diff --git a/.circleci/config.yml b/.circleci/config.yml index 35d0b5d1c..9f019a532 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,8 +31,8 @@ jobs: - run: name: cache command: | - echo "cache 92 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target - echo "cache 94 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version + echo "cache 98 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target + echo "cache 100 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version - restore_cache: keys: @@ -94,8 +94,8 @@ jobs: - run: name: cache command: | - echo "cache 92 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target - echo "cache 94 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version + echo "cache 98 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target + echo "cache 100 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version - restore_cache: keys: @@ -155,8 +155,8 @@ jobs: - run: name: cache command: | - echo "cache 92 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target - echo "cache 94 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version + echo "cache 98 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target + echo "cache 100 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version - restore_cache: keys: @@ -216,8 +216,8 @@ jobs: - run: name: cache command: | - echo "cache 92 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target - echo "cache 94 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version + echo "cache 98 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target + echo "cache 100 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version - restore_cache: keys: @@ -277,8 +277,8 @@ jobs: - run: name: cache command: | - echo "cache 92 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target - echo "cache 94 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version + echo "cache 98 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target + echo "cache 100 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version - restore_cache: keys: @@ -338,8 +338,8 @@ jobs: - run: name: cache command: | - echo "cache 92 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target - echo "cache 94 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version + echo "cache 98 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target + echo "cache 100 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version - restore_cache: keys: @@ -402,8 +402,8 @@ jobs: - run: name: cache command: | - echo "cache 92 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target - echo "cache 94 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version + echo "cache 98 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target + echo "cache 100 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version - restore_cache: keys: @@ -462,8 +462,8 @@ jobs: - run: name: cache command: | - echo "cache 92 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target - echo "cache 94 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version + echo "cache 98 $OMR_KERNEL $OMR_TARGET" > /tmp/cache-target + echo "cache 100 $OMR_KERNEL $OMR_TARGET $OMR_VERSION" > /tmp/cache-version - restore_cache: keys: diff --git a/bcm27xx-eeprom/Makefile b/bcm27xx-eeprom/Makefile new file mode 100644 index 000000000..580ea78c3 --- /dev/null +++ b/bcm27xx-eeprom/Makefile @@ -0,0 +1,58 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=bcm27xx-eeprom +PKG_VERSION:=ad18a5b468f787ed37ab62e0a699dabeaa580e27 +PKG_RELEASE:=2 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/raspberrypi/rpi-eeprom/tar.gz/$(PKG_VERSION)? +PKG_HASH:=2f77ef84d34f77208e4caf90aa65bbbaa6234ee58ffe9c23a819d44c25a631b4 + +PKG_LICENSE:=BSD-3-Clause Custom +PKG_LICENSE_FILES:=LICENSE + +PKG_MAINTAINER:=Álvaro Fernández Rojas + +include $(INCLUDE_DIR)/package.mk + +TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS) +TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) + +define Package/bcm27xx-eeprom + SECTION:=utils + CATEGORY:=Utilities + DEPENDS:=bcm27xx-userland +blkid +pciutils +python3-light + TITLE:=BCM27xx EEPROM tools +endef + +define Package/bcm27xx-eeprom/description + BCM27xx EEPROM tools. +endef + +define Build/Compile + true +endef + +define Package/bcm27xx-eeprom/conffiles +/etc/bcm27xx-eeprom.conf +endef + +define Package/bcm27xx-eeprom/install + $(INSTALL_DIR) $(1)/etc + $(INSTALL_CONF) $(PKG_BUILD_DIR)/rpi-eeprom-update-default $(1)/etc/bcm27xx-eeprom.conf + + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/rpi-eeprom-config $(1)/usr/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/rpi-eeprom-update $(1)/usr/bin + + $(INSTALL_DIR) $(1)/lib/firmware/raspberrypi/bootloader + $(CP) $(PKG_BUILD_DIR)/firmware/release-notes.md $(1)/lib/firmware/raspberrypi/bootloader + + $(INSTALL_DIR) $(1)/lib/firmware/raspberrypi/bootloader/critical + $(CP) $(PKG_BUILD_DIR)/firmware/critical/ $(1)/lib/firmware/raspberrypi/bootloader/ + + $(INSTALL_DIR) $(1)/lib/firmware/raspberrypi/bootloader/stable + $(CP) $(PKG_BUILD_DIR)/firmware/stable/ $(1)/lib/firmware/raspberrypi/bootloader/ +endef + +$(eval $(call BuildPackage,bcm27xx-eeprom)) diff --git a/bcm27xx-eeprom/patches/0001-rpi-eeprom-update-OpenWrt-defaults.patch b/bcm27xx-eeprom/patches/0001-rpi-eeprom-update-OpenWrt-defaults.patch new file mode 100644 index 000000000..2f923bc43 --- /dev/null +++ b/bcm27xx-eeprom/patches/0001-rpi-eeprom-update-OpenWrt-defaults.patch @@ -0,0 +1,48 @@ +From da37f7b051fe6833e25e78184cc9217dd4379187 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=C3=81lvaro=20Fern=C3=A1ndez=20Rojas?= +Date: Mon, 23 Mar 2020 10:10:55 +0100 +Subject: [PATCH] rpi-eeprom-update: OpenWrt defaults +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Álvaro Fernández Rojas +--- + rpi-eeprom-update | 6 +++--- + rpi-eeprom-update-default | 5 +++-- + 2 files changed, 6 insertions(+), 5 deletions(-) + +--- a/rpi-eeprom-update ++++ b/rpi-eeprom-update +@@ -24,14 +24,14 @@ else + fi + + # May be used to select beta or stable releases instead of the default critical updates. +-FIRMWARE_RELEASE_STATUS=${FIRMWARE_RELEASE_STATUS:-critical} ++FIRMWARE_RELEASE_STATUS=${FIRMWARE_RELEASE_STATUS:-stable} + FIRMWARE_IMAGE_DIR=${FIRMWARE_IMAGE_DIR:-${FIRMWARE_ROOT}/${FIRMWARE_RELEASE_STATUS}} +-FIRMWARE_BACKUP_DIR=${FIRMWARE_BACKUP_DIR:-/var/lib/raspberrypi/bootloader/backup} ++FIRMWARE_BACKUP_DIR=${FIRMWARE_BACKUP_DIR:-${FIRMWARE_ROOT}/backup} + ENABLE_VL805_UPDATES=${ENABLE_VL805_UPDATES:-1} + USE_FLASHROM=${USE_FLASHROM:-0} + RECOVERY_BIN=${RECOVERY_BIN:-${FIRMWARE_ROOT}/${FIRMWARE_RELEASE_STATUS}/recovery.bin} + BOOTFS=${BOOTFS:-/boot} +-VCMAILBOX=${VCMAILBOX:-/opt/vc/bin/vcmailbox} ++VCMAILBOX=${VCMAILBOX:-/usr/bin/vcmailbox} + + EXIT_SUCCESS=0 + EXIT_UPDATE_REQUIRED=1 +--- a/rpi-eeprom-update-default ++++ b/rpi-eeprom-update-default +@@ -1,8 +1,9 @@ + + FIRMWARE_ROOT=/lib/firmware/raspberrypi/bootloader +-FIRMWARE_RELEASE_STATUS="critical" ++FIRMWARE_RELEASE_STATUS="stable" + FIRMWARE_IMAGE_DIR="${FIRMWARE_ROOT}/${FIRMWARE_RELEASE_STATUS}" +-FIRMWARE_BACKUP_DIR="/var/lib/raspberrypi/bootloader/backup" ++FIRMWARE_BACKUP_DIR="${FIRMWARE_ROOT}/backup" + BOOTFS=/boot + USE_FLASHROM=0 + EEPROM_CONFIG_HOOK= ++VCMAILBOX=/usr/bin/vcmailbox diff --git a/bcm27xx-eeprom/patches/0002-rpi-eeprom-config-switch-to-Python-3.patch b/bcm27xx-eeprom/patches/0002-rpi-eeprom-config-switch-to-Python-3.patch new file mode 100644 index 000000000..fc2c894d8 --- /dev/null +++ b/bcm27xx-eeprom/patches/0002-rpi-eeprom-config-switch-to-Python-3.patch @@ -0,0 +1,21 @@ +From 869a29ec65a0985670a259f4820df4fafc22c971 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=C3=81lvaro=20Fern=C3=A1ndez=20Rojas?= +Date: Wed, 25 Mar 2020 10:14:34 +0100 +Subject: [PATCH] rpi-eeprom-config: switch to Python 3 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Álvaro Fernández Rojas +--- + rpi-eeprom-config | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/rpi-eeprom-config ++++ b/rpi-eeprom-config +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + # rpi-eeprom-config + # Utility for reading and writing the configuration file in the diff --git a/bcm27xx-eeprom/patches/0003-rpi-eeprom-update-change-default-include-path.patch b/bcm27xx-eeprom/patches/0003-rpi-eeprom-update-change-default-include-path.patch new file mode 100644 index 000000000..6aee93cf2 --- /dev/null +++ b/bcm27xx-eeprom/patches/0003-rpi-eeprom-update-change-default-include-path.patch @@ -0,0 +1,35 @@ +From 6674d49dea0104031b3f54df4c7a356dc4307bb2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=C3=81lvaro=20Fern=C3=A1ndez=20Rojas?= +Date: Wed, 25 Mar 2020 20:58:35 +0100 +Subject: [PATCH] rpi-eeprom-update: change default include path +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Álvaro Fernández Rojas +--- + rpi-eeprom-update | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- a/rpi-eeprom-update ++++ b/rpi-eeprom-update +@@ -6,8 +6,8 @@ set -e + + script_dir=$(cd "$(dirname "$0")" && pwd) + +-if [ -f /etc/default/rpi-eeprom-update ]; then +- . /etc/default/rpi-eeprom-update ++if [ -f /etc/bcm27xx-eeprom.conf ]; then ++ . /etc/bcm27xx-eeprom.conf + fi + + LOCAL_MODE=0 +@@ -345,7 +345,7 @@ Options: + -u Install the specified VL805 (USB EEPROM) image file. + + Environment: +-Environment variables should be defined in /etc/default/rpi-eeprom-update ++Environment variables should be defined in /etc/bcm27xx-eeprom.conf + + EEPROM_CONFIG_HOOK + diff --git a/glorytun/glorytun.config b/glorytun/glorytun.config index a0dfe1593..9ee6e41e6 100644 --- a/glorytun/glorytun.config +++ b/glorytun/glorytun.config @@ -9,4 +9,5 @@ config glorytun 'vpn' option chacha20 '1' option mtuauto '1' option localip '10.255.255.2' - option remoteip '10.255.255.1' \ No newline at end of file + option remoteip '10.255.255.1' + option multiqueue '1' \ No newline at end of file diff --git a/glorytun/init b/glorytun/init index 116547ac0..5d0233157 100755 --- a/glorytun/init +++ b/glorytun/init @@ -74,6 +74,7 @@ start_instance() { [ "${listener}" = "1" ] && procd_append_param command listener [ "${mptcp}" = "1" ] && procd_append_param command mptcp [ "${chacha20}" = "1" ] && procd_append_param command chacha20 + [ "${multiqueue}" = "1" ] && procd_append_param command multiqueue procd_append_param command \ retry count -1 const 500000 \ diff --git a/libwebp/Makefile b/libwebp/Makefile new file mode 100644 index 000000000..887b44b5b --- /dev/null +++ b/libwebp/Makefile @@ -0,0 +1,64 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=libwebp +PKG_VERSION:=1.1.0 +PKG_RELEASE:=3 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://storage.googleapis.com/downloads.webmproject.org/releases/webp +PKG_HASH:=98a052268cc4d5ece27f76572a7f50293f439c17a98e67c4ea0c7ed6f50ef043 + +PKG_MAINTAINER:= +PKG_LICENSE:=BSD-3-Clause +PKG_LICENSE_FILES:=COPYING + +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/libwebp + SECTION:=libs + CATEGORY:=Libraries + TITLE:=WebP library + URL:=https://www.webmproject.org +endef + +define Package/libwebp/description + The libwebp package contains a library for the WebP format. +endef + +CONFIGURE_ARGS += \ + --enable-shared \ + --disable-static \ + --disable-neon-rtcd \ + --disable-gl \ + --disable-sdl \ + --disable-gif \ + --disable-jpeg \ + --disable-png \ + --disable-tiff \ + --disable-wic \ + --disable-libwebpmux \ + --disable-libwebpdemux \ + --disable-libwebpdecoder \ + --disable-libwebpextras \ + --without-pic + +TARGET_CFLAGS += $(FPIC) -flto + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/webp + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/webp/* $(1)/usr/include/webp/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libwebp* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libwebp.pc $(1)/usr/lib/pkgconfig/ +endef + +define Package/libwebp/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libwebp.s* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,libwebp)) diff --git a/libwebp/patches/010-mips16.patch b/libwebp/patches/010-mips16.patch new file mode 100644 index 000000000..3e69770ac --- /dev/null +++ b/libwebp/patches/010-mips16.patch @@ -0,0 +1,11 @@ +--- a/src/dsp/dsp.h ++++ b/src/dsp/dsp.h +@@ -95,7 +95,7 @@ extern "C" { + #define WEBP_USE_INTRINSICS + #endif + +-#if defined(__mips__) && !defined(__mips64) && \ ++#if defined(__mips__) && !defined(__mips16) && !defined(__mips64) && \ + defined(__mips_isa_rev) && (__mips_isa_rev >= 1) && (__mips_isa_rev < 6) + #define WEBP_USE_MIPS32 + #if (__mips_isa_rev >= 2) diff --git a/luci-app-dsvpn/root/usr/share/luci/menu.d/luci-app-dsvpn.json b/luci-app-dsvpn/root/usr/share/luci/menu.d/luci-app-dsvpn.json new file mode 100644 index 000000000..257a29fab --- /dev/null +++ b/luci-app-dsvpn/root/usr/share/luci/menu.d/luci-app-dsvpn.json @@ -0,0 +1,13 @@ +{ + "admin/vpn/dsvpn": { + "title": "DSVPN", + "order": 10, + "action": { + "type": "cbi", + "path": "dsvpn" + }, + "depends": { + "acl": [ "luci-app-dsvpn" ] + } + } +} diff --git a/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json b/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json index 35c7c62c4..f8a3553a7 100644 --- a/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json +++ b/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json @@ -7,6 +7,7 @@ "path": "admin/network/firewall/zones" }, "depends": { + "acl": [ "luci-app-firewall" ], "fs": { "/sbin/fw3": "executable" }, "uci": { "firewall": true } } diff --git a/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-firewall.json b/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-firewall.json new file mode 100644 index 000000000..17d1fbab1 --- /dev/null +++ b/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-firewall.json @@ -0,0 +1,24 @@ +{ + "luci-app-firewall": { + "description": "Grant access to firewall configuration", + "read": { + "file": { + "/etc/firewall.user": [ "read" ] + }, + "ubus": { + "file": [ "read" ], + "luci": [ "getConntrackHelpers" ] + }, + "uci": [ "firewall" ] + }, + "write": { + "file": { + "/etc/firewall.user": [ "write" ] + }, + "ubus": { + "file": [ "write" ] + }, + "uci": [ "firewall" ] + } + } +} diff --git a/luci-app-glorytun/root/usr/share/luci/menu.d/luci-app-glorytun.json b/luci-app-glorytun/root/usr/share/luci/menu.d/luci-app-glorytun.json new file mode 100644 index 000000000..414accf0b --- /dev/null +++ b/luci-app-glorytun/root/usr/share/luci/menu.d/luci-app-glorytun.json @@ -0,0 +1,13 @@ +{ + "admin/vpn/glorytun": { + "title": "Glorytun", + "order": 20, + "action": { + "type": "cbi", + "path": "glorytun" + }, + "depends": { + "acl": [ "luci-app-glorytun" ] + } + } +} diff --git a/luci-app-https-dns-proxy/root/usr/share/luci/menu.d/luci-app-https-dns-proxy.json b/luci-app-https-dns-proxy/root/usr/share/luci/menu.d/luci-app-https-dns-proxy.json new file mode 100644 index 000000000..6b44c21df --- /dev/null +++ b/luci-app-https-dns-proxy/root/usr/share/luci/menu.d/luci-app-https-dns-proxy.json @@ -0,0 +1,13 @@ +{ + "admin/services/https-dns-proxy": { + "title": "Proxy DNS Over HTTPS", + "order": 20, + "action": { + "type": "cbi", + "path": "https-dns-proxy" + }, + "depends": { + "acl": [ "luci-app-https-dns-proxy" ] + } + } +} diff --git a/luci-app-iperf/root/usr/share/luci/menu.d/luci-app-iperf.json b/luci-app-iperf/root/usr/share/luci/menu.d/luci-app-iperf.json new file mode 100644 index 000000000..dd6151ee0 --- /dev/null +++ b/luci-app-iperf/root/usr/share/luci/menu.d/luci-app-iperf.json @@ -0,0 +1,13 @@ +{ + "admin/services/iperf": { + "title": "iPerf", + "order": 10, + "action": { + "type": "template", + "path": "iperf/test" + }, + "depends": { + "acl": [ "luci-app-iperf" ] + } + } +} diff --git a/luci-app-macvlan/po/templates/macvlan.pot b/luci-app-macvlan/po/templates/macvlan.pot new file mode 100644 index 000000000..f753668e9 --- /dev/null +++ b/luci-app-macvlan/po/templates/macvlan.pot @@ -0,0 +1,23 @@ +msgid "" +msgstr "Content-Type: text/plain; charset=UTF-8" + +#: luci-app-macvlan/root/usr/share/rpcd/acl.d/luci-app-macvlan.json:3 +msgid "Grant UCI access for luci-app-macvlan" +msgstr "" + +#: luci-app-macvlan/htdocs/luci-static/resources/view/network/macvlan.js:30 +msgid "Interface" +msgstr "" + +#: luci-app-macvlan/htdocs/luci-static/resources/view/network/macvlan.js:22 +msgid "Interfaces" +msgstr "" + +#: luci-app-macvlan/htdocs/luci-static/resources/view/network/macvlan.js:20 +#: luci-app-macvlan/root/usr/share/luci/menu.d/luci-app-macvlan.json:3 +msgid "Macvlan" +msgstr "" + +#: luci-app-macvlan/htdocs/luci-static/resources/view/network/macvlan.js:26 +msgid "Name" +msgstr "" diff --git a/luci-app-macvlan/root/etc/init.d/macvlan b/luci-app-macvlan/root/etc/init.d/macvlan index eb51d3808..f9a46e2f7 100755 --- a/luci-app-macvlan/root/etc/init.d/macvlan +++ b/luci-app-macvlan/root/etc/init.d/macvlan @@ -46,12 +46,25 @@ _create_interface() { _ifname=$1 } config_get _masterifname "$1" ifname - uci batch <<-EOF - set network.$_ifname=interface - set network.$_ifname.type=macvlan - set network.$_ifname.proto=static - set network.$_ifname.masterintf=$_masterifname - EOF + [ "$1" != "$_ifname" ] && { + uci batch <<-EOF + delete macvlan.$1 + set macvlan.$_ifname=macvlan + set macvlan.$_ifname.name=$_ifname + set macvlan.$_ifname.ifname=$_masterifname + commit macvlan + EOF + } + [ "$(uci -q get network.$_ifname.masterintf)" != "$_masterifname" ] && { + logger -t "MACVLAN" "Create interface $_ifname based on $_masterifname" + uci batch <<-EOF + set network.$_ifname=interface + set network.$_ifname.type=macvlan + set network.$_ifname.proto=static + set network.$_ifname.masterintf=$_masterifname + commit network + EOF + } } # Configuration by interface @@ -67,6 +80,7 @@ _setup_interface() { config_get _type "$1" type [ "$_type" = "macvlan" ] && [ "$(uci -q get macvlan.$1)" = "" ] && { + logger -t "MACVLAN" "Delete $1" uci -q batch <<-EOF delete network.$1 delete network.$1_dev diff --git a/luci-app-macvlan/root/usr/share/luci/menu.d/luci-app-macvlan.json b/luci-app-macvlan/root/usr/share/luci/menu.d/luci-app-macvlan.json index 01c2164ee..3d7041b26 100644 --- a/luci-app-macvlan/root/usr/share/luci/menu.d/luci-app-macvlan.json +++ b/luci-app-macvlan/root/usr/share/luci/menu.d/luci-app-macvlan.json @@ -5,6 +5,9 @@ "action": { "type": "view", "path": "network/macvlan" + }, + "depends": { + "acl": [ "luci-app-macvlan" ] } } } diff --git a/luci-app-mail/root/usr/share/luci/menu.d/luci-app-mail.json b/luci-app-mail/root/usr/share/luci/menu.d/luci-app-mail.json new file mode 100644 index 000000000..6098e0a26 --- /dev/null +++ b/luci-app-mail/root/usr/share/luci/menu.d/luci-app-mail.json @@ -0,0 +1,13 @@ +{ + "admin/services/mail": { + "title": "E-Mail", + "order": 90, + "action": { + "type": "cbi", + "path": "mail" + }, + "depends": { + "acl": [ "luci-app-mail" ] + } + } +} diff --git a/luci-app-mlvpn/root/usr/share/luci/menu.d/luci-app-mlvpn.json b/luci-app-mlvpn/root/usr/share/luci/menu.d/luci-app-mlvpn.json new file mode 100644 index 000000000..085d95305 --- /dev/null +++ b/luci-app-mlvpn/root/usr/share/luci/menu.d/luci-app-mlvpn.json @@ -0,0 +1,13 @@ +{ + "admin/vpn/mlvpn": { + "title": "MLVPN", + "order": 30, + "action": { + "type": "cbi", + "path": "mlvpn" + }, + "depends": { + "acl": [ "luci-app-mlvpn" ] + } + } +} diff --git a/luci-app-mptcp/root/usr/share/luci/menu.d/luci-app-mptcp.json b/luci-app-mptcp/root/usr/share/luci/menu.d/luci-app-mptcp.json new file mode 100644 index 000000000..a3e457424 --- /dev/null +++ b/luci-app-mptcp/root/usr/share/luci/menu.d/luci-app-mptcp.json @@ -0,0 +1,13 @@ +{ + "admin/network/mptcp": { + "title": "MPTCP", + "order": 10, + "action": { + "type": "cbi", + "path": "mptcp" + }, + "depends": { + "acl": [ "luci-app-mptcp" ] + } + } +} diff --git a/luci-app-nginx-ha/root/etc/init.d/nginx-ha b/luci-app-nginx-ha/root/etc/init.d/nginx-ha index a33371ef0..34f990de5 100755 --- a/luci-app-nginx-ha/root/etc/init.d/nginx-ha +++ b/luci-app-nginx-ha/root/etc/init.d/nginx-ha @@ -52,7 +52,6 @@ start_instance() { listen ${listen:-0.0.0.0:6666} udp; listen ${listen:-0.0.0.0:6666} so_keepalive=off; proxy_pass ${1}; - proxy_buffering off; } " } diff --git a/luci-app-nginx-ha/root/usr/share/luci/menu.d/luci-app-nginx-ha.json b/luci-app-nginx-ha/root/usr/share/luci/menu.d/luci-app-nginx-ha.json new file mode 100644 index 000000000..b62a8ab35 --- /dev/null +++ b/luci-app-nginx-ha/root/usr/share/luci/menu.d/luci-app-nginx-ha.json @@ -0,0 +1,13 @@ +{ + "admin/services/nginx-ha": { + "title": "Nginx High Availability", + "order": 80, + "action": { + "type": "cbi", + "path": "nginx-ha" + }, + "depends": { + "acl": [ "luci-app-nginx-ha" ] + } + } +} diff --git a/luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js b/luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js index 3ab345321..acc194ba5 100644 --- a/luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js +++ b/luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js @@ -27,11 +27,13 @@ return L.view.extend({ s.addremove = true; s.anonymous = true; - o = s.option(form.Value, 'domain', _('Domain')); + o = s.option(form.Value, 'name', _('Domain')); o.rmempty = false; o = s.option(widgets.DeviceSelect, 'interface', _('Interface')); - o.rmempty = false; + o.noaliases = true; + o.noinactive = true; + o.nocreate = true; o = s.option(form.Value, 'note', _('Note')); o.rmempty = true; @@ -43,8 +45,10 @@ return L.view.extend({ o = s.option(form.Value, 'ip', _('IP')); o.rmempty = false; - o = s.option(widgets.DeviceSelect, 'interface', _('Interface')); - o.rmempty = false; + o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used.')); + o.noaliases = true; + o.noinactive = true; + o.nocreate = true; o = s.option(form.Value, 'note', _('Note')); o.rmempty = true; @@ -56,17 +60,40 @@ return L.view.extend({ o = s.option(form.Value, 'dport', _('port')); o.rmempty = false; - o = s.option(form.MultiValue, 'proto', _('protocol')); + o = s.option(form.ListValue, 'proto', _('protocol')); o.default = 'tcp'; - o.modalonly = true; - o.custom = true; o.rmempty = false; o.value('tcp'); o.value('udp'); + o.value('icmp'); o = s.option(widgets.DeviceSelect, 'interface', _('Interface')); + o.noaliases = true; + o.noinactive = true; + o.nocreate = true; + + o = s.option(form.Value, 'note', _('Note')); + o.rmempty = true; + + s = m.section(form.GridSection, 'src_port', _('Ports source')); + s.addremove = true; + s.anonymous = true; + + o = s.option(form.Value, 'sport', _('port')); o.rmempty = false; + o = s.option(form.ListValue, 'proto', _('protocol')); + o.default = 'tcp'; + o.rmempty = false; + o.value('tcp'); + o.value('udp'); + o.value('icmp'); + + o = s.option(widgets.DeviceSelect, 'interface', _('Interface')); + o.noaliases = true; + o.noinactive = true; + o.nocreate = true; + o = s.option(form.Value, 'note', _('Note')); o.rmempty = true; @@ -83,7 +110,9 @@ return L.view.extend({ }); o = s.option(widgets.DeviceSelect, 'interface', _('Interface')); - o.rmempty = false; + o.noaliases = true; + o.noinactive = true; + o.nocreate = true; o = s.option(form.Value, 'note', _('Note')); o.rmempty = true; @@ -103,7 +132,9 @@ return L.view.extend({ }); o = s.option(widgets.DeviceSelect, 'interface', _('Interface')); - o.rmempty = false; + o.noaliases = true; + o.noinactive = true; + o.nocreate = true; o = s.option(form.Value, 'note', _('Note')); o.rmempty = true; @@ -116,7 +147,9 @@ return L.view.extend({ o.rmempty = false; o = s.option(widgets.DeviceSelect, 'interface', _('Interface')); - o.rmempty = false; + o.noaliases = true; + o.noinactive = true; + o.nocreate = true; o = s.option(form.Value, 'note', _('Note')); o.rmempty = true; @@ -154,7 +187,9 @@ return L.view.extend({ }; o = s.option(widgets.DeviceSelect, 'interface', _('Interface')); - o.rmempty = false; + o.noaliases = true; + o.noinactive = true; + o.nocreate = true; o = s.option(form.Value, 'note', _('Note')); o.rmempty = true; diff --git a/luci-app-omr-bypass/root/etc/init.d/omr-bypass b/luci-app-omr-bypass/root/etc/init.d/omr-bypass index bd99749b4..cc7df9533 100755 --- a/luci-app-omr-bypass/root/etc/init.d/omr-bypass +++ b/luci-app-omr-bypass/root/etc/init.d/omr-bypass @@ -57,10 +57,12 @@ _bypass_domain() { for ip in $resolve; do _bypass_ip $ip $intf done - resolve=$(dig aaaa +timeout=1 +nocmd +noall +answer $domain | awk '{print $5}') - for ip in $resolve; do - _bypass_ip $ip $intf - done + if [ "$disableipv6" != "1" ]; then + resolve=$(dig aaaa +timeout=1 +nocmd +noall +answer $domain | awk '{print $5}') + for ip in $resolve; do + _bypass_ip $ip $intf + done + fi fi if [ "$(uci -q get dhcp.@dnsmasq[0].ipset | grep /$domain/)" = "" ]; then uci -q add_list dhcp.@dnsmasq[0].ipset="/$domain/omr_dst_bypass_$intf,omr6_dst_bypass_$intf" @@ -92,22 +94,26 @@ _bypass_mac() { -A omr-bypass -m mac --mac-source $mac -j MARK --set-mark 0x539 COMMIT EOF - ip6tables-restore -w --wait=60 --noflush <<-EOF - *mangle - -A omr-bypass6 -m mac --mac-source $mac -j MARK --set-mark 0x6539 - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 -m mac --mac-source $mac -j MARK --set-mark 0x6539 + COMMIT + EOF + fi else iptables-restore -w --wait=60 --noflush <<-EOF *mangle -A omr-bypass -m mac --mac-source $mac -j MARK --set-mark 0x539$intfid COMMIT EOF - ip6tables-restore -w --wait=60 --noflush <<-EOF - *mangle - -A omr-bypass6 -m mac --mac-source $mac -j MARK --set-mark 0x6539$intfid - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 -m mac --mac-source $mac -j MARK --set-mark 0x6539$intfid + COMMIT + EOF + fi fi } @@ -162,6 +168,7 @@ _bypass_dest_port() { [ -z "$intf" ] && intf="all" [ -z "$dport" ] && return + dport="$(echo $dport | sed 's/-/:/')" [ -z "$proto" ] && return if [ "$intf" = "all" ]; then iptables-restore -w --wait=60 --noflush <<-EOF @@ -169,22 +176,66 @@ _bypass_dest_port() { -A omr-bypass --protocol $proto --destination-port $dport -j MARK --set-mark 0x539 COMMIT EOF - ip6tables-restore -w --wait=60 --noflush <<-EOF - *mangle - -A omr-bypass6 --protocol $proto --destination-port $dport -j MARK --set-mark 0x6539 - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 --protocol $proto --destination-port $dport -j MARK --set-mark 0x6539 + COMMIT + EOF + fi else iptables-restore -w --wait=60 --noflush <<-EOF *mangle -A omr-bypass --protocol $proto --destination-port $dport -j MARK --set-mark 0x539$intfid COMMIT EOF - ip6tables-restore -w --wait=60 --noflush <<-EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 --protocol $proto --destination-port $dport -j MARK --set-mark 0x6539$intfid + COMMIT + EOF + fi + fi +} + +_bypass_src_port() { + local intf + config_get sport $1 sport + config_get proto $1 proto + config_get intf $1 interface + local intfid="$(uci -q get omr-bypass.