diff --git a/luci-app-omr-bypass/root/etc/init.d/omr-bypass b/luci-app-omr-bypass/root/etc/init.d/omr-bypass index 119e8f4e5..433151599 100755 --- a/luci-app-omr-bypass/root/etc/init.d/omr-bypass +++ b/luci-app-omr-bypass/root/etc/init.d/omr-bypass @@ -808,8 +808,7 @@ stop_service() { } service_triggers() { - PROCD_RELOAD_DELAY=1000 - procd_add_reload_trigger omr-bypass network + procd_add_reload_trigger omr-bypass network firewall } reload_service() { diff --git a/luci-app-omr-bypass/root/etc/uci-defaults/41_omr-bypass b/luci-app-omr-bypass/root/etc/uci-defaults/41_omr-bypass index 6a89ee79e..37bbf4ce3 100755 --- a/luci-app-omr-bypass/root/etc/uci-defaults/41_omr-bypass +++ b/luci-app-omr-bypass/root/etc/uci-defaults/41_omr-bypass @@ -60,7 +60,7 @@ if [ "$(uci -q get firewall.omr_bypass)" = "" ]; then uci -q batch <<-EOF >/dev/null set firewall.omr_bypass=include set firewall.omr_bypass.path=/etc/firewall.omr-bypass - set firewall.omr_bypass.reload=1 + set firewall.omr_bypass.reload=0 commit firewall EOF fi diff --git a/luci-app-omr-tracker/luasrc/model/cbi/omr-tracker.lua b/luci-app-omr-tracker/luasrc/model/cbi/omr-tracker.lua index 8717e1e82..9915e8516 100644 --- a/luci-app-omr-tracker/luasrc/model/cbi/omr-tracker.lua +++ b/luci-app-omr-tracker/luasrc/model/cbi/omr-tracker.lua @@ -120,6 +120,13 @@ o:value("httping","httping") o:value("dns","dns") o:value("none","none") +o = s:option(Flag, "server_http_test", translate("Server http test"), translate("Check if connection work with http by sending a request to server")) +o.optional = false +o.rmempty = false +o.default = true +o.disabled = 0 +o.enabled = 1 + o = s:option(Flag, "mail_alert", translate("Mail alert"), translate("Send a mail when connection state change")) o.optional = false o.rmempty = false @@ -181,6 +188,13 @@ o:value("httping","httping") o:value("dns","dns") o:value("none","none") +o = s:option(Flag, "server_http_test", translate("Server http test"), translate("Check if connection work with http by sending a request to server")) +o.optional = false +o.rmempty = false +o.default = true +o.disabled = 0 +o.enabled = 1 + o = s:option(Flag, "mail_alert", translate("Mail alert"), translate("Send a mail when connection status change. You need to configure e-mail settings here.")) o.optional = false o.rmempty = false diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm index 941890008..28ad25bd1 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm @@ -240,7 +240,17 @@ checked<% end %>>
- <%:Disable gateway ping status check%> + <%:Disable gateway ping check in status page%> +
+ + +
+ +
+ checked<% end %>> +
+
+ <%:Disable HTTP test on Server API in status page%>
diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm index fe5c85e4a..074a047db 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm @@ -452,6 +452,7 @@ local statuslogo = ucic:get("openmptcprouter","settings","statuslogo") or "openm var gw_ping = mArray.wans[i].gw_ping; var gw_ping6 = mArray.wans[i].gw_ping6; var server_ping = mArray.wans[i].server_ping; + var server_http = mArray.wans[i].server_http; var ipv6_discover = mArray.wans[i].ipv6_discover; var multipath_available = mArray.wans[i].multipath_available; var multipath_state = mArray.wans[i].multipath_state; @@ -563,6 +564,10 @@ local statuslogo = ucic:get("openmptcprouter","settings","statuslogo") or "openm { statusMessage += '<%:No Server ping response after 1 second%>' + '
