mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
Merge branch 'test' into develop
This commit is contained in:
suyuan
commit
c782a5d552
35 changed files with 2070 additions and 438 deletions
|
|
@ -1,15 +1,34 @@
|
|||
#!/bin/sh
|
||||
# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :
|
||||
|
||||
INTERFACE="$1"
|
||||
HOST="proof.ovh.net"
|
||||
|
||||
echo "Select best test server..."
|
||||
HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://www.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin"
|
||||
bestping="999"
|
||||
for pinghost in $HOSTLST; do
|
||||
domain=$(echo $pinghost | awk -F/ '{print $3}')
|
||||
if [ -z "$INTERFACE" ]; then
|
||||
ping=$(ping -c1 -w2 $domain | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
else
|
||||
ping=$(ping -c1 -w2 -I $INTERFACE -B $domain | cut -d "/" -s -f5 | cut -d "." -f1)
|
||||
fi
|
||||
echo "host: $domain - ping: $ping"
|
||||
if [ -n "$ping" ] && [ "$ping" -lt "$bestping" ]; then
|
||||
bestping=$ping
|
||||
HOST=$pinghost
|
||||
fi
|
||||
done
|
||||
|
||||
[ -z "$HOST" ] && HOST="http://proof.ovh.net/files/10Gio.dat"
|
||||
|
||||
echo "Best server is $HOST, running test:"
|
||||
trap : HUP INT TERM
|
||||
if [ -z "$INTERFACE" ]; then
|
||||
curl -6 http://$HOST/files/10Gio.dat >/dev/null || echo
|
||||
curl -6 $HOST >/dev/null || echo
|
||||
else
|
||||
hostip=$(dig +short AAAA $HOST | tr -d "\n")
|
||||
domain=$(echo $HOST | awk -F/ '{print $3}')
|
||||
hostip=$(dig +nocmd +noall +answer AAAA $domain | grep -v CNAME | awk '{print $5}' | tr -d "\n")
|
||||
ipset add ss_rules6_dst_bypass_all $hostip
|
||||
curl -6 --interface $INTERFACE http://$HOST/files/10Gio.dat >/dev/null || echo
|
||||
curl -6 --interface $INTERFACE $HOST >/dev/null || echo
|
||||
ipset del ss_rules6_dst_bypass_all $hostip
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -2,9 +2,12 @@
|
|||
INTERFACE="$1"
|
||||
multipathip=$(dig +short A multipath-tcp.org | tr -d "\n")
|
||||
ipset add ss_rules_dst_bypass_all $multipathip > /dev/null 2>&1
|
||||
multipathip6=$(dig +short AAAA multipath-tcp.org | tr -d "\n")
|
||||
ipset add ss_rules6_dst_bypass_all $multipathip6 > /dev/null 2>&1
|
||||
if [ -z "$INTERFACE" ]; then
|
||||
tracebox -v -n -p IP/TCP/MSS/MPCAPABLE/WSCALE multipath-tcp.org
|
||||
else
|
||||
tracebox -v -i $INTERFACE -n -p IP/TCP/MSS/MPCAPABLE/WSCALE multipath-tcp.org
|
||||
fi
|
||||
ipset del ss_rules_dst_bypass_all $multipathip > /dev/null 2>&1
|
||||
ipset del ss_rules6_dst_bypass_all $multipathip6 > /dev/null 2>&1
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ USE_PROCD=1
|
|||
|
||||
EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key"
|
||||
|
||||
. /usr/lib/unbound/iptools.sh
|
||||
|
||||
_parse_result() {
|
||||
result=$("echo $1 | jsonfilter -q -e '@.result'")
|
||||
echo $result
|
||||
|
|
@ -15,23 +17,34 @@ _parse_result() {
|
|||
|
||||
_login() {
|
||||
local username password auth
|
||||
server="$(uci -q get openmptcprouter.${servername}.ip)"
|
||||
[ -z "$server" ] && server="$(uci -q get shadowsocks-libev.sss0.server)"
|
||||
#server="$(uci -q get openmptcprouter.${servername}.ip)"
|
||||
#[ -z "$server" ] && server="$(uci -q get shadowsocks-libev.sss0.server)"
|
||||
username="$(uci -q get openmptcprouter.${servername}.username)"
|
||||
password="$(uci -q get openmptcprouter.${servername}.password)"
|
||||
serverport="$(uci -q get openmptcprouter.${servername}.port)"
|
||||
#[ -z "$server" ] && server="$(uci -q get openmptcprouter.${servername}.ip)"
|
||||
if [ -z "$token" ]; then
|
||||
#auth=`curl --max-time 10 -s -k -H "Content-Type: application/json" -X POST -d '{"username":"'$username'","password":"'$password'"}' https://$server:$serverport/login`
|
||||
auth=`curl --max-time 10 -s -k -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -X POST -d 'username='$username'&password='$password https://$server:$serverport/token`
|
||||
[ -z "$auth" ] && return
|
||||
token="$(echo "$auth" | jsonfilter -q -e '@.access_token')"
|
||||
uci -q set openmptcprouter.${servername}.token="$token"
|
||||
login_on_server() {
|
||||
server=$1
|
||||
#auth=`curl --max-time 10 -s -k -H "Content-Type: application/json" -X POST -d '{"username":"'$username'","password":"'$password'"}' https://$server:$serverport/login`
|
||||
resolve="$(resolveip $server)"
|
||||
valid_ip6=$(valid_subnet6 $server)
|
||||