$intf.id)" + + [ -z "$intf" ] && intf="all" + [ -z "$sport" ] && return + sport="$(echo $sport | sed 's/-/:/')" + [ -z "$proto" ] && return + if [ "$intf" = "all" ]; then + iptables-restore -w --wait=60 --noflush <<-EOF *mangle - -A omr-bypass6 --protocol $proto --destination-port $dport -j MARK --set-mark 0x6539$intfid + -A omr-bypass --protocol $proto --source-port $sport -j MARK --set-mark 0x539 COMMIT EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 --protocol $proto --source-port $sport -j MARK --set-mark 0x6539 + COMMIT + EOF + fi + else + iptables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass --protocol $proto --source-port $sport -j MARK --set-mark 0x539$intfid + COMMIT + EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 --protocol $proto --source-port $sport -j MARK --set-mark 0x6539$intfid + COMMIT + EOF + fi fi } @@ -203,22 +254,26 @@ _bypass_proto() { -A omr-bypass-dpi -m ndpi --proto $proto -j MARK --set-mark 0x539 COMMIT EOF - ip6tables-restore -w --wait=60 --noflush <<-EOF - *mangle - -A omr-bypass6-dpi -m ndpi --proto $proto -j MARK --set-mark 0x6539 - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6-dpi -m ndpi --proto $proto -j MARK --set-mark 0x6539 + COMMIT + EOF + fi else iptables-restore -w --wait=60 --noflush <<-EOF *mangle -A omr-bypass-dpi -m ndpi --proto $proto -j MARK --set-mark 0x539$intfid COMMIT EOF - ip6tables-restore -w --wait=60 --noflush <<-EOF - *mangle - -A omr-bypass6-dpi -m ndpi --proto $proto -j MARK --set-mark 0x6539$intfid - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6-dpi -m ndpi --proto $proto -j MARK --set-mark 0x6539$intfid + COMMIT + EOF + fi fi # Use dnsmasq ipset to bypass domains of the proto local domains @@ -289,23 +344,25 @@ _intf_rule() { COMMIT EOF fi - if [ "$(ip6tables --wait=40 -t mangle -L | grep omr6_dst_bypass_$intf)" = "" ]; then - ip6tables-restore -w --wait=60 --noflush <<-EOF - *mangle - -I omr-bypass6 1 -m set --match-set omr6_dst_bypass_$intf dst -j MARK --set-mark 0x6539$count - COMMIT - EOF - fi - if [ "$(ip6tables --wait=40 -t nat -L | grep ss_rules6_pre_src)" != "" ] && [ "$(ip6tables --wait=40 -t nat -L | grep omr6_dst_bypass_$intf)" = "" ]; then - ip6tables-restore -w --wait=60 --noflush <<-EOF - *nat - -I ss_rules6_dst 1 -m set --match-set omr6_dst_bypass_$intf dst -j RETURN - -I ss_rules6_local_out 1 -m set --match-set omr6_dst_bypass_$intf dst -j RETURN - -I ss_rules6_local_out 2 -m mark --mark 0x6539$count -j RETURN - -I ss_rules6_pre_src 1 -m set --match-set omr6_dst_bypass_$intf dst -j MARK --set-mark 0x6539$count - -I ss_rules6_pre_src 2 -m mark --mark 0x6539$count -j RETURN - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + if [ "$(ip6tables --wait=40 -t mangle -L | grep omr6_dst_bypass_$intf)" = "" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -I omr-bypass6 1 -m set --match-set omr6_dst_bypass_$intf dst -j MARK --set-mark 0x6539$count + COMMIT + EOF + fi + if [ "$(ip6tables --wait=40 -t nat -L | grep ss_rules6_pre_src)" != "" ] && [ "$(ip6tables --wait=40 -t nat -L | grep omr6_dst_bypass_$intf)" = "" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *nat + -I ss_rules6_dst 1 -m set --match-set omr6_dst_bypass_$intf dst -j RETURN + -I ss_rules6_local_out 1 -m set --match-set omr6_dst_bypass_$intf dst -j RETURN + -I ss_rules6_local_out 2 -m mark --mark 0x6539$count -j RETURN + -I ss_rules6_pre_src 1 -m set --match-set omr6_dst_bypass_$intf dst -j MARK --set-mark 0x6539$count + -I ss_rules6_pre_src 2 -m mark --mark 0x6539$count -j RETURN + COMMIT + EOF + fi fi uci -q set omr-bypass.$intf=interface uci -q set omr-bypass.$intf.id=$count @@ -353,6 +410,7 @@ start_service() { logger -t "omr-bypass" "Starting OMR-ByPass..." config_load omr-bypass config_foreach _add_proto proto + disableipv6="$(uci -q get openmptcprouter.settings.disable_ipv6)" [ -n "$RELOAD" ] && [ "$(ipset --list | grep omr_dst_bypass_all)" = "" ] && { unset RELOAD @@ -372,13 +430,15 @@ start_service() { -I PREROUTING 1 -m addrtype ! --dst-type LOCAL -j omr-bypass COMMIT EOF - ip6tables-save --counters | grep -v omr-bypass6 | ip6tables-restore -w --counters - ip6tables-restore -w --wait=60 --noflush <<-EOF - *mangle - :omr-bypass6 - - -I PREROUTING 1 -m addrtype ! --dst-type LOCAL -j omr-bypass6 - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-save --counters | grep -v omr-bypass6 | ip6tables-restore -w --counters + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + :omr-bypass6 - + -I PREROUTING 1 -m addrtype ! --dst-type LOCAL -j omr-bypass6 + COMMIT + EOF + fi config_load network config_foreach _intf_rule interface @@ -390,6 +450,7 @@ start_service() { config_foreach _bypass_mac macs config_foreach _bypass_lan_ip lan_ip config_foreach _bypass_dest_port dest_port + config_foreach _bypass_src_port src_port config_foreach _bypass_asn asns dnsmasqipset=$(uci -q get dhcp.@dnsmasq[0].ipset | sed 's/ /\n/g' | grep -v dst_bypass) uci -q delete dhcp.@dnsmasq[0].ipset @@ -433,23 +494,25 @@ start_service() { COMMIT EOF fi - if [ "$(ip6tables --wait=40 -t mangle -L | grep 'match-set omr6_dst_bypass_all dst MARK set')" = "" ]; then - ip6tables-restore --wait=60 --noflush <<-EOF - *mangle - -A omr-bypass6 -m set --match-set omr6_dst_bypass_all dst -j MARK --set-mark 0x6539 - COMMIT - EOF - fi - if [ "$(ip6tables --wait=40 -t nat -L | grep ss_rules6_pre_src)" != "" ] && [ "$(ip6tables --wait=40 -t nat -L | grep omr6_dst_bypass_all)" = "" ]; then - ip6tables-restore --wait=60 --noflush <<-EOF - *nat - -I ss_rules6_dst 1 -m set --match-set omr6_dst_bypass_all dst -j RETURN - -I ss_rules6_local_out 1 -m set --match-set omr6_dst_bypass_all dst -j RETURN - -I ss_rules6_local_out 2 -m mark --mark 0x6539 -j RETURN - -I ss_rules6_pre_src 1 -m set --match-set omr6_dst_bypass_all dst -j MARK --set-mark 0x6539 - -I ss_rules6_pre_src 2 -m mark --mark 0x6539 -j RETURN - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + if [ "$(ip6tables --wait=40 -t mangle -L | grep 'match-set omr6_dst_bypass_all dst MARK set')" = "" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + -A omr-bypass6 -m set --match-set omr6_dst_bypass_all dst -j MARK --set-mark 0x6539 + COMMIT + EOF + fi + if [ "$(ip6tables --wait=40 -t nat -L | grep ss_rules6_pre_src)" != "" ] && [ "$(ip6tables --wait=40 -t nat -L | grep omr6_dst_bypass_all)" = "" ]; then + ip6tables-restore -w --wait=60 --noflush <<-EOF + *nat + -I ss_rules6_dst 1 -m set --match-set omr6_dst_bypass_all dst -j RETURN + -I ss_rules6_local_out 1 -m set --match-set omr6_dst_bypass_all dst -j RETURN + -I ss_rules6_local_out 2 -m mark --mark 0x6539 -j RETURN + -I ss_rules6_pre_src 1 -m set --match-set omr6_dst_bypass_all dst -j MARK --set-mark 0x6539 + -I ss_rules6_pre_src 2 -m mark --mark 0x6539 -j RETURN + COMMIT + EOF + fi fi iptables-save --counters | grep -v omr-bypass-dpi | iptables-restore -w --counters @@ -460,14 +523,16 @@ start_service() { -A POSTROUTING -m addrtype --dst-type LOCAL -j omr-bypass-dpi COMMIT EOF - ip6tables-save --counters | grep -v omr-bypass6-dpi | ip6tables-restore --counters - ip6tables-restore --wait=60 --noflush <<-EOF - *mangle - :omr-bypass6-dpi - - -A PREROUTING -m addrtype ! --dst-type LOCAL -j omr-bypass6-dpi - -A POSTROUTING -m addrtype --dst-type LOCAL -j omr-bypass6-dpi - COMMIT - EOF + if [ "$disableipv6" != "1" ]; then + ip6tables-save --counters | grep -v omr-bypass6-dpi | ip6tables-restore -w --counters + ip6tables-restore -w --wait=60 --noflush <<-EOF + *mangle + :omr-bypass6-dpi - + -A PREROUTING -m addrtype ! --dst-type LOCAL -j omr-bypass6-dpi + -A POSTROUTING -m addrtype --dst-type LOCAL -j omr-bypass6-dpi + COMMIT + EOF + fi config_load omr-bypass config_foreach _bypass_proto dpis diff --git a/luci-app-omr-bypass/root/usr/share/luci/menu.d/luci-app-omr-bypass.json b/luci-app-omr-bypass/root/usr/share/luci/menu.d/luci-app-omr-bypass.json index c024c61e0..24cc23af3 100644 --- a/luci-app-omr-bypass/root/usr/share/luci/menu.d/luci-app-omr-bypass.json +++ b/luci-app-omr-bypass/root/usr/share/luci/menu.d/luci-app-omr-bypass.json @@ -5,6 +5,9 @@ "action": { "type": "view", "path": "services/omr-bypass" + }, + "depends": { + "acl": [ "luci-app-omr-bypass" ] } } } diff --git a/luci-app-omr-bypass/root/usr/share/rpcd/acl.d/luci-app-omr-bypass.json b/luci-app-omr-bypass/root/usr/share/rpcd/acl.d/luci-app-omr-bypass.json index 154554d4d..3281f4fca 100644 --- a/luci-app-omr-bypass/root/usr/share/rpcd/acl.d/luci-app-omr-bypass.json +++ b/luci-app-omr-bypass/root/usr/share/rpcd/acl.d/luci-app-omr-bypass.json @@ -4,7 +4,7 @@ "read": { "file": { "/proc/net/xt_ndpi/proto": [ "read" ], - "/proc/net/xt_ndpi/host_proto": [ "read" ], + "/proc/net/xt_ndpi/host_proto": [ "read" ] }, "ubus": { "luci-rpc": [ "getHostHints" ] diff --git a/luci-app-omr-dscp/root/etc/init.d/omr-dscp b/luci-app-omr-dscp/root/etc/init.d/omr-dscp index e71f79b6f..9ea0d661f 100755 --- a/luci-app-omr-dscp/root/etc/init.d/omr-dscp +++ b/luci-app-omr-dscp/root/etc/init.d/omr-dscp @@ -81,6 +81,8 @@ _add_dscp_rules() { direction="" ; config_get direction "$1" direction "upload" comment="" ; config_get comment "$1" comment "-" + src_port="$(echo $src_port | sed 's/-/:/g')" + dest_port="$(echo $dest_port | sed 's/-/:/g')" case "$direction" in upload|both) # Apply the rule locally @@ -142,28 +144,28 @@ _add_dscp_output_chain() { _remove_prerouting_chain() { _ipt4 -F "$1" 2>/dev/null || return _ipt4 -D PREROUTING -i "$lan_device" -j "$1" - _ipt4 -X "$1" + _ipt4 -X "$1" 2>/dev/null _ipt6 -F "$1" 2>/dev/null || return _ipt6 -D PREROUTING -i "$lan_device" -j "$1" - _ipt6 -X "$1" + _ipt6 -X "$1" 2>/dev/null } _remove_postrouting_chain() { _ipt4 -F "$1" 2>/dev/null || return _ipt4 -D POSTROUTING -j "$1" - _ipt4 -X "$1" + _ipt4 -X "$1" 2>/dev/null _ipt6 -F "$1" 2>/dev/null || return _ipt6 -D POSTROUTING -j "$1" - _ipt6 -X "$1" + _ipt6 -X "$1" 2>/dev/null } _remove_output_chain() { _ipt4 -F "$1" 2>/dev/null || return _ipt4 -D OUTPUT -j "$1" - _ipt4 -X "$1" + _ipt4 -X "$1" 2>/dev/null _ipt6 -F "$1" 2>/dev/null || return _ipt6 -D OUTPUT -j "$1" - _ipt6 -X "$1" + _ipt6 -X "$1" 2>/dev/null } _remove_ipset_dnsmasq() { diff --git a/luci-app-omr-dscp/root/usr/share/luci/menu.d/luci-app-omr-dscp.json b/luci-app-omr-dscp/root/usr/share/luci/menu.d/luci-app-omr-dscp.json new file mode 100644 index 000000000..bd3fe3960 --- /dev/null +++ b/luci-app-omr-dscp/root/usr/share/luci/menu.d/luci-app-omr-dscp.json @@ -0,0 +1,13 @@ +{ + "admin/network/omr-dscp": { + "title": "OMR-DSCP", + "order": 80, + "action": { + "type": "cbi", + "path": "dscp" + }, + "depends": { + "acl": [ "luci-app-omr-dscp" ] + } + } +} diff --git a/luci-app-omr-dscp/root/usr/share/rpcd/acl.d/luci-app-dscp.json b/luci-app-omr-dscp/root/usr/share/rpcd/acl.d/luci-app-omr-dscp.json similarity index 83% rename from luci-app-omr-dscp/root/usr/share/rpcd/acl.d/luci-app-dscp.json rename to luci-app-omr-dscp/root/usr/share/rpcd/acl.d/luci-app-omr-dscp.json index 4cb8a0bb1..ec318e6ee 100644 --- a/luci-app-omr-dscp/root/usr/share/rpcd/acl.d/luci-app-dscp.json +++ b/luci-app-omr-dscp/root/usr/share/rpcd/acl.d/luci-app-omr-dscp.json @@ -1,5 +1,5 @@ { - "luci-app-dscp": { + "luci-app-omr-dscp": { "description": "Grant UCI access for luci-app-dscp", "read": { "uci": [ "dscp" ] diff --git a/luci-app-omr-quota/root/usr/share/luci/menu.d/luci-app-omr-quota.json b/luci-app-omr-quota/root/usr/share/luci/menu.d/luci-app-omr-quota.json new file mode 100644 index 000000000..73ac0e6f4 --- /dev/null +++ b/luci-app-omr-quota/root/usr/share/luci/menu.d/luci-app-omr-quota.json @@ -0,0 +1,13 @@ +{ + "admin/network/quota": { + "title": "Quota", + "order": 90, + "action": { + "type": "cbi", + "path": "quota/quota" + }, + "depends": { + "acl": [ "luci-app-omr-quota" ] + } + } +} diff --git a/luci-app-omr-tracker/luasrc/model/cbi/omr-tracker.lua b/luci-app-omr-tracker/luasrc/model/cbi/omr-tracker.lua index 99dd33fde..00faed5b8 100644 --- a/luci-app-omr-tracker/luasrc/model/cbi/omr-tracker.lua +++ b/luci-app-omr-tracker/luasrc/model/cbi/omr-tracker.lua @@ -41,6 +41,37 @@ o.default = { "bing.com", "google.com" } o.rmempty = false +s = m:section(TypedSection, "server", translate("Server tracker Settings"), translate("Detect if Server is down and use defined backup server in this case.")) +s.anonymous = true +s.addremove = false + +local sdata = m:get('server') +if not sdata then + m:set('server', nil, 'server') + m:set('server', 'enabled', "1") +end + +o = s:option(Flag, "enabled", translate("Enable"), translate("When tracker is disabled, server failover is also disabled")) +o.rmempty = false + +o = s:option(Value, "timeout", translate("Timeout (s)")) +o.placeholder = "1" +o.default = "1" +o.datatype = "range(1, 100)" +o.rmempty = false + +o = s:option(Value, "tries", translate("Tries")) +o.placeholder = "4" +o.default = "4" +o.datatype = "range(1, 10)" +o.rmempty = false + +o = s:option(Value, "interval", translate("Retry interval (s)")) +o.placeholder = "2" +o.default = "2" +o.datatype = "range(1, 100)" +o.rmempty = false + s = m:section(TypedSection, "defaults", translate("Defaults Settings"), translate("OMR-Tracker detect when a connection is down and execute needed scripts")) s.anonymous = true diff --git a/luci-app-omr-tracker/root/usr/share/luci/menu.d/luci-app-omr-tracker.json b/luci-app-omr-tracker/root/usr/share/luci/menu.d/luci-app-omr-tracker.json new file mode 100644 index 000000000..ed1c7a074 --- /dev/null +++ b/luci-app-omr-tracker/root/usr/share/luci/menu.d/luci-app-omr-tracker.json @@ -0,0 +1,13 @@ +{ + "admin/services/omr-tracker": { + "title": "OMR-Tracker", + "order": 10, + "action": { + "type": "cbi", + "path": "omr-tracker" + }, + "depends": { + "acl": [ "luci-app-omr-tracker" ] + } + } +} diff --git a/luci-app-openmptcprouter/htdocs/luci-static/resources/openmptcprouter/css/wanstatus.css b/luci-app-openmptcprouter/htdocs/luci-static/resources/openmptcprouter/css/wanstatus.css index 04786f927..e15b2e915 100644 --- a/luci-app-openmptcprouter/htdocs/luci-static/resources/openmptcprouter/css/wanstatus.css +++ b/luci-app-openmptcprouter/htdocs/luci-static/resources/openmptcprouter/css/wanstatus.css @@ -247,7 +247,7 @@ Thanks :)*/ width: 400px; max-width: 400px; box-sizing: border-box; - height: 170px; + min-height: 170px; } .network-node .equipment-icon { position: relative; @@ -293,6 +293,13 @@ Thanks :)*/ font-weight: 700; color: #333333; } + +.network-node .info .title i { + font-weight: lighter; + font-size: 5px; + text-transform: uppercase; +} + .network-node .info .status-message { display: block; } @@ -315,10 +322,10 @@ Thanks :)*/ padding-right: 195px; } #omr { - height: 190px; + min-height: 190px; } #omr-vps { - height: 160px; + min-height: 160px; } .space { height: 55px; diff --git a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua index 7d83993a6..702120b09 100644 --- a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua +++ b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua @@ -167,6 +167,8 @@ function wizard_add() ucic:set("sqm","wan" .. i,"verbosity","5") ucic:set("sqm","wan" .. i,"download","0") ucic:set("sqm","wan" .. i,"upload","0") + ucic:set("sqm","wan" .. i,"iqdisc_opts","autorate-ingress nat dual-dsthost") + ucic:set("sqm","wan" .. i,"eqdisc_opts","nat dual-srchost") ucic:save("sqm") ucic:commit("sqm") @@ -263,6 +265,8 @@ function wizard_add() ucic:set("sqm",intf,"verbosity","5") ucic:set("sqm",intf,"download","0") ucic:set("sqm",intf,"upload","0") + ucic:set("sqm",intf,"iqdisc_opts","autorate-ingress nat dual-dsthost") + ucic:set("sqm",intf,"eqdisc_opts","nat dual-srchost") end if downloadspeed ~= "0" and uploadspeed ~= "0" and downloadspeed ~= "" and uploadspeed ~= "" then @@ -281,6 +285,8 @@ function wizard_add() ucic:set("qos",intf,"enabled","0") end if sqmenabled == "1" then + ucic:set("sqm",intf,"iqdisc_opts","autorate-ingress nat dual-dsthost") + ucic:set("sqm",intf,"eqdisc_opts","nat dual-srchost") ucic:set("sqm",intf,"enabled","1") ucic:set("qos",intf,"enabled","1") else @@ -306,6 +312,8 @@ function wizard_add() ucic:set("openmptcprouter","settings","disable_ipv6",disableipv6) --local ut = require "luci.util" --local result = ut.ubus("openmptcprouter", "set_ipv6_state", { disable_ipv6 = disableipv6 }) + local ula = luci.http.formvalue("ula") or "" + ucic:set("network","globals","ula_prefix",ula) -- Get VPN set by default local default_vpn = luci.http.formvalue("default_vpn") or "glorytun_tcp" @@ -344,6 +352,7 @@ function wizard_add() -- Retrieve all server settings local serversnb = 0 + local disablednb = 0 local servers = luci.http.formvaluetable("server") for server, _ in pairs(servers) do local server_ip = luci.http.formvalue("%s.server_ip" % server) or "" @@ -352,6 +361,7 @@ function wizard_add() -- OpenMPTCProuter VPS local openmptcprouter_vps_key = luci.http.formvalue("%s.openmptcprouter_vps_key" % server) or "" local openmptcprouter_vps_username = luci.http.formvalue("%s.openmptcprouter_vps_username" % server) or "" + local openmptcprouter_vps_disabled = luci.http.formvalue("%s.openmptcprouter_vps_disabled" % server) or "" ucic:set("openmptcprouter",server,"server") ucic:set("openmptcprouter",server,"username",openmptcprouter_vps_username) ucic:set("openmptcprouter",server,"password",openmptcprouter_vps_key) @@ -364,12 +374,16 @@ function wizard_add() ucic:set("openmptcprouter",server,"master","0") ucic:set("openmptcprouter",server,"backup","1") end - ucic:set("openmptcprouter",server,"ip",server_ip) - ucic:set("openmptcprouter",server,"port","65500") - ucic:save("openmptcprouter") + if openmptcprouter_vps_disabled == "1" then + disablednb = disablednb + 1 + end if server_ip ~= "" then serversnb = serversnb + 1 end + ucic:set("openmptcprouter",server,"disabled",openmptcprouter_vps_disabled) + ucic:set("openmptcprouter",server,"ip",server_ip) + ucic:set("openmptcprouter",server,"port","65500") + ucic:save("openmptcprouter") end local ss_servers_nginx = {} @@ -382,50 +396,40 @@ function wizard_add() local master = luci.http.formvalue("master") or "" local server_ip = luci.http.formvalue("%s.server_ip" % server) or "" -- We have an IP, so set it everywhere - if server_ip ~= "" then + if server_ip ~= "" and luci.http.formvalue("%s.openmptcprouter_vps_disabled" % server) ~= "1" then -- Check if we have more than one IP, in this case use Nginx HA if serversnb > 1 then if master == server then ss_ip=server_ip - table.insert(ss_servers_nginx,server_ip .. ":65101 max_fails=2 fail_timeout=20s") - table.insert(ss_servers_ha,server_ip .. ":65101 check") - if vpn_port ~= "" then - table.insert(vpn_servers,server_ip .. ":" .. vpn_port .. " max_fails=2 fail_timeout=20s") - end - else - table.insert(ss_servers_nginx,server_ip .. ":65101 backup") - table.insert(ss_servers_ha,server_ip .. ":65101 backup") - if vpn_port ~= "" then - table.insert(vpn_servers,server_ip .. ":" .. vpn_port .. " backup") - end + ucic:set("shadowsocks-libev","sss0","server",server_ip) + ucic:set("glorytun","vpn","host",server_ip) + ucic:set("dsvpn","vpn","host",server_ip) + ucic:set("mlvpn","general","host",server_ip) + ucic:set("ubond","general","host",server_ip) + luci.sys.call("uci -q del openvpn.omr.remote") + luci.sys.call("uci -q add_list openvpn.omr.remote=" .. server_ip) + ucic:set("qos","serverin","srchost",server_ip) + ucic:set("qos","serverout","dsthost",server_ip) end k = k + 1 - ucic:set("nginx-ha","ShadowSocks","enable","1") - ucic:set("nginx-ha","VPN","enable","1") - ucic:set("nginx-ha","ShadowSocks","upstreams",ss_servers_nginx) - ucic:set("nginx-ha","VPN","upstreams",vpn_servers) + ucic:set("nginx-ha","ShadowSocks","enable","0") + ucic:set("nginx-ha","VPN","enable","0") ucic:set("haproxy-tcp","general","enable","0") - ucic:set("haproxy-tcp","general","upstreams",ss_servers_ha) ucic:set("openmptcprouter","settings","ha","1") - server_ip = "127.0.0.1" - --ucic:set("shadowsocks-libev","sss0","server",ss_ip) else ucic:set("openmptcprouter","settings","ha","0") ucic:set("nginx-ha","ShadowSocks","enable","0") ucic:set("nginx-ha","VPN","enable","0") - --ucic:set("shadowsocks-libev","sss0","server",server_ip) - --ucic:set("openmptcprouter","vps","ip",server_ip) - --ucic:save("openmptcprouter") + ucic:set("shadowsocks-libev","sss0","server",server_ip) + ucic:set("glorytun","vpn","host",server_ip) + ucic:set("dsvpn","vpn","host",server_ip) + ucic:set("mlvpn","general","host",server_ip) + ucic:set("ubond","general","host",server_ip) + luci.sys.call("uci -q del openvpn.omr.remote") + luci.sys.call("uci -q add_list openvpn.omr.remote=" .. server_ip) + ucic:set("qos","serverin","srchost",server_ip) + ucic:set("qos","serverout","dsthost",server_ip) end - ucic:set("shadowsocks-libev","sss0","server",server_ip) - ucic:set("glorytun","vpn","host",server_ip) - ucic:set("dsvpn","vpn","host",server_ip) - ucic:set("mlvpn","general","host",server_ip) - ucic:set("ubond","general","host",server_ip) - luci.sys.call("uci -q del openvpn.omr.remote") - luci.sys.call("uci -q add_list openvpn.omr.remote=" .. server_ip) - ucic:set("qos","serverin","srchost",server_ip) - ucic:set("qos","serverout","dsthost",server_ip) end end @@ -449,17 +453,25 @@ function wizard_add() local encryption = luci.http.formvalue("encryption") if encryption == "none" then ucic:set("shadowsocks-libev","sss0","method","none") + ucic:save("shadowsocks-libev") elseif encryption == "aes-256-gcm" then ucic:set("shadowsocks-libev","sss0","method","aes-256-gcm") ucic:set("glorytun","vpn","chacha20","0") + ucic:save("glorytun") + ucic:save("shadowsocks-libev") elseif encryption == "chacha20-ietf-poly1305" then ucic:set("shadowsocks-libev","sss0","method","chacha20-ietf-poly1305") ucic:set("glorytun","vpn","chacha20","1") + ucic:save("glorytun") + ucic:save("shadowsocks-libev") end -- Set ShadowSocks settings local shadowsocks_key = luci.http.formvalue("shadowsocks_key") local shadowsocks_disable = luci.http.formvalue("disableshadowsocks") or "0" + if disablednb == serversnb then + shadowsocks_disable = 1 + end if shadowsocks_key ~= "" then ucic:set("shadowsocks-libev","sss0","key",shadowsocks_key) --ucic:set("shadowsocks-libev","sss0","method","chacha20-ietf-poly1305") @@ -484,7 +496,7 @@ function wizard_add() end -- Set Glorytun settings - if default_vpn:match("^glorytun.*") then + if default_vpn:match("^glorytun.*") and disablednb ~= serversnb then ucic:set("glorytun","vpn","enable",1) else ucic:set("glorytun","vpn","enable",0) @@ -518,7 +530,7 @@ function wizard_add() ucic:commit("glorytun") -- Set A Dead Simple VPN settings - if default_vpn == "dsvpn" then + if default_vpn == "dsvpn" and disablednb ~= serversnb then ucic:set("dsvpn","vpn","enable",1) else ucic:set("dsvpn","vpn","enable",0) @@ -541,7 +553,7 @@ function wizard_add() ucic:commit("dsvpn") -- Set MLVPN settings - if default_vpn == "mlvpn" then + if default_vpn == "mlvpn" and disablednb ~= serversnb then ucic:set("mlvpn","general","enable",1) ucic:set("network","omrvpn","proto","dhcp") else @@ -561,7 +573,7 @@ function wizard_add() ucic:commit("mlvpn") -- Set UBOND settings - if default_vpn == "ubond" then + if default_vpn == "ubond" and disablednb ~= serversnb then ucic:set("ubond","general","enable",1) ucic:set("network","omrvpn","proto","dhcp") else @@ -580,7 +592,7 @@ function wizard_add() ucic:save("ubond") ucic:commit("ubond") - if default_vpn == "openvpn" then + if default_vpn == "openvpn" and disablednb ~= serversnb then ucic:set("openvpn","omr","enabled",1) ucic:set("network","omrvpn","proto","none") else @@ -605,6 +617,7 @@ function wizard_add() -- Restart all if gostatus == true then luci.sys.call("(env -i /bin/ubus call network reload) >/dev/null 2>/dev/null") + luci.sys.call("/etc/init.d/omr-tracker stop >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/mptcp restart >/dev/null 2>/dev/null") if openmptcprouter_vps_key ~= "" then luci.sys.call("/etc/init.d/openmptcprouter-vps restart >/dev/null 2>/dev/null") @@ -617,7 +630,7 @@ function wizard_add() luci.sys.call("/etc/init.d/ubond restart >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/openvpn restart >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/dsvpn restart >/dev/null 2>/dev/null") - luci.sys.call("/etc/init.d/omr-tracker restart >/dev/null 2>/dev/null") + luci.sys.call("/etc/init.d/omr-tracker start >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/omr-6in4 restart >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/mptcpovervpn restart >/dev/null 2>/dev/null") luci.sys.call("/etc/init.d/vnstat restart >/dev/null 2>/dev/null") @@ -683,6 +696,10 @@ function settings_add() local disablegwping = luci.http.formvalue("disablegwping") or "0" ucic:set("openmptcprouter","settings","disablegwping",disablegwping) + -- Enable/disable default gateway + local disabledefaultgw = luci.http.formvalue("disabledefaultgw") or "1" + ucic:set("openmptcprouter","settings","defaultgw",disabledefaultgw) + -- Enable/disable server ping local disableserverping = luci.http.formvalue("disableserverping") or "0" ucic:set("openmptcprouter","settings","disableserverping",disableserverping) @@ -701,6 +718,18 @@ function settings_add() ucic:set("shadowsocks-libev",section[".name"],"fast_open",fastopen) end) + -- Enable/disable no delay + local nodelay = luci.http.formvalue("enablenodelay") or "0" + ucic:set("openmptcprouter","settings","enable_nodelay",nodelay) + luci.sys.exec("sysctl -w net.ipv4.tcp_low_latency=%s" % nodelay) + luci.sys.exec("sed -i 's:^net.ipv4.tcp_low_latency=[0-9]*:net.ipv4.tcp_low_latency=%s:' /etc/sysctl.d/zzz_openmptcprouter.conf" % nodelay) + ucic:foreach("shadowsocks-libev", "ss_redir", function (section) + ucic:set("shadowsocks-libev",section[".name"],"no_delay",nodelay) + end) + ucic:foreach("shadowsocks-libev", "ss_local", function (section) + ucic:set("shadowsocks-libev",section[".name"],"no_delay",nodelay) + end) + -- Enable/disable obfs local obfs = luci.http.formvalue("obfs") or "0" diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm index 4edca015c..fbd6fff04 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm @@ -164,6 +164,16 @@ +
+ +
+ checked<% end %>> +
+
+ <%:Optimize for latency instead of bandwidth%> +
+
+
@@ -184,6 +194,16 @@
+
+ +
+ checked<% end %>> +
+
+ <%:Disable default gateway, no internet if VPS are down%> +
