
" aes-128-gcm, aes-192-gcm, aes-256-gcm,\n");
printf(
From 4cbca114514b06a5cbc6c2bab21929fe861852fb Mon Sep 17 00:00:00 2001
From: Fejes Ferenc <spyff@mailbox.hu>
Date: Mon, 31 Jul 2017 12:39:58 +0200
Subject: [PATCH 06/17] Fixes
---
src/crypto.c | 2 +-
src/noencrypt.h | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/crypto.c b/src/crypto.c
index 8c9044f6..98edee4f 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -148,7 +148,7 @@ crypto_init(const char *password, const char *key, const char *method)
if (strncmp(method, "none", 4) == 0) {
crypto_t *crypto = (crypto_t *) malloc(sizeof(crypto_t));
crypto_t temp = {
- .chiper = NULL,
+ .cipher = NULL,
.encrypt_all = &none_stream_all,
.decrypt_all = &none_stream_all,
.encrypt = &none_stream,
diff --git a/src/noencrypt.h b/src/noencrypt.h
index 38057da7..206c18de 100644
--- a/src/noencrypt.h
+++ b/src/noencrypt.h
@@ -5,7 +5,7 @@
int none_stream_all(buffer_t *, cipher_t *, size_t);
int none_stream(buffer_t *, cipher_ctx_t *, size_t);
-int none_stream_ctx_init(cipher_t *, cipher_ctx_t *, int);
-int none_stream_ctx_release(cipher_ctx_t *);
+void none_stream_ctx_init(cipher_t *, cipher_ctx_t *, int);
+void none_stream_ctx_release(cipher_ctx_t *);
-#endif _NOENCRYPT_H
\ No newline at end of file
+#endif //_NOENCRYPT_H
\ No newline at end of file
From 07607127317804319b0cb358080516ee99cf30e0 Mon Sep 17 00:00:00 2001
From: Fejes Ferenc <spyff@mailbox.hu>
Date: Mon, 31 Jul 2017 12:57:46 +0200
Subject: [PATCH 08/17] fixed typenames
---
src/noencrypt.c | 8 ++++----
src/noencrypt.h | 2 +-
3 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/src/noencrypt.c b/src/noencrypt.c
index 1804aaa5..114c908d 100644
--- a/src/noencrypt.c
+++ b/src/noencrypt.c
@@ -5,21 +5,21 @@
#include "noencrypt.h"
int
-none_stream (buffer_t *chipertext, chiper_ctx_t *chiper_ctx, size_t capacity) {
+none_stream (buffer_t *chipertext, cipher_ctx_t *chiper_ctx, size_t capacity) {
return CRYPTO_OK;
}
int
-none_stream_all (buffer_t *plaintext, chiper_t *chiper, size_t capacity) {
+none_stream_all (buffer_t *plaintext, cipher_t *chiper, size_t capacity) {
return CRYPTO_OK;
}
void
-none_stream_ctx_init (chiper_t *chiper, chiper_ctx_t *chiper_ctx, int enc) {
+none_stream_ctx_init (chiper_t *chiper, cipher_ctx_t *chiper_ctx, int enc) {
;
}
void
-plain_stream_ctx_release (chiper_ctx_t *chiper_ctx) {
+plain_stream_ctx_release (cipher_ctx_t *chiper_ctx) {
;
}
\ No newline at end of file
diff --git a/src/noencrypt.h b/src/noencrypt.h
index 206c18de..48954115 100644
--- a/src/noencrypt.h
+++ b/src/noencrypt.h
@@ -1,7 +1,7 @@
#ifndef _NOENCRYPT_H
#define _NOENCRYPT_H
-#include "noencrypt.h"
+#include "crypto.h"
int none_stream_all(buffer_t *, cipher_t *, size_t);
int none_stream(buffer_t *, cipher_ctx_t *, size_t);
From 4d1c15ba49a58359234174e775b509efa07bbb95 Mon Sep 17 00:00:00 2001
From: Fejes Ferenc <spyff@mailbox.hu>
Date: Mon, 31 Jul 2017 13:14:53 +0200
Subject: [PATCH 09/17] small fix
---
src/noencrypt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/noencrypt.c b/src/noencrypt.c
index 114c908d..8ddcaabb 100644
--- a/src/noencrypt.c
+++ b/src/noencrypt.c
@@ -15,7 +15,7 @@ none_stream_all (buffer_t *plaintext, cipher_t *chiper, size_t capacity) {
}
void
-none_stream_ctx_init (chiper_t *chiper, cipher_ctx_t *chiper_ctx, int enc) {
+none_stream_ctx_init (cipher_t *chiper, cipher_ctx_t *chiper_ctx, int enc) {
;
}
From 01294c25e8e02c399a9df17a13758e7f9f16ed8f Mon Sep 17 00:00:00 2001
From: Fejes Ferenc <spyff@mailbox.hu>
Date: Mon, 31 Jul 2017 13:22:44 +0200
Subject: [PATCH 11/17] Do not optimize away the unused variablas
---
src/noencrypt.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/noencrypt.c b/src/noencrypt.c
index 8ddcaabb..e9bf017d 100644
--- a/src/noencrypt.c
+++ b/src/noencrypt.c
@@ -6,20 +6,22 @@
int
none_stream (buffer_t *chipertext, cipher_ctx_t *chiper_ctx, size_t capacity) {
+ (void) chipertext; (void) chiper_ctx; (void) capacity;
return CRYPTO_OK;
}
int
none_stream_all (buffer_t *plaintext, cipher_t *chiper, size_t capacity) {
+ (void) plaintext; (void) chiper; (void) capacity;
return CRYPTO_OK;
}
void
none_stream_ctx_init (cipher_t *chiper, cipher_ctx_t *chiper_ctx, int enc) {
- ;
+ (void) chiper; (void) chiper_ctx; (void) enc;
}
void
plain_stream_ctx_release (cipher_ctx_t *chiper_ctx) {
- ;
+ (void) chiper_ctx;
}
\ No newline at end of file
From 1b0c88066515ea496c00049cb5aff92decdbe05a Mon Sep 17 00:00:00 2001
From: Fejes Ferenc <spyff@mailbox.hu>
Date: Mon, 31 Jul 2017 13:39:57 +0200
Subject: [PATCH 13/17] code fix
---
src/noencrypt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/noencrypt.c b/src/noencrypt.c
index e9bf017d..76253647 100644
--- a/src/noencrypt.c
+++ b/src/noencrypt.c
@@ -22,6 +22,6 @@ none_stream_ctx_init (cipher_t *chiper, cipher_ctx_t *chiper_ctx, int enc) {
}
void
-plain_stream_ctx_release (cipher_ctx_t *chiper_ctx) {
+none_stream_ctx_release (cipher_ctx_t *chiper_ctx) {
(void) chiper_ctx;
}
\ No newline at end of file

3
shortcut-fe/src/Kconfig
View file

@ -5,7 +5,8 @@
config SHORTCUT_FE
tristate "Shortcut Forwarding Engine"
depends on NF_CONNTRACK
---help---
default n
help
Shortcut is a fast in-kernel packet forwarding engine.
To compile this code as a module, choose M here: the module will be

2
speedtestc/Makefile
View file

@ -12,7 +12,7 @@ PKG_RELEASE:=3
PKG_SOURCE_URL:=https://github.com/mobrembski/SpeedTestC.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=64f8d8288cbbaa596a408fd3051a2b5bc831faa9
PKG_SOURCE_VERSION:=5bd807bc32269321e500a7e7d36b8ec3fefa5f47
PKG_MAINTAINER:=Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
PKG_LICENSE:=GPL-2.0
PKG_BUILD_PARALLEL:=0

38
speedtestc/patches/compile-fix.patch
View file

@ -1,38 +0,0 @@
diff --git a/src/SpeedtestConfig.c b/SpeedTestC/src/SpeedtestConfig.c
index 7b60a59..d9f58c9 100644
--- a/src/SpeedtestConfig.c
+++ b/src/SpeedtestConfig.c
@@ -50,7 +50,7 @@ static void parseClient(const char *configline, SPEEDTESTCONFIG_T **result_p)
char lat[16] = {0};
char lon[16] = {0};
- if(sscanf(configline,"%*[^\"]\"%15[^\"]\"%*[^\"]\"%15[^\"]\"%*[^\"]\"%15[^\"]\"%*[^\"]\"%255[^\"]\"",
+ if(sscanf(configline,"%*[^\"]\"%15[^\"]\"%*[^\"]\"%20[^\"]\"%*[^\"]\"%20[^\"]\"%*[^\"]\"%255[^\"]\"",
result->ip, lat, lon, result->isp)!=4)
{
fprintf(stderr,"Cannot parse all fields! Config line: %s", configline);
diff --git a/src/SpeedtestDownloadTest.c b/src/SpeedtestDownloadTest.c
index 54ed45d..545582a 100644
--- a/src/SpeedtestDownloadTest.c
+++ b/src/SpeedtestDownloadTest.c
@@ -32,7 +32,7 @@ static void *__downloadThread(void *arg)
return NULL;
}
-void testDownload(const char *url)
+void testDownload(char *url)
{
size_t numOfThreads = speedTestConfig->downloadThreadConfig.count *
speedTestConfig->downloadThreadConfig.sizeLength;
diff --git a/src/SpeedtestDownloadTest.h b/src/SpeedtestDownloadTest.h
index e341f31..45e9d9a 100644
--- a/src/SpeedtestDownloadTest.h
+++ b/src/SpeedtestDownloadTest.h
@@ -1,6 +1,6 @@
#ifndef _SPEEDTEST_DOWNLOAD_TEST_
#define _SPEEDTEST_DOWNLOAD_TEST_
-void testDownload(const char *url);
+void testDownload(char *url);
#endif

