diff --git a/libmbim/Makefile b/libmbim/Makefile deleted file mode 100644 index 505ae7bc6..000000000 --- a/libmbim/Makefile +++ /dev/null @@ -1,95 +0,0 @@ -# -# Copyright (C) 2016 Velocloud Inc. -# Copyright (C) 2016 Aleksander Morgado -# -# This is free software, licensed under the GNU General Public License v2. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=libmbim -PKG_VERSION:=1.26.2 -PKG_RELEASE:=$(AUTORELEASE) - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=https://www.freedesktop.org/software/libmbim -PKG_HASH:=10c77bf5b5eb8c92ba80e9b519923ad9b898362bc8e1928e2bc9a17eeba649af - -PKG_MAINTAINER:=Nicholas Smith - -PKG_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk - -CONFIGURE_ARGS += \ - --disable-static \ - --disable-gtk-doc \ - --disable-gtk-doc-html \ - --disable-gtk-doc-pdf \ - --disable-silent-rules \ - --enable-more-warnings=yes - -define Package/libmbim - SECTION:=libs - CATEGORY:=Libraries - DEPENDS:=+glib2 - TITLE:=Helper library and utils to talk to MBIM enabled modems - URL:=https://www.freedesktop.org/wiki/Software/libmbim - LICENSE:=LGPL-2.0-or-later - LICENSE_FILES:=COPYING.LIB -endef - -define Package/libmbim/description - Helper library to talk to MBIM enabled modems. - Add mbim-utils for extra utilities. -endef - -define Package/mbim-utils - SECTION:=utils - CATEGORY:=Utilities - DEPENDS:=+libmbim - TITLE:=Utilities to talk to MBIM enabled modems - URL:=https://www.freedesktop.org/wiki/Software/libmbim - LICENSE:=GPL-2.0-or-later - LICENSE_FILES:=COPYING -endef - -CONFIGURE_ARGS += \ - --without-udev \ - --without-udev-base-dir - -define Build/InstallDev - $(INSTALL_DIR) $(1)/usr/include - $(CP) \ - $(PKG_INSTALL_DIR)/usr/include/libmbim-glib \ - $(1)/usr/include/ - - $(INSTALL_DIR) $(1)/usr/lib - $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/libmbim*.so* \ - $(1)/usr/lib/ - - $(INSTALL_DIR) $(1)/usr/lib/pkgconfig - $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/mbim-glib.pc \ - $(1)/usr/lib/pkgconfig -endef - -define Package/libmbim/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/libmbim*.so.* \ - $(1)/usr/lib/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/mbim-proxy $(1)/usr/lib/ -endef - -define Package/mbim-utils/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/mbimcli $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/mbim-network $(1)/usr/bin/ -endef - -$(eval $(call BuildPackage,libmbim)) -$(eval $(call BuildPackage,mbim-utils)) diff --git a/libqmi/Config.in b/libqmi/Config.in deleted file mode 100644 index 6f35b7453..000000000 --- a/libqmi/Config.in +++ /dev/null @@ -1,16 +0,0 @@ -menu "Configuration" - depends on PACKAGE_libqmi - -config LIBQMI_WITH_MBIM_QMUX - bool "Include MBIM QMUX service support" - default y - help - Compile libqmi with QMI-over-MBIM support - -config LIBQMI_WITH_QRTR_GLIB - bool "Include QRTR support" - default y - help - Compile libqmi with QRTR support - -endmenu diff --git a/libqmi/Makefile b/libqmi/Makefile deleted file mode 100644 index d3ebdeecd..000000000 --- a/libqmi/Makefile +++ /dev/null @@ -1,119 +0,0 @@ -# -# Copyright (C) 2016 Velocloud Inc. -# Copyright (C) 2016 Aleksander Morgado -# -# This is free software, licensed under the GNU General Public License v2. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=libqmi -PKG_VERSION:=1.30.4 -PKG_RELEASE:=$(AUTORELEASE) - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=https://www.freedesktop.org/software/libqmi -PKG_HASH:=00d7da30a4f8d1185f37cba289cfaf1dfcd04a58f2f76d6acfdf5b85312d6ed6 - -PKG_MAINTAINER:=Nicholas Smith - -PKG_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk - -define Package/libqmi/config - source "$(SOURCE)/Config.in" -endef - -define Package/libqmi - SECTION:=libs - CATEGORY:=Libraries - DEPENDS:= \ - +glib2 \ - +LIBQMI_WITH_MBIM_QMUX:libmbim \ - +LIBQMI_WITH_QRTR_GLIB:libqrtr-glib - TITLE:=Helper library to talk to QMI enabled modems - URL:=https://www.freedesktop.org/wiki/Software/libqmi - LICENSE:=LGPL-2.0-or-later - LICENSE_FILES:=COPYING.LIB -endef - -define Package/libqmi/description - Helper library talk to QMI enabled modems. - Add qmi-utils for extra utilities. -endef - -define Package/qmi-utils - SECTION:=utils - CATEGORY:=Utilities - DEPENDS:=+libqmi - TITLE:=Utilities to talk to QMI enabled modems - URL:=https://www.freedesktop.org/wiki/Software/libqmi - LICENSE:=GPL-2.0-or-later - LICENSE_FILES:=COPYING -endef - -define Package/libqmi-utils/description - Utils to talk to QMI enabled modems -endef - -CONFIGURE_ARGS += \ - --disable-static \ - --disable-gtk-doc \ - --disable-gtk-doc-html \ - --disable-gtk-doc-pdf \ - --disable-silent-rules \ - --enable-firmware-update \ - --enable-more-warnings=yes \ - --without-udev \ - --without-udev-base-dir - -ifeq ($(CONFIG_LIBQMI_WITH_MBIM_QMUX),y) - CONFIGURE_ARGS += --enable-mbim-qmux -else - CONFIGURE_ARGS += --disable-mbim-qmux -endif - -ifeq ($(CONFIG_LIBQMI_WITH_QRTR_GLIB),y) - CONFIGURE_ARGS += --enable-qrtr -else - CONFIGURE_ARGS += --disable-qrtr -endif - -define Build/InstallDev - $(INSTALL_DIR) $(1)/usr/include - $(CP) \ - $(PKG_INSTALL_DIR)/usr/include/libqmi-glib \ - $(1)/usr/include/ - - $(INSTALL_DIR) $(1)/usr/lib - $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/libqmi*.so* \ - $(1)/usr/lib/ - - $(INSTALL_DIR) $(1)/usr/lib/pkgconfig - $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/qmi-glib.pc \ - $(1)/usr/lib/pkgconfig -endef - -define Package/libqmi/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/libqmi*.so.* \ - $(1)/usr/lib/ - - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/qmi-proxy $(1)/usr/lib/ -endef - -define Package/qmi-utils/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/qmicli $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/qmi-network $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/qmi-firmware-update $(1)/usr/bin/ -endef - -$(eval $(call BuildPackage,libqmi)) -$(eval $(call BuildPackage,qmi-utils)) diff --git a/luci-proto-mbim/Makefile b/luci-proto-mbim/Makefile deleted file mode 100755 index cdd9699f9..000000000 --- a/luci-proto-mbim/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -# -# Copyright (C) 2008-2014 The LuCI Team -# -# This is free software, licensed under the Apache License, Version 2.0 . -# - -include $(TOPDIR)/rules.mk - -LUCI_TITLE:=Support for MBIM -LUCI_DEPENDS:=+umbim - -include $(TOPDIR)/feeds/luci/luci.mk - -# call BuildPackage - OpenWrt buildroot signature diff --git a/luci-proto-mbim/htdocs/luci-static/resources/protocol/mbim.js b/luci-proto-mbim/htdocs/luci-static/resources/protocol/mbim.js deleted file mode 100755 index 72bb9f7ba..000000000 --- a/luci-proto-mbim/htdocs/luci-static/resources/protocol/mbim.js +++ /dev/null @@ -1,100 +0,0 @@ -'use strict'; -'require rpc'; -'require form'; -'require network'; - -var callFileList = rpc.declare({ - object: 'file', - method: 'list', - params: [ 'path' ], - expect: { entries: [] }, - filter: function(list, params) { - var rv = []; - for (var i = 0; i < list.length; i++) - if (list[i].name.match(/^cdc-wdm/)) - rv.push(params.path + list[i].name); - return rv.sort(); - } -}); - -network.registerPatternVirtual(/^mbim-.+$/); - -return network.registerProtocol('mbim', { - getI18n: function() { - return _('MBIM Cellular'); - }, - - getIfname: function() { - return this._ubus('l3_device') || 'mbim-%s'.format(this.sid); - }, - - getOpkgPackage: function() { - return 'umbim'; - }, - - isFloating: function() { - return true; - }, - - isVirtual: function() { - return true; - }, - - getDevices: function() { - return null; - }, - - containsDevice: function(ifname) { - return (network.getIfnameOf(ifname) == this.getIfname()); - }, - - renderFormOptions: function(s) { - var dev = this.getL3Device() || this.getDevice(), o; - - o = s.taboption('general', form.Value, 'device', _('Modem device')); - o.rmempty = false; - o.load = function(section_id) { - return callFileList('/dev/').then(L.bind(function(devices) { - for (var i = 0; i < devices.length; i++) - this.value(devices[i]); - return form.Value.prototype.load.apply(this, [section_id]); - }, this)); - }; - - s.taboption('general', form.Value, 'apn', _('APN')); - s.taboption('general', form.Value, 'pincode', _('PIN')); - - o = s.taboption('general', form.ListValue, 'auth', _('Authentication Type')); - o.value('both', 'PAP/CHAP'); - o.value('pap', 'PAP'); - o.value('chap', 'CHAP'); - o.value('none', 'NONE'); - o.default = 'none'; - - o = s.taboption('general', form.Value, 'username', _('PAP/CHAP username')); - o.depends('auth', 'pap'); - o.depends('auth', 'chap'); - o.depends('auth', 'both'); - - o = s.taboption('general', form.Value, 'password', _('PAP/CHAP password')); - o.depends('auth', 'pap'); - o.depends('auth', 'chap'); - o.depends('auth', 'both'); - o.password = true; - - if (L.hasSystemFeature('ipv6')) { - o = s.taboption('advanced', form.Flag, 'ipv6', _('Enable IPv6 negotiation')); - o.default = o.disabled; - } - - o = s.taboption('advanced', form.Value, 'delay', _('Modem init timeout'), _('Maximum amount of seconds to wait for the modem to become ready')); - o.placeholder = '10'; - o.datatype = 'min(1)'; - - o = s.taboption('general', form.ListValue, 'pdptype', _('PDP Type')); - o.value('ipv4v6', 'IPv4/IPv6'); - o.value('ipv4', 'IPv4'); - o.value('ipv6', 'IPv6'); - o.default = 'ipv4v6'; - } -}); diff --git a/modemmanager/Config.in b/modemmanager/Config.in deleted file mode 100644 index 283a9e10a..000000000 --- a/modemmanager/Config.in +++ /dev/null @@ -1,21 +0,0 @@ -menu "Configuration" -depends on PACKAGE_modemmanager - - config MODEMMANAGER_WITH_MBIM - bool "Include MBIM support" - default y - help - Compile ModemManager with MBIM support - - config MODEMMANAGER_WITH_QMI - bool "Include QMI support" - default y - help - Compile ModemManager with QMI support - - config MODEMMANAGER_WITH_AT_COMMAND_VIA_DBUS - bool "Allow AT commands via DBus" - default n - help - Compile ModemManager allowing AT commands without debug flag -endmenu diff --git a/modemmanager/Makefile b/modemmanager/Makefile deleted file mode 100644 index 3eb780398..000000000 --- a/modemmanager/Makefile +++ /dev/null @@ -1,142 +0,0 @@ -# -# Copyright (C) 2016 Velocloud Inc. -# Copyright (C) 2016 Aleksander Morgado -# -# This is free software, licensed under the GNU General Public License v2. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=modemmanager -PKG_VERSION:=1.18.6 -PKG_RELEASE:=1 - -PKG_SOURCE:=ModemManager-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=https://www.freedesktop.org/software/ModemManager -PKG_HASH:=d4f804b31cf504239c5f1d4973c62095c00cba1ee9abb503718dac6d146a470a -PKG_BUILD_DIR:=$(BUILD_DIR)/ModemManager-$(PKG_VERSION) - -PKG_MAINTAINER:=Nicholas Smith -PKG_LICENSE:=GPL-2.0-or-later -PKG_LICENSE_FILES:=COPYING - -PKG_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk - -define Package/modemmanager/config - source "$(SOURCE)/Config.in" -endef - -define Package/modemmanager - SECTION:=net - CATEGORY:=Network - TITLE:=Control utility for any kind of mobile broadband modem - URL:=https://www.freedesktop.org/wiki/Software/ModemManager - DEPENDS:= \ - $(INTL_DEPENDS) \ - +glib2 \ - +dbus \ - +ppp \ - +MODEMMANAGER_WITH_MBIM:libmbim \ - +MODEMMANAGER_WITH_QMI:libqmi -endef - -define Package/modemmanager/description - ModemManager is a D-Bus-activated service which allows controlling mobile - broadband modems. Add kernel modules for your modems as needed. - Select Utilities/usb-modeswitch if needed. -endef - -CONFIGURE_ARGS += \ - --without-polkit \ - --without-udev \ - --without-systemdsystemunitdir \ - --disable-rpath \ - --disable-gtk-doc - -ifeq ($(CONFIG_MODEMMANAGER_WITH_AT_COMMAND_VIA_DBUS),y) - CONFIGURE_ARGS += --with-at-command-via-dbus -endif - -ifdef CONFIG_MODEMMANAGER_WITH_MBIM - CONFIGURE_ARGS += --with-mbim -else - CONFIGURE_ARGS += --without-mbim -endif - -ifdef CONFIG_MODEMMANAGER_WITH_QMI - CONFIGURE_ARGS += --with-qmi -else - CONFIGURE_ARGS += --without-qmi -endif - -define Build/Prepare - $(call Build/Prepare/Default) - ( cd "$(PKG_BUILD_DIR)"; \ - printf "all:\ninstall:\n" >po/Makefile.in.in; \ - ) -endef - -define Build/InstallDev - $(INSTALL_DIR) $(1)/usr/include/ModemManager - $(CP) $(PKG_INSTALL_DIR)/usr/include/ModemManager/*.h $(1)/usr/include/ModemManager - $(INSTALL_DIR) $(1)/usr/include/libmm-glib - $(CP) $(PKG_INSTALL_DIR)/usr/include/libmm-glib/*.h $(1)/usr/include/libmm-glib - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libmm-glib.so* $(1)/usr/lib - $(INSTALL_DIR) $(1)/usr/lib/pkgconfig - $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/ModemManager.pc $(1)/usr/lib/pkgconfig - $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/mm-glib.pc $(1)/usr/lib/pkgconfig -endef - -define Package/modemmanager/install - $(INSTALL_DIR) $(1)/lib/udev/rules.d - $(INSTALL_DATA) $(PKG_INSTALL_DIR)/lib/udev/rules.d/*.rules $(1)/lib/udev/rules.d - - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ModemManager $(1)/usr/sbin - $(INSTALL_BIN) ./files/usr/sbin/ModemManager-wrapper $(1)/usr/sbin - - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/mmcli $(1)/usr/bin - - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libmm-glib.so.* $(1)/usr/lib - - $(INSTALL_DIR) $(1)/usr/lib/ModemManager - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ModemManager/libmm-shared-*.so* $(1)/usr/lib/ModemManager - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ModemManager/libmm-plugin-*.so* $(1)/usr/lib/ModemManager - - $(INSTALL_DIR) $(1)/etc/dbus-1/system.d - $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/dbus-1/system.d/org.freedesktop.ModemManager1.conf $(1)/etc/dbus-1/system.d - - $(INSTALL_DIR) $(1)/usr/share/dbus-1/system-services - $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/dbus-1/system-services/org.freedesktop.ModemManager1.service $(1)/usr/share/dbus-1/system-services - - $(INSTALL_DIR) $(1)/usr/share/ModemManager - $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/ModemManager/*.conf $(1)/usr/share/ModemManager - $(INSTALL_DATA) ./files/modemmanager.common $(1)/usr/share/ModemManager - - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./files/modemmanager.init $(1)/etc/init.d/modemmanager - - $(INSTALL_DIR) $(1)/etc/hotplug.d/usb - $(INSTALL_DATA) ./files/25-modemmanager-usb $(1)/etc/hotplug.d/usb - - $(INSTALL_DIR) $(1)/etc/hotplug.d/net - $(INSTALL_DATA) ./files/25-modemmanager-net $(1)/etc/hotplug.d/net - - $(INSTALL_DIR) $(1)/etc/hotplug.d/tty - $(INSTALL_DATA) ./files/25-modemmanager-tty $(1)/etc/hotplug.d/tty - - $(INSTALL_DIR) $(1)/etc/hotplug.d/wwan - $(INSTALL_DATA) ./files/25-modemmanager-wwan $(1)/etc/hotplug.d/wwan - - $(INSTALL_DIR) $(1)/lib/netifd/proto - $(INSTALL_BIN) ./files/modemmanager.proto $(1)/lib/netifd/proto/modemmanager.sh -endef - -$(eval $(call BuildPackage,modemmanager)) diff --git a/modemmanager/README.md b/modemmanager/README.md deleted file mode 100644 index c9d880ea4..000000000 --- a/modemmanager/README.md +++ /dev/null @@ -1,40 +0,0 @@ -# OpenWrt ModemManager - -## Description - -Cellular modem control and connectivity - -Optional libraries libmbim and libqmi are available. -Your modem may require additional kernel modules and/or the usb-modeswitch -package. - -## Usage - -Once installed, you can configure the 2G/3G/4G modem connections directly in -/etc/config/network as in the following example: - - config interface 'broadband' - option device '/sys/devices/platform/soc/20980000.usb/usb1/1-1/1-1.2/1-1.2.1' - option proto 'modemmanager' - option apn 'ac.vodafone.es' - option allowedauth 'pap chap' - option username 'vodafone' - option password 'vodafone' - option pincode '7423' - option iptype 'ipv4' - option lowpower '1' - option signalrate '30' - -Only 'device' and 'proto' are mandatory options, the remaining ones are all -optional. - -The 'allowedauth' option allows limiting the list of authentication protocols. -It is given as a space-separated list of values, including any of the -following: 'pap', 'chap', 'mschap', 'mschapv2' or 'eap'. It will default to -allowing all protocols. - -The 'iptype' option supports any of these values: 'ipv4', 'ipv6' or 'ipv4v6'. -It will default to 'ipv4' if not given. - -The 'signalrate' option set's the signal refresh rate (in seconds) for the device. -You can call signal info with command: mmcli -m 0 --signal-get diff --git a/modemmanager/files/25-modemmanager-net b/modemmanager/files/25-modemmanager-net deleted file mode 100644 index e87231e31..000000000 --- a/modemmanager/files/25-modemmanager-net +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh -# Copyright (C) 2016 Velocloud Inc -# Copyright (C) 2016 Aleksander Morgado - -# Load common utilities -. /usr/share/ModemManager/modemmanager.common - -# We require a interface name -[ -n "${INTERFACE}" ] || exit - -# Always make sure the rundir exists -mkdir -m 0755 -p "${MODEMMANAGER_RUNDIR}" - -# Report network interface -mm_log "${ACTION} network interface ${INTERFACE}: event processed" -mm_report_event "${ACTION}" "${INTERFACE}" "net" "/sys${DEVPATH}" - -# Look for an associated cdc-wdm interface - -cdcwdm="" - -case "${ACTION}" in - "add") cdcwdm=$(mm_track_cdcwdm "${INTERFACE}") ;; - "remove") cdcwdm=$(mm_untrack_cdcwdm "${INTERFACE}") ;; -esac - -# Report cdc-wdm device, if any -[ -n "${cdcwdm}" ] && { - mm_log "${ACTION} cdc interface ${cdcwdm}: custom event processed" - mm_report_event "${ACTION}" "${cdcwdm}" "usbmisc" "/sys${DEVPATH}" -} diff --git a/modemmanager/files/25-modemmanager-tty b/modemmanager/files/25-modemmanager-tty deleted file mode 100644 index c13148a33..000000000 --- a/modemmanager/files/25-modemmanager-tty +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -# Copyright (C) 2016 Velocloud Inc -# Copyright (C) 2016 Aleksander Morgado - -# Load hotplug common utilities -. /usr/share/ModemManager/modemmanager.common - -# We require a device name -[ -n "$DEVNAME" ] || exit - -# Always make sure the rundir exists -mkdir -m 0755 -p "${MODEMMANAGER_RUNDIR}" - -# Report TTY -mm_log "${ACTION} serial interface ${DEVNAME}: event processed" -mm_report_event "${ACTION}" "${DEVNAME}" "tty" "/sys${DEVPATH}" diff --git a/modemmanager/files/25-modemmanager-usb b/modemmanager/files/25-modemmanager-usb deleted file mode 100644 index 93d0bf70a..000000000 --- a/modemmanager/files/25-modemmanager-usb +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh -# Copyright (C) 2019 Aleksander Morgado - -# We need to process only full USB device removal events, we don't -# want to process specific interface removal events. -[ "$ACTION" = remove ] || exit -[ -z "${INTERFACE}" ] || exit - -# Load common utilities -. /usr/share/ModemManager/modemmanager.common - -mm_clear_modem_wait_status "/sys${DEVPATH}" -mm_cleanup_interface_by_sysfspath "/sys${DEVPATH}" diff --git a/modemmanager/files/25-modemmanager-wwan b/modemmanager/files/25-modemmanager-wwan deleted file mode 100644 index c4dc6b897..000000000 --- a/modemmanager/files/25-modemmanager-wwan +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -# Copyright (C) 2021 Aleksander Morgado - -# Load hotplug common utilities -. /usr/share/ModemManager/modemmanager.common - -# We require a device name -[ -n "$DEVNAME" ] || exit - -# Always make sure the rundir exists -mkdir -m 0755 -p "${MODEMMANAGER_RUNDIR}" - -# Report wwan -mm_log "${ACTION} wwan control port ${DEVNAME}: event processed" -mm_report_event "${ACTION}" "${DEVNAME}" "wwan" "/sys${DEVPATH}" diff --git a/modemmanager/files/modemmanager.common b/modemmanager/files/modemmanager.common deleted file mode 100644 index a439179de..000000000 --- a/modemmanager/files/modemmanager.common +++ /dev/null @@ -1,341 +0,0 @@ -#!