+
+
diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm index f485e4849..08f29e1b4 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wanstatus.htm @@ -31,9 +31,9 @@ -- * Many tests -%> <%+header%> - - - + + + diff --git a/luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/header.htm b/luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/header.htm index 37b208ee5..6bc227f93 100644 --- a/luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/header.htm +++ b/luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/header.htm @@ -40,9 +40,6 @@ <% end -%> - - - <% include("themes/openmptcprouter/json-menu") %> "> @@ -51,12 +48,7 @@
OMR OpenMPTCProuter -
- -
+
diff --git a/luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/json-menu.htm b/luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/json-menu.htm deleted file mode 100644 index b38406f65..000000000 --- a/luci-theme-openmptcprouter/luasrc/view/themes/openmptcprouter/json-menu.htm +++ /dev/null @@ -1,119 +0,0 @@ - diff --git a/mlvpn/Makefile b/mlvpn/Makefile index e12c619ab..b81a2dc6a 100644 --- a/mlvpn/Makefile +++ b/mlvpn/Makefile @@ -8,16 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mlvpn -#PKG_VERSION:=6f13423b -#PKG_VERSION:=8f972097 -#PKG_VERSION:=f45cec35 -PKG_VERSION:=3cf976fe +PKG_VERSION:=67f9f31d PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git -#PKG_SOURCE_URL:=https://github.com/zehome/MLVPN.git -#PKG_SOURCE_VERSION:=6f13423b8108f46edb9f230deee20e3741abe64c -#PKG_SOURCE_DATE:=2017-09-01 +PKG_SOURCE_URL:=https://github.com/zehome/MLVPN.git +PKG_SOURCE_VERSION:=67f9f31ddd6dba9514e51b36e855a2a5e973ee93 +PKG_SOURCE_DATE:=2020-03-29 #PKG_SOURCE_URL:=https://github.com/markfoodyburton/MLVPN.git #PKG_SOURCE_VERSION:=8f9720978b28c1954f9f229525333547283316d2 #PKG_SOURCE_DATE:=2018-09-03 @@ -26,9 +23,9 @@ PKG_SOURCE_PROTO:=git #PKG_SOURCE_VERSION:=f45cec350a6879b8b020143a78134a022b5df2a7 #PKG_SOURCE_DATE:=2019-05-31 -PKG_SOURCE_URL:=https://github.com/link4all/MLVPN.git -PKG_SOURCE_VERSION:=3cf976fe37a118a47bc42f51c0294beba0499652 -PKG_SOURCE_DATE:=2019-07-13 +#PKG_SOURCE_URL:=https://github.com/link4all/MLVPN.git +#PKG_SOURCE_VERSION:=3cf976fe37a118a47bc42f51c0294beba0499652 +#PKG_SOURCE_DATE:=2019-07-13 PKG_LICENSE:=BSD-2-Clause diff --git a/mlvpn/patches/021-mlvpn-bind.patch b/mlvpn/patches/021-mlvpn-bind.patch deleted file mode 100644 index 42221bd9f..000000000 --- a/mlvpn/patches/021-mlvpn-bind.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/mlvpn.c 2018-08-25 07:39:53.625002006 +0200 -+++ b/src/mlvpn.c 2018-08-25 07:40:35.696481066 +0200 -@@ -1019,7 +1019,7 @@ - #endif - if (*t->binddev) { - memset(&ifr, 0, sizeof(ifr)); -- snprintf(ifr.ifr_name, sizeof(ifr.ifr_name) - 1, t->binddev); -+ snprintf(ifr.ifr_name, sizeof(ifr.ifr_name) - 1, "%s", t->binddev); - if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)) < 0) { - log_warn(NULL, "failed to bind on interface %s", t->binddev); - } diff --git a/mptcp/files/etc/init.d/mptcp b/mptcp/files/etc/init.d/mptcp index 6fb249137..53279a243 100755 --- a/mptcp/files/etc/init.d/mptcp +++ b/mptcp/files/etc/init.d/mptcp @@ -62,7 +62,7 @@ interface_multipath_settings() { [ "$config" = "lan" ] && mode="off" [ "$config" = "omrvpn" ] && mode="off" [ "$config" = "omr6in4" ] && mode="off" - [ "$mode" = "" ] && mode="on" + [ "$mode" = "" ] && mode="off" logger -t "MPTCP" "Multipath not defined for $config set to $mode" uci -q set network.${config}.multipath="$mode" uci -q set openmptcprouter.${config}.multipath="$mode" @@ -74,10 +74,10 @@ interface_multipath_settings() { uci -q set network.${config}.peerdns=0 } [ "$mode" = "master" ] && { - mode="on" # Force that only one interface is master if [ "$master" != "" ]; then logger -t "MPTCP" "Multipath master already set, disable master for $config" + mode="on" config_set "$config" multipath "on" uci -q set network.${config}.multipath="on" uci -q set openmptcprouter.${config}.multipath="on" @@ -274,11 +274,11 @@ interface_multipath_settings() { [ "$mode" = "master" ] && { ip -6 route replace default via $gateway6 dev $iface } - [ "$mode" = "off" ] && { - ifconfig $iface txqueuelen 50 > /dev/null 2>&1 - } || { - ifconfig $iface txqueuelen 100 > /dev/null 2>&1 - } + #[ "$mode" = "off" ] && { + # ifconfig $iface txqueuelen 50 > /dev/null 2>&1 + #} || { + # ifconfig $iface txqueuelen 100 > /dev/null 2>&1 + #} fi fi } @@ -355,6 +355,15 @@ start_service() { . /lib/functions.sh . /lib/functions/network.sh global_multipath_settings + + [ -n "$(ubus call system board | jsonfilter -e '@.board_name' | grep '3-model-b')" ] && [ "$(ip link show eth0 | grep UP)" = "" ] && { + # RPI 3 workaround no network at boot + ethtool eth0 > /dev/null 2>&1 + ethtool -s eth0 autoneg off > /dev/null 2>&1 + ip link set eth0 up > /dev/null 2>&1 + ethtool -s eth0 autoneg on > /dev/null 2>&1 + } + mptcpintf="" master="" config_load network @@ -363,9 +372,12 @@ start_service() { #config_foreach remove rule #config_foreach remove rule6 [ -z "$intf" ] && [ -n "$(uci -q get network.@route[-1])" ] && { - logger -t "MPTCP" "Flush main table" - ip route flush table main - ip -6 route flush table main + # logger -t "MPTCP" "Flush main table" + # ip route flush table main + # ip -6 route flush table main + logger -t "MPTCP" "Flush route cache" + ip route flush cache + ip -6 route flush cache } config_foreach interface_multipath_settings interface $intf set_multipath @@ -383,7 +395,7 @@ start_service() { uci -q commit network uci -q commit openmptcprouter [ -n "$(ubus call system board | jsonfilter -e '@.board_name' | grep raspberry)" ] && [ -z "$(ubus call system board | jsonfilter -e '@.board_name' | grep '4-model-b')" ] && { - ethtool --offload eth0 rx off tx off + ethtool --offload eth0 rx off tx off > /dev/null 2>&1 } } diff --git a/mptcp/files/etc/uci-defaults/mptcp-defaults b/mptcp/files/etc/uci-defaults/mptcp-defaults index 324eb9560..ba9d2e812 100755 --- a/mptcp/files/etc/uci-defaults/mptcp-defaults +++ b/mptcp/files/etc/uci-defaults/mptcp-defaults @@ -1,5 +1,5 @@ #!/bin/sh -if [ "$(uci -q show network.globals | grep mptcp_path_manager)" = "" ]; then +if [ "$(uci -q get network.globals.mptcp_path_manager)" = "" ]; then uci -q batch <<-EOF >/dev/null set network.globals.multipath='enable' set network.globals.mptcp_path_manager='fullmesh' @@ -11,12 +11,12 @@ if [ "$(uci -q show network.globals | grep mptcp_path_manager)" = "" ]; then commit network EOF fi -if [ "$(uci -q get network.globals.congestion)" != "bbr" ]; then - uci -q batch <<-EOF >/dev/null - set network.globals.congestion=bbr - commit network - EOF -fi +#if [ "$(uci -q get network.globals.congestion)" != "bbr" ]; then +# uci -q batch <<-EOF >/dev/null +# set network.globals.congestion=bbr +# commit network +# EOF +#fi if [ "$(uci -q get network.globals.mptcp_syn_retries)" = "1" ]; then uci -q batch <<-EOF >/dev/null set network.globals.mptcp_syn_retries=2 diff --git a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking index 2e19c0fc8..fcebb92e7 100755 --- a/mptcp/files/usr/share/omr/post-tracking.d/post-tracking +++ b/mptcp/files/usr/share/omr/post-tracking.d/post-tracking @@ -2,16 +2,16 @@ SETROUTE=false set_route() { - local multipath_config interface_gw interface_if + local multipath_config_route interface_gw interface_if INTERFACE=$1 PREVINTERFACE=$2 - multipath_config=$(uci -q get network.$INTERFACE.multipath) - [ -z "$multipath_config" ] && multipath_config=$(uci -q get openmptcprouter.$INTERFACE.multipath || echo "off") + multipath_config_route=$(uci -q get openmptcprouter.$INTERFACE.multipath) + [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$INTERFACE.multipath || echo "off") interface_if=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') [ -z "$interface_if" ] && interface_if=$(ifstatus "${INTERFACE}_4" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') [ -z "$interface_if" ] && interface_if=$(uci -q get network.$INTERFACE.ifname) interface_current_config=$(uci -q get openmptcprouter.$INTERFACE.state || echo "up") - if [ "$multipath_config" != "off" ] && [ "$SETROUTE" != true ] && [ "$INTERFACE" != "$PREVINTERFACE" ] && [ "$interface_current_config" = "up" ]; then + if [ "$multipath_config_route" != "off" ] && [ "$SETROUTE" != true ] && [ "$INTERFACE" != "$PREVINTERFACE" ] && [ "$interface_current_config" = "up" ]; then interface_gw="$(uci -q get network.$INTERFACE.gateway)" if [ -z "$interface_gw" ]; then interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") @@ -32,9 +32,11 @@ set_route() { set_server_default_route() { local server=$1 - local serverip + local serverip multipath_config_route config_get serverip $server ip - multipath_config_route=$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath) + config_get disabled $server disabled + [ "$disabled" = "1" ] && return + multipath_config_route=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath) [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath || echo "off") if [ "$serverip" != "" ] && [ "$OMR_TRACKER_DEVICE_GATEWAY" != "" ] && [ "$(ip route show dev $OMR_TRACKER_DEVICE metric 1 | grep $serverip | grep $OMR_TRACKER_DEVICE_GATEWAY)" = "" ] && [ "$multipath_config_route" != "off" ]; then _log "Set server $server ($serverip) default route via $OMR_TRACKER_DEVICE_GATEWAY" @@ -46,6 +48,8 @@ delete_server_default_route() { local server=$1 local serverip config_get serverip $server ip + config_get disabled $server disabled + [ "$disabled" = "1" ] && return if [ "$serverip" != "" ] && [ "$(ip route show $serverip metric 1)" != "" ]; then _log "Delete server ($serverip) default route" ip route del $serverip metric 1 >/dev/null 2>&1 @@ -53,16 +57,17 @@ delete_server_default_route() { } set_routes_intf() { + local multipath_config_route local INTERFACE=$1 - multipath_config=$(uci -q get network.$INTERFACE.multipath) - [ -z "$multipath_config" ] && multipath_config_route=$(uci -q get network.$INTERFACE.multipath || echo "off") + nbintf=$((nbintf+1)) + multipath_config_route=$(uci -q get openmptcprouter.$INTERFACE.multipath) + [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$INTERFACE.multipath || echo "off") interface_if=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') [ -z "$interface_if" ] && interface_if=$(ifstatus "${INTERFACE}_4" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') [ -z "$interface_if" ] && interface_if=$(uci -q get network.$INTERFACE.ifname) #multipath_current_config=$(multipath $interface_if | grep 'deactivated') interface_current_config=$(uci -q get openmptcprouter.$INTERFACE.state || echo "up") - #if [ "$multipath_config" != "off" ] && [ "$multipath_current_config" = "" ] && [ "$interface_if" != "" ]; then - if [ "$multipath_config" != "off" ] && [ "$interface_current_config" = "up" ] && [ "$interface_if" != "" ]; then + if [ "$multipath_config_route" != "off" ] && [ "$interface_current_config" = "up" ] && [ "$interface_if" != "" ]; then interface_gw="$(uci -q get network.$INTERFACE.gateway)" if [ -z "$interface_gw" ]; then interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") @@ -75,21 +80,31 @@ set_routes_intf() { fi #if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ] && [ "$(ip route show $serverip | grep $interface_if)" = "" ]; then if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ]; then - routesintf="$routesintf nexthop via $interface_gw dev $interface_if weight 1" + if [ "$multipath_config_route" = "master" ]; then + weight=10 + else + weight=1 + fi + if [ "$multipath_config_route" = "backup" ]; then + routesintfbackup="$routesintf nexthop via $interface_gw dev $interface_if weight $weight" + else + routesintf="$routesintf nexthop via $interface_gw dev $interface_if weight $weight" + fi fi fi } set_route_balancing() { - local multipath_config interface_gw interface_if + local multipath_config_route interface_gw interface_if INTERFACE=$1 - multipath_config=$(uci -q get network.$INTERFACE.multipath) - [ -z "$multipath_config" ] && multipath_config=$(uci -q get openmptcprouter.$INTERFACE.multipath || echo "off") + nbintf=$((nbintf+1)) + multipath_config_route=$(uci -q get openmptcprouter.$INTERFACE.multipath) + [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$INTERFACE.multipath || echo "off") interface_if=$(ifstatus "$INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') [ -z "$interface_if" ] && interface_if=$(ifstatus "${INTERFACE}_4" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') [ -z "$interface_if" ] && interface_if=$(uci -q get network.$INTERFACE.ifname) interface_current_config=$(uci -q get openmptcprouter.$INTERFACE.state || echo "up") - if [ "$multipath_config" != "off" ] && [ "$interface_current_config" = "up" ]; then + if [ "$multipath_config_route" != "off" ] && [ "$interface_current_config" = "up" ]; then interface_gw="$(uci -q get network.$INTERFACE.gateway)" if [ -z "$interface_gw" ]; then interface_gw=$(ubus call network.interface.$INTERFACE status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") @@ -101,28 +116,48 @@ set_route_balancing() { interface_gw=$(ubus call network.interface.${INTERFACE}_4 status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") fi if [ "$interface_gw" != "" ] && [ "$interface_if" != "" ]; then - routesbalancing="$routesbalancing nexthop via $interface_gw dev $interface_if weight 1" + if [ "$(uci -q get network.