22
speedtestc/patches/user-agent.patch
View file

@ -1,22 +0,0 @@
diff --git a/src/http.c b/src/http.c
index 45d7281..99f9cfd 100644
--- a/src/http.c
+++ b/src/http.c
@@ -88,7 +88,7 @@ sock_t httpPut(char* pAddress, int pPort, char* pRequest, unsigned long contentS
Leaving it uninitialized gives us random high value.*/
sprintf(buffer, "POST %s HTTP/1.1\r\n"
"Host: %s\r\n"
- "User-Agent: SPEEDTEST_CLIENT\r\n"
+ "User-Agent: OMR_SPEEDTEST_CLIENT\r\n"
"Content-Type: application/x-www-form-urlencoded\r\n"
"Connection: keep-alive\r\n"
"Content-Length: %lu\r\n"
@@ -131,7 +131,7 @@ sock_t httpGet(char* pAddress, int pPort, char* pRequest, int ssl)
sprintf(buffer, "GET %s HTTP/1.1\r\n"
"Host: %s\r\n"
- "User-Agent: SPEEDTEST_CLIENT\r\n"
+ "User-Agent: OMR_SPEEDTEST_CLIENT\r\n"
"Connection: close\r\n"
"\r\n", pRequest, pAddress);

8
tracebox/Makefile
View file

@ -14,11 +14,13 @@ PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_URL:=https://github.com/tracebox/tracebox.git
PKG_SOURCE_URL:=https://github.com/dreibh/tracebox.git
#https://github.com/tracebox/tracebox.git
PKG_MAINTAINER:=Ycarus <ycarus@zugaina.org>
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=v0.4.4
PKG_SOURCE_VERSION:=4ad40ea43354038a04ad90aedae5874801c223e8
#v0.4.4
PKG_FIXUP:=autoreconf
@ -43,7 +45,7 @@ CONFIGURE_VARS += \
CONFIGURE_ARGS += --enable-sniffer --enable-curl --with-libpcap="$(STAGING_DIR)/usr/include/"
EXTRA_CPPFLAGS += -fpermissive -Wno-variadic-macros
EXTRA_CPPFLAGS += -fpermissive -Wno-variadic-macros -std=c++14
TARGET_CFLAGS += -D_GNU_SOURCE

47
umbim/Makefile
View file

@ -1,47 +0,0 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=umbim
PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/project/umbim.git
PKG_SOURCE_DATE:=2019-09-11
PKG_SOURCE_VERSION:=184b707ddaa0acee84d02e0ffe599cb8b67782bd
PKG_MIRROR_HASH:=482ff69144f81fafed99035840f5a24e772472f2df2f3ac0219d6de791ac5835
PKG_MAINTAINER:=John Crispin <john@phrozen.org>
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=
PKG_BUILD_PARALLEL:=1
PKG_FLAGS:=nonshared
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/umbim
SECTION:=net
CATEGORY:=Network
SUBMENU:=WWAN
DEPENDS:=+libubox +kmod-usb-net +kmod-usb-net-cdc-mbim +wwan
TITLE:=Control utility for mobile broadband modems
endef
define Package/umbim/description
umbim is a command line tool for controlling mobile broadband modems using
the MBIM-protocol.
endef
TARGET_CFLAGS += \
-I$(STAGING_DIR)/usr/include -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections
define Package/umbim/install
$(INSTALL_DIR) $(1)/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/umbim $(1)/sbin/
$(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,umbim))

