From 8f32c218aa16f1cde6f92147c8d922f68dcb3523 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 5 Mar 2024 20:15:57 +0100 Subject: [PATCH 1/2] Force lower metric for multipath --- mptcp/files/etc/init.d/mptcp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mptcp/files/etc/init.d/mptcp b/mptcp/files/etc/init.d/mptcp index 87e7bbe6a..2a0e25059 100755 --- a/mptcp/files/etc/init.d/mptcp +++ b/mptcp/files/etc/init.d/mptcp @@ -125,7 +125,7 @@ interface_multipath_settings() { else metric="$(uci -q get openmptcprouter.${config}.metric)" fi - [ "$metric" -gt 9900 ] && metric=$((metric-9000)) + [ "$metric" -gt 1000 ] && metric=$((metric-1000)) if [ "${config}" = "lan" ] || [ "$(uci -q get network.${config}.ip4table)" = "lan" ]; then metric="9999" fi From 201d976ecb606940dc95a7c4a1ffa280a15568f1 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 5 Mar 2024 20:16:27 +0100 Subject: [PATCH 2/2] Some fixes for OMR-ByPass --- omr-bypass/files/etc/init.d/omr-bypass-nft | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/omr-bypass/files/etc/init.d/omr-bypass-nft b/omr-bypass/files/etc/init.d/omr-bypass-nft index 77c94eddc..63afb7b6e 100755 --- a/omr-bypass/files/etc/init.d/omr-bypass-nft +++ b/omr-bypass/files/etc/init.d/omr-bypass-nft @@ -166,6 +166,7 @@ _bypass_mac() { [ -z "$mac" ] && return uci -q batch <<-EOF add_list firewall.omr_dst_bypass_$intf_mac.src_mac="$mac" + set firewall.omr_dst_bypass_$intf_mac.enabled='1' EOF } @@ -250,14 +251,14 @@ _bypass_src_port() { [ -z "$proto" ] && return if [ "$proto" = "tcp" ] || [ "$proto" = "tcp udp" ]; then uci -q batch <<-EOF - add_list firewall.omr_dst_bypass_${intf}_dstport_tcp.src_port="$sport" - set firewall.omr_dst_bypass_${intf}_dstport_tcp.enabled='1' + add_list firewall.omr_dst_bypass_${intf}_srcport_tcp.src_port="$sport" + set firewall.omr_dst_bypass_${intf}_srcport_tcp.enabled='1' EOF fi if [ "$proto" = "udp" ] || [ "$proto" = "tcp udp" ]; then uci -q batch <<-EOF - add_list firewall.omr_dst_bypass_${intf}_dstport_udp.src_port="$sport" - set firewall.omr_dst_bypass_${intf}_dstport_udp.enabled='1' + add_list firewall.omr_dst_bypass_${intf}_srcport_udp.src_port="$sport" + set firewall.omr_dst_bypass_${intf}_srcport_udp.enabled='1' EOF fi } @@ -501,8 +502,8 @@ _bypass_proto_without_ndpi() { _intf_rule_ss_rules() { cat >> /etc/firewall.omr-bypass <<-EOF - nft insert rule inet fw4 ss_rules_pre_tcp ip daddr @omr_dst_bypass_${intf}_4 meta mark set 0x00004539 accept - nft insert rule inet fw4 ss_rules_local_out ip daddr @omr_dst_bypass_${intf}_4 meta mark set 0x00004539 accept + nft insert rule inet fw4 ss_rules_pre_tcp ip daddr @omr_dst_bypass_${intf}_4 accept + nft insert rule inet fw4 ss_rules_local_out ip daddr @omr_dst_bypass_${intf}_4 accept EOF if [ "$disableipv6" = "0" ]; then cat >> /etc/firewall.omr-bypass <<-EOF @@ -639,7 +640,6 @@ _intf_rule() { set firewall.omr_dst_bypass_${intf}_dstport_udp_${ipv46}.target='MARK' set firewall.omr_dst_bypass_${intf}_dstport_udp_${ipv46}.enabled='0' set firewall.omr_dst_bypass_${intf}_dstport_udp_${ipv46}.set_xmark="0x${ipv46}539${count}" - commit firewall EOF done if [ "$intf" = "all" ]; then @@ -654,7 +654,6 @@ _intf_rule() { set network.${intf}_fw_rule6.priority=1 set network.${intf}_fw_rule6.mark=0x6539 set network.${intf}_fw_rule6.lookup=6991337 - commit network EOF else uci -q batch <<-EOF >/dev/null @@ -668,14 +667,12 @@ _intf_rule() { set network.${intf}_fw_rule6.priority=1 set network.${intf}_fw_rule6.mark=0x6539${count} set network.${intf}_fw_rule6.lookup=${count} - commit network EOF fi uci batch <<-EOF set dhcp.omr_dst_bypass_$intf=ipset add_list dhcp.omr_dst_bypass_$intf.name="omr_dst_bypass_${intf}_4" add_list dhcp.omr_dst_bypass_$intf.name="omr_dst_bypass_${intf}_6" - commit dhcp EOF if [ "$(uci -q get openmptcprouter.settings.proxy)" = "shadowsocks" ]; then @@ -889,6 +886,10 @@ start_service() { config_load omr-bypass [ -d /proc/net/xt_ndpi/proto ] && config_foreach _bypass_proto dpis config_foreach _bypass_proto_without_ndpi dpis + [ -n "$(uci change network)" ] && { + uci -q commit network + /etc/init.d/network reload + } uci -q commit omr-bypass uci -q commit dhcp uci -q commit firewall