New interface for Glorytun TCP VPN

luci-app-glorytun-tcp/Makefile

@@ -0,0 +1,16 @@
+#
+# Copyright (C) 2018-2020 Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
+#
+#
+
+include $(TOPDIR)/rules.mk
+
+LUCI_TITLE:=LuCI Interface to Glorytun TCP
+LUCI_DEPENDS:=+glorytun
+
+PKG_LICENSE:=GPLv3
+
+#include ../luci/luci.mk
+include $(TOPDIR)/feeds/luci/luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature

luci-app-glorytun-tcp/htdocs/luci-static/resources/view/services/glorytun-tcp.js

@@ -0,0 +1,87 @@
+'use strict';
+'require rpc';
+'require form';
+'require fs';
+'require uci';
+'require tools.widgets as widgets';
+
+var callHostHints;
+
+return L.view.extend({
+	callHostHints: rpc.declare({
+		object: 'luci-rpc',
+		method: 'getHostHints',
+		expect: { '': {} }
+	}),
+
+	load: function() {
+		return  this.callHostHints();
+	},
+
+	render: function(hosts) {
+		var m, s, o;
+
+		m = new form.Map('glorytun', _('Glorytun TCP'));
+
+		s = m.section(form.GridSection, 'glorytun', _('Instances'));
+		s.addremove = true;
+		s.anonymous = true;
+		s.nodescriptions = true;
+
+		s.tab('general', _('General Settings'));
+		s.tab('advanced', _('Advanced Settings'));
+
+		o = s.taboption('general', form.Flag, 'enable', _('Enabled'));
+		o.default = o.enabled;
+
+		o = s.taboption('general', form.ListValue, 'mode', _('Mode'));
+		o.value('',_('Client'));
+		o.value('listener',_('Server'));
+		o.modalonly = true;
+
+		o = s.taboption('general', form.Value, 'host', _('Host'));
+		o.rmempty = false;
+
+		o = s.taboption('general', form.Value, 'port', _('Port'));
+		o.rmempty = false;
+
+		o = s.taboption('general', form.Value, 'key', _('Key'));
+		o.rmempty = false;
+		o.modalonly = true;
+
+		o = s.taboption('general', form.Value, 'dev', _('Interface name'));
+		o.rmempty = false;
+		o.modalonly = true;
+
+		o = s.taboption('general', form.Value, 'localip', _('Local IP'));
+		o.datatype = 'or(ip4addr,ip6addr)';
+		o.rmempty = false;
+
+		o = s.taboption('general', form.Value, 'remoteip', _('Remote IP'));
+		o.datatype = 'or(ip4addr,ip6addr)';
+		o.rmempty = false;
+
+		o = s.taboption('advanced', form.Flag, 'mptcp', _('MPTCP'));
+		o.default = o.enabled;
+		o.modalonly = true;
+
+		o = s.taboption('advanced', form.Flag, 'chacha20', _('chacha'), _('Force fallback cipher'));
+		o.default = o.enabled;
+		o.modalonly = true;
+
+		o = s.taboption('advanced', form.Value, 'timeout', _('Timeout'));
+		o.default = '10000';
+		o.rmempty = false;
+		o.modalonly = true;
+
+		o = s.taboption('advanced', form.Flag, 'multiqueue', _('Multiqueue'));
+		o.default = o.enabled;
+		o.rmempty = false;
+		o.modalonly = true;
+
+		o = s.taboption('general',form.Value, 'label', _('Label'));
+		o.rmempty = true;
+
+		return m.render();
+	}
+});

luci-app-glorytun-tcp/root/etc/hotplug.d/iface/30-glorytun

@@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# Load the glorytun config
+#
+# Author: Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
+# Released under GPL 3 or later
+
+[ "$ACTION" = ifup -o "$ACTION" = ifupdate ] || exit 0
+
+. /lib/functions.sh
+. /lib/functions/network.sh
+
+set_default() {
+    local localip
+    local remoteip
+    local config="$1"
+    local iface
+    config_get enable "$config" enable
+    config_get iface "$config" dev
+    [ "$iface" = "$DEVICE" ] && [ "$enable" = "1" ] && {
+	config_get localip "$config" localip
+	config_get remoteip "$config" remoteip
+	[ "$remoteip" != "" ] && [ "$localip" != "" ] &&  ifconfig $DEVICE $localip pointopoint $remoteip up
+    }
+}
+
+config_load glorytun
+config_foreach set_default glorytun

luci-app-glorytun-tcp/root/etc/uci-defaults/1200-luci-glorytun

@@ -0,0 +1,55 @@
+#!/bin/sh
+
+uci -q batch <<-EOF >/dev/null
+	delete ucitrack.@glorytun[-1]
+	add ucitrack glorytun
+	set ucitrack.@glorytun[-1].init=glorytun
+	set ucitrack.@glorytun[-1].affects=glorytun-udp
+	delete ucitrack.@glorytun-udp[-1]
+	add ucitrack glorytun-udp
+	set ucitrack.@glorytun-udp[-1].init=glorytun-udp
+	commit ucitrack
+EOF
+
+if [ "$(uci -q get network.glorytun)" = "" ] && [ "$(uci -q get network.omrvpn)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		delete network.glorytun
+		set network.glorytun=interface
+		set network.glorytun.ifname=tun0
+		set network.glorytun.proto=dhcp
+		set network.glorytun.ip4table=vpn
+		set network.glorytun.multipath=off
+		set network.glorytun.leasetime=12h
+		commit network
+	EOF
+#	set network.glorytun.proto=static
+#	set network.glorytun.ipaddr=10.0.0.2
+#	set network.glorytun.netmask=255.255.255.0
+#	set network.glorytun.gateway=10.0.0.1
+fi
+
+if [ "$(uci -q show firewall | grep glorytun)" = "" ] && [ "$(uci -q get network.omrvpn)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		set firewall.zone_vpn=zone
+		set firewall.zone_vpn.name=vpn
+		set firewall.zone_vpn.network=glorytun
+		set firewall.zone_vpn.masq=1
+		set firewall.zone_vpn.input=REJECT
+		set firewall.zone_vpn.forward=ACCEPT
+		set firewall.zone_vpn.output=ACCEPT
+		commit firewall
+	EOF
+fi
+if [ "$(uci -q show firewall | grep Allow-All-LAN-to-VPN)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		add firewall rule
+		set firewall.@rule[-1].enabled='1'
+		set firewall.@rule[-1].target='ACCEPT'
+		set firewall.@rule[-1].name='Allow-All-LAN-to-VPN'
+		set firewall.@rule[-1].dest='vpn'
+		set firewall.@rule[-1].src='lan'
+		commit firewall
+	EOF
+fi
+rm -f /tmp/luci-indexcache
+exit 0

luci-app-glorytun-tcp/root/usr/share/luci/menu.d/luci-app-glorytun-tcp.json

@@ -0,0 +1,13 @@
+{
+	"admin/vpn/glorytun-tcp": {
+		"title": "Glorytun TCP",
+		"order": 60,
+		"action": {
+			"type": "view",
+			"path": "services/glorytun-tcp"
+		},
+		"depends": {
+			"acl": [ "luci-app-glorytun-tcp" ]
+		}
+	}
+}

luci-app-glorytun-tcp/root/usr/share/rpcd/acl.d/luci-app-glorytun-tcp.json

@@ -0,0 +1,11 @@
+{
+    "luci-app-glorytun-tcp": {
+	"description": "Grant access to glorytun TCP",
+	"read": {
+	    "uci": [ "glorytun" ]
+	},
+	"write": {
+	    "uci": [ "glorytun" ]
+	}
+    }
+}