240
umbim/files/lib/netifd/proto/mbim.sh
View file

@ -1,240 +0,0 @@
#!/bin/sh
[ -n "$INCLUDE_ONLY" ] || {
. /lib/functions.sh
. ../netifd-proto.sh
init_proto "$@"
}
#DBG=-v
proto_mbim_init_config() {
available=1
no_device=1
proto_config_add_string "device:device"
proto_config_add_string pdptype
proto_config_add_string apn
proto_config_add_string pincode
proto_config_add_string delay
proto_config_add_string auth
proto_config_add_string username
proto_config_add_string password
proto_config_add_defaults
}
_proto_mbim_setup() {
local interface="$1"
local tid=2
local device pdptype apn pincode delay auth username password $PROTO_DEFAULT_OPTIONS
json_get_vars device pdptype apn pincode delay auth username password $PROTO_DEFAULT_OPTIONS
[ -n "$ctl_device" ] && device=$ctl_device
pdptype=$(echo "$pdptype" | awk '{print tolower($0)}')
case "$pdptype" in
ip )
pdptype="ipv4"
;;
ipv4 | ipv6 | ipv4v6 | ipv4-and-ipv6 )
;;
* ) pdptype="default" ;;
esac
[ -n "$device" ] || {
echo "mbim[$$]" "No control device specified"
proto_notify_error "$interface" NO_DEVICE
proto_set_available "$interface" 0
return 1
}
[ -c "$device" ] || {
echo "mbim[$$]" "The specified control device does not exist"
proto_notify_error "$interface" NO_DEVICE
proto_set_available "$interface" 0
return 1
}
devname="$(basename "$device")"
devpath="$(readlink -f /sys/class/usbmisc/$devname/device/)"
ifname="$( ls "$devpath"/net )"
[ -n "$ifname" ] || {
echo "mbim[$$]" "Failed to find matching interface"
proto_notify_error "$interface" NO_IFNAME
proto_set_available "$interface" 0
return 1
}
[ -n "$apn" ] || {
echo "mbim[$$]" "No APN specified"
proto_notify_error "$interface" NO_APN
return 1
}
[ -n "$delay" ] && sleep "$delay"
echo "mbim[$$]" "Reading capabilities"
umbim $DBG -n -d $device caps || {
echo "mbim[$$]" "Failed to read modem caps"
proto_notify_error "$interface" PIN_FAILED
return 1
}
tid=$((tid + 1))
[ "$pincode" ] && {
echo "mbim[$$]" "Sending pin"
umbim $DBG -n -t $tid -d $device unlock "$pincode" || {
echo "mbim[$$]" "Unable to verify PIN"
proto_notify_error "$interface" PIN_FAILED
proto_block_restart "$interface"
return 1
}
}
tid=$((tid + 1))
echo "mbim[$$]" "Checking pin"
local pinstate="/var/run/mbim.$$.pinstate"
umbim $DBG -n -t $tid -d $device pinstate > "$pinstate" 2>&1 || {
local pin
pin=$(awk '$2=="pin:" {print $5}' "$pinstate")
# we only need pin1 (the SIM pin) to connect
[ "$pin" = "pin1" ] && {
echo "mbim[$$]" "PIN required"
proto_notify_error "$interface" PIN_FAILED
proto_block_restart "$interface"
return 1
}
}
tid=$((tid + 1))
echo "mbim[$$]" "Checking subscriber"
umbim $DBG -n -t $tid -d $device subscriber || {
echo "mbim[$$]" "Subscriber init failed"
proto_notify_error "$interface" NO_SUBSCRIBER
return 1
}
tid=$((tid + 1))
echo "mbim[$$]" "Register with network"
umbim $DBG -n -t $tid -d $device registration || {
echo "mbim[$$]" "Subscriber registration failed"