if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then
|
||||
auth=`curl --max-time 10 -s -k -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -X POST -d 'username='$username'&password='$password https://$server:$serverport/token`
|
||||
else
|
||||
auth=`curl --max-time 10 -s -k -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -X POST -d 'username='$username'&password='$password https://[$server]:$serverport/token`
|
||||
fi
|
||||
[ -z "$auth" ] && return
|
||||
token="$(echo "$auth" | jsonfilter -q -e '@.access_token')"
|
||||
uci -q set openmptcprouter.${servername}.token="$token"
|
||||
}
|
||||
config_load openmptcprouter
|
||||
config_list_foreach ${servername} ip login_on_server
|
||||
fi
|
||||
}
|
||||
|
||||
_ping_server() {
|
||||
server="$(uci -q get openmptcprouter.${servername}.ip)"
|
||||
[ -z "$server" ] && server="$(uci -q get shadowsocks-libev.sss0.server)"
|
||||
server="$1"
|
||||
ret=$(ping -c 3 -w 3 -Q 184 $server 2>&1) && echo "$ret" | grep -sq "bytes from" && return
|
||||
false
|
||||
}
|
||||
|
|
@ -41,7 +54,13 @@ _get_json() {
|
|||
route=$1
|
||||
[ -z "$token" ] && _login
|
||||
[ -n "$token" ] && {
|
||||
result=`curl --max-time 10 -s -k -H "accept: application/json" -H "Authorization: Bearer $token" https://$server:$serverport/$route`
|
||||
resolve="$(resolveip $server)"
|
||||
valid_ip6=$(valid_subnet6 $server)
|
||||
if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then
|
||||
result=`curl --max-time 10 -s -k -H "accept: application/json" -H "Authorization: Bearer $token" https://$server:$serverport/$route`
|
||||
else
|
||||
result=`curl --max-time 10 -s -k -H "accept: application/json" -H "Authorization: Bearer $token" https://[$server]:$serverport/$route`
|
||||
fi
|
||||
echo $result
|
||||
} || {
|
||||
echo ''
|
||||
|
|
@ -54,7 +73,13 @@ _set_json() {
|
|||
settings="$2"
|
||||
[ -z "$token" ] && _login
|
||||
[ -n "$token" ] && {
|
||||
result=`curl --max-time 10 -s -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$settings" https://$server:$serverport/$route`
|
||||
resolve="$(resolveip $server)"
|
||||
valid_ip6=$(valid_subnet6 $server)
|
||||
if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then
|
||||
result=`curl --max-time 10 -s -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$settings" https://$server:$serverport/$route`
|
||||
else
|
||||
result=`curl --max-time 10 -s -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$settings" https://[$server]:$serverport/$route`
|
||||
fi
|
||||
echo $result
|
||||
} || {
|
||||
echo ''
|
||||
|
|
@ -449,6 +474,7 @@ _get_gre_tunnel() {
|
|||
set network.omrip${i}gre.defaultroute='0'
|
||||
set network.omrip${i}gre.multipath='off'
|
||||
set network.omrip${i}gre.peerdns='0'
|
||||
set network.omrip${i}gre.ttl='255'
|
||||
set network.omrip${i}gre.ip4table='vpn'
|
||||
set network.omrip${i}gre.peeraddr="$publicaddr"
|
||||
set network.omrip${i}gre.ipaddr="$vpnip_local"
|
||||
|
|
@ -1068,7 +1094,7 @@ _set_config_from_vps() {
|
|||
set shadowsocks-libev.sss0.disabled=0
|
||||
commit shadowsocks-libev
|
||||
set v2ray.main.enabled=0
|
||||
commit shadowsocks-libev
|
||||
commit v2ray
|
||||
set openmptcprouter.settings.shadowsocks_disable=0
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
|
|
@ -1077,7 +1103,7 @@ _set_config_from_vps() {
|
|||
set shadowsocks-libev.sss0.disabled=1
|
||||
commit shadowsocks-libev
|
||||
set v2ray.main.enabled=1
|
||||
commit shadowsocks-libev
|
||||
commit v2ray
|
||||
set openmptcprouter.settings.shadowsocks_disable=1
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
|
|
@ -1086,7 +1112,7 @@ _set_config_from_vps() {
|
|||
set shadowsocks-libev.sss0.disabled=1
|
||||
commit shadowsocks-libev
|
||||
set v2ray.main.enabled=0
|
||||
commit shadowsocks-libev
|
||||
commit v2ray
|
||||
set openmptcprouter.settings.shadowsocks_disable=1
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
|
|
@ -1453,7 +1479,7 @@ _backup_send() {
|
|||
EOF
|
||||
return
|
||||
}
|
||||
sysupgrade -b /tmp/backup.tar.gz
|
||||
sysupgrade -k -b /tmp/backup.tar.gz
|
||||
backup_data="$(cat /tmp/backup.tar.gz | base64 | tr -d '\n')"
|
||||
backup_sha256sum="$(sha256sum /tmp/backup.tar.gz | awk '{print $1}')"
|
||||
[ -n "$backup_data" ] && {
|
||||
|
|
@ -1565,20 +1591,36 @@ _config_service() {
|
|||
_login
|
||||
[ -z "$token" ] && {
|
||||
reason=""
|
||||
_ping_server
|
||||
status=$?