'; } + if(server_http == 'DOWN' && mArray.openmptcprouter.service_addr !== "") + { + statusMessage += '<%:No Server http response after 1 second%>' + '
'; + } if (stat == 'Offline' && ipaddr != '' && ipaddr == mArray.wans[i].gateway) { statusMessage += '<%:Wan IP and gateway are identical%>' + '
'; diff --git a/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter b/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter index 4a9a7a21f..9ed558f76 100755 --- a/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter +++ b/luci-app-openmptcprouter/root/usr/libexec/rpcd/openmptcprouter @@ -836,6 +836,7 @@ function interfaces_status() mArray.openmptcprouter["vps_hostname"] = "Server" -- Get VPS info + local adminport = "" ucic:foreach("openmptcprouter", "server", function(s) local serverips = uci:get("openmptcprouter",s[".name"],"ip") or { "" } local master = uci:get("openmptcprouter",s[".name"],"master") or "1" @@ -849,7 +850,7 @@ function interfaces_status() if uci:get("openmptcprouter",s[".name"],"admin_error") == "1" then mArray.openmptcprouter["vps_admin_error"] = true end - local adminport = uci:get("openmptcprouter",s[".name"],"port") or "65500" + adminport = uci:get("openmptcprouter",s[".name"],"port") or "65500" local token = uci:get("openmptcprouter",s[".name"],"token") or "" if token ~= "" then local vpsinfo_json = "" @@ -1120,6 +1121,7 @@ function interfaces_status() local ipv6 = section["ipv6"] or "0" local mac = section ["macaddr"] or "" local itype = section ["type"] or "" + local state = section ["state"] or "" --if not ipaddr or not gateway then return end -- Don't show if0 in the overview @@ -1325,6 +1327,7 @@ function interfaces_status() local latency = "" local server_ping = "" + local server_http = "" --if connectivity ~= "ERROR" and ifname ~= "" and gateway ~= "" and gw_ping ~= "DOWN" and ifname ~= nil and mArray.openmptcprouter["service_addr"] ~= "" and ipaddr ~= "" then if ifname ~= "" and (gateway ~= "" or gateway6 ~= "") and gw_ping ~= "DOWN" and ifname ~= nil and mArray.openmptcprouter["service_addr"] ~= "" and (ipaddr ~= "" or ip6addr ~= "") and connectivity ~= "ERROR" then local serverip = mArray.openmptcprouter["service_addr"] @@ -1345,6 +1348,40 @@ function interfaces_status() latency = ut.trim(sys.exec("echo '" .. server_ping_test .. "' | cut -d '/' -s -f5 | cut -d '.' -f1")) end end + + if adminport == "" then + adminport = "65500" + end + if server_ping == "UP" and uci:get("openmptcprouter", "settings", "disableserverhttptest") ~= "1" and ipaddr ~= "" and adminport ~= "" then + local server_http_result = "" + local server_http_test = "" + if mArray.openmptcprouter["service_addr_ip"] ~= "" then + server_http_test = sys.exec("httping -l " .. mArray.openmptcprouter["service_addr_ip"] .. ":" .. adminport .. " -y " .. ipaddr .. " -t 1 -c 1") + server_http_result = ut.trim(sys.exec("echo '" .. server_http_test .. "' | grep '100.00% failed'")) + if server_http_result ~= "" then + server_http = "DOWN" + if connectivity == "OK" then + connectivity = "WARNING" + end + end + end + if mArray.openmptcprouter["service_addr_ip6"] ~= "" then + server_http_test = sys.exec("httping -l [" .. mArray.openmptcprouter["service_addr_ip6"] .. "]:" .. adminport .. " -y " .. ipaddr .. " -t 1 -c 1") + server_http_result = ut.trim(sys.exec("echo '" .. server_http_test .. "' | grep '100.00% failed'")) + if server_http_result ~= "" then + server_http = "DOWN" + if connectivity == "OK" then + connectivity = "WARNING" + end + end + end + if server_http_result ~= "" then + server_http = "DOWN" + if connectivity == "OK" then + connectivity = "WARNING" + end + end + end end local multipath_available = "" @@ -1443,6 +1480,11 @@ function interfaces_status() rx = ut.trim(sys.exec("devstatus " .. ifname .. " | jsonfilter -e '@.statistics.rx_bytes'")) tx = ut.trim(sys.exec("devstatus " .. ifname .. " | jsonfilter -e '@.statistics.tx_bytes'")) end + + if state == "down" then + connectivity = "ERROR" + end + local data = { label = section["label"] or interface, name = interface, @@ -1466,6 +1508,7 @@ function interfaces_status() gw_ping = gw_ping, gw_ping6 = gw_ping6, server_ping = server_ping, + server_http = server_http, ipv6_discover = ipv6_discover, multipath_available = multipath_available, multipath_state = current_multipath_state, @@ -1481,6 +1524,7 @@ function interfaces_status() tx = tx, zonewan = zonewan, iftype = itype, + state = state, } if ifname ~= nil and ifname:match("^tun.*") then table.insert(mArray.tunnels, data); diff --git a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking index 61ad14c4c..580991545 100755 --- a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking +++ b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking @@ -1340,4 +1340,20 @@ fi if [ "$(pgrep openmptcprouter-vps)" = "" ] && ([ "$(uci -q show openmptcprouter | grep get_config=\'1\')" != "" ] || [ "$(uci -q show openmptcprouter | grep admin_error=\'1\')" != "" ]); then /etc/init.d/openmptcprouter-vps restart >/dev/null 2>&1 sleep 5 +fi + +if [ "$(pgrep openmptcprouter-vps)" = "" ] && ([ "$(uci -q show openmptcprouter | grep set_firewall=\'1\')" != "" ] || [ -z "$(iptables-save | grep omr_dst_bypass_${OMR_TRACKER_DEVICE})" ]); then + /etc/init.d/openmptcprouter-vps set_vps_firewall >/dev/null 2>&1 + + run_fw_include() { + [ "$(uci -q get firewall.$1.reload)" = "0" ] && sh $(uci -q get firewall.$1.path) >/dev/null 2>&1 + } + config_load firewall + config_foreach run_fw_include include + + #/etc/init.d/shadowsocks-libev rules_up >/dev/null 2>&1 + #/etc/init.d/v2ray rules_up >/dev/null 2>&1 + #/etc/init.d/omr-bypass reload_rules >/dev/null 2>&1 + #sh /etc/firewall.gre-tunnel >/dev/null 2>&1 + sleep 5 fi \ No newline at end of file diff --git a/omr-6in4/files/etc/init.d/omr-6in4 b/omr-6in4/files/etc/init.d/omr-6in4 index 907be1c4c..757ee609c 100755 --- a/omr-6in4/files/etc/init.d/omr-6in4 +++ b/omr-6in4/files/etc/init.d/omr-6in4 @@ -126,7 +126,7 @@ start_service() { } service_triggers() { - procd_add_interface_trigger "omrvpn" + procd_add_reload_trigger "openmptcprouter" } reload_service() { diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker index 47e308993..f5d9ac653 100755 --- a/omr-tracker/files/bin/omr-tracker +++ b/omr-tracker/files/bin/omr-tracker @@ -174,11 +174,10 @@ _httping() { ret=$(httping "${host}" \ -y "${deviceip}" \ -t "$OMR_TRACKER_TIMEOUT" \ - -c 1 \ - -q + -c 1 2>&1 ) && echo "$ret" | grep -sq "1 ok" && { if [ "$localip" = "yes" ]; then - OMR_TRACKER_LATENCY=$(echo "$ret" | cut -d "/" -s -f5 | cut -d "." -f1) + OMR_TRACKER_LATENCY=$(echo "$ret" | cut -d "/" -s -f5 | cut -d "." -f1 | tr -d '\n') _update_rto "$OMR_TRACKER_LATENCY" fi return @@ -187,11 +186,10 @@ _httping() { ret=$(httping -l "${host}" \ -y "${deviceip}" \ -t "$OMR_TRACKER_TIMEOUT" \ - -c 1 \ - -q + -c 1 2>&1 ) && echo "$ret" | grep -sq "1 ok" && { if [ "$localip" = "yes" ]; then - OMR_TRACKER_LATENCY=$(echo "$ret" | cut -d "/" -s -f5 | cut -d "." -f1) + OMR_TRACKER_LATENCY=$(echo "$ret" | cut -d "/" -s -f5 | cut -d "." -f1 | tr -d '\n') _update_rto "$OMR_TRACKER_LATENCY" fi return @@ -370,12 +368,24 @@ while true; do else OMR_TRACKER_LIST_HOSTS="$OMR_TRACKER_LIST_HOSTS,$OMR_TRACKER_HOST" fi + OMR_TRACKER_STATUS_MSG="check error" fi else OMR_TRACKER_STATUS_MSG="" OMR_TRACKER_STATUS="OK" break fi + elif [ "$server_ping" != false ] && [ "$OMR_TRACKER_TYPE" != "httping" ] && [ "$OMR_TRACKER_SERVER_HTTP_TEST" = "1" ]; then + serverip_ping=false + config_load openmptcprouter + config_foreach _httping_server server $OMR_TRACKER_DEVICE_IP + if [ "$serverip_ping" = false ]; then + OMR_TRACKER_STATUS_MSG="No access to server API" + else + OMR_TRACKER_STATUS_MSG="" + OMR_TRACKER_STATUS="OK" + break + fi else OMR_TRACKER_STATUS_MSG="" OMR_TRACKER_STATUS="OK" @@ -454,16 +464,28 @@ while true; do break else if [ "$OMR_TRACKER_LIST_HOSTS6" = "" ]; then - OMR_TRACKER_LIST_HOSTS="$OMR_TRACKER_HOST6" + OMR_TRACKER_LIST_HOSTS6="$OMR_TRACKER_HOST6" else OMR_TRACKER_LIST_HOSTS6="$OMR_TRACKER_LIST_HOSTS6,$OMR_TRACKER_HOST6" fi + OMR_TRACKER_STATUS_MSG="check error" fi else OMR_TRACKER_STATUS_MSG="" OMR_TRACKER_STATUS="OK" break fi + elif [ "$server_ping" != false ] && [ "$OMR_TRACKER_TYPE" != "httping" ] && [ "$OMR_TRACKER_SERVER_HTTP_TEST" = "1" ]; then + serverip_ping=false + config_load openmptcprouter + config_foreach _httping_server server $OMR_TRACKER_DEVICE_IP + if [ "$serverip_ping" = false ]; then + OMR_TRACKER_STATUS_MSG="No access to server API" + else + OMR_TRACKER_STATUS_MSG="" + OMR_TRACKER_STATUS="OK" + break + fi else OMR_TRACKER_STATUS_MSG="" OMR_TRACKER_STATUS="OK" diff --git a/omr-tracker/files/bin/omr-tracker-server b/omr-tracker/files/bin/omr-tracker-server index 8c0e7c577..428a2d1a8 100755 --- a/omr-tracker/files/bin/omr-tracker-server +++ b/omr-tracker/files/bin/omr-tracker-server @@ -57,6 +57,7 @@ _check_master() { local name=$1 local count=0 local countips=0 + local changes="0" config_get master $1 master config_get ip $1 ip config_get port $1 port "65500" @@ -69,10 +70,10 @@ _check_master() { if [ "$server_ping" = true ]; then if [ "$(uci -q get shadowsocks-libev.sss${count}.server | tr -d '\n')" != "$ip" ]; then logger -t "OMR-Tracker-Server" "Master server ${name} up ($ip), set it back" + changes="1" #logger -t "OMR-Tracker-Server" "$(uci -q get shadowsocks-libev.sss${count}.server | tr -d '\n') - $ip" uci -q batch <<-EOF >/dev/null set shadowsocks-libev.sss${count}.server=$ip - commit shadowsocks-libev EOF if [ "$count" -eq "0" ]; then uci -q batch <<-EOF >/dev/null @@ -97,7 +98,6 @@ _check_master() { /etc/init.d/openvpn restart >/dev/null 2>/dev/null /etc/init.d/dsvpn restart >/dev/null 2>/dev/null fi - /etc/init.d/shadowsocks-libev restart >/dev/null 2>/dev/null fi config_load shadowsocks-libev config_foreach _enable_redir ss_redir @@ -109,6 +109,14 @@ _check_master() { countips=$((countips+1)) } config_list_foreach $1 ip set_ip + #if [ "$server_ping" = true ] && [ "$countips" = "1" ]; then + # uci -q batch <<-EOF >/dev/null + # set shadowsocks-libev.sss${count}.server=$ip + # EOF + # config_foreach _enable_redir ss_redir + #fi + uci -q commit shadowsocks-libev + [ "$changes" = "1" ] && /etc/init.d/shadowsocks-libev restart >/dev/null 2>/dev/null break } } @@ -117,6 +125,7 @@ _check_backup() { local name=$1 local count=0 local countips=0 + local changes="0" config_get backup $1 backup config_get ip $1 ip config_get port $1 port @@ -129,9 +138,9 @@ _check_backup() { if [ "$server_ping" = true ]; then if [ "$(uci -q get shadowsocks-libev.sss${count}.server | tr -d '\n')" != "$ip" ]; then logger -t "OMR-Tracker-Server" "Use backup server $1 ($ip)" + changes="1" uci -q batch <<-EOF >/dev/null set shadowsocks-libev.sss${count}.server=$ip - commit shadowsocks-libev EOF if [ "$count" -eq "0" ]; then uci -q batch <<-EOF >/dev/null @@ -156,7 +165,6 @@ _check_backup() { /etc/init.d/openvpn restart >/dev/null 2>/dev/null /etc/init.d/dsvpn restart >/dev/null 2>/dev/null fi - /etc/init.d/shadowsocks-libev restart >/dev/null 2>/dev/null sleep $waittest fi config_load shadowsocks-libev @@ -169,7 +177,14 @@ _check_backup() { countips=$((countips+1)) } config_list_foreach $1 ip set_ip + #if [ "$server_ping" = true ] && [ "$countips" = "1" ]; then + # uci -q batch <<-EOF >/dev/null + # set shadowsocks-libev.sss${count}.server=$ip + # EOF + # config_foreach _enable_redir ss_redir + #fi uci -q commit shadowsocks-libev + [ "$changes" = "1" ] && /etc/init.d/shadowsocks-libev restart >/dev/null 2>/dev/null [ "$server_ping" = true ] && break } } diff --git a/omr-tracker/files/etc/config/omr-tracker b/omr-tracker/files/etc/config/omr-tracker index 6f9d1c258..a88fb6a7c 100644 --- a/omr-tracker/files/etc/config/omr-tracker +++ b/omr-tracker/files/etc/config/omr-tracker @@ -23,6 +23,7 @@ config defaults 'defaults' option interval_tries '1' option type 'ping' option wait_test '0' + option server_http_test '1' option options '' config proxy 'proxy' diff --git a/omr-tracker/files/etc/init.d/omr-tracker b/omr-tracker/files/etc/init.d/omr-tracker index 31c306a73..fa113ec71 100755 --- a/omr-tracker/files/etc/init.d/omr-tracker +++ b/omr-tracker/files/etc/init.d/omr-tracker @@ -15,7 +15,7 @@ _validate_section() { local tmp_hosts=$hosts tmp_hosts6=$hosts6 tmp_timeout=$timeout tmp_tries=$tries - local tmp_interval=$interval tmp_interval_tries=$interval_tries tmp_options=$options tmp_type=$type tmp_enabled=$enabled tmp_wait_test=$wait_test + local tmp_interval=$interval tmp_interval_tries=$interval_tries tmp_options=$options tmp_type=$type tmp_enabled=$enabled tmp_wait_test=$wait_test tmp_server_http_test=$server_http_test uci_validate_section omr-tracker "$1" "$2" \ 'hosts:list(host)' \ @@ -27,6 +27,7 @@ _validate_section() { 'wait_test:uinteger' \ 'type:string:undef' \ 'enabled:bool:1' \ + 'server_http_test:bool:1' \ 'options:string' [ -z "$hosts" ] && hosts=$tmp_hosts @@ -38,6 +39,7 @@ _validate_section() { [ -z "$wait_test" ] && wait_test=$tmp_wait_test [ -z "$options" ] && options=$tmp_options [ "$type" = "undef" ] && type=${tmp_type:-ping} + [ -z "$server_http_test" ] && server_http_test=$tmp_server_http_test [ -z "$enabled" ] && enabled=$tmp_enabled } @@ -46,7 +48,7 @@ _launch_tracker() { loopback|lan*|if0*) return;; esac - local hosts hosts6 timeout tries interval interval_tries options type enabled wait_test ipv6 proto + local hosts hosts6 timeout tries interval interval_tries options type enabled wait_test ipv6 proto server_http_test _validate_section "defaults" "defaults" _validate_section "interface" "$1" @@ -84,6 +86,7 @@ _launch_tracker() { procd_append_param env "OMR_TRACKER_IPV6=$ipv6" procd_append_param env "OMR_TRACKER_PROTO=$proto" procd_append_param env "OMR_TRACKER_WAIT_TEST=$wait_test" + procd_append_param env "OMR_TRACKER_SERVER_HTTP_TEST=$server_http_test" procd_set_param limits nofile="51200 51200" procd_set_param respawn 0 10 0 procd_set_param stderr 1 @@ -268,7 +271,7 @@ start_service() { } service_triggers() { - procd_add_reload_trigger omr-tracker network shadowsocks-libev + procd_add_reload_trigger omr-tracker network shadowsocks-libev v2ray } reload_service() { diff --git a/omr-tracker/files/etc/uci-defaults/omr-tracker b/omr-tracker/files/etc/uci-defaults/omr-tracker index 3380a6bcd..13e4fe990 100755 --- a/omr-tracker/files/etc/uci-defaults/omr-tracker +++ b/omr-tracker/files/etc/uci-defaults/omr-tracker @@ -65,6 +65,13 @@ if [ "$(uci -q get omr-tracker.proxy.hosts | grep '176.103.130.130')" != "" ]; t EOF fi +if [ "$(uci -q get omr-tracker.proxy.hosts | grep '198.41.212.162')" = "" ]; then + uci -q batch <<-EOF >/dev/null + add_list omr-tracker.proxy.hosts='198.41.212.162' + commit omr-tracker + EOF +fi + if [ -z "$(uci -q get omr-tracker.defaults.hosts6)" ]; then uci -q batch <<-EOF >/dev/null add_list omr-tracker.defaults.hosts6='2606:4700:4700::1111' @@ -86,4 +93,11 @@ if [ "$(uci -q get omr-tracker.defaults.wait_test)" = "" ]; then EOF fi +if [ "$(uci -q get omr-tracker.defaults.server_http_test)" = "" ]; then + uci -q batch <<-EOF >/dev/null + set omr-tracker.defaults.server_http_test=1 + commit omr-tracker + EOF +fi + exit 0 \ No newline at end of file diff --git a/openmptcprouter/files/etc/firewall.omr-server b/openmptcprouter/files/etc/firewall.omr-server index 0af88d7ff..4f5a33809 100644 --- a/openmptcprouter/files/etc/firewall.omr-server +++ b/openmptcprouter/files/etc/firewall.omr-server @@ -1,2 +1,15 @@ #!/bin/sh -/etc/init.d/openmptcprouter-vps set_vps_firewall + +. /lib/functions.sh + +_enable_firewall_check() { + server=$1 + uci -q batch <<-EOF + set openmptcprouter.${server}.set_firewall=1 + EOF +} + +config_load openmptcprouter +config_foreach _enable_firewall_check server +uci -q commit firewall +#/etc/init.d/openmptcprouter-vps set_vps_firewall & diff --git a/openmptcprouter/files/etc/init.d/mptcpovervpn b/openmptcprouter/files/etc/init.d/mptcpovervpn index d08fca7e5..9ada8c50e 100755 --- a/openmptcprouter/files/etc/init.d/mptcpovervpn +++ b/openmptcprouter/files/etc/init.d/mptcpovervpn @@ -274,5 +274,5 @@ start_service() } service_triggers() { - procd_add_reload_trigger "mptcpovervpn" "network" + procd_add_reload_trigger "openmptcprouter" "network" } \ No newline at end of file diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index 51cfe728c..57ada41aa 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -543,7 +543,6 @@ _get_gre_tunnel() { set network.oip${i}.ipaddr="$peeraddr" set network.oip${i}.netmask="255.255.255.252" set network.oip${i}.lookup="667${i}" - commit network EOF allintf=$(uci -q get firewall.zone_vpn.network) uci -q del firewall.zone_vpn.network @@ -553,7 +552,6 @@ _get_gre_tunnel() { uci -q batch <<-EOF >/dev/null add_list firewall.zone_vpn.network="oip${i}gre" add_list firewall.zone_vpn.network="oip${i}" - commit firewall EOF ssport="$(echo $tunnel | jsonfilter -q -e '@.shadowsocks_port')" uci -q batch <<-EOF >/dev/null @@ -584,11 +582,15 @@ _get_gre_tunnel() { set shadowsocks-libev.oip${i}_rule.dst_default='bypass' set shadowsocks-libev.oip${i}_rule.local_default='bypass' set shadowsocks-libev.oip${i}_rule.redir_tcp="oip${i}" - commit shadowsocks-libev EOF fi i=$((i+1)) done + uci -q batch <<-EOF >/dev/null + commit network + commit firewall + commit shadowsocks-libev + EOF fi } @@ -866,6 +868,7 @@ _vps_firewall_redirect_port() { config_get dest_port $1 dest_port config_get src_ip $1 src_ip config_get v2ray $1 v2ray "0" + config_get v2ray $1 name config_get dmz $1 dmz "0" if [ -z "$src_dport" ] && [ -n "$dest_port" ]; then src_dport=$dest_port @@ -887,7 +890,7 @@ _vps_firewall_redirect_port() { [ "$(uci -q get v2ray.main.enabled)" = "0" ] && v2ray="0" [ "$proto" = "all" ] && proto="tcp udp" [ "$proto" = "" ] && proto="tcp udp" - [ "$src" = "vpn" ] && [ -n "$proto" ] && [ -n "$src_dport" ] && [ "$enabled" != "0" ] && { + [ "$src" = "vpn" ] && [ -n "$proto" ] && [ -n "$src_dport" ] && [ "$enabled" != "0" ] && [ "$name" != "Allow-DHCP-Request-VPN" ] && { for protoi in $proto; do if [ "$v2ray" = "0" ]; then checkfw="" @@ -1078,6 +1081,10 @@ _set_vps_firewall() { logger -t "OMR-VPS" "Remove old firewall rules" _vps_firewall_close_port } + uci -q batch <<-EOF >/dev/null + set openmptcprouter.${fwservername}.set_firewall=0 + commit openmptcprouter + EOF } set_vps_firewall() { @@ -1840,6 +1847,7 @@ start_service() { } service_triggers() { - procd_add_reload_trigger openmptcprouter shadowsocks-libev glorytun glorytun-udp mlvpn openvpn network upnpd dsvpn v2ray firewall + procd_add_reload_trigger openmptcprouter network shadowsocks-libev v2ray glorytun glorytun-udp mlspn openvpn dsvpn + procd_add_config_trigger "config.change" "firewall" /etc/init.d/openmptcprouter-vps set_vps_firewall #procd_add_reload_trigger openmptcprouter shadowsocks-libev network upnpd } \ No newline at end of file diff --git a/openmptcprouter/files/etc/init.d/openvpnbonding b/openmptcprouter/files/etc/init.d/openvpnbonding index 87dfdf483..adad30b5b 100755 --- a/openmptcprouter/files/etc/init.d/openvpnbonding +++ b/openmptcprouter/files/etc/init.d/openvpnbonding @@ -99,5 +99,5 @@ start_service() } service_triggers() { - procd_add_reload_trigger "openvpn" "network" + procd_add_reload_trigger "openvpn" "network" "openmptcprouter" } \ No newline at end of file diff --git a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall index a4483f94e..519636647 100755 --- a/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall +++ b/openmptcprouter/files/etc/uci-defaults/1980-omr-firewall @@ -133,7 +133,7 @@ if [ "$(uci -q get firewall.gre_tunnel)" = "" ]; then uci -q batch <<-EOF >/dev/null set firewall.gre_tunnel=include set firewall.gre_tunnel.path=/etc/firewall.gre-tunnel - set firewall.gre_tunnel.reload=1 + set firewall.gre_tunnel.reload=0 commit firewall EOF fi diff --git a/v2ray-core/files/etc/uci-defaults/3010-omr-v2ray b/v2ray-core/files/etc/uci-defaults/3010-omr-v2ray index f0a22aff0..3676a2512 100644 --- a/v2ray-core/files/etc/uci-defaults/3010-omr-v2ray +++ b/v2ray-core/files/etc/uci-defaults/3010-omr-v2ray @@ -94,7 +94,7 @@ if [ "$(uci -q get firewall.v2ray)" = "" ]; then uci -q batch <<-EOF >/dev/null set firewall.v2ray=include set firewall.v2ray.path=/etc/firewall.v2ray-rules - set firewall.v2ray.reload=1 + set firewall.v2ray.reload=0 commit firewall EOF fi