proto_notify_error "$interface" NO_REGISTRATION
return 1
}
tid=$((tid + 1))
echo "mbim[$$]" "Attach to network"
umbim $DBG -n -t $tid -d $device attach || {
echo "mbim[$$]" "Failed to attach to network"
proto_notify_error "$interface" ATTACH_FAILED
return 1
}
tid=$((tid + 1))
echo "mbim[$$]" "Connect to network"
while ! umbim $DBG -n -t $tid -d $device connect "$pdptype:$apn" "$auth" "$username" "$password"; do
tid=$((tid + 1))
sleep 1;
done
tid=$((tid + 1))
echo "mbim[$$]" "Connected, obtain IP address and configure interface"
local config="/var/run/mbim.$$.config"
umbim $DBG -n -t $tid -d $device config > "$config" || {
echo "mbim[$$]" "Failed to obtain IP address"
proto_notify_error "$interface" CONFIG_FAILED
return 1
}
tid=$((tid + 1))
proto_init_update "$ifname" 1
proto_add_data
json_add_int tid $tid
proto_close_data
proto_send_update "$interface"
local ip_4 ip_6
ip_4=$(awk '$1=="ipv4address:" {print $2}' "$config")
ip_6=$(awk '$1=="ipv6address:" {print $2}' "$config")
[ -n "$ip_4" ] || [ -n "$ip_6" ] || {
echo "mbim[$$]" "Failed to obtain IP addresses"
proto_notify_error "$interface" CONFIG_FAILED
return 1
}
proto_init_update "$ifname" 1
proto_set_keep 1
local ip mask gateway mtu dns dns_servers
[ -n "$ip_4" ] && {
echo "mbim[$$]" "Configure IPv4 on $ifname"
ip=${ip_4%%/*}
mask=${ip_4##*/}
gateway=$(awk '$1=="ipv4gateway:" {print $2}' "$config")
mtu=$(awk '$1=="ipv4mtu:" {print $2}' "$config")
[ "$mtu" ] && ip link set "$ifname" mtu "$mtu"
proto_add_ipv4_address "$ip" "$mask"
[ "$defaultroute" = 0 ] || proto_add_ipv4_route 0.0.0.0 0 "$gateway" "$ip_4" "$metric"
[ "$peerdns" = 0 ] || {
dns_servers=$(awk '$1=="ipv4dnsserver:" {printf "%s ",$2}' "$config")
for dns in $dns_servers; do
proto_add_dns_server "$dns"
done
}
}
[ -n "$ip_6" ] && {
echo "mbim[$$]" "Configure IPv6 on $ifname"
ip=${ip_6%%/*}
mask=${ip_6##*/}
gateway=$(awk '$1=="ipv6gateway:" {print $2}' "$config")
mtu=$(awk '$1=="ipv6mtu:" {print $2}' "$config")
[ "$mtu" ] && ip -6 link set "$ifname" mtu "$mtu"
proto_add_ipv6_address "$ip" "$mask"
proto_add_ipv6_prefix "$ip_6"
[ "$defaultroute" = 0 ] || proto_add_ipv6_route "::" 0 "$gateway" "$metric" "" "$ip_6"
[ "$peerdns" = 0 ] || {
dns_servers=$(awk '$1=="ipv6dnsserver:" {printf "%s ",$2}' "$config")
for dns in $dns_servers; do
proto_add_dns_server "$dns"
done
}
}
proto_send_update "$interface"
echo "mbim[$$]" "Connection setup complete"
}
proto_mbim_setup() {
local ret
_proto_mbim_setup "$@"
ret=$?
rm -f "/var/run/mbim.$$."*
[ "$ret" = 0 ] || {
logger "mbim bringup failed, retry in 15s"
sleep 15
}
return $ret
}
proto_mbim_teardown() {
local interface="$1"
local device tid
json_get_vars device tid
[ -n "$ctl_device" ] && device=$ctl_device
echo "mbim[$$]" "Stopping network"
[ -n "$tid" ] && umbim $DBG -t$tid -d "$device" disconnect
proto_init_update "*" 0
proto_send_update "$interface"
}
[ -n "$INCLUDE_ONLY" ] || add_protocol mbim

200
xtables-addons/Makefile Normal file
View file

@ -0,0 +1,200 @@
#
# Copyright (C) 2009-2013 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=xtables-addons
PKG_VERSION:=3.18
PKG_RELEASE:=4
PKG_HASH:=a77914a483ff381663f52120577e5e9355ca07cca73958b038e09d91247458d5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://inai.de/files/xtables-addons/
PKG_BUILD_DEPENDS:=iptables
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
PKG_LICENSE:=GPL-2.0
PKG_FIXUP:=autoreconf
PKG_ASLR_PIE:=0
include $(INCLUDE_DIR)/package.mk
define Package/xtables-addons
SECTION:=net
CATEGORY:=Network
SUBMENU:=Firewall
TITLE:=Extensions not distributed in the main Xtables
URL:=https://inai.de/projects/xtables-addons/
endef
# uses GNU configure
CONFIGURE_ARGS+= \
--with-kbuild="$(LINUX_DIR)" \
--with-xtlibdir="/usr/lib/iptables"
ifdef CONFIG_EXTERNAL_TOOLCHAIN
MAKE_FLAGS:= \
$(patsubst ARCH=%,ARCH=$(LINUX_KARCH),$(MAKE_FLAGS)) \
DEPMOD="/bin/true"
MAKE_INSTALL_FLAGS:= \
$(patsubst ARCH=%,ARCH=$(LINUX_KARCH),$(MAKE_FLAGS)) \
DEPMOD="/bin/true"
else
define Build/Compile
+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
$(KERNEL_MAKE_FLAGS) \
DESTDIR="$(PKG_INSTALL_DIR)" \
DEPMOD="/bin/true" \
all
endef
define Build/Install
$(MAKE) -C $(PKG_BUILD_DIR) \
$(KERNEL_MAKE_FLAGS) \
DESTDIR="$(PKG_INSTALL_DIR)" \
DEPMOD="/bin/true" \
install
endef
endif
# 1: extension/module suffix used in package name
# 2: extension/module display name used in package title/description
# 3: list of extensions to package
# 4: list of modules to package
# 5: module load priority
# 6: module depends
define BuildTemplate
ifneq ($(3),)
define Package/iptables-mod-$(1)
$$(call Package/xtables-addons)
CATEGORY:=Network
TITLE:=$(2) iptables extension
DEPENDS:=iptables $(if $(4),+kmod-ipt-$(1))
endef
define Package/iptables-mod-$(1)/install
$(INSTALL_DIR) $$(1)/usr/lib/iptables
for m in $(3); do \
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so \
$$(1)/usr/lib/iptables/ ; \
done
endef
$$(eval $$(call BuildPackage,iptables-mod-$(1)))
endif
ifneq ($(4),)
define KernelPackage/ipt-$(1)
SUBMENU:=Netfilter Extensions
TITLE:=$(2) netfilter module
DEPENDS:=+kmod-ipt-core $(5)
FILES:=$(foreach mod,$(4),$(PKG_BUILD_DIR)/extensions/$(mod).$(LINUX_KMOD_SUFFIX))
AUTOLOAD:=$(call AutoProbe,$(notdir $(4)))
endef
$$(eval $$(call KernelPackage,ipt-$(1)))
endif
endef
define Package/iptaccount
$(call Package/xtables-addons)
CATEGORY:=Network
TITLE:=iptables-mod-account control utility
DEPENDS:=iptables +iptables-mod-account
endef
define Package/iptaccount/install
$(INSTALL_DIR) $(1)/usr/lib
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/libxt_ACCOUNT_cl.so* \
$(1)/usr/lib/
$(CP) \
$(PKG_INSTALL_DIR)/usr/sbin/iptaccount \
$(1)/usr/sbin/
endef
define Package/iptgeoip
$(call Package/xtables-addons)
CATEGORY:=Network
TITLE:=iptables-mod-geoip support scripts for MaxMind GeoIP databases
DEPENDS:=iptables +iptables-mod-geoip \
+perl +perlbase-getopt +perlbase-io +perl-text-csv_xs \
+perl-net-cidr-lite \
+wget-ssl +!BUSYBOX_CONFIG_ZCAT:gzip
endef
define Package/iptgeoip/config
menu "Select iptgeoip options"
config IPTGEOIP_PRESERVE
bool "Preserve across sysupgrades"
default n
help
Backup and restore during sysupgrade (requires >7MB)
endmenu
endef
ifeq ($(CONFIG_IPTGEOIP_PRESERVE),y)
define Package/iptgeoip/conffiles
/usr/share/xt_geoip/
endef
endif
define Package/iptgeoip/install
$(INSTALL_DIR) $(1)/usr/lib/xtables-addons
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/xtables-addons/xt_geoip_{build,dl} \
$(1)/usr/lib/xtables-addons/
$(INSTALL_DIR) $(1)/usr/bin
$(CP) \
$(PKG_INSTALL_DIR)/usr/bin/xt_geoip_fetch \
$(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/share/xt_geoip
touch $(1)/usr/share/xt_geoip/.keep
endef
#$(eval $(call BuildTemplate,SUFFIX,DESCRIPTION,EXTENSION,MODULE,PRIORITY,DEPENDS))
$(eval $(call BuildTemplate,compat-xtables,API compatibilty layer,,compat_xtables,+IPV6:kmod-ip6tables))
$(eval $(call BuildTemplate,nathelper-rtsp,RTSP Conntrack and NAT,,rtsp/nf_conntrack_rtsp rtsp/nf_nat_rtsp,+kmod-ipt-conntrack-extra +kmod-ipt-nat))
$(eval $(call BuildTemplate,account,ACCOUNT,xt_ACCOUNT,ACCOUNT/xt_ACCOUNT,+kmod-ipt-compat-xtables))
$(eval $(call BuildTemplate,chaos,CHAOS,xt_CHAOS,xt_CHAOS,+kmod-ipt-compat-xtables +kmod-ipt-delude +kmod-ipt-tarpit))
$(eval $(call BuildTemplate,condition,Condition,xt_condition,xt_condition,))
$(eval $(call BuildTemplate,delude,DELUDE,xt_DELUDE,xt_DELUDE,+kmod-ipt-compat-xtables))
$(eval $(call BuildTemplate,dhcpmac,DHCPMAC,xt_DHCPMAC,xt_DHCPMAC,+kmod-ipt-compat-xtables))
$(eval $(call BuildTemplate,dnetmap,DNETMAP,xt_DNETMAP,xt_DNETMAP,+kmod-ipt-compat-xtables +kmod-ipt-nat))
$(eval $(call BuildTemplate,fuzzy,fuzzy,xt_fuzzy,xt_fuzzy,))
$(eval $(call BuildTemplate,geoip,geoip,xt_geoip,xt_geoip,))
$(eval $(call BuildTemplate,iface,iface,xt_iface,xt_iface,))
$(eval $(call BuildTemplate,ipmark,IPMARK,xt_IPMARK,xt_IPMARK,+kmod-ipt-compat-xtables))
$(eval $(call BuildTemplate,ipp2p,IPP2P,xt_ipp2p,xt_ipp2p,+kmod-ipt-compat-xtables))
$(eval $(call BuildTemplate,ipv4options,ipv4options,xt_ipv4options,xt_ipv4options,))
$(eval $(call BuildTemplate,length2,length2,xt_length2,xt_length2,+kmod-ipt-compat-xtables))
$(eval $(call BuildTemplate,logmark,LOGMARK,xt_LOGMARK,xt_LOGMARK,+kmod-ipt-compat-xtables))
$(eval $(call BuildTemplate,lscan,lscan,xt_lscan,xt_lscan,))
$(eval $(call BuildTemplate,lua,Lua PacketScript,xt_LUA,LUA/xt_LUA,+kmod-ipt-conntrack-extra))
$(eval $(call BuildTemplate,proto,PROTO,xt_PROTO,xt_PROTO,))
$(eval $(call BuildTemplate,psd,psd,xt_psd,xt_psd,))
$(eval $(call BuildTemplate,quota2,quota2,xt_quota2,xt_quota2,))
$(eval $(call BuildTemplate,sysrq,SYSRQ,xt_SYSRQ,xt_SYSRQ,+kmod-ipt-compat-xtables +kmod-crypto-hash))
$(eval $(call BuildTemplate,tarpit,TARPIT,xt_TARPIT,xt_TARPIT,+kmod-ipt-compat-xtables))
$(eval $(call BuildPackage,iptaccount))
$(eval $(call BuildPackage,iptgeoip))