|
||||
if $(exit $status); then
|
||||
reason="can ping server ${servername}"
|
||||
else
|
||||
reason="can't ping server ${servername}"
|
||||
fi
|
||||
test_ping() {
|
||||
_ping_server $1
|
||||
status=$?
|
||||
if $(exit $status); then
|
||||
reason="can ping server ${servername} on $1"
|
||||
else
|
||||
reason="can't ping server ${servername} on $1"
|
||||
fi
|
||||
}
|
||||
config_list_foreach "${servername}" ip test_ping
|
||||
port="$(uci -q get openmptcprouter.${servername}.port)"
|
||||
server="$(uci -q get openmptcprouter.${servername}.ip)"
|
||||
if [ "$(curl -k -m 3 https://${server}:${port}/)" = "" ]; then
|
||||
reason="$reason, no server API answer"
|
||||
else
|
||||
reason="$reason, server API answer"
|
||||
fi
|
||||
api_test() {
|
||||
server="$1"
|
||||
resolve="$(resolveip $server)"
|
||||
valid_ip6=$(valid_subnet6 $server)
|
||||
if [ "$resolve" != "$server" ] || [ "$valid_ip6" != "ok" ]; then
|
||||
if [ "$(curl -k -m 3 https://${server}:${port}/)" = "" ]; then
|
||||
reason="$reason, no server API answer on $1"
|
||||
else
|
||||
reason="$reason, server API answer on $1"
|
||||
fi
|
||||
else
|
||||
if [ "$(curl -k -m 3 https://[${server}]:${port}/)" = "" ]; then
|
||||
reason="$reason, no server API answer on $1"
|
||||
else
|
||||
reason="$reason, server API answer on $1"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
config_list_foreach "${servername}" ip api_test
|
||||
if [ "$(uci -q get openmptcprouter.${servername}.username)" != "openmptcprouter" ]; then
|
||||
reason="$reason, custom username"
|
||||
fi
|
||||
|
|
@ -1706,6 +1748,9 @@ start_service() {
|
|||
uci -q batch <<-EOF >/dev/null
|
||||
commit openmptcprouter
|
||||
EOF
|
||||
if [ "$(ps w | grep sysupgrade)" = "" ]; then
|
||||
/etc/init.d/sysupgrade restart
|
||||
fi
|
||||
}
|
||||
|
||||
service_triggers() {
|
||||
|
|
|
|||
|
|
@ -151,6 +151,41 @@ if [ "$(uci -q get firewall.blockquicproxy)" = "" ]; then
|
|||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q get firewall.allowicmpipv6)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.allowicmpipv6=rule
|
||||
set firewall.allowicmpipv6.proto='icmp'
|
||||
set firewall.allowicmpipv6.target='ACCEPT'
|
||||
set firewall.allowicmpipv6.src='wan'
|
||||
set firewall.allowicmpipv6.name='Allow IPv6 ICMP'
|
||||
set firewall.allowicmpipv6.family='ipv6'
|
||||
set firewall.allowicmpipv6.icmp_type='neighbour-advertisement neighbour-solicitation router-advertisement router-solicitation'
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ "$(uci -q get firewall.allowdhcpv6546)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set firewall.allowdhcpv6546=rule
|
||||
set firewall.allowdhcpv6546.target='ACCEPT'
|
||||
set firewall.allowdhcpv6546.src='wan'
|
||||
set firewall.allowdhcpv6546.proto='udp'
|
||||
set firewall.allowdhcpv6546.dest_port='547'
|
||||
set firewall.allowdhcpv6546.name='Allow DHCPv6 (546-to-547)'
|
||||
set firewall.allowdhcpv6546.family='ipv6'
|
||||
set firewall.allowdhcpv6546.src_port='546'
|
||||
set firewall.allowdhcpv6547=rule
|
||||
set firewall.allowdhcpv6547.target='ACCEPT'
|
||||
set firewall.allowdhcpv6547.src='wan'
|
||||
set firewall.allowdhcpv6547.proto='udp'
|
||||
set firewall.allowdhcpv6547.dest_port='546'
|
||||
set firewall.allowdhcpv6547.name='Allow DHCPv6 (547-to-546)'
|
||||
set firewall.allowdhcpv6547.family='ipv6'
|
||||
set firewall.allowdhcpv6547.src_port='547'
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
|
||||
# Fix firewall config from some old config
|
||||
allintf=$(uci -q get firewall.@zone[1].network)
|
||||
uci -q del firewall.@zone[1].network
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue