From 833e0814eb2d6f28d7702dbfe29765fee7e89ffe Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 30 Dec 2022 12:59:30 +0100 Subject: [PATCH 1/3] Force dnsmasq to have ipset support --- openmptcprouter-full/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index 6a2d6dbcc..d0566a2b2 100644 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -21,7 +21,7 @@ MY_DEPENDS := \ mc \ f2fs-tools \ openmptcprouter \ - dnsmasq-full \ + dnsmasq-full dnsmasq_full_ipset \ uhttpd \ uhttpd-mod-ubus \ curl \ From af843b8156bef14f49365c24b2b422b941c1d2c0 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 30 Dec 2022 12:59:43 +0100 Subject: [PATCH 2/3] Fix multipath script --- mptcp/files/usr/bin/multipath | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/mptcp/files/usr/bin/multipath b/mptcp/files/usr/bin/multipath index a7953878c..3609eaf51 100755 --- a/mptcp/files/usr/bin/multipath +++ b/mptcp/files/usr/bin/multipath @@ -131,31 +131,47 @@ if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then printf "0x%02x" $(($(($IFF^$(($IFF&$IFF_MASK))))|$FLAG)) > $FLAG_PATH else - ID=$(ip mptcp endpoint show | grep "dev $DEVICE" | awk '{print $3}') - IFF=$(ip mptcp endpoint show | grep "dev $DEVICE" | awk '{print $4}') + ID=$(ip mptcp endpoint show | grep -m 1 "dev $DEVICE" | awk '{print $3}') + IFF=$(ip mptcp endpoint show | grep -m 1 "dev $DEVICE" | awk '{print $4}') IP=$(ip a show $DEVICE | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p') [ -z "$ID" ] && [ -n "$IP" ] && ID=$(ip mptcp endpoint show | grep "$IP" | awk '{print $3}') RMID=$(ip mptcp endpoint show | grep '::ffff' | awk '{ print $3 }') [ -n "$RMID" ] && ip mptcp endpoint delete id $RMID 2>&1 >/dev/null case $TYPE in "off") - [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null + [ -n "$ID" ] && { + for i in $ID; do + ip mptcp endpoint delete id $i 2>&1 >/dev/null + done + } exit 0;; "on") - [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null + [ -n "$ID" ] && { + for i in $ID; do + ip mptcp endpoint delete id $i 2>&1 >/dev/null + done + } for i in $IP; do ip mptcp endpoint add $i dev $DEVICE subflow fullmesh done exit 0;; "signal") - [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null + [ -n "$ID" ] && { + for i in $ID; do + ip mptcp endpoint delete id $i 2>&1 >/dev/null + done + } for i in $IP; do #ip mptcp endpoint add $i dev $DEVICE signal subflow fullmesh ip mptcp endpoint add $i dev $DEVICE signal done exit 0;; "backup") - [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null + [ -n "$ID" ] && { + for i in $ID; do + ip mptcp endpoint delete id $i 2>&1 >/dev/null + done + } for i in $IP; do ip mptcp endpoint add $i dev $DEVICE backup fullmesh done From f814139c3d7ed5861958904f8cf5965e06deaf82 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 30 Dec 2022 20:14:56 +0100 Subject: [PATCH 3/3] Changes for kernel 6.1 support --- luci-app-firewall/Makefile | 2 +- mptcpd/Makefile | 2 +- openmptcprouter-full/Makefile | 2 +- openmptcprouter/files/etc/firewall.gre-tunnel | 4 ++-- openmptcprouter/files/etc/uci-defaults/1980-omr-firewall | 7 +++++-- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/luci-app-firewall/Makefile b/luci-app-firewall/Makefile index e6e891e2d..b255cd140 100644 --- a/luci-app-firewall/Makefile +++ b/luci-app-firewall/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=Firewall and Portforwarding application -LUCI_DEPENDS:=+@LINUX_5_4:firewall +@LINUX_5_15:uci-firewall +LUCI_DEPENDS:=+@LINUX_5_4:firewall +@(LINUX_5_15||LINUX_6_1):uci-firewall PKG_LICENSE:=Apache-2.0 PKG_VERSION:=omr-202103 diff --git a/mptcpd/Makefile b/mptcpd/Makefile index cb6f95f6d..1b67f08fd 100644 --- a/mptcpd/Makefile +++ b/mptcpd/Makefile @@ -25,7 +25,7 @@ include $(INCLUDE_DIR)/package.mk define Package/$(PKG_NAME) SECTION:=net CATEGORY:=Network -DEPENDS:=+libell @LINUX_5_15 +DEPENDS:=+libell @(LINUX_5_15||LINUX_6_1) TITLE:=mptcpd URL:=https://github.com/intel/mptcpd endef diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index d0566a2b2..999651843 100644 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -82,7 +82,7 @@ MY_DEPENDS := \ luci-app-acl block-mount blockd fstools luci-app-shutdown libwebp luci-proto-gre tcptraceroute luci-proto-mbim kmod-rtl8xxxu kmod-ath9k-htc luci-app-ttyd luci-mod-dashboard (TARGET_x86||TARGET_x86_64):rtl8192eu-firmware kmod-usb2 libustream-openssl (TARGET_x86||TARGET_x86_64):kmod-ixgbevf (TARGET_x86||TARGET_x86_64):kmod-igbvf \ hwinfo (TARGET_x86||TARGET_x86_64):dmidecode luci-app-packet-capture kmod-bonding luci-proto-bonding luci-app-sysupgrade \ luci-theme-openwrt-2020 luci-proto-wireguard luci-app-wireguard kmod-crypto-lib-blake2s (TARGET_x86||TARGET_x86_64):kmod-r8125 TARGET_x86_64:kmod-atlantic \ - LINUX_5_15:mptcpd (TARGET_x86||TARGET_x86_64):kmod-igc kmod-mmc-spi kmod-macsec usbutils + (LINUX_5_15||LINUX_6_1):mptcpd (TARGET_x86||TARGET_x86_64):kmod-igc kmod-mmc-spi kmod-macsec usbutils # !TARGET_mvebu:kmod-usb-net-smsc75xx # libnetfilter-conntrack ebtables ebtables-utils ip-full nstat \ diff --git a/openmptcprouter/files/etc/firewall.gre-tunnel b/openmptcprouter/files/etc/firewall.gre-tunnel index 4cef768f1..59d161781 100644 --- a/openmptcprouter/files/etc/firewall.gre-tunnel +++ b/openmptcprouter/files/etc/firewall.gre-tunnel @@ -39,7 +39,7 @@ _setup_fw() { [ -n "$ifnames" ] && rule="$rule -i $(echo "${ifnames}" | sed 's/ /-i /g')" if [ -n "$rule" ] && [ -n "$lookup" ]; then $IPTABLESAVE --counters | grep -v "0x${lookup}" | $IPTABLERESTORE -w --counters - $IPTABLERESTORE --wait=60 --noflush <<-EOF + $IPTABLERESTORE --noflush <<-EOF *mangle -A omr-gre-tunnel ${rule} -j MARK --set-mark 0x${lookup} COMMIT @@ -48,7 +48,7 @@ _setup_fw() { } if [ -z "$($IPTABLESAVE | grep omr-gre-tunnel)" ]; then - $IPTABLERESTORE --wait=60 --noflush <<-EOF + $IPTABLERESTORE --noflush <<-EOF *mangle :omr-gre-tunnel - -I PREROUTING 1 -m addrtype ! --dst-type LOCAL -j omr-gre-tunnel diff --git a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall index afde68d82..c1a13dfeb 100755 --- a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall +++ b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall @@ -236,9 +236,12 @@ for intf in $allintf; do uci -q add_list firewall.zone_vpn.network="${intf}" done + +#uci -q batch <<-EOF >/dev/null +# set firewall.zone_lan.mtu_fix='1' +# set firewall.zone_vpn.mtu_fix='1' +#EOF uci -q batch <<-EOF >/dev/null - set firewall.zone_lan.mtu_fix='1' - set firewall.zone_vpn.mtu_fix='1' set firewall.@include[0].reload='1' commit firewall EOF