$INTERFACE.weight)" != "" ]; then + weight=$(uci -q get network.$INTERFACE.weight) + elif [ "$(uci -q get openmtpcprouter.$INTERFACE.weight)" != "" ]; then + weight=$(uci -q get openmtpcprouter.$INTERFACE.weight) + elif [ "$multipath_config_route" = "master" ]; then + weight=2 + else + weight=1 + fi + if [ "$multipath_config_route" = "backup" ]; then + routesbalancingbackup="$routesbalancingbackup nexthop via $interface_gw dev $interface_if weight $weight" + else + routesbalancing="$routesbalancing nexthop via $interface_gw dev $interface_if weight $weight" + fi fi fi } set_server_all_routes() { local server=$1 - local serverip + local serverip multipath_config_route config_get serverip $server ip + config_get disabled $server disabled + [ "$disabled" = "1" ] && return interface_if=$(uci -q get network.$OMR_TRACKER_INTERFACE.ifname) [ -z "$interface_if" ] && interface_if=$(ifstatus "$OMR_TRACKER_INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') [ -z "$interface_if" ] && interface_if=$(ifstatus "${OMR_TRACKER_INTERFACE}_4" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') - multipath_config_route=$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath) - [ -z "$multipath_config_route" ] && multipath_config_route=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath || echo "off") - if [ "$serverip" != "" ] && [ "$OMR_TRACKER_DEVICE_GATEWAY" != "" ] && [ "$(ip route show $serverip | grep nexthop | grep $OMR_TRACKER_DEVICE_GATEWAY | grep $OMR_TRACKER_DEVICE)" = "" ] && [ "$multipath_config_route" != "off" ]; then + multipath_config_route=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath || echo "off") + if [ "$serverip" != "" ] && [ "$OMR_TRACKER_DEVICE_GATEWAY" != "" ] && [ "$multipath_config_route" != "off" ]; then routesintf="" + routesintfbackup="" + nbintf=0 config_load network config_foreach set_routes_intf interface - [ -n "$routesintf" ] && { - _log "Set server $server default route $serverip $routesintf" + [ -n "$routesintf" ] && ([ "$nbintf" -gt "1" ] && [ "$(ip r show $serverip | tr -d '\t' | tr -d '\n')" != "$serverip $routesintf " ]) || ([ "$nbintf" = "1" ] && [ "$(ip r show $serverip | grep $OMR_TRACKER_INTERFACE)" = "" ]) && { + _log "Set server $server ($serverip) default route $serverip $routesintf" ip route replace $serverip scope global $routesintf } + [ -n "$routesintfbackup" ] && ([ "$nbintf" -gt "1" ] && [ "$(ip r show $serverip | tr -d '\t' | tr -d '\n')" != "$serverip $routesintfbackup " ]) || ([ "$nbintf" = "1" ] && [ "$(ip r show $serverip | grep $OMR_TRACKER_INTERFACE)" = "" ]) && { + _log "Set server $server ($serverip) default route $serverip $routesintf" + ip route replace $serverip scope global metric 999 $routesintf + } fi } @@ -130,12 +165,14 @@ set_server_all_routes() { set_server_route() { local server=$1 - local serverip + local serverip multipath_config_route config_get serverip $server ip + config_get disabled $server disabled + [ "$disabled" = "1" ] && return local metric=$2 [ -z "$metric" ] && metric=$(uci -q get network.$OMR_TRACKER_INTERFACE.metric) - multipath_config_route=$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath) - [ "$multipath_config_route" ] && multipath_config_route=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath || echo "off") + multipath_config_route=$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath) + [ "$multipath_config_route" ] && multipath_config_route=$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath || echo "off") interface_if=$(uci -q get network.$OMR_TRACKER_INTERFACE.ifname) [ -z "$interface_if" ] && interface_if=$(ifstatus "$OMR_TRACKER_INTERFACE" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') [ -z "$interface_if" ] && interface_if=$(ifstatus "${OMR_TRACKER_INTERFACE}_4" 2>/dev/null | jsonfilter -q -e '@["l3_device"]') @@ -218,22 +255,13 @@ default_gw=$(ip route show default | grep -v "metric" | awk '/default/ {print $3 # An interface in error will never be used in MPTCP if [ "$OMR_TRACKER_STATUS" = "ERROR" ]; then if [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "modemmanager" ]; then - timeout 1 mmcli -L | while read MODEM; do - MODEM_ID=$(echo $MODEM | awk -F' ' '{print $1}' | awk -F/ '{print $6}') - MODEM_INFO="$(timeout 1 mmcli -m $MODEM_ID --output-keyvalue)" - if [ -n "$MODEM_INFO" ] && [ "$(echo "$MODEM_INFO" | grep 'modem.generic.device ' | awk -F": " '{print $2}')" = "$(uci -q get network.$OMR_TRACKER_INTERFACE.device)" ]; then - STATE=$(echo "$MODEM_INFO" | grep 'modem.generic.state' | awk -F": " '{print $2}') - if [ "$STATE" = "connected" ] || [ "$STATE" = "disabled" ] || [ "$STATE" = "searching" ] || [ "$STATE" = "registered" ] || [ "$STATE" = "idle" ]; then - _log "No answer from $OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE), restart interface" - _log "Set $OMR_TRACKER_INTERFACE down" - ifdown $OMR_TRACKER_INTERFACE - sleep 5 - _log "Set $OMR_TRACKER_INTERFACE up" - ifup $OMR_TRACKER_INTERFACE - sleep 10 - fi - fi - done + _log "No answer from $OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE), restart interface" + _log "Set $OMR_TRACKER_INTERFACE down" + ifdown $OMR_TRACKER_INTERFACE + sleep 5 + _log "Set $OMR_TRACKER_INTERFACE up" + ifup $OMR_TRACKER_INTERFACE + sleep 10 fi if [ "$OMR_TRACKER_PREV_STATUS" = "$OMR_TRACKER_STATUS" ]; then @@ -241,9 +269,9 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ]; then fi [ "$multipath_status" = "off" ] || { if [ "$OMR_TRACKER_STATUS_MSG" = "" ]; then - _log "$OMR_TRACKER_DEVICE switched off" + _log "$OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE) switched off" else - _log "$OMR_TRACKER_DEVICE switched off because $OMR_TRACKER_STATUS_MSG" + _log "$OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE) switched off because $OMR_TRACKER_STATUS_MSG" fi uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state='down' #if [ "$(sysctl -n net.mptcp.mptcp_enabled | tr -d '\n')" = "1" ]; then @@ -252,14 +280,23 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ]; then if [ -n "$OMR_TRACKER_DEVICE_IP" ]; then glorytun-udp path $OMR_TRACKER_DEVICE_IP dev tun0 down > /dev/null 2>&1 fi + if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.vpn)" = "1" ]; then + VPN_BASE_INTF="$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.baseintf)" + VPN_BASE_INTF_IP=$(ubus call network.interface.$VPN_BASE_INTF status | jsonfilter -e '@["ipv4-address"][0].address' | tr -d "\n") + uci -q batch <<-EOF >/dev/null + set openvpn.$VPN_BASE_INTF.local=$VPN_BASE_INTF_IP + commit openvpn + EOF + /etc/init.d/openvpn restart $VPN_BASE_INTF + fi config_load openmptcprouter config_foreach del_server_route server - #if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ]; then - # config_foreach set_server_all_routes server - #fi + if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ]; then + config_foreach set_server_all_routes server + fi } - if [ "$default_gw" = "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$default_gw" = "" ]; then + if ([ "$default_gw" = "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$default_gw" = "" ]) && [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then config_load network config_foreach set_route interface $OMR_TRACKER_INTERFACE fi @@ -273,6 +310,8 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ]; then echo -e "Subject: $OMR_SYSNAME: $OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE) is down\n\nConnection failure of $OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE) detected. The reason is \"$OMR_TRACKER_STATUS_MSG\"." | sendmail $(uci -q get mail.default.to) fi } + script_alert_down="$(uci -q get omr-tracker.$OMR_TRACKER_INTERFACE.script_alert_down)" + [ -n "$script_alert_down" ] && eval $script_alert_down if [ "$OMR_TRACKER_INTERFACE" = "glorytun" ] || [ "$OMR_TRACKER_INTERFACE" = "omrvpn" ]; then if [ "$OMR_TRACKER_STATUS_MSG" = "" ]; then @@ -280,8 +319,10 @@ if [ "$OMR_TRACKER_STATUS" = "ERROR" ]; then else _log "$OMR_TRACKER_INTERFACE down because $OMR_TRACKER_STATUS_MSG" fi - config_load network - config_foreach set_route interface $OMR_TRACKER_INTERFACE + if [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then + config_load network + config_foreach set_route interface $OMR_TRACKER_INTERFACE + fi if [ "$(uci -q get shadowsocks-libev.sss0.disabled)" != "1" ] && [ "$(uci -q get openmptcprouter.omr.shadowsocks)" = "up" ] && [ "$(uci -q get shadowsocks-libev.ss_rules.redir_udp)" = "" ] && [ "$(uci -q get shadowsocks-libev.hi2.mode)" = "tcp_and_udp" ]; then _log "Tunnel down use ShadowSocks for UDP" uci -q set shadowsocks-libev.ss_rules.redir_udp='hi2' @@ -375,46 +416,55 @@ if [ "$OMR_TRACKER_INTERFACE" = "glorytun" ] || [ "$OMR_TRACKER_INTERFACE" = "om fi if [ "$OMR_TRACKER_PREV_STATUS" != "" ] && [ "$OMR_TRACKER_PREV_STATUS" != "$OMR_TRACKER_STATUS" ]; then + _log "$OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE) switched up" mail_alert="$(uci -q get omr-tracker.$OMR_TRACKER_INTERFACE.mail_alert)" [ -z "$mail_alert" ] && mail_alert="$(uci -q get omr-tracker.defaults.mail_alert)" [ "$mail_alert" = "1" ] && { OMR_SYSNAME="$(uci -q get system.@system[0].hostname)" echo -e "Subject: $OMR_SYSNAME: $OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE) is up\n\nDetected that connection $OMR_TRACKER_INTERFACE ($OMR_TRACKER_DEVICE) is up again." | sendmail $(uci -q get mail.default.to) } + script_alert_up="$(uci -q get omr-tracker.$OMR_TRACKER_INTERFACE.script_alert_up)" + [ -n "$script_alert_up" ] && eval $script_alert_up +fi +if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.state)" != "up" ]; then uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state='up' uci -q commit openmptcprouter dns_flush fi -multipath_config=$(uci -q get "network.$OMR_TRACKER_INTERFACE.multipath") -[ -z "$multipath_config" ] && multipath_config=$(uci -q get "openmptcprouter.$OMR_TRACKER_INTERFACE.multipath" || echo "off") +multipath_config=$(uci -q get "openmtpcprouter.$OMR_TRACKER_INTERFACE.multipath") +[ -z "$multipath_config" ] && multipath_config=$(uci -q get "network.$OMR_TRACKER_INTERFACE.multipath" || echo "off") if [ "$multipath_config" = "master" ]; then if ([ "$default_gw" != "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$default_gw" = "" ]) && [ "$OMR_TRACKER_DEVICE_GATEWAY" != "" ] && [ "$(uci -q get openmptcprouter.settings.master)" != "balancing" ]; then omrvpn_intf=$(uci -q get "network.omrvpn.ifname" || echo "tun") - if [ -n "$omrvpn_intf" ] && [ "$(ip route show default | awk '/default/ {print $5}' | grep $omrvpn_intf)" = "" ]; then + if [ -n "$omrvpn_intf" ] && [ "$(ip route show default | awk '/default/ {print $5}' | grep $omrvpn_intf)" = "" ] && [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then _log "Master up : Replace default route by $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE" ip route replace default scope global nexthop via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE - else - config_load openmptcprouter - if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ]; then - config_foreach set_server_all_routes server - elif [ "$(uci -q get openmptcprouter.settings.master)" != "failover" ]; then - config_foreach set_server_default_route server - fi + fi + config_load openmptcprouter + if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ]; then + config_foreach set_server_all_routes server + elif [ "$(uci -q get openmptcprouter.settings.master)" != "failover" ]; then + config_foreach set_server_default_route server fi ip route replace default via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE table 991337 fi - if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ] && [ "$(ip route show default | grep weight)" = "" ]; then + if [ "$(uci -q get openmptcprouter.settings.master)" = "balancing" ] && [ "$(ip route show default | grep weight)" = "" ] && [ "$(uci -q get openmptcprouter.settings.defaultgw)" != "0" ]; then omrvpn_intf=$(uci -q get "network.omrvpn.ifname" || echo "tun") if [ -n "$omrvpn_intf" ] && [ "$(ip route show default | awk '/default/ {print $5}' | grep $omrvpn_intf)" = "" ]; then ip route replace default via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE table 991337 routesbalancing="" + routesbalancingbackup="" config_load network config_foreach set_route_balancing interface - [ -n "$routesbalancing" ] && { + [ -n "$routesbalancing" ] && ([ "$nbintf" -gt "1" ] && [ "$(ip r show default metric 0 | tr -d '\t' | tr -d '\n')" != "default via $routesbalancing " ]) || ([ "$nbintf" = "1" ] && [ "$(ip r show default metric 0 | grep $OMR_TRACKER_INTERFACE)" = "" ]) && { _log "Set ip route replace default scope global $routesbalancing" ip route replace default scope global $routesbalancing } + [ -n "$routesbalancingbackup" ] && ([ "$nbintf" -gt "1" ] && [ "$(ip r show default metric 999 | tr -d '\t' | tr -d '\n')" != "default via $routesbalancingbackup " ]) || ([ "$nbintf" = "1" ] && [ "$(ip r show default metric 999 | grep $OMR_TRACKER_INTERFACE)" = "" ]) && { + _log "Set ip route replace default scope global $routesbalancingbackup" + ip route replace default scope global metric 999 $routesbalancingbackup + } fi fi if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($(date +"%s") + $((10 + RANDOM % 31)) - $(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc))) -gt 3600 ] || [ "$(uci -q show openmptcprouter | grep get_config=\'1\')" != "" ] || [ "$(uci -q show openmptcprouter | grep admin_error=\'1\')" != "" ]; then @@ -473,28 +523,28 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($( fi [ -n "$ipaddr" ] && { # Check if we can get a IPv6 address, if yes enable RA else disable - local check_ipv6_website="$(uci -q get openmptcprouter.settings.check_ipv6_website)" - [ -z "$check_ipv6_website" ] && check_ipv6_website="http://ipv6.openmptcprouter.com/" - local ip6addr="$(curl -s -6 -m 2 $check_ipv6_website)" - [ -z "$ip6addr" ] && { - local ip6addr="$(curl -s -6 -m 2 http://ifconfig.co/)" - } - if [ "$(uci -q get openmptcprouter.settings.ipv6_disable)" = "0" ]; then - if [ -n "$ip6addr" ] && [ "$(uci -q get dhcp.lan.ra_default)" != 1 ]; then - _log "Enable IPv6 RA" - uci -q set dhcp.lan.ra=server - uci -q set dhcp.lan.ra_default=1 - uci -q set dhcp.lan.dhcpv6=server - /etc/init.d/odhcpd start > /dev/null 2>&1 - /etc/init.d/odhcpd enable > /dev/null 2>&1 - elif [ -z "$ip6addr" ] && [ "$(uci -q set dhcp.lan.ra_default)" = 1 ]; then - _log "Disable IPv6 RA" - uci -q delete dhcp.lan.ra - uci -q delete dhcp.lan.dhcpv6 - /etc/init.d/odhcpd start > /dev/null 2>&1 - /etc/init.d/odhcpd enable > /dev/null 2>&1 - fi - fi + #local check_ipv6_website="$(uci -q get openmptcprouter.settings.check_ipv6_website)" + #[ -z "$check_ipv6_website" ] && check_ipv6_website="http://ipv6.openmptcprouter.com/" + #local ip6addr="$(curl -s -6 -m 2 $check_ipv6_website)" + #[ -z "$ip6addr" ] && { + # local ip6addr="$(curl -s -6 -m 2 http://ifconfig.co/)" + #} + #if [ "$(uci -q get openmptcprouter.settings.ipv6_disable)" = "0" ]; then + # if [ -n "$ip6addr" ] && [ "$(uci -q get dhcp.lan.ra_default)" != 1 ]; then + # _log "Enable IPv6 RA" + # uci -q set dhcp.lan.ra=server + # uci -q set dhcp.lan.ra_default=1 + # uci -q set dhcp.lan.dhcpv6=server + # /etc/init.d/odhcpd start > /dev/null 2>&1 + # /etc/init.d/odhcpd enable > /dev/null 2>&1 + # elif [ -z "$ip6addr" ] && [ "$(uci -q set dhcp.lan.ra_default)" = 1 ]; then + # _log "Disable IPv6 RA" + # uci -q delete dhcp.lan.ra + # uci -q delete dhcp.lan.dhcpv6 + # /etc/init.d/odhcpd start > /dev/null 2>&1 + # /etc/init.d/odhcpd enable > /dev/null 2>&1 + # fi + #fi if [ "$(uci -q get openmptcprouter.settings.external_check)" != "0" ]; then local asn="$(wget -4 -qO- -T 4 http://api.iptoasn.com/v1/as/ip/$ipaddr | jsonfilter -q -e '@.as_description')" [ -z "$asn" ] && { @@ -552,18 +602,19 @@ if [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.lc)" = "" ] || [ $(($( uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.lc=$(date +"%s") fi fi - protocol="$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" - if [ "$proto" = "qmi" ]; then - intfdata="$(omr-qmi $OMR_TRACKER_DEVICE all | tr -d '\n')" - uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.operator=$(echo $intfdata | awk -F";" '{print $2}') - uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.number=$(echo $intfdata | awk -F";" '{print $3}') - uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state=$(echo $intfdata | awk -F";" '{print $4}') - elif [ "$proto" = "modemmanager" ]; then - intfdata="$(omr-modemmanager $OMR_TRACKER_DEVICE all)" - uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.operator=$(echo $intfdata | awk -F";" '{print $2}') - uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.number=$(echo $intfdata | awk -F";" '{print $3}') - uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state=$(echo $intfdata | awk -F";" '{print $4}') - else + proto="$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" + #if [ "$proto" = "qmi" ]; then + # intfdata="$(omr-qmi $OMR_TRACKER_DEVICE all | tr -d '\n')" + # uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.operator=$(echo $intfdata | awk -F";" '{print $2}') + # uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.number=$(echo $intfdata | awk -F";" '{print $3}') + # uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state=$(echo $intfdata | awk -F";" '{print $4}') + #elif [ "$proto" = "modemmanager" ]; then + # intfdata="$(omr-modemmanager $OMR_TRACKER_DEVICE all)" + # uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.operator=$(echo $intfdata | awk -F";" '{print $2}') + # uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.number=$(echo $intfdata | awk -F";" '{print $3}') + # uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.state=$(echo $intfdata | awk -F";" '{print $4}') + #else + if [ "$proto" != "qmi" ] && [ "$proto" != "modemmanager" ]; then if [ -n "$OMR_TRACKER_DEVICE_GATEWAY" ] && [ -n "$(curl -s -m 1 -X GET http://$OMR_TRACKER_DEVICE_GATEWAY/api/webserver/SesTokInfo)" ]; then uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.manufacturer='huawei' else @@ -587,9 +638,9 @@ fi uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.latency="$OMR_TRACKER_LATENCY" #[ -z "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.latency_max)" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.latency_max="$OMR_TRACKER_LATENCY" #[ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.latency_max)" -lt "$OMR_TRACKER_LATENCY" ] && uci -q set openmptcprouter.$OMR_TRACKER_INTERFACE.latency_max="$OMR_TRACKER_LATENCY" - if [ "$multipath_config" = "on" ] && [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.multipath)" != "master" ] && ([ "$(uci -q get openmptcprouter.settings.master)" = "dynamic" ] || (([ "$(uci -q get openmptcprouter.settings.master)" = "change" ] || [ "$(uci -q get openmptcprouter.settings.master)" = "" ]) && [ "$(uci -q get openmptcprouter.settings.master_lcintf | grep $OMR_TRACKER_INTERFACE)" = "" ])); then - masterintf="$(uci -q show network | grep multipath=\'master\' | cut -d'.' -f2)" - [ -z "$masterintf" ] && masterintf="$(uci -q show openmptcprouter | grep multipath=\'master\' | cut -d'.' -f2)" + if [ "$multipath_config" = "on" ] && [ "$(uci -q get openmptcprouter.$OMR_TRACKER_INTERFACE.multipath)" != "master" ] && ([ "$(uci -q get openmptcprouter.settings.master)" = "dynamic" ] || (([ "$(uci -q get openmptcprouter.settings.master)" = "change" ] || [ "$(uci -q get openmptcprouter.settings.master)" = "" ]) && [ "$(uci -q get openmptcprouter.settings.master_lcintf | grep $OMR_TRACKER_INTERFACE)" = "" ])); then + masterintf="$(uci -q show openmptcprouter | grep -m 1 multipath=\'master\' | cut -d'.' -f2)" + [ -z "$masterintf" ] && masterintf="$(uci -q show network | grep -m 1 multipath=\'master\' | cut -d'.' -f2)" masterlatency="$(uci -q get openmptcprouter.$masterintf.latency | tr -d '\n')" if [ -z "$masterlatency" ] || [ "$(uci -q get openmptcprouter.$masterintf.state)" = "down" ]; then masterlatency=1000 @@ -628,11 +679,21 @@ if [ "$(pgrep glorytun)" = "" ] && [ "$(uci -q get glorytun.vpn.enabled)" = "1" /etc/init.d/glorytun-udp restart sleep 5 fi -if [ "$(pgrep openvpn)" = "" ] && [ "$(uci -q get openvpn.omr.enabled)" = "1" ] && [ -f /etc/init.d/openvpn ]; then - _log "Can't find OpenVPN, restart it..." - /etc/init.d/openvpn restart - sleep 5 + +if [ "$(pgrep openvpn)" = "" ] && [ -f /etc/init.d/openvpn ]; then + openvpn_enable=0 + openvpn_enabled() { + [ "$(uci -q get openvpn.$1.enabled)" = "1" ] && openvpn_enable=1 + } + config_load openvpn + config_foreach openvpn_enabled openvpn + if [ "$openvpn_enable" = "1" ]; then + _log "Can't find OpenVPN, restart it" + /etc/init.d/openvpn restart + sleep 5 + fi fi + if [ "$(pgrep mlvpn)" = "" ] && [ "$(uci -q get mlvpn.general.enable)" = "1" ] && [ -f /etc/init.d/mlvpn ]; then _log "Can't find MLVPN, restart it..." /etc/init.d/mlvpn restart diff --git a/mptcpd/Makefile b/mptcpd/Makefile index d3c8cb0b8..34242071d 100644 --- a/mptcpd/Makefile +++ b/mptcpd/Makefile @@ -8,10 +8,10 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mptcpd -PKG_VERSION:=0.3 +PKG_VERSION:=0.4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://github.com/intel/mptcpd/releases/download/v0.3 -PKG_HASH:=c2e1711e01b11f16a0c91dc0f3815b6460e603f52a31225d3a4d4012e858c967 +PKG_SOURCE_URL:=https://github.com/intel/mptcpd/releases/download/v$(PKG_VERSION) +PKG_HASH:=459c45ba86ea574f1ad7a062a9914474ca650229b97375017bd46d0732f985ba PKG_RELEASE:=1 PKG_MAINTAINER:=Ycarus (Yannick Chabanois) diff --git a/ndpi-netfilter2/Makefile b/ndpi-netfilter2/Makefile index 5b8ae47d3..5cd3dcdf8 100644 --- a/ndpi-netfilter2/Makefile +++ b/ndpi-netfilter2/Makefile @@ -11,7 +11,7 @@ include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=ndpi-netfilter2 PKG_RELEASE:=2 -PKG_REV:=7aa4c293f23d6ab1fac5574c8e9c486cb1ced93d +PKG_REV:=77d882638232fb9236123b50b9aac8bccc409ed9 PKG_VERSION:=3.2-$(PKG_REV) PKG_SOURCE_PROTO:=git diff --git a/omr-6in4/files/bin/omr-6in4 b/omr-6in4/files/bin/omr-6in4 index 594c9b2d0..da620379e 100755 --- a/omr-6in4/files/bin/omr-6in4 +++ b/omr-6in4/files/bin/omr-6in4 @@ -42,6 +42,7 @@ while true; do [ "$ipv6_gw" = "::" ] && ipv6_gw='fe80::a00:1' [ -z "$ipv6_gw" ] && ipv6_gw='fe80::a00:1' #[ -z "$ipv6_gw" ] && ipv6_gw='fe80::aff:ff01' + ip -6 route add ${ipv6_gw} dev 6in4-omr6in4 ip -6 route replace default via ${ipv6_gw} dev 6in4-omr6in4 > /dev/null 2>&1 if [ "$(uci -q get openmptcprouter.settings.uci_route)" = "1" ]; then uci -q batch <<-EOF diff --git a/omr-6in4/files/etc/init.d/omr-6in4 b/omr-6in4/files/etc/init.d/omr-6in4 index 91d593f06..a7f1f8792 100755 --- a/omr-6in4/files/etc/init.d/omr-6in4 +++ b/omr-6in4/files/etc/init.d/omr-6in4 @@ -10,10 +10,14 @@ USE_PROCD=1 } +set_shadowsocks_address() { + uci -q set shadowsocks-libev.$1.local_address="$2" +} + set_ipv6_state() { local disable_ipv6="$(uci -q get openmptcprouter.settings.disable_ipv6)" [ -z "$disable_ipv6" ] && disable_ipv6="1" - sysctl -w net.ipv6.conf.all.disable_ipv6=$disable_ipv6 + sysctl -qw net.ipv6.conf.all.disable_ipv6=$disable_ipv6 sed -i "s:^net.ipv6.conf.all.disable_ipv6=[0-9]*:net.ipv6.conf.all.disable_ipv6=$disable_ipv6:" /etc/sysctl.d/zzz_openmptcprouter.conf uci -q batch <<-EOF >/dev/null @@ -32,8 +36,9 @@ set_ipv6_state() { delete dhcp.lan.ra_default delete dhcp.lan.ra_management delete dhcp.lan.ra_preference - set shadowsocks-libev.hi.local_address="0.0.0.0" EOF + config_load shadowsocks-libev + config_foreach set_shadowsocks_address ss_redir "0.0.0.0" else logger -t "omr-6in4" "Enable IPv6" uci -q batch <<-EOF >/dev/null @@ -44,8 +49,9 @@ set_ipv6_state() { set dhcp.lan.ra_management="1" set network.lan.ipv6="1" set network.lan.delegate="0" - set shadowsocks-libev.hi.local_address="::" EOF + config_load shadowsocks-libev + config_foreach set_shadowsocks_address ss_redir "::" fi uci -q batch <<-EOF >/dev/null commit network diff --git a/omr-quota/files/etc/init.d/omr-quota b/omr-quota/files/etc/init.d/omr-quota index 0d81f6634..4ed95c735 100755 --- a/omr-quota/files/etc/init.d/omr-quota +++ b/omr-quota/files/etc/init.d/omr-quota @@ -11,7 +11,7 @@ _validate_section() { 'txquota:uinteger' \ 'rxquota:uinteger' \ 'ttquota:uinteger' \ - 'interval:uinteger' \ + 'interval:uinteger:30' \ 'enabled:bool:0' } diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker index e667ae8e1..967430139 100755 --- a/omr-tracker/files/bin/omr-tracker +++ b/omr-tracker/files/bin/omr-tracker @@ -177,119 +177,123 @@ while true; do OMR_TRACKER_DEVICE_GATEWAY= serverip_ping=false - if [ -d "/sys/class/net/$OMR_TRACKER_DEVICE" ] && [ -n "$(ip link show $OMR_TRACKER_DEVICE | grep UP)" ]; then - # retrieve iface ip and gateway - OMR_TRACKER_DEVICE_IP=$(ip -4 -br addr ls dev "$OMR_TRACKER_DEVICE" | awk -F'[ /]+' '{print $3}') - if [ -z "$OMR_TRACKER_DEVICE_IP" ]; then - OMR_TRACKER_DEVICE_IP=$(ip -4 addr show dev "$OMR_TRACKER_DEVICE" | grep -m 1 inet | awk '{print $2}' | cut -d'/' -s -f1) - fi - #OMR_TRACKER_DEVICE_IP=$(ubus call network.interface.$OMR_TRACKER_INTERFACE status | jsonfilter -e '@["ipv4-address"][0].address' | tr -d "\n") - #if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then - # OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep -v default | awk '/proto static/ {print $1}' | tr -d "\n") - #fi - if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then - OMR_TRACKER_DEVICE_GATEWAY=$(uci -q get "network.$OMR_TRACKER_INTERFACE.gateway") - fi - if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY" = "0.0.0.0" ]; then - OMR_TRACKER_DEVICE_GATEWAY=$(ubus call network.interface.$OMR_TRACKER_INTERFACE status | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") - fi - if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY" = "0.0.0.0" ]; then - OMR_TRACKER_DEVICE_GATEWAY=$(ubus call network.interface.$OMR_TRACKER_INTERFACE status | jsonfilter -q -l 1 -e '@.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") - fi - if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY" = "0.0.0.0" ]; then - OMR_TRACKER_DEVICE_GATEWAY=$(ubus call network.interface.