/bin/sh -# Copyright (C) 2016 Velocloud Inc -# Copyright (C) 2016 Aleksander Morgado - -################################################################################ - -. /lib/functions.sh -. /lib/netifd/netifd-proto.sh - -################################################################################ -# Runtime state - -MODEMMANAGER_RUNDIR="/var/run/modemmanager" -MODEMMANAGER_PID_FILE="${MODEMMANAGER_RUNDIR}/modemmanager.pid" -MODEMMANAGER_CDCWDM_CACHE="${MODEMMANAGER_RUNDIR}/cdcwdm.cache" -MODEMMANAGER_SYSFS_CACHE="${MODEMMANAGER_RUNDIR}/sysfs.cache" -MODEMMANAGER_EVENTS_CACHE="${MODEMMANAGER_RUNDIR}/events.cache" - -################################################################################ -# Common logging - -mm_log() { - [ "$(uci -q get openmptcprouter.settings.debug)" = "true" ] && logger -t "ModemManager" "hotplug: $*" -} - -################################################################################ -# Receives as input argument the full sysfs path of the device -# Returns the physical device sysfs path -# -# NOTE: this method only works when the device exists, i.e. it cannot be used -# on removal hotplug events - -mm_find_physdev_sysfs_path() { - local tmp_path="$1" - - while true; do - tmp_path=$(dirname "${tmp_path}") - - # avoid infinite loops iterating - [ -z "${tmp_path}" ] || [ "${tmp_path}" = "/" ] && return - - # for USB devices, the physical device will be that with a idVendor - # and idProduct pair of files - [ -f "${tmp_path}"/idVendor ] && [ -f "${tmp_path}"/idProduct ] && { - tmp_path=$(readlink -f "$tmp_path") - echo "${tmp_path}" - return - } - - # For PCI devices, the physical device will be that with a vendor - # and device pair of files - [ -f "${tmp_path}"/vendor ] && [ -f "${tmp_path}"/device ] && { - tmp_path=$(readlink -f "$tmp_path") - echo "${tmp_path}" - return - } - done -} - -################################################################################ - -# Returns the cdc-wdm name retrieved from sysfs -mm_track_cdcwdm() { - local wwan="$1" - local cdcwdm - - cdcwdm=$(ls "/sys/class/net/${wwan}/device/usbmisc/") - [ -n "${cdcwdm}" ] || return - - # We have to cache it for later, as we won't be able to get the - # associated cdc-wdm device on a remove event - echo "${wwan} ${cdcwdm}" >> "${MODEMMANAGER_CDCWDM_CACHE}" - - echo "${cdcwdm}" -} - -# Returns the cdc-wdm name retrieved from the cache -mm_untrack_cdcwdm() { - local wwan="$1" - local cdcwdm - - # Look for the cached associated cdc-wdm device - [ -f "${MODEMMANAGER_CDCWDM_CACHE}" ] || return - - cdcwdm=$(awk -v wwan="${wwan}" '!/^#/ && $0 ~ wwan { print $2 }' "${MODEMMANAGER_CDCWDM_CACHE}") - [ -n "${cdcwdm}" ] || return - - # Remove from cache - sed -i "/${wwan} ${cdcwdm}/d" "${MODEMMANAGER_CDCWDM_CACHE}" - - echo "${cdcwdm}" -} - -################################################################################ -# ModemManager needs some time from the ports being added until a modem object -# is exposed in DBus. With the logic here we do an explicit wait of N seconds -# for ModemManager to expose the new modem object, making sure that the wait is -# unique per device (i.e. per physical device sysfs path). - -# Gets the modem wait status as retrieved from the cache -mm_get_modem_wait_status() { - local sysfspath="$1" - - # If no sysfs cache file, we're done - [ -f "${MODEMMANAGER_SYSFS_CACHE}" ] || return - - # Get status of the sysfs path - awk -v sysfspath="${sysfspath}" '!/^#/ && $0 ~ sysfspath { print $2 }' "${MODEMMANAGER_SYSFS_CACHE}" -} - -# Clear the modem wait status from the cache, if any -mm_clear_modem_wait_status() { - local sysfspath="$1" - - local escaped_sysfspath - - [ -f "${MODEMMANAGER_SYSFS_CACHE}" ] && { - # escape '/', '\' and '&' for sed... - escaped_sysfspath=$(echo "$sysfspath" | sed -e 's/[\/&]/\\&/g') - sed -i "/${escaped_sysfspath}/d" "${MODEMMANAGER_SYSFS_CACHE}" - } -} - -# Sets the modem wait status in the cache -mm_set_modem_wait_status() { - local sysfspath="$1" - local status="$2" - - # Remove sysfs line before adding the new one with the new state - mm_clear_modem_wait_status "${sysfspath}" - - # Add the new status - echo "${sysfspath} ${status}" >> "${MODEMMANAGER_SYSFS_CACHE}" -} - -# Callback for config_foreach() -mm_get_modem_config_foreach_cb() { - local cfg="$1" - local sysfspath="$2" - - local proto - config_get proto "${cfg}" proto - [ "${proto}" = modemmanager ] || return 0 - - local dev - dev=$(uci_get network "${cfg}" device) - [ "${dev}" = "${sysfspath}" ] || return 0 - - echo "${cfg}" -} - -# Returns the name of the interface configured for this device -mm_get_modem_config() { - local sysfspath="$1" - - # Look for configuration for the given sysfs path - config_load network - config_foreach mm_get_modem_config_foreach_cb interface "${sysfspath}" -} - -# Wait for a modem in the specified sysfspath -mm_wait_for_modem() { - local cfg="$1" - local sysfspath="$2" - - # TODO: config max wait - local n=45 - local step=5 - - while [ $n -ge 0 ]; do - [ -d "${sysfspath}" ] || { - mm_log "error: ignoring modem detection request: no device at ${sysfspath}" - proto_set_available "${cfg}" 0 - return 1 - } - - # Check if the modem exists at the given sysfs path - if ! mmcli -m "${sysfspath}" > /dev/null 2>&1 - then - mm_log "error: modem not detected at sysfs path" - else - mm_log "modem exported successfully at ${sysfspath}" - mm_log "setting interface '${cfg}' as available" - proto_set_available "${cfg}" 1 - return 0 - fi - - sleep $step - n=$((n-step)) - done - - mm_log "error: timed out waiting for the modem to get exported at ${sysfspath}" - proto_set_available "${cfg}" 0 - return 2 -} - -mm_report_modem_wait() { - local sysfspath=$1 - - local parent_sysfspath status - - parent_sysfspath=$(mm_find_physdev_sysfs_path "$sysfspath") - [ -n "${parent_sysfspath}" ] || { - mm_log "error: parent device sysfspath not found" - return - } - - status=$(mm_get_modem_wait_status "${parent_sysfspath}") - case "${status}" in - "") - local cfg - - cfg=$(mm_get_modem_config "${parent_sysfspath}") - if [ -n "${cfg}" ]; then - mm_log "interface '${cfg}' is set to configure device '${parent_sysfspath}'" - mm_log "now waiting for modem at sysfs path ${parent_sysfspath}" - mm_set_modem_wait_status "${parent_sysfspath}" "processed" - # Launch subshell for the explicit wait - ( mm_wait_for_modem "${cfg}" "${parent_sysfspath}" ) > /dev/null 2>&1 & - else - mm_log "no need to wait for modem at sysfs path ${parent_sysfspath}" - mm_set_modem_wait_status "${parent_sysfspath}" "ignored" - fi - ;; - "processed") - mm_log "already waiting for modem at sysfs path ${parent_sysfspath}" - ;; - "ignored") - ;; - *) - mm_log "error: unknown status read for device at sysfs path ${parent_sysfspath}" - ;; - esac -} - -################################################################################ -# Cleanup interfaces - -mm_cleanup_interface_cb() { - local cfg="$1" - - local proto - config_get proto "${cfg}" proto - [ "${proto}" = modemmanager ] || return 0 - - proto_set_available "${cfg}" 0 -} - -mm_cleanup_interfaces() { - config_load network - config_foreach mm_cleanup_interface_cb interface -} - -mm_cleanup_interface_by_sysfspath() { - local dev="$1" - - local cfg - cfg=$(mm_get_modem_config "$dev") - [ -n "${cfg}" ] || return - - mm_log "setting interface '$cfg' as unavailable" - proto_set_available "${cfg}" 0 -} - -################################################################################ -# Event reporting - -# Receives as input the action, the device name and the subsystem -mm_report_event() { - local action="$1" - local name="$2" - local subsystem="$3" - local sysfspath="$4" - - # Track/untrack events in cache - case "${action}" in - "add") - # On add events, store event details in cache (if not exists yet) - grep -qs "${name},${subsystem}" "${MODEMMANAGER_EVENTS_CACHE}" || \ - echo "${action},${name},${subsystem},${sysfspath}" >> "${MODEMMANAGER_EVENTS_CACHE}" - ;; - "remove") - # On remove events, remove old events from cache (match by subsystem+name) - sed -i "/${name},${subsystem}/d" "${MODEMMANAGER_EVENTS_CACHE}" - ;; - esac - - # Report the event - mm_log "event reported: action=${action}, name=${name}, subsystem=${subsystem}" - mmcli --report-kernel-event="action=${action},name=${name},subsystem=${subsystem}" 1>/dev/null 2>&1 & - - # Wait for added modem if a sysfspath is given - [ -n "${sysfspath}" ] && [ "$action" = "add" ] && mm_report_modem_wait "${sysfspath}" -} - -mm_report_event_from_cache_line() { - local event_line="$1" - - local action name subsystem sysfspath - action=$(echo "${event_line}" | awk -F ',' '{ print $1 }') - name=$(echo "${event_line}" | awk -F ',' '{ print $2 }') - subsystem=$(echo "${event_line}" | awk -F ',' '{ print $3 }') - sysfspath=$(echo "${event_line}" | awk -F ',' '{ print $4 }') - - mm_log "cached event found: action=${action}, name=${name}, subsystem=${subsystem}, sysfspath=${sysfspath}" - mm_report_event "${action}" "${name}" "${subsystem}" "${sysfspath}" -} - -mm_report_events_from_cache() { - # Remove the sysfs cache - rm -f "${MODEMMANAGER_SYSFS_CACHE}" - - local n=60 - local step=1 - local mmrunning=0 - - # Wait for ModemManager to be available in the bus - while [ $n -ge 0 ]; do - sleep $step - mm_log "checking if ModemManager is available..." - - if ! mmcli -L >/dev/null 2>&1 - then - mm_log "ModemManager not yet available" - else - mmrunning=1 - break - fi - n=$((n-step)) - done - - [ ${mmrunning} -eq 1 ] || { - mm_log "error: couldn't report initial kernel events: ModemManager not running" - return - } - - # Report cached kernel events - while IFS= read -r event_line; do - mm_report_event_from_cache_line "${event_line}" - done < ${MODEMMANAGER_EVENTS_CACHE} -} diff --git a/modemmanager/files/modemmanager.init b/modemmanager/files/modemmanager.init deleted file mode 100644 index a3f6c1b12..000000000 --- a/modemmanager/files/modemmanager.init +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh /etc/rc.common -# Copyright (C) 2016 Aleksander Morgado - -USE_PROCD=1 -START=70 - -stop_service() { - # Load common utils - . /usr/share/ModemManager/modemmanager.common - # Set all configured interfaces as unavailable - mm_cleanup_interfaces -} - -start_service() { - # Setup ModemManager service - # - # We will make sure that the rundir always exists, and we initially cleanup - # all interfaces flagging them as unavailable. - # - # The cached events processing will wait for MM to be available in DBus - # and will make sure all ports are re-notified to ModemManager every time - # it starts. - # - # All these commands need to be executed on every MM start, even after - # procd-triggered respawns, which is why this is wrapped in a startup - # wrapper script called '/usr/sbin/ModemManager-wrapper'. - # - . /usr/share/ModemManager/modemmanager.common - procd_open_instance - procd_set_param command /usr/sbin/ModemManager-wrapper - procd_set_param respawn "${respawn_threshold:-3600}" "${respawn_timeout:-5}" "${respawn_retry:-5}" - procd_set_param pidfile "${MODEMMANAGER_PID_FILE}" - procd_close_instance -} diff --git a/modemmanager/files/modemmanager.proto b/modemmanager/files/modemmanager.proto deleted file mode 100755 index 0e050e7b9..000000000 --- a/modemmanager/files/modemmanager.proto +++ /dev/null @@ -1,555 +0,0 @@ -#!/bin/sh -# Copyright (C) 2016-2019 Aleksander Morgado - -[ -x /usr/bin/mmcli ] || exit 0 -[ -x /usr/sbin/pppd ] || exit 0 - -[ -n "$INCLUDE_ONLY" ] || { - . /lib/functions.sh - . ../netifd-proto.sh - . ./ppp.sh - init_proto "$@" -} - -cdr2mask () -{ - # Number of args to shift, 255..255, first non-255 byte, zeroes - set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0 - if [ "$1" -gt 1 ] - then - shift "$1" - else - shift - fi - echo "${1-0}"."${2-0}"."${3-0}"."${4-0}" -} - -# This method expects as first argument a list of key-value pairs, as returned by mmcli --output-keyvalue -# The second argument must be exactly the name of the field to read -# -# Sample output: -# $ mmcli -m 0 -K -# modem.dbus-path : /org/freedesktop/ModemManager1/Modem/0 -# modem.generic.device-identifier : ed6eff2e3e0f90463da1c2a755b2acacd1335752 -# modem.generic.manufacturer : Dell Inc. -# modem.generic.model : DW5821e Snapdragon X20 LTE -# modem.generic.revision : T77W968.F1.0.0.4.0.GC.009\n026 -# modem.generic.carrier-configuration : GCF -# modem.generic.carrier-configuration-revision : 08E00009 -# modem.generic.hardware-revision : DW5821e Snapdragon X20 LTE -# .... -modemmanager_get_field() { - local list=$1 - local field=$2 - local value="" - - [ -z "${list}" ] || [ -z "${field}" ] && return - - # there is always at least a whitespace after each key, and we use that as part of the - # key matching we do (e.g. to avoid getting 'modem.generic.state-failed-reason' as a result - # when grepping for 'modem.generic.state'. - line=$(echo "${list}" | grep "${field} ") - value=$(echo ${line#*:}) - - # not found? - [ -n "${value}" ] || return 2 - - # only print value if set - [ "${value}" != "--" ] && echo "${value}" - return 0 -} - -# build a comma-separated list of values from the list -modemmanager_get_multivalue_field() { - local list=$1 - local field=$2 - local value="" - local length idx item - - [ -z "${list}" ] || [ -z "${field}" ] && return - - length=$(modemmanager_get_field "${list}" "${field}.length") - [ -n "${length}" ] || return 0 - [ "$length" -ge 1 ] || return 0 - - idx=1 - while [ $idx -le "$length" ]; do - item=$(modemmanager_get_field "${list}" "${field}.value\[$idx\]") - [ -n "${item}" ] && [ "${item}" != "--" ] && { - [ -n "${value}" ] && value="${value}, " - value="${value}${item}" - } - idx=$((idx + 1)) - done - - # nothing built? - [ -n "${value}" ] || return 2 - - # only print value if set - echo "${value}" - return 0 -} - -modemmanager_cleanup_connection() { - local modemstatus="$1" - - local bearercount idx bearerpath - - bearercount=$(modemmanager_get_field "${modemstatus}" "modem.generic.bearers.length") - - # do nothing if no bearers reported - [ -n "${bearercount}" ] && [ "$bearercount" -ge 1 ] && { - # explicitly disconnect just in case - mmcli --modem="${device}" --simple-disconnect >/dev/null 2>&1 - # and remove all bearer objects, if any found - idx=1 - while [ $idx -le "$bearercount" ]; do - bearerpath=$(modemmanager_get_field "${modemstatus}" "modem.generic.bearers.value\[$idx\]") - mmcli --modem "${device}" --delete-bearer="${bearerpath}" >/dev/null 2>&1 - idx=$((idx + 1)) - done - } -} - -modemmanager_connected_method_ppp_ipv4() { - local interface="$1" - local ttyname="$2" - local username="$3" - local password="$4" - local allowedauth="$5" - - # all auth types are allowed unless a user given list is given - local authopts - local pap=1 - local chap=1 - local mschap=1 - local mschapv2=1 - local eap=1 - - [ -n "$allowedauth" ] && { - pap=0 chap=0 mschap=0 mschapv2=0 eap=0 - for auth in $allowedauth; do - case $auth in - "pap") pap=1 ;; - "chap") chap=1 ;; - "mschap") mschap=1 ;; - "mschapv2") mschapv2=1 ;; - "eap") eap=1 ;; - *) ;; - esac - done - } - - [ $pap -eq 1 ] || append authopts "refuse-pap" - [ $chap -eq 1 ] || append authopts "refuse-chap" - [ $mschap -eq 1 ] || append authopts "refuse-mschap" - [ $mschapv2 -eq 1 ] || append authopts "refuse-mschap-v2" - [ $eap -eq 1 ] || append authopts "refuse-eap" - - proto_run_command "${interface}" /usr/sbin/pppd \ - "${ttyname}" \ - 115200 \ - nodetach \ - noaccomp \ - nobsdcomp \ - nopcomp \ - novj \ - noauth \ - $authopts \ - ${username:+ user $username} \ - ${password:+ password $password} \ - lcp-echo-failure 5 \ - lcp-echo-interval 15 \ - lock \ - crtscts \ - nodefaultroute \ - usepeerdns \ - ipparam "${interface}" \ - ip-up-script /lib/netifd/ppp-up \ - ip-down-script /lib/netifd/ppp-down -} - -modemmanager_disconnected_method_ppp_ipv4() { - local interface="$1" - - echo "running disconnection (ppp method)" - - [ -n "${ERROR}" ] && { - local errorstring - errorstring=$(ppp_exitcode_tostring "${ERROR}") - case "$ERROR" in - 0) - ;; - 2) - proto_notify_error "$interface" "$errorstring" - proto_block_restart "$interface" - ;; - *) - proto_notify_error "$interface" "$errorstring" - ;; - esac - } || echo "pppd result code not given" - - proto_kill_command "$interface" -} - -modemmanager_connected_method_dhcp_ipv4() { - local interface="$1" - local wwan="$2" - local metric="$3" - local defaultroute="$4" - - proto_init_update "${wwan}" 1 - proto_set_keep 1 - proto_send_update "${interface}" - - json_init - json_add_string name "${interface}_4" - json_add_string ifname "@${interface}" - json_add_string proto "dhcp" - proto_add_dynamic_defaults - [ -n "$metric" ] && json_add_int metric "${metric}" - json_close_object - ubus call network add_dynamic "$(json_dump)" -} - -modemmanager_connected_method_static_ipv4() { - local interface="$1" - local wwan="$2" - local address="$3" - local prefix="$4" - local gateway="$5" - local mtu="$6" - local dns1="$7" - local dns2="$8" - local metric="$9" - local defaultroute="$10" - - local mask="" - - [ -n "${address}" ] || { - proto_notify_error "${interface}" ADDRESS_MISSING - return - } - - [ -n "${prefix}" ] || { - proto_notify_error "${interface}" PREFIX_MISSING - return - } - mask=$(cdr2mask "${prefix}") - - [ -n "${mtu}" ] && /sbin/ip link set dev "${wwan}" mtu "${mtu}" - - proto_init_update "${wwan}" 1 - proto_set_keep 1 - echo "adding IPv4 address ${address}, netmask ${mask}" - proto_add_ipv4_address "${address}" "${mask}" - [ -n "${gateway}" ] && [ "${defaultroute}" != 0 ] && { - echo "adding default IPv4 route via ${gateway}" - logger -t "modemmanager.proto" "adding default IPv4 route via ${gateway} ${address}" - proto_add_ipv4_route "0.0.0.0" "0" "${gateway}" "${address}" - } - [ -n "${dns1}" ] && { - echo "adding primary DNS at ${dns1}" - proto_add_dns_server "${dns1}" - } - [ -n "${dns2}" ] && { - echo "adding secondary DNS at ${dns2}" - proto_add_dns_server "${dns2}" - } - [ -n "$metric" ] && json_add_int metric "${metric}" - proto_send_update "${interface}" -} - -modemmanager_connected_method_dhcp_ipv6() { - local interface="$1" - local wwan="$2" - local metric="$3" - local defaultroute="$4" - - proto_init_update "${wwan}" 1 - proto_set_keep 1 - proto_send_update "${interface}" - - json_init - json_add_string name "${interface}_6" - json_add_string ifname "@${interface}" - json_add_string proto "dhcpv6" - proto_add_dynamic_defaults - json_add_string extendprefix 1 # RFC 7278: Extend an IPv6 /64 Prefix to LAN - [ -n "$metric" ] && json_add_int metric "${metric}" - json_close_object - ubus call network add_dynamic "$(json_dump)" -} - -modemmanager_connected_method_static_ipv6() { - local interface="$1" - local wwan="$2" - local address="$3" - local prefix="$4" - local gateway="$5" - local mtu="$6" - local dns1="$7" - local dns2="$8" - local metric="$9" - local defaultroute="$10" - - [ -n "${address}" ] || { - proto_notify_error "${interface}" ADDRESS_MISSING - return - } - - [ -n "${prefix}" ] || { - proto_notify_error "${interface}" PREFIX_MISSING - return - } - - [ -n "${mtu}" ] && /sbin/ip link set dev "${wwan}" mtu "${mtu}" - - proto_init_update "${wwan}" 1 - proto_set_keep 1 - echo "adding IPv6 address ${address}, prefix ${prefix}" - proto_add_ipv6_address "${address}" "128" - proto_add_ipv6_prefix "${address}/${prefix}" - [ -n "${gateway}" ] && [ "$defaultroute" != 0 ] && { - echo "adding default IPv6 route via ${gateway}" - proto_add_ipv6_route "${gateway}" "128" - proto_add_ipv6_route "::0" "0" "${gateway}" "" "" "${address}/${prefix}" - } - [ -n "${dns1}" ] && { - echo "adding primary DNS at ${dns1}" - proto_add_dns_server "${dns1}" - } - [ -n "${dns2}" ] && { - echo "adding secondary DNS at ${dns2}" - proto_add_dns_server "${dns2}" - } - [ -n "$metric" ] && json_add_int metric "${metric}" - proto_send_update "${interface}" -} - -modemmanager_disconnected_method_common() { - local interface="$1" - - echo "running disconnection (common)" - proto_notify_error "${interface}" MM_DISCONNECT_IN_PROGRESS - - proto_init_update "*" 0 - proto_send_update "${interface}" -} - -proto_modemmanager_init_config() { - available=1 - no_device=1 - proto_config_add_string device - proto_config_add_string apn - proto_config_add_string 'allowedauth:list(string)' - proto_config_add_string username - proto_config_add_string password - proto_config_add_string pincode - proto_config_add_string iptype - proto_config_add_int signalrate - proto_config_add_boolean lowpower - proto_config_add_defaults -} - -proto_modemmanager_setup() { - local interface="$1" - - local modempath modemstatus bearercount bearerpath connectargs bearerstatus beareriface - local bearermethod_ipv4 bearermethod_ipv6 auth cliauth - local operatorname operatorid registration accesstech signalquality - - local device apn allowedauth username password pincode iptype metric signalrate - - local address prefix gateway mtu dns1 dns2 defaultroute - - json_get_vars device apn allowedauth username password pincode iptype metric signalrate defaultroute - - # validate sysfs path given in config - [ -n "${device}" ] || { - echo "No device specified" - proto_notify_error "${interface}" NO_DEVICE - proto_set_available "${interface}" 0 - return 1 - } - [ -e "${device}" ] || { - echo "Device not found in sysfs" - proto_set_available "${interface}" 0 - return 1 - } - - # validate that ModemManager is handling the modem at the sysfs path - modemstatus=$(mmcli --modem="${device}" --output-keyvalue) - modempath=$(modemmanager_get_field "${modemstatus}" "modem.dbus-path") - [ -n "${modempath}" ] || { - echo "Device not managed by ModemManager" - proto_notify_error "${interface}" DEVICE_NOT_MANAGED - proto_set_available "${interface}" 0 - return 1 - } - echo "modem available at ${modempath}" - - # always cleanup before attempting a new connection, just in case - modemmanager_cleanup_connection "${modemstatus}" - - # if allowedauth list given, build option string - for auth in $allowedauth; do - cliauth="${cliauth}${cliauth:+|}$auth" - done - - # setup connect args; APN mandatory (even if it may be empty) - echo "starting connection with apn '${apn}'..." - proto_notify_error "${interface}" MM_CONNECT_IN_PROGRESS - - connectargs="apn=${apn}${iptype:+,ip-type=${iptype}}${cliauth:+,allowed-auth=${cliauth}}${username:+,user=${username}}${password:+,password=${password}}${pincode:+,pin=${pincode}}" - mmcli --modem="${device}" --timeout 120 --simple-connect="${connectargs}" || { - proto_notify_error "${interface}" MM_CONNECT_FAILED - proto_block_restart "${interface}" - return 1 - } - - # check if Signal refresh rate is set - if [ -n "${signalrate}" ] && [ "${signalrate}" -eq "${signalrate}" ] 2>/dev/null; then - echo "setting signal refresh rate to ${signalrate} seconds" - mmcli --modem="${device}" --signal-setup="${signalrate}" - else - echo "signal refresh rate is not set" - fi - - # log additional useful information - modemstatus=$(mmcli --modem="${device}" --output-keyvalue) - operatorname=$(modemmanager_get_field "${modemstatus}" "modem.3gpp.operator-name") - [ -n "${operatorname}" ] && echo "network operator name: ${operatorname}" - operatorid=$(modemmanager_get_field "${modemstatus}" "modem.3gpp.operator-code") - [ -n "${operatorid}" ] && echo "network operator MCCMNC: ${operatorid}" - registration=$(modemmanager_get_field "${modemstatus}" "modem.3gpp.registration-state") - [ -n "${registration}" ] && echo "registration type: ${registration}" - accesstech=$(modemmanager_get_multivalue_field "${modemstatus}" "modem.generic.access-technologies") - [ -n "${accesstech}" ] && echo "access technology: ${accesstech}" - signalquality=$(modemmanager_get_field "${modemstatus}" "modem.generic.signal-quality.value") - [ -n "${signalquality}" ] && echo "signal quality: ${signalquality}%" - - # we won't like it if there are more than one bearers, as that would mean the - # user manually created them, and that's unsupported by this proto - bearercount=$(modemmanager_get_field "${modemstatus}" "modem.generic.bearers.length") - [ -n "${bearercount}" ] && [ "$bearercount" -eq 1 ] || { - proto_notify_error "${interface}" INVALID_BEARER_LIST - return 1 - } - - # load connected bearer information - bearerpath=$(modemmanager_get_field "${modemstatus}" "modem.generic.bearers.value\[1\]") - bearerstatus=$(mmcli --bearer "${bearerpath}" --output-keyvalue) - - # load network interface and method information - beareriface=$(modemmanager_get_field "${bearerstatus}" "bearer.status.interface") - bearermethod_ipv4=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv4-config.method") - bearermethod_ipv6=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv6-config.method") - - # setup IPv4 - [ -n "${bearermethod_ipv4}" ] && { - echo "IPv4 connection setup required in interface ${interface}: ${bearermethod_ipv4}" - case "${bearermethod_ipv4}" in - "dhcp") - modemmanager_connected_method_dhcp_ipv4 "${interface}" "${beareriface}" "${metric}" "${defaultroute}" - ;; - "static") - address=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv4-config.address") - prefix=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv4-config.prefix") - gateway=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv4-config.gateway") - mtu=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv4-config.mtu") - dns1=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv4-config.dns.value\[1\]") - dns2=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv4-config.dns.value\[2\]") - modemmanager_connected_method_static_ipv4 "${interface}" "${beareriface}" "${address}" "${prefix}" "${gateway}" "${mtu}" "${dns1}" "${dns2}" "${metric}" "${defaultroute}" - ;; - "ppp") - modemmanager_connected_method_ppp_ipv4 "${interface}" "${beareriface}" "${username}" "${password}" "${allowedauth}" - ;; - *) - proto_notify_error "${interface}" UNKNOWN_METHOD - return 1 - ;; - esac - } - - # setup IPv6 - # note: if using ipv4v6, both IPv4 and IPv6 settings will have the same MTU and metric values reported - [ -n "${bearermethod_ipv6}" ] && { - echo "IPv6 connection setup required in interface ${interface}: ${bearermethod_ipv6}" - case "${bearermethod_ipv6}" in - "dhcp") - modemmanager_connected_method_dhcp_ipv6 "${interface}" "${beareriface}" "${metric}" "${defaultroute}" - ;; - "static") - address=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv6-config.address") - prefix=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv6-config.prefix") - gateway=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv6-config.gateway") - mtu=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv6-config.mtu") - dns1=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv6-config.dns.value\[1\]") - dns2=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv6-config.dns.value\[2\]") - modemmanager_connected_method_static_ipv6 "${interface}" "${beareriface}" "${address}" "${prefix}" "${gateway}" "${mtu}" "${dns1}" "${dns2}" "${metric}" "${defaultroute}" - ;; - "ppp") - proto_notify_error "${interface}" "unsupported method" - return 1 - ;; - *) - proto_notify_error "${interface}" UNKNOWN_METHOD - return 1 - ;; - esac - } - - return 0 -} - -proto_modemmanager_teardown() { - local interface="$1" - - local modemstatus bearerpath errorstring - local bearermethod_ipv4 bearermethod_ipv6 - - local device lowpower iptype - json_get_vars device lowpower iptype - - echo "stopping network" - proto_notify_error "${interface}" MM_TEARDOWN_IN_PROGRESS - - # load connected bearer information, just the first one should be ok - modemstatus=$(mmcli --modem="${device}" --output-keyvalue) - bearerpath=$(modemmanager_get_field "${modemstatus}" "modem.generic.bearers.value\[1\]") - [ -n "${bearerpath}" ] || { - echo "couldn't load bearer path" - return - } - - # load bearer connection methods - bearerstatus=$(mmcli --bearer "${bearerpath}" --output-keyvalue) - bearermethod_ipv4=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv4-config.method") - [ -n "${bearermethod_ipv4}" ] && - echo "IPv4 connection teardown required in interface ${interface}: ${bearermethod_ipv4}" - bearermethod_ipv6=$(modemmanager_get_field "${bearerstatus}" "bearer.ipv6-config.method") - [ -n "${bearermethod_ipv6}" ] && - echo "IPv6 connection teardown required in interface ${interface}: ${bearermethod_ipv6}" - - # disconnection handling only requires special treatment in IPv4/PPP - [ "${bearermethod_ipv4}" = "ppp" ] && modemmanager_disconnected_method_ppp_ipv4 "${interface}" - modemmanager_disconnected_method_common "${interface}" - - # disconnect - mmcli --modem="${device}" --simple-disconnect || - proto_notify_error "${interface}" DISCONNECT_FAILED - - # disable - mmcli --modem="${device}" --disable - proto_notify_error "${interface}" MM_MODEM_DISABLED - - # low power, only if requested - [ "${lowpower:-0}" -lt 1 ] || - mmcli --modem="${device}" --set-power-state-low -} - -[ -n "$INCLUDE_ONLY" ] || { - add_protocol modemmanager -} diff --git a/modemmanager/files/usr/sbin/ModemManager-wrapper b/modemmanager/files/usr/sbin/ModemManager-wrapper deleted file mode 100755 index 4fd64227f..000000000 --- a/modemmanager/files/usr/sbin/ModemManager-wrapper +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -trap_with_arg() { - func="$1" ; shift - for sig ; do - # shellcheck disable=SC2064 - trap "$func $sig" "$sig" - done -} - -func_trap() { - logger "ModemManager-wrapper[$$]" "Sending signal ${1}..." - kill "-${1}" "$CHILD" 2>/dev/null -} - -main() { - . /usr/share/ModemManager/modemmanager.common - - trap_with_arg func_trap INT TERM KILL - - mkdir -p "${MODEMMANAGER_RUNDIR}" - chmod 0755 "${MODEMMANAGER_RUNDIR}" - mm_cleanup_interfaces - - /usr/sbin/ModemManager "$@" 1>/dev/null 2>/dev/null & - CHILD="$!" - - mm_report_events_from_cache - - wait "$CHILD" -} - -main "$@" diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index a6eb586fd..d5e0485bf 100755 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -46,7 +46,6 @@ MY_DEPENDS := \ luci-app-openvpn \ shadowsocks-libev-ss-server shadowsocks-libev-ss-tunnel \ omr-6in4 ip6tables-mod-nat luci-proto-ipv6 6to4 6in4 6rd ip6tables \ - speedtestcpp \ iftop \ htop \ nano \ diff --git a/speedtestcpp/Makefile b/speedtestcpp/Makefile deleted file mode 100644 index db25f5bb8..000000000 --- a/speedtestcpp/Makefile +++ /dev/null @@ -1,42 +0,0 @@ -# -# Copyright (C) 2021 Ycarus (Yannick Chabanois) for OpenMPTCProuter project -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=speedtestcpp -PKG_VERSION:=1.12 -PKG_RELEASE:=2 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=a01ae6eb04c5d3f4847aef73bf77849275ccc6eb -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://github.com/fmantz/SpeedTest.git - -PKG_MAINTAINER:=Ycarus -PKG_LICENSE:=MIT -PKG_LICENSE_FILES:=LICENSE - -CMAKE_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/cmake.mk - -define Package/speedtestcpp - SECTION:=net - CATEGORY:=Network - TITLE:=Yet another unofficial speedtest.net client cli interface - URL:=https://github.com/fmantz/SpeedTest - DEPENDS:=+curl +libstdcpp +libopenssl +libxml2 -endef - -define Package/speedtestcpp/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/SpeedTest $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/speedtestJson $(1)/usr/bin/ -endef - -$(eval $(call BuildPackage,speedtestcpp)) \ No newline at end of file diff --git a/v2ray-core/Config.in b/v2ray-core/Config.in deleted file mode 100755 index 20a764336..000000000 --- a/v2ray-core/Config.in +++ /dev/null @@ -1,149 +0,0 @@ -menu "V2Ray Configuration" - depends on PACKAGE_v2ray-core - -choice - prompt "JSON Config Support" - default V2RAY_JSON_V2CTL - - config V2RAY_JSON_V2CTL - bool "Load JSON from V2Ctl" - - config V2RAY_JSON_INTERNAL - bool "Load JSON Internally" - - config V2RAY_JSON_NONE - bool "None" - -endchoice - -config V2RAY_EXCLUDE_V2CTL - bool "Exclude V2Ctl" - depends on V2RAY_JSON_INTERNAL || V2RAY_JSON_NONE - default n - -config V2RAY_EXCLUDE_ASSETS - bool "Exclude geoip.dat & geosite.dat" - default n - -config V2RAY_COMPRESS_UPX - bool "Compress executable files with UPX" - default n - -choice - prompt "Disable Features" - default V2RAY_DISABLE_NONE - - config V2RAY_DISABLE_NONE - bool "None" - - config V2RAY_DISABLE_CUSTOM - bool "Custom" - -endchoice - -config V2RAY_DISABLE_DNS - bool "Disable Internal DNS Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_LOG - bool "Disable Log Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_POLICY - bool "Disable Local Policy Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_REVERSE - bool "Disable Reverse Proxy Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_ROUTING - bool "Disable Internal Routing Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_STATISTICS - bool "Disable Statistics Support" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_BLACKHOLE_PROTO - bool "Disable Blackhole Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_DNS_PROXY - bool "Disable DNS Proxy" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_DOKODEMO_PROTO - bool "Disable Dokodemo-door Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_FREEDOM_PROTO - bool "Disable Freedom Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_MTPROTO_PROXY - bool "Disable MTProto Proxy" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_HTTP_PROTO - bool "Disable HTTP Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_SHADOWSOCKS_PROTO - bool "Disable Shadowsocks Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_SOCKS_PROTO - bool "Disable Socks Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_VMESS_PROTO - bool "Disable VMess Protocol" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_TCP_TRANS - bool "Disable TCP Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_MKCP_TRANS - bool "Disable mKCP Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_WEBSOCKET_TRANS - bool "Disable WebSocket Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_HTTP2_TRANS - bool "Disable HTTP/2 Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_DOMAIN_SOCKET_TRANS - bool "Disable Domain Socket Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -config V2RAY_DISABLE_QUIC_TRANS - bool "Disable QUIC Transport" - depends on V2RAY_DISABLE_CUSTOM - default n - -endmenu diff --git a/v2ray-core/LICENSE b/v2ray-core/LICENSE deleted file mode 100755 index ed6b6c708..000000000 --- a/v2ray-core/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2019 Xingwang Liao - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/v2ray-core/Makefile b/v2ray-core/Makefile deleted file mode 100755 index f17adbf69..000000000 --- a/v2ray-core/Makefile +++ /dev/null @@ -1,308 +0,0 @@ -# -# Copyright (C) 2019 Xingwang Liao -# Copyright (C) 2020 Ycarus (Yannick Chabanois) for OpenMPTCProuter -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=v2ray-core -PKG_VERSION:=4.43.0 -PKG_RELEASE:=1 - -#PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE:=v$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://github.com/v2fly/v2ray-core/archive/refs/tags/ -PKG_HASH:=f27b8fe8e1e102b0297339ee368c8b650fde0f949e0d90e1229ff6744f99ba0f - -PKG_LICENSE:=MIT -PKG_LICENSE_FILES:=LICENSE -PKG_MAINTAINER:=Yannick Chabanois - -PKG_CONFIG_DEPENDS := \ - CONFIG_V2RAY_JSON_V2CTL \ - CONFIG_V2RAY_JSON_INTERNAL \ - CONFIG_V2RAY_JSON_NONE \ - CONFIG_V2RAY_EXCLUDE_V2CTL \ - CONFIG_V2RAY_EXCLUDE_ASSETS \ - CONFIG_V2RAY_COMPRESS_UPX \ - CONFIG_V2RAY_DISABLE_NONE \ - CONFIG_V2RAY_DISABLE_CUSTOM \ - CONFIG_V2RAY_DISABLE_DNS \ - CONFIG_V2RAY_DISABLE_LOG \ - CONFIG_V2RAY_DISABLE_POLICY \ - CONFIG_V2RAY_DISABLE_REVERSE \ - CONFIG_V2RAY_DISABLE_ROUTING \ - CONFIG_V2RAY_DISABLE_STATISTICS \ - CONFIG_V2RAY_DISABLE_BLACKHOLE_PROTO \ - CONFIG_V2RAY_DISABLE_DNS_PROXY \ - CONFIG_V2RAY_DISABLE_DOKODEMO_PROTO \ - CONFIG_V2RAY_DISABLE_FREEDOM_PROTO \ - CONFIG_V2RAY_DISABLE_MTPROTO_PROXY \ - CONFIG_V2RAY_DISABLE_HTTP_PROTO \ - CONFIG_V2RAY_DISABLE_SHADOWSOCKS_PROTO \ - CONFIG_V2RAY_DISABLE_SOCKS_PROTO \ - CONFIG_V2RAY_DISABLE_VMESS_PROTO \ - CONFIG_V2RAY_DISABLE_TCP_TRANS \ - CONFIG_V2RAY_DISABLE_MKCP_TRANS \ - CONFIG_V2RAY_DISABLE_WEBSOCKET_TRANS \ - CONFIG_V2RAY_DISABLE_HTTP2_TRANS \ - CONFIG_V2RAY_DISABLE_DOMAIN_SOCKET_TRANS \ - CONFIG_V2RAY_DISABLE_QUIC_TRANS - -PKG_BUILD_DEPENDS:=golang/host -PKG_BUILD_PARALLEL:=1 -PKG_USE_MIPS16:=0 - -GO_PKG:=github.com/v2fly/v2ray-core/v4 -GO_PKG_LDFLAGS:=-s -w - -include $(INCLUDE_DIR)/package.mk -include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk - -define Package/v2ray-core - TITLE:=A platform for building proxies - URL:=https://www.v2fly.org - SECTION:=net - CATEGORY:=Network - SUBMENU:=Project V - DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle +protobuf -endef - -define Package/v2ray-core/config - source "$(SOURCE)/Config.in" -endef - -define Package/v2ray-core/description -Project V is a set of network tools that help you to build your own computer network. -It secures your network connections and thus protects your privacy. - - This package contains v2ray, v2ctl and v2ray-assets. -endef - -V2RAY_SED_ARGS:= - -ifeq ($(CONFIG_V2RAY_JSON_INTERNAL),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/main\/json"/\/\/ &/; \ - /\/\/ _ "github.com\/v2fly\/v2ray-core\/v4\/main\/jsonem"/s/\/\/ //; -else ifeq ($(CONFIG_V2RAY_JSON_NONE),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/main\/json"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_CUSTOM),y) - -ifeq ($(CONFIG_V2RAY_DISABLE_DNS),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/app\/dns"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_LOG),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/app\/log"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/app\/log\/command"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_POLICY),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/app\/policy"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_REVERSE),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/app\/reverse"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_ROUTING),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/app\/router"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_STATISTICS),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/app\/stats"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/app\/stats\/command"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_BLACKHOLE_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/blackhole"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_DNS_PROXY),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/dns"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_DOKODEMO_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/dokodemo"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_FREEDOM_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/freedom"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_MTPROTO_PROXY),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/mtproto"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_HTTP_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/http"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_SHADOWSOCKS_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/shadowsocks"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_SOCKS_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/socks"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_VMESS_PROTO),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/vmess\/inbound"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/proxy\/vmess\/outbound"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_TCP_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/tcp"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_MKCP_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/kcp"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_WEBSOCKET_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/websocket"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_HTTP2_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/http"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/headers\/http"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_DOMAIN_SOCKET_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/domainsocket"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_QUIC_TRANS),y) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/quic"/\/\/ &/; -endif - -ifeq ($(CONFIG_V2RAY_DISABLE_MKCP_TRANS)$(CONFIG_V2RAY_DISABLE_QUIC_TRANS),yy) -V2RAY_SED_ARGS += \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/headers\/noop"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/headers\/srtp"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/headers\/tls"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/headers\/utp"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/headers\/wechat"/\/\/ &/; \ - s/_ "github.com\/v2fly\/v2ray-core\/v4\/transport\/internet\/headers\/wireguard"/\/\/ &/; -endif - -endif - -GEOIP_VER:=latest -GEOIP_FILE:=geoip-$(GEOIP_VER).dat - -define Download/geoip.dat - URL:=https://github.com/v2ray/geoip/releases/$(GEOIP_VER)/download - URL_FILE:=geoip.dat - FILE:=$(GEOIP_FILE) - HASH:=skip -endef - -GEOSITE_VER:=latest -GEOSITE_FILE:=geosite-$(GEOSITE_VER).dat - -define Download/geosite.dat - URL:=https://github.com/v2ray/domain-list-community/releases/$(GEOSITE_VER)/download - URL_FILE:=dlc.dat - FILE:=$(GEOSITE_FILE) - HASH:=skip -endef - -define Build/Prepare - $(Build/Prepare/Default) - -ifneq ($(CONFIG_V2RAY_EXCLUDE_ASSETS),y) - # move file to make sure download new file every build - mv -f $(DL_DIR)/$(GEOIP_FILE) $(PKG_BUILD_DIR)/release/config/geoip.dat - mv -f $(DL_DIR)/$(GEOSITE_FILE) $(PKG_BUILD_DIR)/release/config/geosite.dat -endif - - ( \ - sed -i \ - 's/\(version[[:space:]]*=[[:space:]]*"\).*\("\)/\1$(PKG_VERSION)\2/; \ - s/\(build[[:space:]]*=[[:space:]]*"\).*\("\)/\1OpenWrt R$(PKG_RELEASE)\2/' \ - $(PKG_BUILD_DIR)/core.go ; \ - ) -ifneq ($(V2RAY_SED_ARGS),) - ( \ - sed -i \ - '$(V2RAY_SED_ARGS)' \ - $(PKG_BUILD_DIR)/main/distro/all/all.go ; \ - ) -endif -endef - -define Build/Compile - $(eval GO_PKG_BUILD_PKG:=$(GO_PKG)/main) - $(call GoPackage/Build/Compile) - mv -f $(GO_PKG_BUILD_BIN_DIR)/main $(GO_PKG_BUILD_BIN_DIR)/v2ray - -ifeq ($(CONFIG_V2RAY_COMPRESS_UPX),y) - upx --ultra-brute $(GO_PKG_BUILD_BIN_DIR)/v2ray -endif - -ifneq ($(CONFIG_V2RAY_EXCLUDE_V2CTL),y) - $(eval GO_PKG_BUILD_PKG:=$(GO_PKG)/infra/control/main) - $(call GoPackage/Build/Compile) - mv -f $(GO_PKG_BUILD_BIN_DIR)/main $(GO_PKG_BUILD_BIN_DIR)/v2ctl - -ifeq ($(CONFIG_V2RAY_COMPRESS_UPX),y) - upx --ultra-brute $(GO_PKG_BUILD_BIN_DIR)/v2ctl -endif -endif -endef - -define Package/v2ray-core/install - $(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR)) - - $(INSTALL_DIR) $(1)/usr/bin - - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/v2ray $(1)/usr/bin - $(CP) ./files/* $(1)/ - -ifneq ($(CONFIG_V2RAY_EXCLUDE_V2CTL),y) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/v2ctl $(1)/usr/bin -endif - -ifneq ($(CONFIG_V2RAY_EXCLUDE_ASSETS),y) - $(INSTALL_DATA) \ - $(PKG_BUILD_DIR)/release/config/{geoip,geosite}.dat \ - $(1)/usr/bin -endif -endef - -ifneq ($(CONFIG_V2RAY_EXCLUDE_ASSETS),y) -$(eval $(call Download,geoip.dat)) -$(eval $(call Download,geosite.dat)) -endif - -$(eval $(call GoBinPackage,v2ray-core)) -$(eval $(call BuildPackage,v2ray-core)) diff --git a/v2ray-core/files/etc/firewall.v2ray-rules b/v2ray-core/files/etc/firewall.v2ray-rules deleted file mode 100755 index 2c0ade3dd..000000000 --- a/v2ray-core/files/etc/firewall.v2ray-rules +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -/etc/init.d/v2ray rules_up diff --git a/v2ray-core/files/etc/init.d/v2ray b/v2ray-core/files/etc/init.d/v2ray deleted file mode 100755 index f8772a0e1..000000000 --- a/v2ray-core/files/etc/init.d/v2ray +++ /dev/null @@ -1,2162 +0,0 @@ -#!/bin/sh /etc/rc.common -# -# Copyright 2019-2020 Xingwang Liao -# Copyright 2020-2021 Ycarus (Yannick Chabanois) for OpenMPTCProuter -# Licensed to the public under the MIT License. -# - -START=99 -USE_PROCD=1 -EXTRA_COMMANDS="rules_up rules_down rules_exist" - -NAME=v2ray -CONFIG_FOLDER=/var/etc/$NAME - -FILE_V2RAY_DNSMASQ=/tmp/dnsmasq.d/$NAME -FILE_V2RAY_DNSMASQ_CACHE=/tmp/$NAME.dnsmasq.cache - -IPSET_SRC_IGNORE_V4=v2ray_src_ignore_v4 -IPSET_SRC_IGNORE_V6=v2ray_src_ignore_v6 -IPSET_DST_PROXY_V4=v2ray_dst_proxy_v4 -IPSET_DST_PROXY_V6=v2ray_dst_proxy_v6 -IPSET_SRC_DIRECT_V4=ss_rules_src_bypass -IPSET_DST_DIRECT_V4=ss_rules_dst_bypass -IPSET_DST_DIRECT_V6=ss_rules6_dst_bypass - -OUTBOUND_SERVERS_V4= -OUTBOUND_SERVERS_V6= - -TRANSPARENT_PROXY_EXPECTED=0 -TRANSPARENT_PROXY_PORT= -TRANSPARENT_PROXY_USE_TPROXY= -TRANSPARENT_PROXY_ADDITION= - -DNSMASQ_RESTART_EXPECTED=0 - -. /usr/share/libubox/jshn.sh - -_log() { - local level="$1" ; shift - local msg="$@" - logger -p "daemon.$level" -t "$NAME" "$msg" - - echo "[$level] $msg" >&2 -} - -_info() { - _log "info" $@ -} - -_err() { - _log "err" $@ -} - -get_value_from_json() { - local json="$1" - local key="$2" - - test -n "$json" || return - - local value="" - - local old_ns - json_set_namespace "json_key" old_ns - json_load "$json" - json_get_var "$key" value - json_cleanup - json_set_namespace "$old_ns" - - echo "$value" -} - -get_commands_from_json() { - local json="$1" - - test -n "$json" || return - - jshn -r "$json" 2>/dev/null | grep -v "json_init" -} - -get_file_content() { - local filename="$1" - - test -n "$filename" || return - test -r "/etc/v2ray/${filename}.txt" || return - - cat "/etc/v2ray/${filename}.txt" | grep -v "^$" | grep -v "^#" -} - -append_server_ipv4() { - local addr="$1" - - test -n "$addr" || return - - if [ -z "$OUTBOUND_SERVERS_V4" ] ; then - OUTBOUND_SERVERS_V4="$addr" - else - OUTBOUND_SERVERS_V4="$(cat >&1 <<-EOF - $OUTBOUND_SERVERS_V4 - $addr - EOF - )" - fi -} - -append_server_ipv6() { - local addr="$1" - - test -n "$addr" || return - - if [ -z "$OUTBOUND_SERVERS_V6" ] ; then - OUTBOUND_SERVERS_V6="$addr" - else - OUTBOUND_SERVERS_V6="$(cat >&1 <<-EOF - $OUTBOUND_SERVERS_V6 - $addr - EOF - )" - fi -} - -append_server_address() { - local addr="$1" - - test -n "$addr" || return - - local ipv4 - for ipv4 in $(resolveip -4 -t 5 "$addr") ; do - append_server_ipv4 "$ipv4" - done - - local ipv6 - for ipv6 in $(resolveip -6 -t 5 "$addr") ; do - append_server_ipv6 "$ipv6" - done -} - -v2ray_section_validate() { - uci_validate_section "$NAME" "v2ray" "$1" \ - 'enabled:bool:0' \ - 'v2ray_file:string' \ - 'asset_location:directory' \ - 'mem_percentage:and(uinteger, max(100)):80' \ - 'config_file:file' \ - 'loglevel:or("debug", "info", "warning", "error", "none")' \ - 'access_log:string' \ - 'error_log:string' \ - 'stats_enabled:bool:0' \ - 'transport_enabled:bool:0' \ - 'inbounds:list(uci("v2ray", "@inbound"))' \ - 'outbounds:list(uci("v2ray", "@outbound"))' -} - -dns_section_validate() { - uci_validate_section "$NAME" "dns" "$1" \ - 'enabled:bool:0' \ - 'tag:string' \ - 'client_ip:ipaddr' \ - 'hosts:list(string)' \ - 'servers:list(uci("v2ray", "@dns_server"))' -} - -dns_server_section_validate() { - uci_validate_section "$NAME" "dns_server" "$1" \ - 'address:string' \ - 'port:port' \ - 'domains:list(string)' \ - 'expect_ips:list(string)' -} - -routing_section_validate() { - uci_validate_section "$NAME" "routing" "$1" \ - 'enabled:bool:0' \ - 'domain_strategy:or("AsIs", "IPIfNonMatch", "IPOnDemand")' \ - 'rules:list(uci("v2ray", "@routing_rule"))' \ - 'balancers:list(uci("v2ray", "@routing_balancer"))' -} - -routing_rule_section_validate() { - uci_validate_section "$NAME" "routing_rule" "$1" \ - 'type:"field"' \ - 'domain:list(string)' \ - 'ip:list(string)' \ - 'port:or(port, portrange)' \ - 'network:list(or("tcp", "udp"))' \ - 'source:list(string)' \ - 'user:list(string)' \ - 'inbound_tag:list(string)' \ - 'protocol:list(or("http", "tls", "bittorrent"))' \ - 'attrs:string' \ - 'outbound_tag:string' \ - 'balancer_tag:string' -} - -routing_balancer_section_validate() { - uci_validate_section "$NAME" "routing_balancer" "$1" \ - 'tag:string' \ - 'selector:list(string)' -} - -policy_section_validate() { - uci_validate_section "$NAME" "policy" "$1" \ - 'enabled:bool:0' \ - 'levels:list(uci("v2ray", "@policy_level"))' \ - 'system_stats_inbound_uplink:bool:0' \ - 'system_stats_inbound_downlink:bool:0' -} - -policy_level_section_validate() { - uci_validate_section "$NAME" "policy_level" "$1" \ - 'level:uinteger' \ - 'handshake:uinteger:4' \ - 'conn_idle:uinteger:300' \ - 'uplink_only:uinteger:2' \ - 'downlink_only:uinteger:5' \ - 'stats_user_uplink:bool:0' \ - 'stats_user_downlink:bool:0' \ - 'buffer_size:uinteger' -} - -reverse_section_validate() { - uci_validate_section "$NAME" "reverse" "$1" \ - 'enabled:bool:0' \ - 'bridges:list(string)' \ - 'portals:list(string)' -} - -inbound_section_validate() { - uci_validate_section "$NAME" "inbound" "$1" \ - 'port:or(port, portrange, string)' \ - 'listen:ipaddr' \ - 'protocol:string' \ - 's_dokodemo_door_address:host' \ - 's_dokodemo_door_port:port' \ - 's_dokodemo_door_network:list(or("tcp", "udp"))' \ - 's_dokodemo_door_timeout:uinteger' \ - 's_dokodemo_door_follow_redirect:bool:0' \ - 's_dokodemo_door_user_level:uiterger' \ - 's_http_account_user:string' \ - 's_http_account_pass:string' \ - 's_http_allow_transparent:bool:0' \ - 's_http_timeout:uinteger' \ - 's_http_user_level:uinteger' \ - 's_mtproto_user_email:string' \ - 's_mtproto_user_secret:string' \ - 's_mtproto_user_level:uinteger' \ - 's_shadowsocks_email:string' \ - 's_shadowsocks_method:string' \ - 's_shadowsocks_password:string' \ - 's_shadowsocks_level:uinteger' \ - 's_shadowsocks_ota:bool:0' \ - 's_shadowsocks_network:list(or("tcp", "udp")):tcp' \ - 's_socks_auth:or("noauth", "password")' \ - 's_socks_account_user:string' \ - 's_socks_account_pass:string' \ - 's_socks_udp:bool:0' \ - 's_socks_ip:host' \ - 's_socks_user_level:uinteger' \ - 's_vmess_client_id:string' \ - 's_vmess_client_alter_id:and(uinteger, max(65535))' \ - 's_vmess_client_email:string' \ - 's_vmess_client_user_level:uinteger' \ - 's_vmess_default_alter_id:and(uinteger, max(65535))' \ - 's_vmess_default_user_level:uinteger' \ - 's_vmess_detour_to:string' \ - 's_vmess_disable_insecure_encryption:bool:0' \ - 's_vless_client_id:string' \ - 's_vless_client_alter_id:and(uinteger, max(65535))' \ - 's_vless_client_email:string' \ - 's_vless_client_user_level:uinteger' \ - 's_vless_default_alter_id:and(uinteger, max(65535))' \ - 's_vless_default_user_level:uinteger' \ - 's_vless_detour_to:string' \ - 's_vless_disable_insecure_encryption:bool:0' \ - 'ss_network:or("tcp", "kcp", "ws", "http", "domainsocket", "quic")' \ - 'ss_security:or("none", "tls")' \ - 'ss_tls_server_name:host' \ - 'ss_tls_alpn:string' \ - 'ss_tls_allow_insecure:bool:0' \ - 'ss_tls_allow_insecure_ciphers:bool:0' \ - 'ss_tls_disable_system_root:bool:0' \ - 'ss_tls_cert_usage:or("encipherment", "verify", "issue")' \ - 'ss_tls_cert_file:string' \ - 'ss_tls_key_file:string' \ - 'ss_tcp_header_type:or("none", "http")' \ - 'ss_tcp_header_request_version:string' \ - 'ss_tcp_header_request_method:string:GET' \ - 'ss_tcp_header_request_path:string' \ - 'ss_tcp_header_request_headers:list(string)' \ - 'ss_tcp_header_response_version:string' \ - 'ss_tcp_header_response_status:string' \ - 'ss_tcp_header_response_reason:string' \ - 'ss_tcp_header_response_headers:list(string)' \ - 'ss_kcp_mtu:and(min(576), max(1460))' \ - 'ss_kcp_tti:and(min(10), max(100))' \ - 'ss_kcp_uplink_capacity:uinteger' \ - 'ss_kcp_downlink_capacity:uinteger' \ - 'ss_kcp_congestion:bool:0' \ - 'ss_kcp_read_buffer_size:uinteger' \ - 'ss_kcp_write_buffer_size:uinteger' \ - 'ss_kcp_header_type:or("none", "srtp", "utp", "wechat-video", "dtls", "wireguard")' \ - 'ss_websocket_path:string' \ - 'ss_websocket_headers:list(string)' \ - 'ss_http_host:list(host)' \ - 'ss_http_path:string' \ - 'ss_domainsocket_path:string' \ - 'ss_quic_security:or("aes-128-gcm", "chacha20-poly1305", "none")' \ - 'ss_quic_key:string' \ - 'ss_quic_header_type:or("none", "srtp", "utp", "wechat-video", "dtls", "wireguard")' \ - 'ss_sockopt_tcp_fast_open:or("0", "1")' \ - 'ss_sockopt_tproxy:or("redirect", "tproxy", "off")' \ - 'tag:string' \ - 'sniffing_enabled:bool:0' \ - 'sniffing_dest_override:list(or("http", "tls"))' \ - 'allocate_strategy:or("always", "random")' \ - 'allocate_refresh:uinteger' \ - 'allocate_concurrency:uinteger' -} - -outbound_section_validate() { - uci_validate_section "$NAME" "outbound" "$1" \ - 'send_through:ipaddr' \ - 'protocol:string' \ - 'tag:string' \ - 's_blackhole_reponse_type:or("none", "http")' \ - 's_dns_network:or("tcp", "udp")' \ - 's_dns_address:string' \ - 's_dns_port:port' \ - 's_freedom_domain_strategy:or("AsIs", "UseIP", "UseIPv4", "UseIPv6")' \ - 's_freedom_redirect:string' \ - 's_freedom_user_level:uinteger' \ - 's_http_server_address:host' \ - 's_http_server_port:port' \ - 's_http_account_user:string' \ - 's_http_account_pass:string' \ - 's_shadowsocks_email:string' \ - 's_shadowsocks_address:host' \ - 's_shadowsocks_port:port' \ - 's_shadowsocks_method:string' \ - 's_shadowsocks_password:string' \ - 's_shadowsocks_level:uinteger' \ - 's_shadowsocks_ota:bool:0' \ - 's_socks_server_address:host' \ - 's_socks_server_port:port' \ - 's_socks_account_user:string' \ - 's_socks_account_pass:string' \ - 's_socks_user_level:uinteger' \ - 's_vmess_address:host' \ - 's_vmess_port:port' \ - 's_vmess_user_id:string' \ - 's_vmess_user_alter_id:and(uinteger, max(65535))' \ - 's_vmess_user_security:or("auto", "aes-128-gcm", "chacha20-poly1305", "none")' \ - 's_vmess_user_level:uinteger' \ - 's_vless_address:host' \ - 's_vless_port:port' \ - 's_vless_user_id:string' \ - 's_vless_user_alter_id:and(uinteger, max(65535))' \ - 's_vless_user_security:or("auto", "aes-128-gcm", "chacha20-poly1305", "none")' \ - 's_vless_user_encryption:or("auto", "none")' \ - 's_vless_user_level:uinteger' \ - 'ss_network:or("tcp", "kcp", "ws", "http", "domainsocket", "quic")' \ - 'ss_security:or("none", "tls")' \ - 'ss_tls_server_name:host' \ - 'ss_tls_alpn:string' \ - 'ss_tls_allow_insecure:bool:0' \ - 'ss_tls_allow_insecure_ciphers:bool:0' \ - 'ss_tls_disable_system_root:bool:0' \ - 'ss_tls_cert_usage:or("encipherment", "verify", "issue")' \ - 'ss_tls_cert_file:string' \ - 'ss_tls_key_file:string' \ - 'ss_tcp_header_type:or("none", "http")' \ - 'ss_tcp_header_request_version:string' \ - 'ss_tcp_header_request_method:string' \ - 'ss_tcp_header_request_path:string' \ - 'ss_tcp_header_request_headers:list(string)' \ - 'ss_tcp_header_response_version:string' \ - 'ss_tcp_header_response_status:string' \ - 'ss_tcp_header_response_reason:string' \ - 'ss_tcp_header_response_headers:list(string)' \ - 'ss_kcp_mtu:and(min(576), max(1460))' \ - 'ss_kcp_tti:and(min(10), max(100))' \ - 'ss_kcp_uplink_capacity:uinteger' \ - 'ss_kcp_downlink_capacity:uinteger' \ - 'ss_kcp_congestion:bool:0' \ - 'ss_kcp_read_buffer_size:uinteger' \ - 'ss_kcp_write_buffer_size:uinteger' \ - 'ss_kcp_header_type:or("none", "srtp", "utp", "wechat-video", "dtls", "wireguard")' \ - 'ss_websocket_path:string' \ - 'ss_websocket_headers:list(string)' \ - 'ss_http_host:list(host)' \ - 'ss_http_path:string' \ - 'ss_domainsocket_path:string' \ - 'ss_quic_security:or("aes-128-gcm", "chacha20-poly1305", "none")' \ - 'ss_quic_key:string' \ - 'ss_quic_header_type:or("none", "srtp", "utp", "wechat-video", "dtls", "wireguard")' \ - 'ss_sockopt_mark:uinteger' \ - 'ss_sockopt_tcp_fast_open:or("0", "1")' \ - 'stream_settings:string' \ - 'proxy_settings_tag:string' \ - 'mux_enabled:bool:0' \ - 'mux_concurrency:uinteger:8' -} - -add_v2ray_redirect_rules() { - local ext_args="$1" - local lan_devices="$2" - local lan_ipaddrs="$3" - - local port="$TRANSPARENT_PROXY_PORT" - local addition="$TRANSPARENT_PROXY_ADDITION" - local ipset_src_direct="$IPSET_SRC_DIRECT_V4" - local ipset_dst_direct="$IPSET_DST_DIRECT_V4" - - test -n "$port" || return - - # This part need a rewrite - v2ray-rules -f - v2ray-rules -l ${port} -L ${port} -s $OUTBOUND_SERVERS_V4 --rule-name def --src-default forward --dst-default forward --local-default forward - [ "$(uci -q get v2ray.main.inbounds | grep omr6)" != "" ] && { - v2ray-rules6 -f - v2ray-rules6 -l $((port+1)) -L $((port+1)) -s $OUTBOUND_SERVERS_V6 --rule-name def --src-default forward --dst-default forward --local-default forward - } - [ -f /etc/init.d/omr-bypass ] && { - logger -t "v2ray" "Reload omr-bypass rules" - /etc/init.d/omr-bypass reload_rules - } -} - -init_rules_for_listfile() { - local direct_list_dns="$1" - local proxy_list_dns="$2" - - echo "# AUTO-GENERATED FILE. DO NOT MODIFY." >"$FILE_V2RAY_DNSMASQ_CACHE" - - # For direct list - local direct_content - direct_content="$(get_file_content "directlist")" - - if [ -n "$direct_content" ] ; then - echo "$direct_content" | \ - grep -oE "[0-9]{1,3}(\.[0-9]{1,3}){3}(/[0-9]{1,2})?" | \ - sed "s/.*/add $IPSET_DST_DIRECT_V4 & timeout 0/" | \ - ipset -! restore 2>/dev/null - - echo "$direct_content" | \ - grep -oE "([0-9a-fA-F]{0,4}:){1,7}([0-9a-fA-F]){0,4}(/[0-9]{1,2})?" | \ - sed "s/.*/add $IPSET_DST_DIRECT_V6 & timeout 0/" | \ - ipset -! restore 2>/dev/null - - if [ -n "$direct_list_dns" ] ; then - echo "$direct_content" | \ - grep -oE "([0-9a-zA-Z_-]+\.)+[a-zA-Z]{2,}$" | \ - sed "s|.*|server=/&/$direct_list_dns\nipset=/&/$IPSET_DST_DIRECT_V4,$IPSET_DST_DIRECT_V6|" \ - >>"$FILE_V2RAY_DNSMASQ_CACHE" - else - echo "$direct_content" | \ - grep -oE "([0-9a-zA-Z_-]+\.)+[a-zA-Z]{2,}$" | \ - sed "s|.*|ipset=/&/$IPSET_DST_DIRECT_V4,$IPSET_DST_DIRECT_V6|" \ - >>"$FILE_V2RAY_DNSMASQ_CACHE" - fi - fi - - # For proxy list - local proxy_content - proxy_content="$(get_file_content "proxylist")" - - if [ -n "$proxy_content" ] ; then - echo "$proxy_content" | \ - grep -oE "[0-9]{1,3}(\.[0-9]{1,3}){3}(/[0-9]{1,2})?" | \ - sed "s/.*/add $IPSET_DST_PROXY_V4 & timeout 0/" | \ - ipset -! restore 2>/dev/null - - echo "$proxy_content" | \ - grep -oE "([0-9a-fA-F]{0,4}:){1,7}([0-9a-fA-F]){0,4}(/[0-9]{1,2})?" | \ - sed "s/.*/add $IPSET_DST_PROXY_V6 & timeout 0/" | \ - ipset -! restore 2>/dev/null - - if [ -n "$proxy_list_dns" ] ; then - echo "$proxy_content" | \ - grep -oE "([0-9a-zA-Z_-]+\.)+[a-zA-Z]{2,}$" | \ - sed "s|.*|server=/&/$proxy_list_dns\nipset=/&/$IPSET_DST_PROXY_V4,$IPSET_DST_PROXY_V6|" \ - >>"$FILE_V2RAY_DNSMASQ_CACHE" - else - echo "$proxy_content" | \ - grep -oE "([0-9a-zA-Z_-]+\.)+[a-zA-Z]{2,}$" | \ - sed "s|.*|ipset=/&/$IPSET_DST_PROXY_V4,$IPSET_DST_PROXY_V6|" \ - >>"$FILE_V2RAY_DNSMASQ_CACHE" - fi - fi - - # For local devices outbound list - local src_content - src_content="$(get_file_content "srcdirectlist")" - - if [ -n "$src_content" ] ; then - echo "$src_content" | \ - grep -oE "[0-9]{1,3}(\.[0-9]{1,3}){3}(/[0-9]{1,2})?" | \ - sed "s/.*/add $IPSET_SRC_DIRECT_V4 & timeout 0/" | \ - ipset -! restore 2>/dev/null - fi - -} - -gracefully_restart_dnsmasq() { - if [ "x$DNSMASQ_RESTART_EXPECTED" = "x1" ] && [ -x "/etc/init.d/dnsmasq" ] ; then - _info "Restarting dnsmasq..." - /etc/init.d/dnsmasq restart >/dev/null 2>&1 - DNSMASQ_RESTART_EXPECTED=0 - fi -} - -add_dns_settings() { - local section="${1}_dns" - - if ! dns_section_validate "$section" ; then - _err "Invalid DNS config: $section, skip" - return 1 - fi - - if [ "x$enabled" != "x1" ] ; then - _info "DNS disabled: $section" - return 0 - fi - - json_add_object "dns" - - test -n "$tag" && \ - json_add_string "tag" "$tag" - test -n "$client_ip" && \ - json_add_string "clientIp" "$client_ip" - - if [ -n "$hosts" ] ; then - json_add_object "hosts" - - local h - for h in $hosts ; do - local domain="$(echo "$h" | cut -d'|' -f1)" - local ip="$(echo "$h" | cut -d'|' -f2)" - - if [ -n "$domain" ] && [ -n "$ip" ] ; then - json_add_string "$domain" "$ip" - fi - done - - json_close_object # hosts - fi - - if [ -n "$servers" ] ; then - json_add_array "servers" - - for ss in $servers ; do - if dns_server_section_validate "$ss" ; then - if [ -z "$address" ] ; then - continue - fi - - if [ -z "${port}${domains}${expect_ips}" ] ; then - json_add_string "" "$address" - else - json_add_object "" - json_add_string "address" "$address" - - if [ -n "$port" ] ; then - json_add_int "port" "$port" - else - json_add_int "port" "53" - fi - - if [ -n "$domains" ] ; then - json_add_array "domains" - - local d - for d in $domains ; do - json_add_string "" "$d" - done - - json_close_array # domains - fi - - if [ -n "$expect_ips" ] ; then - json_add_array "expectIPs" - - local e - for e in $expect_ips ; do - json_add_string "" "$e" - done - - json_close_array # expectIPs - fi - - json_close_object - fi - fi - done - - json_close_array # servers - fi - - json_close_object # dns -} - -add_routing_settings() { - local section="${1}_routing" - - if ! routing_section_validate "$section" ; then - _err "Invalid routing config: $section, skip" - return 1 - fi - - if [ "x$enabled" != "x1" ] ; then - _info "Routing disabled: $section" - return 0 - fi - - json_add_object "routing" - - test -n "$domain_strategy" && \ - json_add_string "domainStrategy" "$domain_strategy" - - if [ -n "$rules" ] ; then - json_add_array "rules" - - local rs - for rs in $rules ; do - if routing_rule_section_validate "$rs" ; then - json_add_object "" - - json_add_string "type" "$type" - - if [ -n "$domain" ] ; then - json_add_array "domain" - - local d - for d in $domain ; do - json_add_string "" "$d" - done - - json_close_array # domain - fi - - if [ -n "$ip" ] ; then - json_add_array "ip" - - local i - for i in $ip ; do - json_add_string "" "$i" - done - - json_close_array # ip - fi - - if [ -n "$port" ] ; then - json_add_string "port" "$(echo "$port" | tr -s ' ' ',')" - fi - - if [ -n "$network" ] ; then - json_add_string "network" "$(echo "$network" | tr -s ' ' ',')" - fi - - if [ -n "$source" ] ; then - json_add_array "source" - - local s - for s in $source ; do - json_add_string "" "$s" - done - - json_close_array # source - fi - - if [ -n "$user" ] ; then - json_add_array "user" - - local u - for u in $user ; do - json_add_string "" "$u" - done - - json_close_array # user - fi - - if [ -n "$inbound_tag" ] ; then - json_add_array "inboundTag" - - local it - for it in $inbound_tag ; do - json_add_string "" "$it" - done - - json_close_array # inboundTag - fi - - if [ -n "$protocol" ] ; then - json_add_array "protocol" - local p - for p in $protocol ; do - json_add_string "" "$p" - done - json_close_array # protocol - fi - - test -n "$attrs" && \ - json_add_string "attrs" "$attrs" - test -n "$outbound_tag" && \ - json_add_string "outboundTag" "$outbound_tag" - test -n "$balancer_tag" && \ - json_add_string "balancerTag" "$balancer_tag" - - json_close_object - fi - done - - json_close_array # rules - fi - - if [ -n "$balancers" ] ; then - json_add_array "balancers" - - local bs - for bs in $balancers ; do - if routing_balancer_section_validate "$bs" ; then - json_add_object "" - json_add_string "tag" "$tag" - - json_add_array "selector" - - local s - for s in $selector ; do - json_add_string "" "$s" - done - - json_close_array # selector - json_close_object - fi - done - - json_close_array # balancers - fi - - json_close_object -} - -add_policy_settings() { - local section="${1}_policy" - - if ! policy_section_validate "$section" ; then - _err "Invalid policy config: $section, skip" - return 1 - fi - - if [ "x$enabled" != "x1" ] ; then - _info "Policy disabled: $section" - return 0 - fi - - json_add_object "policy" - - if [ -n "$levels" ] ; then - json_add_object "levels" - - local l_s - for l_s in $levels ; do - if policy_level_section_validate "$l_s" ; then - json_add_object "$level" - json_add_int "handshake" "$handshake" - json_add_int "connIdle" "$conn_idle" - json_add_int "uplinkOnly" "$uplink_only" - json_add_int "downlinkOnly" "$downlink_only" - json_add_boolean "statsUserUplink" "$stats_user_uplink" - json_add_boolean "statsUserDownlink" "$stats_user_downlink" - test -n "$buffer_size" && \ - json_add_int "bufferSize" "$buffer_size" - json_close_object - fi - done - - json_close_object # levels - fi - - json_add_object "system" - json_add_boolean "statsInboundUplink" "$system_stats_inbound_uplink" - json_add_boolean "statsInboundDownlink" "$system_stats_inbound_downlink" - json_close_object # system - - json_close_object # policy -} - -add_reverse_settings() { - local section="${1}_reverse" - - if ! reverse_section_validate "$section" ; then - _err "Invalid reverse config: $section, skip" - return 1 - fi - - if [ "x$enabled" != "x1" ] ; then - _info "Reverse disabled: $section" - return 0 - fi - - json_add_object "reverse" - - if [ -n "$bridges" ] ; then - json_add_array "bridges" - - local b - for b in $bridges ; do - local tag="$(echo "$b" | cut -d'|' -f1)" - local domain="$(echo "$b" | cut -d'|' -f2)" - if [ -n "$tag" ] && [ -n "$domain" ] ; then - json_add_object "" - json_add_string "tag" "$tag" - json_add_string "domain" "$domain" - json_close_object - fi - done - - json_close_array # bridges - fi - - if [ -n "$portals" ] ; then - json_add_array "portals" - - local p - for p in $portals ; do - local tag="$(echo "$p" | cut -d'|' -f1)" - local domain="$(echo "$p" | cut -d'|' -f2)" - if [ -n "$tag" ] && [ -n "$domain" ] ; then - json_add_object "" - json_add_string "tag" "$tag" - json_add_string "domain" "$domain" - json_close_object - fi - done - - json_close_array # portals - fi - - json_close_object # reverse -} - -add_transport_settings() { - local json - json="$(get_file_content "transport")" - - if [ -z "$json" ] ; then - _err "Invalid transport config: $key" - return 1 - fi - - json_add_object "transport" - eval "$(get_commands_from_json "$json")" - json_close_object # transport -} - -add_inbound_setting() { - local section="$1" - - if ! inbound_section_validate "$section" ; then - _err "Invalid inbound section: $section" - return 1 - fi - - json_add_object "" - - test -n "$listen" && \ - json_add_string "listen" "$listen" - json_add_int "port" "$port" - json_add_string "protocol" "$protocol" - - case "${protocol:-x}" in - "dokodemo-door") - json_add_object "settings" - - if [ -n "$port" ] && [ "x$port" = "x$TRANSPARENT_PROXY_PORT" ] ; then - local settings_network="tcp" - - test -n "$TRANSPARENT_PROXY_ADDITION" && \ - settings_network="$settings_network,udp" - - json_add_boolean "followRedirect" "1" - json_add_string "network" "$settings_network" - else - test -n "$s_dokodemo_door_address" && \ - json_add_string "address" "$s_dokodemo_door_address" - - test -n "$s_dokodemo_door_port" && \ - json_add_int "port" "$s_dokodemo_door_port" - - test -n "$s_dokodemo_door_follow_redirect" && \ - json_add_boolean "followRedirect" "$s_dokodemo_door_follow_redirect" - - test -n "$s_dokodemo_door_network" && \ - json_add_string "network" "$(echo "$s_dokodemo_door_network" | tr -s ' ' ',')" - fi - - test -n "$s_dokodemo_door_timeout" && \ - json_add_int "timeout" "$s_dokodemo_door_timeout" - - test -n "$s_dokodemo_door_user_level" && \ - json_add_int "userLevel" "$s_dokodemo_door_user_level" - - json_close_object # settings - ;; - "http") - json_add_object "settings" - - if [ -n "$s_http_account_user" ] ; then - json_add_array "accounts" - - json_add_object "" - json_add_string "user" "$s_http_account_user" - json_add_string "pass" "$s_http_account_pass" - json_close_object - - json_close_array # accounts - fi - - json_add_boolean "allowTransparent" "$s_http_allow_transparent" - - test -n "$s_http_timeout" && \ - json_add_int "timeout" "$s_http_timeout" - test -n "$s_http_user_level" && \ - json_add_int "userLevel" "$s_http_user_level" - - json_close_object # settings - ;; - "mtproto") - json_add_object "settings" - - if [ -n "$s_mtproto_user_email" ] ; then - json_add_array "users" - json_add_object "" - - json_add_string "email" "$s_mtproto_user_email" - json_add_string "secret" "$s_mtproto_user_secret" - - test -n "$s_mtproto_user_level" && \ - json_add_int "level" "$s_mtproto_user_level" - - json_close_object - json_close_array # users - fi - - json_close_object # settings - ;; - "shadowsocks") - json_add_object "settings" - - json_add_string "method" "$s_shadowsocks_method" - json_add_string "password" "$s_shadowsocks_password" - - test -n "$s_shadowsocks_email" && \ - json_add_string "email" "$s_shadowsocks_email" - test -n "$s_shadowsocks_level" && \ - json_add_int "level" "$s_shadowsocks_level" - - json_add_boolean "ota" "$s_shadowsocks_ota" - json_add_string "network" "$(echo "$s_shadowsocks_network" | tr -s ' ' ',')" - - json_close_object # settings - ;; - "socks") - json_add_object "settings" - - json_add_string "auth" "$s_socks_auth" - - if [ -n "$s_socks_account_user" ] ; then - json_add_array "accounts" - json_add_object "" - json_add_string "user" "$s_socks_account_user" - json_add_string "pass" "$s_socks_account_pass" - json_close_object - json_close_array # accounts - fi - - json_add_boolean "udp" "$s_socks_udp" - - test -n "$s_socks_ip" && \ - json_add_string "ip" "$s_socks_ip" - test -n "$s_socks_user_level" && \ - json_add_int "userLevel" "$s_socks_user_level" - - json_close_object # settings - ;; - "vmess") - json_add_object "settings" - - if [ -n "$s_vmess_client_id" ] ; then - json_add_array "clients" - json_add_object "" - - json_add_string "id" "$s_vmess_client_id" - - test -n "$s_vmess_client_alter_id" && \ - json_add_int "alterId" "$s_vmess_client_alter_id" - test -n "$s_vmess_client_email" && \ - json_add_string "email" "$s_vmess_client_email" - test -n "$s_vmess_client_user_level" && \ - json_add_int "level" "$s_vmess_client_user_level" - - json_close_object - json_close_array # clients - fi - - json_add_object "default" - - test -n "$s_vmess_default_alter_id" && \ - json_add_int "alterId" "$s_vmess_default_alter_id" - test -n "$s_vmess_default_user_level" && \ - json_add_int "level" "$s_vmess_default_user_level" - - json_close_object # default - - if [ -n "$s_vmess_detour_to" ] ; then - json_add_object "detour" - json_add_string "to" "$s_vmess_detour_to" - json_close_object # detour - fi - - json_add_boolean "disableInsecureEncryption" "$s_vmess_disable_insecure_encryption" - - json_close_object # settings - ;; - "vless") - json_add_object "settings" - - if [ -n "$s_vless_client_id" ] ; then - json_add_array "clients" - json_add_object "" - - json_add_string "id" "$s_vless_client_id" - - test -n "$s_vless_client_alter_id" && \ - json_add_int "alterId" "$s_vless_client_alter_id" - test -n "$s_vless_client_email" && \ - json_add_string "email" "$s_vless_client_email" - test -n "$s_vless_client_user_level" && \ - json_add_int "level" "$s_vless_client_user_level" - - json_close_object - json_close_array # clients - fi - - json_add_object "default" - - test -n "$s_vless_default_alter_id" && \ - json_add_int "alterId" "$s_vless_default_alter_id" - test -n "$s_vless_default_user_level" && \ - json_add_int "level" "$s_vless_default_user_level" - - json_close_object # default - - if [ -n "$s_vmess_detour_to" ] ; then - json_add_object "detour" - json_add_string "to" "$s_vless_detour_to" - json_close_object # detour - fi - - json_add_boolean "disableInsecureEncryption" "$s_vless_disable_insecure_encryption" - - json_close_object # settings - ;; - esac - - json_add_object "streamSettings" - - test -n "$ss_network" && \ - json_add_string "network" "$ss_network" - - test -n "$ss_security" && \ - json_add_string "security" "$ss_security" - - if [ "x$ss_security" = "xtls" ] ; then - json_add_object "tlsSettings" - - test -n "$ss_tls_server_name" && \ - json_add_string "serverName" "$ss_tls_server_name" - - if [ -n "$ss_tls_alpn" ] ; then - json_add_array "alpn" - json_add_string "" "$ss_tls_alpn" - json_close_array # alpn - fi - - json_add_boolean "allowInsecure" "$ss_tls_allow_insecure" - json_add_boolean "allowInsecureCiphers" "$ss_tls_allow_insecure_ciphers" - json_add_boolean "disableSystemRoot" "$ss_tls_disable_system_root" - - json_add_array "certificates" - if [ -n "$ss_tls_cert_file" ] ; then - json_add_object "" - - json_add_string "certificateFile" "$ss_tls_cert_file" - json_add_string "keyFile" "$ss_tls_key_file" - test -n "$ss_tls_cert_usage" && \ - json_add_string "usage" "$ss_tls_cert_usage" - - json_close_object - fi - json_close_array # certificates - - json_close_object # tlsSettings - fi - - case "${ss_network:-x}" in - "tcp") - json_add_object "tcpSettings" - - if [ -n "$ss_tcp_header_type" ] ; then - json_add_object "header" - json_add_string "type" "$ss_tcp_header_type" - - if [ "$ss_tcp_header_type" = "http" ] ; then - json_add_object "request" - test -n "$ss_tcp_header_request_version" && \ - json_add_string "version" "$ss_tcp_header_request_version" - json_add_string "method" "$ss_tcp_header_request_method" - - if [ -n "$ss_tcp_header_request_path" ] ; then - json_add_array "path" - json_add_string "" "$ss_tcp_header_request_path" - json_close_array # path - fi - - if [ -n "$ss_tcp_header_request_headers" ] ; then - json_add_object "headers" - - handle_request_header() { - local h="$1" - - local name="$(echo "$h" | cut -d'=' -f1)" - local value="$(echo "$h" | cut -d'=' -f2)" - - if [ -n "$name" ] && [ -n "$value" ] ; then - json_add_array "$name" - json_add_string "" "$value" - json_close_array - fi - } - config_list_foreach "$section" "ss_tcp_header_request_headers" handle_request_header - - json_close_object # headers - fi - - json_close_object # request - - json_add_object "response" - - test -n "$ss_tcp_header_response_version" && \ - json_add_string "version" "$ss_tcp_header_response_version" - test -n "$ss_tcp_header_response_status" && \ - json_add_string "status" "$ss_tcp_header_response_status" - test -n "$ss_tcp_header_response_reason" && \ - json_add_string "reason" "$ss_tcp_header_response_reason" - - if [ -n "$ss_tcp_header_response_headers" ] ; then - json_add_object "headers" - - handle_response_header() { - local h="$1" - - local name="$(echo "$h" | cut -d'=' -f1)" - local value="$(echo "$h" | cut -d'=' -f2)" - - if [ -n "$name" ] && [ -n "$value" ] ; then - json_add_array "$name" - json_add_string "" "$value" - json_close_array - fi - } - config_list_foreach "$section" "ss_tcp_header_response_headers" handle_response_header - - json_close_object # headers - fi - - json_close_object # response - fi - json_close_object # header - fi - - json_close_object # tcpSettings - ;; - "kcp") - json_add_object "kcpSettings" - - test -n "$ss_kcp_mtu" && \ - json_add_int "mtu" "$ss_kcp_mtu" - test -n "$ss_kcp_tti" && \ - json_add_int "tti" "$ss_kcp_tti" - test -n "$ss_kcp_uplink_capacity" && \ - json_add_int "uplinkCapacity" "$ss_kcp_uplink_capacity" - test -n "$ss_kcp_downlink_capacity" && \ - json_add_int "downlinkCapacity" "$ss_kcp_downlink_capacity" - json_add_boolean "congestion" "$ss_kcp_congestion" - test -n "$ss_kcp_read_buffer_size" && \ - json_add_int "readBufferSize" "$ss_kcp_read_buffer_size" - test -n "$ss_kcp_write_buffer_size" && \ - json_add_int "writeBufferSize" "$ss_kcp_write_buffer_size" - - if [ -n "$ss_kcp_header_type" ] ; then - json_add_object "header" - json_add_string "type" "$ss_kcp_header_type" - json_close_object # header - fi - - json_close_object # kcpSettings - ;; - "ws") - json_add_object "wsSettings" - - test -n "$ss_websocket_path" && \ - json_add_string "path" "$ss_websocket_path" - - if [ -n "$ss_websocket_headers" ] ; then - json_add_object "headers" - - handle_websocket_header() { - local h="$1" - - local name="$(echo "$h" | cut -d'=' -f1)" - local value="$(echo "$h" | cut -d'=' -f2)" - - if [ -n "$name" ] && [ -n "$value" ] ; then - json_add_string "$name" "$value" - fi - } - config_list_foreach "$section" "ss_websocket_headers" handle_websocket_header - - json_close_object # headers - fi - - json_close_object # wsSettings - ;; - "http") - json_add_object "httpSettings" - - if [ -n "$ss_http_host" ] ; then - json_add_array "host" - - local h - for h in $ss_http_host ; do - json_add_string "" "$h" - done - - json_close_array # host - fi - - test -n "$ss_http_path" && \ - json_add_string "path" "$ss_http_path" - - json_close_object # httpSettings - ;; - "domainsocket") - json_add_object "dsSettings" - - test -n "$ss_domainsocket_path" && \ - json_add_string "path" "$ss_domainsocket_path" - - json_close_object # dsSettings - ;; - "quic") - json_add_object "quicSettings" - - test -n "$ss_quic_security" && \ - json_add_string "security" "$ss_quic_security" - test -n "$ss_quic_key" && \ - json_add_string "key" "$ss_quic_key" - - if [ -n "$ss_quic_header_type" ] ; then - json_add_object "header" - json_add_string "type" "$ss_quic_header_type" - json_close_object # header - fi - - json_close_object # quicSettings - ;; - esac - - json_add_object "sockopt" - -# if [ -n "$port" ] && [ "x$port" = "x$TRANSPARENT_PROXY_PORT" ] ; then -# if [ "x$TRANSPARENT_PROXY_USE_TPROXY" = "x1" ] ; then -# json_add_string "tproxy" "tproxy" -# else -# json_add_string "tproxy" "redirect" -# fi -# else - test -n "$ss_sockopt_tcp_fast_open" && \ - json_add_boolean "tcpFastOpen" "$ss_sockopt_tcp_fast_open" - test -n "$ss_sockopt_tproxy" && \ - json_add_string "tproxy" "$ss_sockopt_tproxy" -# fi - - json_close_object # sockopt - - json_close_object # streamSettings - - test -n "$tag" && \ - json_add_string "tag" "$tag" - - json_add_object "sniffing" - - json_add_boolean "enabled" "$sniffing_enabled" - - if [ -n "$sniffing_dest_override" ] ; then - json_add_array "destOverride" - local d - for d in $sniffing_dest_override ; do - json_add_string "" "$d" - done - json_close_array # destOverride - fi - - json_close_object # sniffing - - if [ -n "$allocate_strategy" ] ; then - json_add_object "allocate" - json_add_string "strategy" "$allocate_strategy" - test -n "$allocate_refresh" && \ - json_add_int "refresh" "$allocate_refresh" - test -n "$allocate_concurrency" && \ - json_add_int "concurrency" "$allocate_concurrency" - json_close_object # allocate - fi - - json_close_object -} - -add_outbound_setting() { - local section="$1" - - if ! outbound_section_validate "$section" ; then - _err "Invalid outbound section: $section" - return 1 - fi - - json_add_object "" - - test -n "$send_through" && \ - json_add_string "sendThrough" "$send_through" - json_add_string "protocol" "$protocol" - - case "${protocol:-x}" in - "blackhole") - json_add_object "settings" - - if [ -n "$s_blackhole_reponse_type" ] ; then - json_add_object "response" - json_add_string "type" "$s_blackhole_reponse_type" - json_close_object # response - fi - - json_close_object # settings - ;; - "dns") - json_add_object "settings" - - test -n "$s_dns_network" && \ - json_add_string "network" "$s_dns_network" - - if [ -n "$s_dns_address" ] ; then - json_add_string "address" "$s_dns_address" - append_server_address "$s_dns_address" - fi - - test -n "$s_dns_port" && \ - json_add_int "port" "$s_dns_port" - - json_close_object # settings - ;; - "freedom") - json_add_object "settings" - - test -n "$s_freedom_domain_strategy" && \ - json_add_string "domainStrategy" "$s_freedom_domain_strategy" - test -n "$s_freedom_redirect" && \ - json_add_string "redirect" "$s_freedom_redirect" - test -n "$s_freedom_user_level" && \ - json_add_int "userLevel" "$s_freedom_user_level" - - json_close_object # settings - ;; - "http") - json_add_object "settings" - json_add_array "servers" - - json_add_object "" - - json_add_string "address" "$s_http_server_address" - append_server_address "$s_http_server_address" - - test -n "$s_http_server_port" && \ - json_add_int "port" "$s_http_server_port" - - if [ -n "$s_http_account_user" ] ; then - json_add_array "users" - json_add_object "" - - json_add_string "user" "$s_http_account_user" - json_add_string "pass" "$s_http_account_pass" - - json_close_object - json_close_array # users - fi - json_close_object - - json_close_array # servers - json_close_object # settings - ;; - "mtproto") - json_add_object "settings" - json_close_object - ;; - "shadowsocks") - json_add_object "settings" - json_add_array "servers" - - json_add_object "" - test -n "$s_shadowsocks_email" && \ - json_add_string "email" "$s_shadowsocks_email" - json_add_string "address" "$s_shadowsocks_address" - append_server_address "$s_shadowsocks_address" - - json_add_int "port" "$s_shadowsocks_port" - json_add_string "method" "$s_shadowsocks_method" - json_add_string "password" "$s_shadowsocks_password" - - test -n "$s_shadowsocks_level" && \ - json_add_int "level" "$s_shadowsocks_level" - json_add_boolean "ota" "$s_shadowsocks_ota" - json_close_object - - json_close_array # servers - json_close_object # settings - ;; - "socks") - json_add_object "settings" - json_add_array "servers" - - json_add_object "" - - json_add_string "address" "$s_socks_server_address" - append_server_address "$s_socks_server_address" - - json_add_int "port" "$s_socks_server_port" - - if [ -n "$s_socks_account_user" ] ; then - json_add_array "users" - json_add_object "" - - json_add_string "user" "$s_socks_account_user" - json_add_string "pass" "$s_socks_account_pass" - - test -n "$s_socks_user_level" && \ - json_add_int "level" "$s_socks_user_level" - - json_close_object - json_close_array # users - fi - - json_close_object - - json_close_array # servers - json_close_object # settings - ;; - "vmess") - json_add_object "settings" - - json_add_array "vnext" - json_add_object "" - - json_add_string "address" "$s_vmess_address" - append_server_address "$s_vmess_address" - - json_add_int "port" "$s_vmess_port" - - json_add_array "users" - json_add_object "" - json_add_string "id" "$s_vmess_user_id" - json_add_int "alterId" "$s_vmess_user_alter_id" - test -n "$s_vmess_user_security" && \ - json_add_string "security" "$s_vmess_user_security" - test -n "$s_vmess_user_level" && \ - json_add_int "level" "$s_vmess_user_level" - json_close_object - json_close_array # users - - json_close_object - - json_close_array # vnext - json_close_object # settings - ;; - "vless") - json_add_object "settings" - - json_add_array "vnext" - json_add_object "" - - json_add_string "address" "$s_vless_address" - append_server_address "$s_vless_address" - - json_add_int "port" "$s_vless_port" - - json_add_array "users" - json_add_object "" - json_add_string "id" "$s_vless_user_id" - json_add_int "alterId" "$s_vless_user_alter_id" - test -n "$s_vless_user_security" && \ - json_add_string "security" "$s_vless_user_security" - test -n "$s_vless_user_encryption" && \ - json_add_string "encryption" "$s_vless_user_encryption" - test -n "$s_vless_user_level" && \ - json_add_int "level" "$s_vless_user_level" - json_close_object - json_close_array # users - - json_close_object - - json_close_array # vlext - json_close_object # settings - ;; - esac - - json_add_object "streamSettings" - test -n "$ss_network" && \ - json_add_string "network" "$ss_network" - - test -n "$ss_security" && \ - json_add_string "security" "$ss_security" - - if [ "x$ss_security" = "xtls" ] ; then - json_add_object "tlsSettings" - - test -n "$ss_tls_server_name" && \ - json_add_string "serverName" "$ss_tls_server_name" - - if [ -n "$ss_tls_alpn" ] ; then - json_add_array "alpn" - json_add_string "" "$ss_tls_alpn" - json_close_array - fi - - json_add_boolean "allowInsecure" "$ss_tls_allow_insecure" - json_add_boolean "allowInsecureCiphers" "$ss_tls_allow_insecure_ciphers" - json_add_boolean "disableSystemRoot" "$ss_tls_disable_system_root" - - json_add_array "certificates" - if [ -n "$ss_tls_cert_file" ] ; then - json_add_object "" - json_add_string "certificateFile" "$ss_tls_cert_file" - json_add_string "keyFile" "$ss_tls_key_file" - test -n "$ss_tls_cert_usage" && \ - json_add_string "usage" "$ss_tls_cert_usage" - json_close_object - fi - json_close_array # certificates - - json_close_object # tlsSettings - fi - - case "${ss_network:-x}" in - "tcp") - json_add_object "tcpSettings" - - if [ -n "$ss_tcp_header_type" ] ; then - json_add_object "header" - json_add_string "type" "$ss_tcp_header_type" - - if [ "$ss_tcp_header_type" = "http" ] ; then - json_add_object "request" - test -n "$ss_tcp_header_request_version" && \ - json_add_string "version" "$ss_tcp_header_request_version" - json_add_string "method" "$ss_tcp_header_request_method" - - if [ -n "$ss_tcp_header_request_path" ] ; then - json_add_array "path" - json_add_string "" "$ss_tcp_header_request_path" - json_close_array - fi - - if [ -n "$ss_tcp_header_request_headers" ] ; then - json_add_object "headers" - - handle_request_header() { - local h="$1" - - local name="$(echo "$h" | cut -d'=' -f1)" - local value="$(echo "$h" | cut -d'=' -f2)" - - if [ -n "$name" ] && [ -n "$value" ] ; then - json_add_array "$name" - json_add_string "" "$value" - json_close_array - fi - } - config_list_foreach "$section" "ss_tcp_header_request_headers" handle_request_header - - json_close_object # headers - fi - - json_close_object # request - - json_add_object "response" - test -n "$ss_tcp_header_response_version" && \ - json_add_string "version" "$ss_tcp_header_response_version" - test -n "$ss_tcp_header_response_status" && \ - json_add_string "status" "$ss_tcp_header_response_status" - test -n "$ss_tcp_header_response_reason" && \ - json_add_string "reason" "$ss_tcp_header_response_reason" - - if [ -n "$ss_tcp_header_response_headers" ] ; then - json_add_object "headers" - - handle_response_header() { - local h="$1" - - local name="$(echo "$h" | cut -d'=' -f1)" - local value="$(echo "$h" | cut -d'=' -f2)" - - if [ -n "$name" ] && [ -n "$value" ] ; then - json_add_array "$name" - json_add_string "" "$value" - json_close_array - fi - } - config_list_foreach "$section" "ss_tcp_header_response_headers" handle_response_header - - json_close_object # headers - fi - - json_close_object # response - fi - - json_close_object # header - fi - - json_close_object # tcpSettings - ;; - "kcp") - json_add_object "kcpSettings" - - test -n "$ss_kcp_mtu" && \ - json_add_int "mtu" "$ss_kcp_mtu" - test -n "$ss_kcp_tti" && \ - json_add_int "tti" "$ss_kcp_tti" - test -n "$ss_kcp_uplink_capacity" && \ - json_add_int "uplinkCapacity" "$ss_kcp_uplink_capacity" - test -n "$ss_kcp_downlink_capacity" && \ - json_add_int "downlinkCapacity" "$ss_kcp_downlink_capacity" - - json_add_boolean "congestion" "$ss_kcp_congestion" - - test -n "$ss_kcp_read_buffer_size" && \ - json_add_int "readBufferSize" "$ss_kcp_read_buffer_size" - test -n "$ss_kcp_write_buffer_size" && \ - json_add_int "writeBufferSize" "$ss_kcp_write_buffer_size" - - if [ -n "$ss_kcp_header_type" ] ; then - json_add_object "header" - json_add_string "type" "$ss_kcp_header_type" - json_close_object - fi - - json_close_object # kcpSettings - ;; - "ws") - json_add_object "wsSettings" - - test -n "$ss_websocket_path" && \ - json_add_string "path" "$ss_websocket_path" - - if [ -n "$ss_websocket_headers" ] ; then - json_add_object "headers" - - handle_websocket_header() { - local h="$1" - - local name="$(echo "$h" | cut -d'=' -f1)" - local value="$(echo "$h" | cut -d'=' -f2)" - - if [ -n "$name" ] && [ -n "$value" ] ; then - json_add_string "$name" "$value" - fi - } - config_list_foreach "$section" "ss_websocket_headers" handle_websocket_header - - json_close_object # headers - fi - - json_close_object # wsSettings - ;; - "http") - json_add_object "httpSettings" - - if [ -n "$ss_http_host" ] ; then - json_add_array "host" - - local h - for h in $ss_http_host ; do - json_add_string "" "$h" - done - - json_close_array # host - fi - - test -n "$ss_http_path" && \ - json_add_string "path" "$ss_http_path" - - json_close_object # httpSettings - ;; - "domainsocket") - json_add_object "dsSettings" - - test -n "$ss_domainsocket_path" && \ - json_add_string "path" "$ss_domainsocket_path" - - json_close_object # dsSettings - ;; - "quic") - json_add_object "quicSettings" - - test -n "$ss_quic_security" && \ - json_add_string "security" "$ss_quic_security" - test -n "$ss_quic_key" && \ - json_add_string "key" "$ss_quic_key" - - if [ -n "$ss_quic_header_type" ] ; then - json_add_object "header" - json_add_string "type" "$ss_quic_header_type" - json_close_object # header - fi - - json_close_object # quicSettings - ;; - esac - - json_add_object "sockopt" - - if [ -n "$TRANSPARENT_PROXY_PORT" ] ; then - json_add_int "mark" "255" - else - test -n "$ss_sockopt_mark" && \ - json_add_int "mark" "$ss_sockopt_mark" - fi - - test -n "$ss_sockopt_tcp_fast_open" && \ - json_add_boolean "tcpFastOpen" "$ss_sockopt_tcp_fast_open" - - json_close_object # sockopt - - json_close_object # streamSettings - - test -n "$tag" && \ - json_add_string "tag" "$tag" - - if [ -n "$proxy_settings_tag" ] ; then - json_add_object "proxySettings" - json_add_string "tag" "$proxy_settings_tag" - json_close_object # proxySettings - fi - - if [ "x$mux_enabled" = "x1" ] ; then - json_add_object "mux" - json_add_boolean "enabled" "1" - json_add_int "concurrency" "$mux_concurrency" - json_close_object # mux - fi - - json_close_object -} - -init_transparent_proxy() { - local tp_cfg="main_transparent_proxy" - local redirect_port use_tproxy redirect_udp redirect_dns - - config_get redirect_port "$tp_cfg" "redirect_port" - config_get_bool use_tproxy "$tp_cfg" "use_tproxy" "0" - config_get_bool redirect_udp "$tp_cfg" "redirect_udp" "0" - config_get_bool redirect_dns "$tp_cfg" "redirect_dns" "0" - - if [ -n "$redirect_port" ] && \ - ! validate_data "port" "$redirect_port" 2>/dev/null ; then - _err "Transparent proxy redirect port is invalid: $redirect_port" - return 1 - fi - - TRANSPARENT_PROXY_PORT="$redirect_port" - TRANSPARENT_PROXY_USE_TPROXY="$use_tproxy" - - if [ "x$redirect_udp" = "x1" ] ; then - TRANSPARENT_PROXY_ADDITION="udp" - elif [ "x$redirect_dns" = "x1" ] ; then - TRANSPARENT_PROXY_ADDITION="dns" - else - TRANSPARENT_PROXY_ADDITION= - fi -} - -setup_transparent_proxy() { - if [ -z "$TRANSPARENT_PROXY_PORT" ] ; then - #_info "Transparent proxy disabled." - return 0 - fi - - if [ "x$TRANSPARENT_PROXY_EXPECTED" != "x1" ] ; then - #_info "No v2ray instance enabled, skip transparent proxy." - return 0 - fi - - _info "Setting transparent proxy on port: $TRANSPARENT_PROXY_PORT" - - local tp_cfg="main_transparent_proxy" - local lan_ifaces only_privileged_ports proxy_mode direct_list_dns proxy_list_dns - - config_get lan_ifaces "$tp_cfg" "lan_ifaces" - config_get_bool only_privileged_ports "$tp_cfg" "only_privileged_ports" "0" - config_get proxy_mode "$tp_cfg" "proxy_mode" - config_get direct_list_dns "$tp_cfg" "direct_list_dns" - config_get proxy_list_dns "$tp_cfg" "proxy_list_dns" - - _info "Transparent proxy mode: $proxy_mode" - - #init_rules_for_listfile "$direct_list_dns" "$proxy_list_dns" - - local ext_args - case "${proxy_mode:-default}" in - "cn_direct") - local chnroute="$(get_file_content "chnroute")" - local chnroute6="$(get_file_content "chnroute6")" - - if [ -n "$chnroute" ] ; then - ipset -! restore <<-EOF 2>/dev/null - $(echo "$chnroute" | sed "s/.*/add $IPSET_DST_DIRECT_V4 & timeout 0/") - EOF - fi - - if [ -n "$chnroute6" ] ; then - ipset -! restore <<-EOF 2>/dev/null - $(echo "$chnroute6" | sed "s/.*/add $IPSET_DST_DIRECT_V6 & timeout 0/") - EOF - fi - - ext_args= - ;; - "cn_proxy") - local chnroute="$(get_file_content "chnroute")" - local chnroute6="$(get_file_content "chnroute6")" - - if [ -n "$chnroute" ] ; then - ipset -! restore <<-EOF 2>/dev/null - $(echo "$chnroute" | sed "s/.*/add $IPSET_DST_PROXY_V4 & timeout 0/") - EOF - fi - - if [ -n "$chnroute6" ] ; then - ipset -! restore <<-EOF 2>/dev/null - $(echo "$chnroute6" | sed "s/.*/add $IPSET_DST_PROXY_V6 & timeout 0/") - EOF - fi - - ext_args="-m set --match-set $IPSET_DST_PROXY_V4 dst" - ;; - "gfwlist_proxy") - local gfwlist="$(get_file_content "gfwlist")" - - if [ -n "$gfwlist" ] ; then - if [ -n "$proxy_list_dns" ] ; then - echo "$gfwlist" | \ - sed "s|.*|server=/&/$proxy_list_dns\nipset=/&/$IPSET_DST_PROXY_V4,$IPSET_DST_PROXY_V6|" \ - >> "$FILE_V2RAY_DNSMASQ_CACHE" - else - echo "$gfwlist" | \ - sed "s|.*|ipset=/&/$IPSET_DST_PROXY_V4,$IPSET_DST_PROXY_V6|" \ - >> "$FILE_V2RAY_DNSMASQ_CACHE" - fi - fi - - ext_args="-m set --match-set $IPSET_DST_PROXY_V4 dst" - ;; - *) - ext_args= - ;; - esac - - if [ "x$only_privileged_ports" = "x1" ] ; then - ext_args="--dport 0:1023 $ext_args" - fi - - if [ -f $FILE_V2RAY_DNSMASQ_CACHE ] && [ -n "$(cat "$FILE_V2RAY_DNSMASQ_CACHE" | grep -v "^$" | grep -v "^#")" ] ; then - local dir="$(dirname "$FILE_V2RAY_DNSMASQ")" - test -d "$dir" || mkdir -p "$dir" - cat "$FILE_V2RAY_DNSMASQ_CACHE" >"$FILE_V2RAY_DNSMASQ" 2>/dev/null - DNSMASQ_RESTART_EXPECTED=1 - fi - - rm -f "$FILE_V2RAY_DNSMASQ_CACHE" - - local lan_devices lan_ipaddrs - - if [ -n "$lan_ifaces" ] ; then - . /lib/functions/network.sh - - local lan - for lan in $lan_ifaces ; do - local device ipaddrs ipaddr - network_get_device device "$lan" - network_get_ipaddrs ipaddrs "$lan" - - if [ -n "$device" ] ; then - if [ -n "$lan_devices" ] ; then - lan_devices="$lan_devices $device" - else - lan_devices="$device" - fi - fi - - if [ -n "$ipaddrs" ] ; then - for ipaddr in $ipaddrs ; do - if [ -n "$lan_ipaddrs" ] ; then - lan_ipaddrs="$ipaddr" - else - lan_ipaddrs="$lan_ipaddrs $ipaddr" - fi - done - fi - done - fi - - logger -t "v2ray" "add rules" - add_v2ray_redirect_rules "$ext_args" "$lan_devices" "$lan_ipaddrs" -} - -clear_transparent_proxy() { - v2ray-rules -f - - if [ -s "$FILE_V2RAY_DNSMASQ" ] ; then - rm -f "$FILE_V2RAY_DNSMASQ" - DNSMASQ_RESTART_EXPECTED=1 - fi -} - -start_instance() { - local section="$1" - - if ! v2ray_section_validate "$section" ; then - _err "Invalid config." - return 1 - fi - - if [ "x$enabled" != "x1" ] ; then - #_info "Service disabled: $section" - return 0 - fi - - if [ -z "$v2ray_file" ] || [ ! -s "$v2ray_file" ] ; then - _err "Invalid V2Ray file." - return 1 - fi - - test -x "$v2ray_file" || chmod 755 "$v2ray_file" - - local temp_config - - if [ -n "$config_file" ] ; then - if [ ! -s "$config_file" ] ; then - _err "Config file not found: $config_file" - return 1 - fi - - if ! ( eval "$v2ray_file --test --config=\"$config_file\" >/dev/null 2>&1" ) ; then - _err "Validate config file failed: $config_file" - return 1 - fi - - local file_content="$(cat "$config_file")" - local config_commands="$(get_commands_from_json "$file_content")" - - local addr - - for addr in $(echo "$config_commands" | sed -n "s/^json.*'address'[[:space:]]'\([^']*\)'.*/\1/p") ; do - append_server_address "$addr" - done - - temp_config="$config_file" - else - test -d "$CONFIG_FOLDER" || mkdir -p "$CONFIG_FOLDER" - - temp_config="$CONFIG_FOLDER/v2ray.${section}.json" - - local old_ns - json_set_namespace "$section" old_ns - json_init - - json_add_object "log" - - test -n "$access_log" && \ - json_add_string "access" "$access_log" - - if [ -n "$loglevel" ] && [ "$loglevel" != "none" ] ; then - json_add_string "loglevel" "$loglevel" - json_add_string "error" "$error_log" - fi - - json_close_object # log - - if [ "x$stats_enabled" = "x1" ] ; then - json_add_object "stats" - json_close_object # stats - fi - - add_dns_settings "$section" - add_routing_settings "$section" - add_policy_settings "$section" - add_reverse_settings "$section" - - if [ "x$transport_enabled" = "x1" ] ; then - add_transport_settings - fi - - if [ -n "$inbounds" ] ; then - json_add_array "inbounds" - - local is - for is in $inbounds ; do - add_inbound_setting "$is" - done - - json_close_array # inbounds - fi - - if [ -n "$outbounds" ] ; then - json_add_array "outbounds" - - local os - for os in $outbounds ; do - add_outbound_setting "$os" - done - - json_close_array # outbounds - fi - - json_dump -i >"$temp_config" - - json_cleanup - json_set_namespace "$old_ns" - - if [ ! -s "$temp_config" ] ; then - _err "Error when create config file: $temp_config" - return 1 - fi - fi - - TRANSPARENT_PROXY_EXPECTED=1 - - procd_open_instance "$NAME.$section" - procd_set_param command "$v2ray_file" - procd_append_param command "--config=$temp_config" - procd_set_param respawn - - if [ -n "$asset_location" ] && [ -d "$asset_location" ] ; then - procd_set_param env V2RAY_LOCATION_ASSET="$asset_location" - fi - - # cat /proc/PID/limits to see if limits works - procd_set_param limits nofile="102400 102400" - procd_append_param limits core="0 0" - - if [ "$mem_percentage" -gt "0" ] ; then - local mem_total="$(awk '/MemTotal/ {print $2}' /proc/meminfo)" - if [ -n "$mem_total" ] ; then - local use_mem="$(expr $mem_total \* $mem_percentage \* 10)" - procd_append_param limits as="$use_mem $use_mem" - fi - fi - - procd_set_param file "$temp_config" - procd_set_param stderr 1 # forward stderr of the command to logd - procd_set_param stdout 1 - procd_set_param pidfile "/var/run/${NAME}.${section}.pid" - procd_close_instance -} - -rules_exist() { - [ -n "$(iptables -w -t nat -L -n | grep v2r_)" ] && return 0 - return 1 -} - -rules_up() { - rules_exist && { - [ -f /bin/blocklanfw ] && /bin/blocklanfw 2>&1 >/dev/null - return 0 - } - enabled="0" - config_load v2ray - config_get enabled main enabled "0" - [ "$enabled" = "0" ] && return - OUTBOUND_SERVERS_V4="$(uci -q get v2ray.omrout.s_vless_address)" - OUTBOUND_SERVERS_V6="$(uci -q get v2ray.omrout.s_vless_address)" - TRANSPARENT_PROXY_PORT="$(uci -q get v2ray.omr.port)" - [ -n "$OUTBOUND_SERVERS_V4" ] && { - logger -t "v2ray" "Rules UP" - add_v2ray_redirect_rules - } - [ -f /etc/init.d/omr-bypass ] && { - logger -t "v2ray" "Reload omr-bypass rules" - /etc/init.d/omr-bypass reload_rules - } - [ -f /bin/blocklanfw ] && /bin/blocklanfw 2>&1 >/dev/null -} - -rules_down() { - rules_exist || return 0 - logger -t "v2ray" "Rules DOWN" - local bin="/usr/bin/v2ray-rules" - [ -x "$bin" ] && { - "$bin" -f >/dev/null 2>&1 - } - local bin6="/usr/bin/v2ray-rules6" - [ -x "$bin6" ] && { - "$bin6" -f >/dev/null 2>&1 - } -} - -start_service() { - clear_transparent_proxy - - config_load "$NAME" - - if ! init_transparent_proxy ; then - gracefully_restart_dnsmasq - return 1 - fi - - config_foreach start_instance "v2ray" - - setup_transparent_proxy - gracefully_restart_dnsmasq - rules_up - - unset OUTBOUND_SERVERS_V4 \ - OUTBOUND_SERVERS_V6 \ - TRANSPARENT_PROXY_EXPECTED \ - TRANSPARENT_PROXY_PORT \ - TRANSPARENT_PROXY_ADDITION \ - DNSMASQ_RESTART_EXPECTED -} - -stop_service() { - if [ "x$action" = "xrestart" ] ; then - # skip when restarting, start_service will do this - return 0 - fi - - clear_transparent_proxy - rules_down - gracefully_restart_dnsmasq - test -d "$CONFIG_FOLDER" && rm -rf "$CONFIG_FOLDER" -} - -service_triggers() { - procd_add_reload_trigger "$NAME" -} diff --git a/v2ray-core/files/etc/uci-defaults/3010-omr-v2ray b/v2ray-core/files/etc/uci-defaults/3010-omr-v2ray deleted file mode 100755 index 84bfbaa31..000000000 --- a/v2ray-core/files/etc/uci-defaults/3010-omr-v2ray +++ /dev/null @@ -1,158 +0,0 @@ -#!/bin/sh - -if [ -z "$(uci -q get v2ray.main)" ]; then - touch /etc/config/v2ray - uci batch <<-EOF - set v2ray.main=v2ray - set v2ray.main.v2ray_file='/usr/bin/v2ray' - set v2ray.main.mem_percentage='0' - set v2ray.main.loglevel='debug' - set v2ray.main.access_log='/dev/null' - set v2ray.main.error_log='/dev/null' - set v2ray.main.enabled='0' - set v2ray.main.outbounds='omrout' - set v2ray.main.inbounds='omr' - add_list v2ray.main.inbounds='omrtest' - set v2ray.main_dns=dns - set v2ray.main_dns.hosts='example.com|127.0.0.1' - set v2ray.main_dns.enabled='0' - set v2ray.main_policy=policy - set v2ray.main_policy.enabled='1' - set v2ray.main_policy.levels='policy_level_0' - set v2ray.policy_level_0=policy_level - set v2ray.policy_level_0.level='0' - set v2ray.policy_level_0.handshake='4' - set v2ray.policy_level_0.conn_idle='1200' - set v2ray.policy_level_0.uplink_only='0' - set v2ray.policy_level_0.downlink_only='0' - set v2ray.policy_level_0.buffer_size='512' - set v2ray.main_transparent_proxy=transparent_proxy - set v2ray.main_transparent_proxy.proxy_mode='default' - set v2ray.main_transparent_proxy.apnic_delegated_mirror='apnic' - set v2ray.main_transparent_proxy.gfwlist_mirror='github' - set v2ray.main_transparent_proxy.redirect_udp='1' - set v2ray.main_transparent_proxy.redirect_port='1897' - set v2ray.omrout=outbound - set v2ray.omrout.tag='omrout_tunnel' - set v2ray.omrout.protocol='vless' - set v2ray.omrout.s_vmess_address='' - set v2ray.omrout.s_vmess_port='65228' - set v2ray.omrout.s_vmess_user_id='' - set v2ray.omrout.s_vmess_user_security='none' - set v2ray.omrout.s_vmess_user_alter_id='0' - set v2ray.omrout.s_vless_address='' - set v2ray.omrout.s_vless_port='65228' - set v2ray.omrout.s_vless_user_id='' - set v2ray.omrout.s_vless_user_security='none' - set v2ray.omrout.s_vless_user_encryption='none' - set v2ray.omrout.s_vless_user_alter_id='0' - set v2ray.omrout.ss_network='tcp' - set v2ray.omrout.ss_security='tls' - set v2ray.omrout.ss_tls_allow_insecure='1' - set v2ray.omrout.ss_tls_disable_system_root='1' - set v2ray.omrout.ss_tls_cert_usage='verify' - set v2ray.omrout.ss_tls_cert_file='/etc/luci-uploads/client.crt' - set v2ray.omrout.ss_tls_key_file='/etc/luci-uploads/client.key' - set v2ray.omrout.mux_concurrency='8' - set v2ray.omr=inbound - set v2ray.omr.tag='omrtunnel' - set v2ray.omr.listen='0.0.0.0' - set v2ray.omr.port='1897' - set v2ray.omr.protocol='dokodemo-door' - set v2ray.omr.s_dokodemo_door_network='tcp' - add_list v2ray.omr.s_dokodemo_door_network='udp' - set v2ray.omr.ss_sockopt_tproxy='redirect' - set v2ray.omr.ss_sockopt_tcp_fast_open='1' - set v2ray.omr.s_dokodemo_door_follow_redirect='1' - set v2ray.omr6=inbound - set v2ray.omr6.tag='omrtunnel6' - set v2ray.omr6.listen='::' - set v2ray.omr6.port='1898' - set v2ray.omr6.protocol='dokodemo-door' - set v2ray.omr6.s_dokodemo_door_network='tcp' - add_list v2ray.omr6.s_dokodemo_door_network='udp' - set v2ray.omr6.ss_sockopt_tproxy='tproxy' - set v2ray.omr6.ss_sockopt_tcp_fast_open='1' - set v2ray.omr6.s_dokodemo_door_follow_redirect='1' - set v2ray.omrtest=inbound - set v2ray.omrtest.port='1111' - set v2ray.omrtest.protocol='socks' - set v2ray.omrtest.listen='127.0.0.1' - set v2ray.omrtest.s_socks_auth='noauth' - set v2ray.omrtest.s_socks_udp='1' - set v2ray.omrtest.s_socks_ip='127.0.0.1' - set v2ray.omrtest.s_socks_userlevel='0' - commit v2ray - EOF -fi -uci -q batch <<-EOF >/dev/null - set v2ray.omr.listen='0.0.0.0' - commit v2ray -EOF - -if [ "$(uci -q get firewall.v2ray)" = "" ]; then - uci -q batch <<-EOF >/dev/null - set firewall.v2ray=include - set firewall.v2ray.path=/etc/firewall.v2ray-rules - set firewall.v2ray.reload=0 - commit firewall - EOF -fi -if [ "$(uci -q get firewall.v2ray.path)" != "/etc/firewall.v2ray-rules" ]; then - uci -q batch <<-EOF >/dev/null - set firewall.v2ray.path=/etc/firewall.v2ray-rules - commit firewall - EOF -fi - -if [ "$(uci -q get v2ray.main_reverse.bridges | grep omrbridge)" = "" ]; then - uci -q batch <<-EOF >/dev/null - set v2ray.main_reverse=reverse - set v2ray.main_reverse.enabled=1 - set v2ray.main_reverse.bridges='omrbridge|omr.lan' - commit v2ray - EOF -fi -if [ "$(uci -q get v2ray.omrrouting)" = "" ]; then - uci -q batch <<-EOF >/dev/null - set v2ray.omrexit=outbound - set v2ray.omrexit.protocol='freedom' - set v2ray.omrexit.tag='out' - add_list v2ray.main.outbounds=omrexit - set v2ray.omrrouting=routing_rule - set v2ray.omrrouting.type='field' - set v2ray.omrrouting.inbound_tag='omrbridge' - set v2ray.omrrouting.outbound_tag='omrout_tunnel' - set v2ray.omrrouting.domain='full:omr.lan' - set v2ray.omrroutingo=routing_rule - set v2ray.omrroutingo.type='field' - set v2ray.omrroutingo.inbound_tag='omrbridge' - set v2ray.omrroutingo.outbound_tag='out' - set v2ray.main_routing=routing - set v2ray.main_routing.enabled=1 - set v2ray.main_routing.rules='omrrouting' - add_list v2ray.main_routing.rules='omrroutingo' - commit v2ray - EOF -fi - -if [ "$(uci -q get v2ray.main.error_log)" != "/dev/null" ]; then - uci -q batch <<-EOF >/dev/null - set v2ray.main.error_log='/dev/null' - commit v2ray - EOF -fi -#if [ "$(uci -q get v2ray.main.mem_percentage)" = "0" ]; then -# uci -q batch <<-EOF >/dev/null -# set v2ray.main.mem_percentage='80' -# commit v2ray -# EOF -#fi -if [ "$(uci -q get v2ray.policy_level_0.conn_idle)" = "2400" ]; then - uci -q batch <<-EOF >/dev/null - set v2ray.policy_level_0.conn_idle='1200' - commit v2ray - EOF -fi - -exit 0 \ No newline at end of file diff --git a/v2ray-core/files/usr/bin/v2ray-rules b/v2ray-core/files/usr/bin/v2ray-rules deleted file mode 100755 index 45150d743..000000000 --- a/v2ray-core/files/usr/bin/v2ray-rules +++ /dev/null @@ -1,307 +0,0 @@ -#!/bin/sh -e -# -# Copyright (C) 2017 Yousong Zhou -# Copyright (C) 2018-2021 Ycarus (Yannick Chabanois) for OpenMPTCProuter -# -# The design idea was derived from ss-rules by Jian Chang -# -# This is free software, licensed under the GNU General Public License v3. -# See /LICENSE for more information. -# - -v2r_rules_usage() { - cat >&2 < Local port number of ss-redir with TCP mode - -L Local port number of ss-redir with UDP mode - -s List of ip addresses of remote shadowsocks server - --ifnames Only apply rules on packets from these ifnames - --src-bypass - --src-forward - --src-checkdst - --src-default - Packets will have their src ip checked in order against - bypass, forward, checkdst list and will bypass, forward - through, or continue to have their dst ip checked - respectively on the first match. Otherwise, --src-default - decide the default action - --dst-bypass - --dst-forward - --dst-bypass-file - --dst-forward-file - --dst-default - Same as with their --src-xx equivalent - --dst-forward-recentrst - Forward those packets whose destinations have recently - sent to us multiple tcp-rst packets - --local-default - Default action for local out TCP traffic - -The following ipsets will be created by ss-rules. They are also intended to be -populated by other programs like dnsmasq with ipset support - - ss_rules_src_bypass - ss_rules_src_forward - ss_rules_src_checkdst - ss_rules_dst_bypass - ss_rules_dst_bypass_all - ss_rules_dst_forward -EOF -} - -o_dst_bypass_=" - 0.0.0.0/8 - 10.0.0.0/8 - 100.64.0.0/10 - 127.0.0.0/8 - 169.254.0.0/16 - 172.16.0.0/12 - 192.0.0.0/24 - 192.0.2.0/24 - 192.31.196.0/24 - 192.52.193.0/24 - 192.88.99.0/24 - 192.168.0.0/16 - 192.175.48.0/24 - 198.18.0.0/15 - 198.51.100.0/24 - 203.0.113.0/24 - 224.0.0.0/4 - 240.0.0.0/4 - 255.255.255.255 -" -o_src_default=bypass -o_dst_default=bypass -o_local_default=bypass - -__errmsg() { - echo "v2ray-rules: $*" >&2 -} - -v2r_rules_parse_args() { - while [ "$#" -gt 0 ]; do - case "$1" in - -h|--help) v2r_rules_usage; exit 0;; - -f|--flush) v2r_rules_flush; exit 0;; - -l) o_redir_tcp_port="$2"; shift 2;; - -L) o_redir_udp_port="$2"; shift 2;; - -s) o_remote_servers="$2"; shift 2;; - --ifnames) o_ifnames="$2"; shift 2;; - --ipt-extra) o_ipt_extra="$2"; shift 2;; - --src-default) o_src_default="$2"; shift 2;; - --dst-default) o_dst_default="$2"; shift 2;; - --local-default) o_local_default="$2"; shift 2;; - --src-bypass) o_src_bypass="$2"; shift 2;; - --src-forward) o_src_forward="$2"; shift 2;; - --src-checkdst) o_src_checkdst="$2"; shift 2;; - --dst-bypass) o_dst_bypass="$2"; shift 2;; - --dst-bypass_all) o_dst_bypass_all="$2"; shift 2;; - --dst-forward) o_dst_forward="$2"; shift 2;; - --dst-forward-recentrst) o_dst_forward_recentrst=1; shift 1;; - --dst-bypass-file) o_dst_bypass_file="$2"; shift 2;; - --dst-forward-file) o_dst_forward_file="$2"; shift 2;; - --rule-name) rule="$2"; shift 2;; - *) __errmsg "unknown option $1"; return 1;; - esac - done - - if [ -z "$o_redir_tcp_port" -a -z "$o_redir_udp_port" ]; then - __errmsg "Requires at least -l or -L option" - return 1 - fi - if [ -n "$o_dst_forward_recentrst" ] && ! iptables -w -m recent -h >/dev/null; then - __errmsg "Please install iptables-mod-conntrack-extra with opkg" - return 1 - fi - o_remote_servers="$(for s in $o_remote_servers; do resolveip -4 "$s"; done)" -} - -v2r_rules_flush() { - local setname - - iptables-save --counters | grep -v v2r_ | iptables-restore -w --counters - while ip rule del fwmark 1 lookup 100 2>/dev/null; do true; done - ip route flush table 100 || true - for setname in $(ipset -n list | grep "ssr_${rule}"); do - ipset destroy "$setname" 2>/dev/null || true - done -} - -v2r_rules_ipset_init() { - ipset --exist restore <<-EOF - create ssr_${rule}_src_bypass hash:net hashsize 64 - create ssr_${rule}_src_forward hash:net hashsize 64 - create ssr_${rule}_src_checkdst hash:net hashsize 64 - create ss_rules_dst_bypass_all hash:net hashsize 64 - create ssr_${rule}_dst_bypass hash:net hashsize 64 - create ssr_${rule}_dst_bypass_ hash:net hashsize 64 - create ssr_${rule}_dst_forward hash:net hashsize 64 - create ss_rules_dst_forward_recentrst_ hash:ip hashsize 64 timeout 3600 - $(v2r_rules_ipset_mkadd ssr_${rule}_dst_bypass_ "$o_dst_bypass_ $o_remote_servers") - $(v2r_rules_ipset_mkadd ss_rules_dst_bypass_all "$o_dst_bypass_all") - $(v2r_rules_ipset_mkadd ssr_${rule}_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')") - $(v2r_rules_ipset_mkadd ssr_${rule}_src_bypass "$o_src_bypass") - $(v2r_rules_ipset_mkadd ssr_${rule}_src_forward "$o_src_forward") - $(v2r_rules_ipset_mkadd ssr_${rule}_src_checkdst "$o_src_checkdst") - $(v2r_rules_ipset_mkadd ssr_${rule}_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')") - EOF -} - -v2r_rules_ipset_mkadd() { - local setname="$1"; shift - local i - - for i in $*; do - echo "add $setname $i" - done -} - -v2r_rules_iptchains_init() { - v2r_rules_iptchains_init_mark - v2r_rules_iptchains_init_tcp - v2r_rules_iptchains_init_udp -} - -v2r_rules_iptchains_init_mark() { - if [ "$(iptables -w -t mangle -L PREROUTING | grep ss_rules_dst_bypass_all)" = "" ]; then - iptables-restore -w --noflush <<-EOF - *mangle - -A PREROUTING -m set --match-set ss_rules_dst_bypass_all dst -j MARK --set-mark 0x539 - COMMIT - EOF - fi -} - -v2r_rules_iptchains_init_tcp() { - local local_target - - [ -n "$o_redir_tcp_port" ] || return 0 - - v2r_rules_iptchains_init_ nat tcp - - case "$o_local_default" in - checkdst) local_target=v2r_${rule}_dst ;; - forward) local_target=v2r_${rule}_forward ;; - bypass|*) return 0;; - esac - - iptables-restore -w --noflush <<-EOF - *nat - :v2r_${rule}_local_out - - -I OUTPUT 1 -p tcp -j v2r_${rule}_local_out - -A v2r_${rule}_local_out -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN - -A v2r_${rule}_local_out -m set --match-set ss_rules_dst_bypass_all dst -j RETURN - -A v2r_${rule}_local_out -m set --match-set ssr_${rule}_dst_bypass_ dst -j RETURN - -A v2r_${rule}_local_out -m mark --mark 0x539 -j RETURN - -A v2r_${rule}_local_out -p tcp $o_ipt_extra -j $local_target -m comment --comment "local_default: $o_local_default" - COMMIT - EOF -} - -v2r_rules_iptchains_init_udp() { - [ -n "$o_redir_udp_port" ] || return 0 - v2r_rules_iptchains_init_ mangle udp -} - -v2r_rules_iptchains_init_() { - local table="$1" - local proto="$2" - local forward_rules - local src_default_target dst_default_target - local recentrst_mangle_rules recentrst_addset_rules - - case "$proto" in - tcp) - forward_rules="-A v2r_${rule}_forward -p tcp -j REDIRECT --to-ports $o_redir_tcp_port" - if [ -n "$o_dst_forward_recentrst" ]; then - recentrst_mangle_rules=" - *mangle - -I PREROUTING 1 -p tcp -m tcp --tcp-flags RST RST -m recent --name v2r_recentrst --set --rsource - COMMIT - " - recentrst_addset_rules=" - -A v2r_${rule}_dst -m recent --name v2r_recentrst --rcheck --rdest --seconds 3 --hitcount 3 -j SET --add-set ss_rules_dst_forward_recentrst_ dst --exist - -A v2r_${rule}_dst -m set --match-set ss_rules_dst_forward_recentrst_ dst -j v2r_${rule}_forward - " - fi - ;; - udp) - ip rule add fwmark 1 lookup 100 || true - ip route add local default dev lo table 100 || true - forward_rules="-A v2r_${rule}_forward -p udp -j TPROXY --on-port "$o_redir_udp_port" --tproxy-mark 0x01/0x01" - ;; - esac - case "$o_src_default" in - forward) src_default_target=v2r_${rule}_forward ;; - checkdst) src_default_target=v2r_${rule}_dst ;; - bypass|*) src_default_target=RETURN ;; - esac - case "$o_dst_default" in - forward) dst_default_target=v2r_${rule}_forward ;; - bypass|*) dst_default_target=RETURN ;; - esac - sed -e '/^\s*$/d' -e 's/^\s\+//' <<-EOF | iptables-restore -w --noflush - *$table - :v2r_${rule}_pre_src - - :v2r_${rule}_src - - :v2r_${rule}_dst - - :v2r_${rule}_forward - - $(v2r_rules_iptchains_mkprerules "$proto") - -A v2r_${rule}_pre_src -m set --match-set ssr_${rule}_dst_bypass_ dst -j RETURN - -A v2r_${rule}_pre_src -m set --match-set ss_rules_dst_bypass_all dst -j MARK --set-mark 0x539 - -A v2r_${rule}_pre_src -m set --match-set ss_rules_dst_bypass_all dst -j RETURN - -A v2r_${rule}_pre_src -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN - -A v2r_${rule}_pre_src -m mark --mark 0x539 -j RETURN - -A v2r_${rule}_dst -m set --match-set ss_rules_dst_bypass_all dst -j RETURN - -A v2r_${rule}_dst -m set --match-set ssr_${rule}_dst_bypass dst -j RETURN - -A v2r_${rule}_pre_src -p $proto $o_ipt_extra -j v2r_${rule}_src - -A v2r_${rule}_src -m set --match-set ssr_${rule}_src_bypass src -j RETURN - -A v2r_${rule}_src -m set --match-set ssr_${rule}_src_forward src -j v2r_${rule}_forward - -A v2r_${rule}_src -m set --match-set ssr_${rule}_src_checkdst src -j v2r_${rule}_dst - -A v2r_${rule}_src -j $src_default_target -m comment --comment "src_default: $o_src_default" - -A v2r_${rule}_dst -m set --match-set ssr_${rule}_dst_forward dst -j v2r_${rule}_forward - $recentrst_addset_rules - -A v2r_${rule}_dst -j $dst_default_target -m comment --comment "dst_default: $o_dst_default" - $forward_rules - COMMIT - $recentrst_mangle_rules - EOF -} - -v2r_rules_iptchains_mkprerules() { - local proto="$1" - - if [ -z "$o_ifnames" ]; then - echo "-A PREROUTING -p $proto -j v2r_${rule}_pre_src" - else - echo $o_ifnames \ - | tr ' ' '\n' \ - | sed "s/.*/-I PREROUTING 1 -i \\0 -p $proto -j v2r_${rule}_pre_src/" - fi -} - -v2r_rules_fw_drop() { - fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' | - while IFS=$"\n" read -r c; do - fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/') - if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then - eval "iptables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null" - fi - done - fw3 -4 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j drop/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' | - while IFS=$"\n" read -r c; do - fwrule=$(echo "$c" | sed 's/drop/REDIRECT --to-ports 65535/') - if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then - eval "iptables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null" - fi - done -} - -v2r_rules_parse_args "$@" -#v2r_rules_flush -v2r_rules_ipset_init -v2r_rules_iptchains_init -v2r_rules_fw_drop \ No newline at end of file diff --git a/v2ray-core/files/usr/bin/v2ray-rules6 b/v2ray-core/files/usr/bin/v2ray-rules6 deleted file mode 100755 index 3d0e6d79f..000000000 --- a/v2ray-core/files/usr/bin/v2ray-rules6 +++ /dev/null @@ -1,298 +0,0 @@ -#!/bin/sh -e -# -# Copyright (C) 2017 Yousong Zhou -# Copyright (C) 2018-2021 Ycarus (Yannick Chabanois) -# -# The design idea was derived from ss-rules by Jian Chang -# -# This is free software, licensed under the GNU General Public License v3. -# See /LICENSE for more information. -# - -v2ray_rules6_usage() { - cat >&2 < Local port number of ss-redir with TCP mode - -L Local port number of ss-redir with UDP mode - -s List of ip addresses of remote shadowsocks server - --ifnames Only apply rules on packets from these ifnames - --src-bypass - --src-forward - --src-checkdst - --src-default - Packets will have their src ip checked in order against - bypass, forward, checkdst list and will bypass, forward - through, or continue to have their dst ip checked - respectively on the first match. Otherwise, --src-default - decide the default action - --dst-bypass - --dst-forward - --dst-bypass-file - --dst-forward-file - --dst-default - Same as with their --src-xx equivalent - --dst-forward-recentrst - Forward those packets whose destinations have recently - sent to us multiple tcp-rst packets - --local-default - Default action for local out TCP traffic - -The following ipsets will be created by ss-rules. They are also intended to be -populated by other programs like dnsmasq with ipset support - - v2ray_rules6_src_bypass - v2ray_rules6_src_forward - v2ray_rules6_src_checkdst - v2ray_rules6_dst_bypass - v2ray_rules6_dst_forward -EOF -} - -o_dst_bypass_=" - fe80::/10 - fd00::/8 - ::1 -" -o_src_default=bypass -o_dst_default=bypass -o_local_default=bypass - -__errmsg() { - echo "ss-rules6: $*" >&2 -} - -v2ray_rules6_parse_args() { - while [ "$#" -gt 0 ]; do - case "$1" in - -h|--help) v2ray_rules6_usage; exit 0;; - -f|--flush) v2ray_rules6_flush; exit 0;; - -l) o_redir_tcp_port="$2"; shift 2;; - -L) o_redir_udp_port="$2"; shift 2;; - -s) o_remote_servers="$2"; shift 2;; - --ifnames) o_ifnames="$2"; shift 2;; - --ipt-extra) o_ipt_extra="$2"; shift 2;; - --src-default) o_src_default="$2"; shift 2;; - --dst-default) o_dst_default="$2"; shift 2;; - --local-default) o_local_default="$2"; shift 2;; - --src-bypass) o_src_bypass="$2"; shift 2;; - --src-forward) o_src_forward="$2"; shift 2;; - --src-checkdst) o_src_checkdst="$2"; shift 2;; - --dst-bypass) o_dst_bypass="$2"; shift 2;; - --dst-bypass_all) o_dst_bypass_all="$2"; shift 2;; - --dst-forward) o_dst_forward="$2"; shift 2;; - --dst-forward-recentrst) o_dst_forward_recentrst=1; shift 1;; - --dst-bypass-file) o_dst_bypass_file="$2"; shift 2;; - --dst-forward-file) o_dst_forward_file="$2"; shift 2;; - --rule-name) rule="$2"; shift 2;; - *) __errmsg "unknown option $1"; return 1;; - esac - done - - if [ -z "$o_redir_tcp_port" -a -z "$o_redir_udp_port" ]; then - __errmsg "Requires at least -l or -L option" - return 1 - fi - if [ -n "$o_dst_forward_recentrst" ] && ! ip6tables -w -m recent -h >/dev/null; then - __errmsg "Please install ip6tables-mod-conntrack-extra with opkg" - return 1 - fi - o_remote_servers="$(for s in $o_remote_servers; do resolveip -6 "$s"; done)" -} - -v2ray_rules6_flush() { - local setname - - ip6tables-save --counters | grep -v v2r6_ | ip6tables-restore -w --counters - while ip -f inet6 rule del fwmark 1 lookup 100 2>/dev/null; do true; done - ip -f inet6 route flush table 100 || true - for setname in $(ipset -n list | grep "ssr6_${rule}"); do - ipset destroy "$setname" 2>/dev/null || true - done -} - -v2ray_rules6_ipset_init() { - ipset --exist restore <<-EOF - create ssr6_${rule}_src_bypass hash:net family inet6 hashsize 64 - create ssr6_${rule}_src_forward hash:net family inet6 hashsize 64 - create ssr6_${rule}_src_checkdst hash:net family inet6 hashsize 64 - create ssr6_${rule}_dst_bypass hash:net family inet6 hashsize 64 - create ss_rules6_dst_bypass_all hash:net family inet6 hashsize 64 - create ssr6_${rule}_dst_bypass_ hash:net family inet6 hashsize 64 - create ssr6_${rule}_dst_forward hash:net family inet6 hashsize 64 - create ss_rules6_dst_forward_recrst_ hash:ip family inet6 hashsize 64 timeout 3600 - $(v2ray_rules6_ipset_mkadd ssr6_${rule}_dst_bypass_ "$o_dst_bypass_ $o_remote_servers") - $(v2ray_rules6_ipset_mkadd ss_rules6_dst_bypass_all "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')") - $(v2ray_rules6_ipset_mkadd ssr6_${rule}_dst_bypass "$o_dst_bypass $(cat "$o_dst_bypass_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')") - $(v2ray_rules6_ipset_mkadd ssr6_${rule}_src_bypass "$o_src_bypass") - $(v2ray_rules6_ipset_mkadd ssr6_${rule}_src_forward "$o_src_forward") - $(v2ray_rules6_ipset_mkadd ssr6_${rule}_src_checkdst "$o_src_checkdst") - $(v2ray_rules6_ipset_mkadd ssr6_${rule}_dst_forward "$o_dst_forward $(cat "$o_dst_forward_file" 2>/dev/null | grep -o '\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}')") - EOF -} - -v2ray_rules6_ipset_mkadd() { - local setname="$1"; shift - local i - - for i in $*; do - echo "add $setname $i" - done -} - -v2ray_rules6_iptchains_init() { - v2ray_rules6_iptchains_init_mark - v2ray_rules6_iptchains_init_tcp - v2ray_rules6_iptchains_init_udp -} - -v2ray_rules6_iptchains_init_mark() { - ip6tables-restore -w --noflush <<-EOF - *mangle - -A PREROUTING -m set --match-set ss_rules6_dst_bypass_all dst -j MARK --set-mark 0x6539 - COMMIT - EOF -} - - -v2ray_rules6_iptchains_init_tcp() { - local local_target - - [ -n "$o_redir_tcp_port" ] || return 0 - - #v2ray_rules6_iptchains_init_ nat tcp - v2ray_rules6_iptchains_init_ mangle tcp - - case "$o_local_default" in - checkdst) local_target=v2r6_${rule}_dst ;; - forward) local_target=v2r6_${rule}_forward ;; - bypass|*) return 0;; - esac - -# echo "tcp mangle" -# ip6tables-restore -w --noflush <<-EOF -# *mangle -# :v2r6_${rule}_local_out - -# -I OUTPUT 1 -p tcp -j v2r6_${rule}_local_out -# -A v2r6_${rule}_local_out -m set --match-set ss_rules6_dst_bypass dst -j RETURN -# -A v2r6_${rule}_local_out -m set --match-set ss_rules6_dst_bypass_all dst -j RETURN -# -A v2r6_${rule}_local_out -m set --match-set ss_rules6_dst_bypass_ dst -j RETURN -# -A v2r6_${rule}_local_out -m mark --mark 0x6539 -j RETURN -# -A v2r6_${rule}_local_out -p tcp $o_ipt_extra -j $local_target -m comment --comment "local_default: $o_local_default" -# COMMIT -# EOF -# echo "done" -} - -v2ray_rules6_iptchains_init_udp() { - [ -n "$o_redir_udp_port" ] || return 0 - v2ray_rules6_iptchains_init_ mangle udp -} - -v2ray_rules6_iptchains_init_() { - local table="$1" - local proto="$2" - local forward_rules - local src_default_target dst_default_target - local recentrst_mangle_rules recentrst_addset_rules - - case "$proto" in - tcp) - #forward_rules="-A v2r6_${rule}_forward -p tcp -j REDIRECT --to-ports $o_redir_tcp_port" - forward_rules="-A v2r6_${rule}_forward -p tcp -j TPROXY --on-port $o_redir_tcp_port --tproxy-mark 0x01/0x01" - if [ -n "$o_dst_forward_recentrst" ]; then - recentrst_mangle_rules=" - *mangle - -I PREROUTING 1 -p tcp -m tcp --tcp-flags RST RST -m recent --name ss_rules6_recentrst --set --rsource - COMMIT - " - recentrst_addset_rules=" - -A v2r6_${rule}_dst -m recent --name ss_rules6_recentrst --rcheck --rdest --seconds 3 --hitcount 3 -j SET --add-set ss_rules6_dst_forward_recrst_ dst --exist - -A v2r6_${rule}_dst -m set --match-set ss_rules6_dst_forward_recrst_ dst -j v2r6_${rule}_forward - " - fi - ;; - udp) - ip -f inet6 rule add fwmark 1 lookup 100 || true - ip -f inet6 route add local default dev lo table 100 || true - forward_rules=" - -A v2r6_${rule}_forward -p udp -j TPROXY --on-port "$o_redir_udp_port" --tproxy-mark 0x01/0x01 - -A v2r6_${rule}_forward -p tcp -j TPROXY --on-port "$o_redir_udp_port" --tproxy-mark 0x01/0x01 - " - ;; - esac - case "$o_src_default" in - forward) src_default_target=v2r6_${rule}_forward ;; - checkdst) src_default_target=v2r6_${rule}_dst ;; - bypass|*) src_default_target=RETURN ;; - esac - case "$o_dst_default" in - forward) dst_default_target=v2r6_${rule}_forward ;; - bypass|*) dst_default_target=RETURN ;; - esac - sed -e '/^\s*$/d' -e 's/^\s\+//' <<-EOF | ip6tables-restore -w --noflush - *$table - :v2r6_${rule}_pre_src - - :v2r6_${rule}_src - - :v2r6_${rule}_dst - - :v2r6_${rule}_forward - - $(v2ray_rules6_iptchains_mkprerules "udp") - $(v2ray_rules6_iptchains_mkprerules "tcp") - -A v2r6_${rule}_pre_src -m set --match-set ssr6_${rule}_dst_bypass_ dst -j RETURN - -A v2r6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass_all dst -j MARK --set-mark 0x6539 - -A v2r6_${rule}_pre_src -m set --match-set ss_rules6_dst_bypass_all dst -j RETURN - -A v2r6_${rule}_pre_src -m set --match-set ssr6_${rule}_dst_bypass dst -j RETURN - -A v2r6_${rule}_pre_src -m mark --mark 0x6539 -j RETURN - -A v2r6_${rule}_dst -m set --match-set ss_rules6_dst_bypass_all dst -j RETURN - -A v2r6_${rule}_dst -m set --match-set ssr6_${rule}_dst_bypass dst -j RETURN - -A v2r6_${rule}_pre_src -p tcp $o_ipt_extra -j v2r6_${rule}_src - -A v2r6_${rule}_pre_src -p udp $o_ipt_extra -j v2r6_${rule}_src - -A v2r6_${rule}_src -m set --match-set ssr6_${rule}_src_bypass src -j RETURN - -A v2r6_${rule}_src -m set --match-set ssr6_${rule}_src_forward src -j v2r6_${rule}_forward - -A v2r6_${rule}_src -m set --match-set ssr6_${rule}_src_checkdst src -j v2r6_${rule}_dst - -A v2r6_${rule}_src -j $src_default_target -m comment --comment "src_default: $o_src_default" - -A v2r6_${rule}_dst -m set --match-set ssr6_${rule}_dst_forward dst -j v2r6_${rule}_forward - $recentrst_addset_rules - -A v2r6_${rule}_dst -j $dst_default_target -m comment --comment "dst_default: $o_dst_default" - $forward_rules - COMMIT - $recentrst_mangle_rules - EOF -} - -v2ray_rules6_iptchains_mkprerules() { - local proto="$1" - - if [ -z "$o_ifnames" ]; then - echo "-A PREROUTING -p $proto -j v2r6_${rule}_pre_src" - else - echo $o_ifnames \ - | tr ' ' '\n' \ - | sed "s/.*/-I PREROUTING 1 -i \\0 -p $proto -j v2r6_${rule}_pre_src/" - fi -} - -v2ray_rules6_fw_drop() { - fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j reject/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' | - while IFS=$"\n" read -r c; do - fwrule=$(echo "$c" | sed 's/reject/REDIRECT --to-ports 65535/') - if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then - eval "ip6tables -w -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null" - fi - done - fw3 -6 print 2>/dev/null | awk '/iptables/&&/zone_lan_forward/&&/tcp/&&/-t filter/&&/-j drop/ {for(i=6; i<=NF; i++) { printf "%s ",$i } print "\n" }' | - while IFS=$"\n" read -r c; do - fwrule=$(echo "$c" | sed 's/drop/REDIRECT --to-ports 65535/') - if [ -n "$fwrule" ] && [ -z "$(iptables-save | grep zone_lan_prerouting | grep '${fwrule}')" ]; then - eval "ip6tables -t nat -A zone_lan_prerouting ${fwrule} 2>&1 >/dev/null" - fi - done -} - -v2ray_rules6_parse_args "$@" -v2ray_rules6_flush -v2ray_rules6_ipset_init -v2ray_rules6_iptchains_init -v2ray_rules6_fw_drop \ No newline at end of file diff --git a/v2ray-ext/Makefile b/v2ray-ext/Makefile deleted file mode 100755 index f1fd155fb..000000000 --- a/v2ray-ext/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# -# Copyright (C) 2019 Ycarus (Yannick Chabanois) -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=v2ray-ext -PKG_RELEASE:=1 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/v2ray/ext.git -PKG_SOURCE_VERSION:=9eb3057da9bf83f83f4f1bda8528d0567419e709 -PKG_SOURCE_DATE:=20190725 - -PKG_LICENSE:=BSD-3-Clause -PKG_LICENSE_FILES:=LICENSE - -PKG_BUILD_DEPENDS:=golang/host -PKG_BUILD_PARALLEL:=1 - -GO_PKG:=v2ray.com/ext -GO_PKG_SOURCE_ONLY:=1 - -include $(INCLUDE_DIR)/package.mk -include ../golang/golang-package.mk - -define Package/v2ray-ext-dev -$(call GoPackage/GoSubMenu) - TITLE:=Go support for Google protocol buffers - URL:=https://github.com/golang/protobuf - DEPENDS:=$(GO_ARCH_DEPENDS) +protobuf - PKGARCH:=all -endef - -define Package/v2ray-ext-dev/description -Go support for Google protocol buffers -endef - -$(eval $(call GoSrcPackage,v2ray-ext-dev)) -$(eval $(call BuildPackage,v2ray-ext-dev))