11
xtables-addons/patches/001-fix-kernel-version-detection.patch Normal file
View file

@ -0,0 +1,11 @@
--- a/configure.ac
+++ b/configure.ac
@@ -44,7 +44,7 @@ regular_CFLAGS="-Wall -Waggregate-return
if test -n "$kbuilddir"; then
AC_MSG_CHECKING([kernel version that we will build against])
- krel="$(make -sC "$kbuilddir" M=$PWD kernelrelease | $AWK -v 'FS=[[^0-9.]]' '{print $1; exit}')"
+ krel="$(make -sC "$kbuilddir" M=$PWD kernelversion | $AWK -v 'FS=[[^0-9.]]' '{print $1; exit}')"
save_IFS="$IFS"
IFS='.'
set x $krel

1742
xtables-addons/patches/100-add-rtsp-conntrack.patch Normal file
View file

File diff suppressed because it is too large Load diff

18158
xtables-addons/patches/200-add-lua-packetscript.patch Normal file
View file

File diff suppressed because it is too large Load diff

136
xtables-addons/patches/201-fix-lua-packetscript.patch Normal file
View file

@ -0,0 +1,136 @@
--- a/extensions/LUA/xt_LUA_target.c
+++ b/extensions/LUA/xt_LUA_target.c
@@ -19,7 +19,7 @@
#include <linux/kernel.h>
#include <linux/slab.h>
#include <linux/module.h>
-#include <asm/uaccess.h>
+#include <linux/uaccess.h>
#include <net/ip.h>
#include <linux/netfilter/x_tables.h>
#include "xt_LUA.h"
@@ -64,10 +64,10 @@ uint32_t lua_state_refs[LUA_STATE_ARRAY
* XT_CONTINUE inside the *register_lua_packet_lib* function.
*/
-spinlock_t lock = SPIN_LOCK_UNLOCKED;
+DEFINE_SPINLOCK(lock);
static uint32_t
-lua_tg(struct sk_buff *pskb, const struct xt_target_param *par)
+lua_tg(struct sk_buff *pskb, const struct xt_action_param *par)
{
uint32_t verdict;
lua_packet_segment *p;
@@ -79,7 +79,7 @@ lua_tg(struct sk_buff *pskb, const struc
L = lua_envs[info->state_id]->L;
- if (!skb_make_writable(pskb, pskb->len))
+ if (skb_ensure_writable(pskb, pskb->len))
return NF_DROP;
/* call the function provided by --function parameter or the default 'process_packet' defined in Lua */
@@ -88,11 +88,11 @@ lua_tg(struct sk_buff *pskb, const struc
/* push the lua_packet_segment as a parameter */
p = (lua_packet_segment *)lua_newuserdata(L, sizeof(lua_packet_segment));
if (pskb->mac_header)
- p->start = pskb->mac_header;
+ p->start = skb_mac_header(pskb);
else if (pskb->network_header)
- p->start = pskb->network_header;
+ p->start = skb_network_header(pskb);
else if (pskb->transport_header)
- p->start = pskb->transport_header;
+ p->start = skb_transport_header(pskb);
p->offset = 0;
p->length = (unsigned long)pskb->tail - (unsigned long)p->start;
p->changes = NULL;
@@ -208,16 +208,16 @@ static bool load_script_into_state(uint3
* some workqueue initialization. So far this is done each time this function
* is called, subject to change.
*/
-static bool
+static int
lua_tg_checkentry(const struct xt_tgchk_param *par)
{
const struct xt_lua_tginfo *info = par->targinfo;
if (load_script_into_state(info->state_id, info->script_size, (char *)info->buf)) {
lua_state_refs[info->state_id]++;
- return true;
+ return 0;
}
- return false;
+ return -EINVAL;
}
/*::*
--- a/extensions/LUA/lua/llimits.h
+++ b/extensions/LUA/lua/llimits.h
@@ -8,7 +8,6 @@
#define llimits_h
#include <stddef.h>
-#include <limits.h>
#include "lua.h"
--- a/extensions/LUA/lua/lapi.c
+++ b/extensions/LUA/lua/lapi.c
@@ -4,9 +4,6 @@
** See Copyright Notice in lua.h
*/
-#include <stdarg.h>
-#include <math.h>
-#include <assert.h>
#include <string.h>
#define lapi_c
--- a/extensions/LUA/lua/ltable.c
+++ b/extensions/LUA/lua/ltable.c
@@ -18,7 +18,6 @@
** Hence even when the load factor reaches 100%, performance remains good.
*/
-#include <math.h>
#include <string.h>
#define ltable_c
--- a/extensions/LUA/lua/luaconf.h
+++ b/extensions/LUA/lua/luaconf.h
@@ -13,8 +13,12 @@
#if !defined(__KERNEL__)
#include <limits.h>
#else
+#include <linux/kernel.h>
+
+#undef UCHAR_MAX
+#undef BUFSIZ
+#undef NO_FPU
#define UCHAR_MAX 255
-#define SHRT_MAX 32767
#define BUFSIZ 8192
#define NO_FPU
#endif
@@ -637,6 +641,8 @@ union luai_Cast { double l_d; long l_l;
*/
#if defined(__KERNEL__)
#undef LUA_USE_ULONGJMP
+#define setjmp __builtin_setjmp
+#define longjmp __builtin_longjmp
#endif
#if defined(__cplusplus)
--- a/extensions/LUA/lua/llex.h
+++ b/extensions/LUA/lua/llex.h
@@ -10,6 +10,8 @@
#include "lobject.h"
#include "lzio.h"
+/* prevent conflict with definition from asm/current.h */
+#undef current
#define FIRST_RESERVED 257

11
xtables-addons/patches/210-freebsd-build-fix.patch Normal file
View file

@ -0,0 +1,11 @@
--- a/extensions/LUA/Makefile
+++ b/extensions/LUA/Makefile
@@ -110,7 +110,7 @@ PKG_CONFIG = /usr/bin/pkg-config
RANLIB = ranlib
SED = /bin/sed
SET_MAKE =
-SHELL = /bin/bash
+SHELL = /bin/sh
STRIP = strip
VERSION = 1.21
abs_builddir = /home/andre/Dropbox/xtables-addons/extensions/LUA