${OMR_TRACKER_INTERFACE}_4 status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") - fi - if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY" = "0.0.0.0" ]; then - if [ "$OMR_TRACKER_INTERFACE" = "omrvpn" ] && [ "$(uci -q get glorytun.vpn.enable)" = "1" ]; then - OMR_TRACKER_DEVICE_GATEWAY=$(uci -q get glorytun.vpn.remoteip) - else - OMR_TRACKER_DEVICE_GATEWAY="" + if [ -d "/sys/class/net/$OMR_TRACKER_DEVICE" ]; then + if [ -n "$(ip link show $OMR_TRACKER_DEVICE | grep UP)" ]; then + # retrieve iface ip and gateway + OMR_TRACKER_DEVICE_IP=$(ip -4 -br addr ls dev "$OMR_TRACKER_DEVICE" | awk -F'[ /]+' '{print $3}') + if [ -z "$OMR_TRACKER_DEVICE_IP" ]; then + OMR_TRACKER_DEVICE_IP=$(ip -4 addr show dev "$OMR_TRACKER_DEVICE" | grep -m 1 inet | awk '{print $2}' | cut -d'/' -s -f1) fi - fi - if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then - OMR_TRACKER_DEVICE_ROUTE=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep via | grep -v default | grep -v metric | grep -v / | awk '{print $1; exit}' | tr -d "\n") - fi - if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then - OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep kernel | awk '/proto kernel/ {print $1}' | tr -d "\n") - fi - - # execute specific tracker - if [ -n "$OMR_TRACKER_DEVICE_IP" ] && [ -n "$OMR_TRACKER_DEVICE_GATEWAY" ]; then - # setup loop variable - tries="$OMR_TRACKER_TRIES" - # loop until tries attempts have been reached - while [ "$tries" -gt 0 ]; do - if [ -n "$OMR_TRACKER_DEVICE_ROUTE" ]; then - _ping "$OMR_TRACKER_DEVICE_ROUTE" "$OMR_TRACKER_DEVICE" "no" - status=$? + #OMR_TRACKER_DEVICE_IP=$(ubus call network.interface.$OMR_TRACKER_INTERFACE status | jsonfilter -e '@["ipv4-address"][0].address' | tr -d "\n") + #if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then + # OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep -v default | awk '/proto static/ {print $1}' | tr -d "\n") + #fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then + OMR_TRACKER_DEVICE_GATEWAY=$(uci -q get "network.$OMR_TRACKER_INTERFACE.gateway") + fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY" = "0.0.0.0" ]; then + OMR_TRACKER_DEVICE_GATEWAY=$(ubus call network.interface.$OMR_TRACKER_INTERFACE status | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") + fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY" = "0.0.0.0" ]; then + OMR_TRACKER_DEVICE_GATEWAY=$(ubus call network.interface.$OMR_TRACKER_INTERFACE status | jsonfilter -q -l 1 -e '@.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") + fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY" = "0.0.0.0" ]; then + OMR_TRACKER_DEVICE_GATEWAY=$(ubus call network.interface.${OMR_TRACKER_INTERFACE}_4 status 2>/dev/null | jsonfilter -q -l 1 -e '@.inactive.route[@.target="0.0.0.0"].nexthop' | tr -d "\n") + fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ] || [ "$OMR_TRACKER_DEVICE_GATEWAY" = "0.0.0.0" ]; then + if [ "$OMR_TRACKER_INTERFACE" = "omrvpn" ] && [ "$(uci -q get glorytun.vpn.enable)" = "1" ]; then + OMR_TRACKER_DEVICE_GATEWAY=$(uci -q get glorytun.vpn.remoteip) else - _ping "$OMR_TRACKER_DEVICE_GATEWAY" "$OMR_TRACKER_DEVICE" "no" - status=$? + OMR_TRACKER_DEVICE_GATEWAY="" fi - if $(exit $status) && [ "$OMR_TRACKER_TYPE" = "none" ]; then - OMR_TRACKER_STATUS_MSG="" - OMR_TRACKER_STATUS="OK" - break - elif [ "$OMR_TRACKER_TYPE" != "none" ]; then - if ! $(exit $status); then - OMR_TRACKER_STATUS_MSG="gateway down" - fi - serverip_ping=false - if [ "$OMR_TRACKER_TYPE" = "ping" ]; then - config_load openmptcprouter - config_foreach _ping_server server $OMR_TRACKER_DEVICE - fi - if [ "$serverip_ping" = false ] && [ -n "$OMR_TRACKER_HOST" ]; then - OMR_TRACKER_HOST=$(resolveip -4 $OMR_TRACKER_HOST | tr -d "\n") - if [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "3g" ] || [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "qmi" ] || [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "ncm" ]; then - # Check if route is not used - while ! ip route add $OMR_TRACKER_HOST via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE src $OMR_TRACKER_DEVICE_IP > /dev/null 2>&1 - do - logger -t "omr-tracker" "Can't create route to $OMR_TRACKER_HOST via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE src $OMR_TRACKER_DEVICE_IP. waiting..." - sleep 2 - ip route del "$OMR_TRACKER_HOST" via "$OMR_TRACKER_DEVICE_GATEWAY" dev "$OMR_TRACKER_DEVICE" src "$OMR_TRACKER_DEVICE_IP" > /dev/null 2>&1 - _restart - done - fi - if [ "$OMR_TRACKER_TYPE" = "ping" ]; then - _ping "$OMR_TRACKER_HOST" "$OMR_TRACKER_DEVICE" "yes" - statusb=$? - elif [ "$OMR_TRACKER_TYPE" = "httping" ]; then - _httping "$OMR_TRACKER_HOST" "$OMR_TRACKER_DEVICE_IP" "yes" - statusb=$? - elif [ "$OMR_TRACKER_TYPE" = "dns" ]; then - _dns "$OMR_TRACKER_HOST" "$OMR_TRACKER_DEVICE_IP" "yes" - statusb=$? - fi - ip route del "$OMR_TRACKER_HOST" via "$OMR_TRACKER_DEVICE_GATEWAY" dev "$OMR_TRACKER_DEVICE" src "$OMR_TRACKER_DEVICE_IP" > /dev/null 2>&1 - if $(exit $statusb); then - OMR_TRACKER_STATUS_MSG="" - OMR_TRACKER_STATUS="OK" - break - else - if [ "$OMR_TRACKER_LIST_HOSTS" = "" ]; then - OMR_TRACKER_LIST_HOSTS="$OMR_TRACKER_HOST" - else - OMR_TRACKER_LIST_HOSTS="$OMR_TRACKER_LIST_HOSTS,$OMR_TRACKER_HOST" - fi - fi + fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then + OMR_TRACKER_DEVICE_ROUTE=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep via | grep -v default | grep -v metric | grep -v / | awk '{print $1; exit}' | tr -d "\n") + fi + if [ -z "$OMR_TRACKER_DEVICE_GATEWAY" ]; then + OMR_TRACKER_DEVICE_GATEWAY=$(ip -4 r list dev "$OMR_TRACKER_DEVICE" | grep kernel | awk '/proto kernel/ {print $1}' | tr -d "\n") + fi + + # execute specific tracker + if [ -n "$OMR_TRACKER_DEVICE_IP" ] && [ -n "$OMR_TRACKER_DEVICE_GATEWAY" ]; then + # setup loop variable + tries="$OMR_TRACKER_TRIES" + # loop until tries attempts have been reached + while [ "$tries" -gt 0 ]; do + if [ -n "$OMR_TRACKER_DEVICE_ROUTE" ]; then + _ping "$OMR_TRACKER_DEVICE_ROUTE" "$OMR_TRACKER_DEVICE" "no" + status=$? else + _ping "$OMR_TRACKER_DEVICE_GATEWAY" "$OMR_TRACKER_DEVICE" "no" + status=$? + fi + if $(exit $status) && [ "$OMR_TRACKER_TYPE" = "none" ]; then OMR_TRACKER_STATUS_MSG="" OMR_TRACKER_STATUS="OK" break + elif [ "$OMR_TRACKER_TYPE" != "none" ]; then + if ! $(exit $status); then + OMR_TRACKER_STATUS_MSG="gateway down" + fi + serverip_ping=false + if [ "$OMR_TRACKER_TYPE" = "ping" ]; then + config_load openmptcprouter + config_foreach _ping_server server $OMR_TRACKER_DEVICE + fi + if [ "$serverip_ping" = false ] && [ -n "$OMR_TRACKER_HOST" ]; then + OMR_TRACKER_HOST=$(resolveip -4 $OMR_TRACKER_HOST | tr -d "\n") + if [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "3g" ] || [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "qmi" ] || [ "$(uci -q get network.$OMR_TRACKER_INTERFACE.proto)" = "ncm" ]; then + # Check if route is not used + while ! ip route add $OMR_TRACKER_HOST via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE src $OMR_TRACKER_DEVICE_IP > /dev/null 2>&1 + do + logger -t "omr-tracker" "Can't create route to $OMR_TRACKER_HOST via $OMR_TRACKER_DEVICE_GATEWAY dev $OMR_TRACKER_DEVICE src $OMR_TRACKER_DEVICE_IP. waiting..." + sleep 2 + ip route del "$OMR_TRACKER_HOST" via "$OMR_TRACKER_DEVICE_GATEWAY" dev "$OMR_TRACKER_DEVICE" src "$OMR_TRACKER_DEVICE_IP" > /dev/null 2>&1 + _restart + done + fi + if [ "$OMR_TRACKER_TYPE" = "ping" ]; then + _ping "$OMR_TRACKER_HOST" "$OMR_TRACKER_DEVICE" "yes" + statusb=$? + elif [ "$OMR_TRACKER_TYPE" = "httping" ]; then + _httping "$OMR_TRACKER_HOST" "$OMR_TRACKER_DEVICE_IP" "yes" + statusb=$? + elif [ "$OMR_TRACKER_TYPE" = "dns" ]; then + _dns "$OMR_TRACKER_HOST" "$OMR_TRACKER_DEVICE_IP" "yes" + statusb=$? + fi + ip route del "$OMR_TRACKER_HOST" via "$OMR_TRACKER_DEVICE_GATEWAY" dev "$OMR_TRACKER_DEVICE" src "$OMR_TRACKER_DEVICE_IP" > /dev/null 2>&1 + if $(exit $statusb); then + OMR_TRACKER_STATUS_MSG="" + OMR_TRACKER_STATUS="OK" + break + else + if [ "$OMR_TRACKER_LIST_HOSTS" = "" ]; then + OMR_TRACKER_LIST_HOSTS="$OMR_TRACKER_HOST" + else + OMR_TRACKER_LIST_HOSTS="$OMR_TRACKER_LIST_HOSTS,$OMR_TRACKER_HOST" + fi + fi + else + OMR_TRACKER_STATUS_MSG="" + OMR_TRACKER_STATUS="OK" + break + fi + elif ! $(exit $status); then + OMR_TRACKER_STATUS_MSG="gateway down" fi - elif ! $(exit $status); then - OMR_TRACKER_STATUS_MSG="gateway down" - fi - tries=$((tries - 1)) - #_restart - OMR_TRACKER_HOST="${OMR_TRACKER_HOSTS%% *}" - [ "$OMR_TRACKER_HOST" = "$OMR_TRACKER_HOSTS" ] || { - OMR_TRACKER_HOSTS="${OMR_TRACKER_HOSTS#* } $OMR_TRACKER_HOST" - } - #OMR_TRACKER_TIMEOUT=$((OMR_TRACKER_TIMEOUT * 2)) - sleep "$OMR_TRACKER_INTERVAL_TRIES" - done + tries=$((tries - 1)) + #_restart + OMR_TRACKER_HOST="${OMR_TRACKER_HOSTS%% *}" + [ "$OMR_TRACKER_HOST" = "$OMR_TRACKER_HOSTS" ] || { + OMR_TRACKER_HOSTS="${OMR_TRACKER_HOSTS#* } $OMR_TRACKER_HOST" + } + #OMR_TRACKER_TIMEOUT=$((OMR_TRACKER_TIMEOUT * 2)) + sleep "$OMR_TRACKER_INTERVAL_TRIES" + done + fi + else + OMR_TRACKER_STATUS_MSG="link down" fi fi diff --git a/omr-tracker/files/bin/omr-tracker-server b/omr-tracker/files/bin/omr-tracker-server new file mode 100755 index 000000000..76548c933 --- /dev/null +++ b/omr-tracker/files/bin/omr-tracker-server @@ -0,0 +1,125 @@ +#!/bin/sh +# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 : + +name=$0 +basename="$(basename $0)" + +_log() { + logger -p daemon.info -t "${basename}" "$@" +} + +_ping_server() { + local host=$1 + ret=$(ping \ + -w "$OMR_TRACKER_TIMEOUT" \ + -c 1 \ + -q \ + "${host}" + ) && echo "$ret" | grep -sq " 0% packet loss" && { + server_ping=true + } +} + +_check_server() { + local host=$1 + local port=$2 + local k=0 + while [ "$server_ping" = false ] && [ "$k" -le "$retry" ]; do + ret=$(curl -4 \ + --max-time "$OMR_TRACKER_TIMEOUT" \ + -s \ + -k \ + "https://${host}:${port}/" + ) + [ -n "$ret" ] && server_ping=true + k=$((k+1)) + sleep "${intervaltries}" + done +} + +_check_master() { + local name=$1 + config_get master $1 master + config_get ip $1 ip + config_get port $1 port "65500" + [ "$master" = "1" ] && [ -n "$ip" ] && { + #_ping_server $ip + _check_server $ip $port + [ "$server_ping" = true ] && [ "$(uci -q get shadowsocks-libev.sss0.server | tr -d '\n')" != "$ip" ] && { + logger -t "OMR-Tracker-Server" "Master server up, set it back" + logger -t "OMR-Tracker-Server" "$(uci -q get shadowsocks-libev.sss0.server | tr -d '\n') - $ip" + uci -q batch <<-EOF >/dev/null + set shadowsocks-libev.sss0.server=$ip + commit shadowsocks-libev + set glorytun.vpn.host=$ip + commit glorytun + set dsvpn.vpn.host=$ip + commit dsvpn + set mlvpn.general.host=$ip + commit mlvpn + del openvpn.omr.remote + add_list openvpn.omr.remote=$ip + commit openvpn + EOF + /etc/init.d/shadowsocks-libev restart >/dev/null 2>/dev/null + /etc/init.d/glorytun restart >/dev/null 2>/dev/null + /etc/init.d/glorytun-udp restart >/dev/null 2>/dev/null + /etc/init.d/mlvpn restart >/dev/null 2>/dev/null + /etc/init.d/openvpn restart >/dev/null 2>/dev/null + /etc/init.d/dsvpn restart >/dev/null 2>/dev/null + } + break + } +} + +_check_backup() { + local name=$1 + config_get backup $1 backup + config_get ip $1 ip + config_get port $1 port + [ "$backup" = "1" ] && [ -n "$ip" ] && { + #_ping_server $ip + _check_server $ip $port + } + [ "$server_ping" = true ] && [ "$(uci -q get shadowsocks-libev.sss0.server | tr -d '\n')" = "$ip" ] && break + [ "$server_ping" = true ] && [ "$(uci -q get shadowsocks-libev.sss0.server | tr -d '\n')" != "$ip" ] && { + logger -t "OMR-Tracker-Server" "User backup server $1 ($ip)" + uci -q batch <<-EOF >/dev/null + set shadowsocks-libev.sss0.server=$ip + commit shadowsocks-libev + set glorytun.vpn.host=$ip + commit glorytun + set dsvpn.vpn.host=$ip + commit dsvpn + set mlvpn.general.host=$ip + commit mlvpn + del openvpn.omr.remote + add_list openvpn.omr.remote=$ip + commit openvpn + EOF + /etc/init.d/shadowsocks-libev restart >/dev/null 2>/dev/null + /etc/init.d/glorytun restart >/dev/null 2>/dev/null + /etc/init.d/glorytun-udp restart >/dev/null 2>/dev/null + /etc/init.d/mlvpn restart >/dev/null 2>/dev/null + /etc/init.d/openvpn restart >/dev/null 2>/dev/null + /etc/init.d/dsvpn restart >/dev/null 2>/dev/null + break + } +} + +. /lib/functions.sh + +timeout=${OMR_TRACKER_TIMEOUT:-5} +interval=${OMR_TRACKER_INTERVAL:-10} +intervaltries=${OMR_TRACKER_INTERVAL_TRIES:-2} +retry=${OMR_TRACKER_TRIES:-4} + +while true; do + server_ping=false + config_load openmptcprouter + config_foreach _check_master server + [ "$server_ping" = false ] && { + config_foreach _check_backup server + } + sleep "${interval}" +done diff --git a/omr-tracker/files/etc/config/omr-tracker b/omr-tracker/files/etc/config/omr-tracker index 3134bee3b..1aad7ae7c 100644 --- a/omr-tracker/files/etc/config/omr-tracker +++ b/omr-tracker/files/etc/config/omr-tracker @@ -31,4 +31,10 @@ config shadowsocks 'shadowsocks' option timeout '10' option tries '3' option interval_tries '1' + option interval '5' + +config server 'server' + option enabled '1' + option tries '3' + option timeout '10' option interval '5' \ No newline at end of file diff --git a/omr-tracker/files/etc/init.d/omr-tracker b/omr-tracker/files/etc/init.d/omr-tracker index 1b57b15bb..48f4520d5 100755 --- a/omr-tracker/files/etc/init.d/omr-tracker +++ b/omr-tracker/files/etc/init.d/omr-tracker @@ -77,6 +77,26 @@ _launch_tracker() { procd_close_instance } +_launch_server_tracker() { + local hosts timeout tries interval interval_tries options type enabled + _validate_section "server" "server" + + [ "${enabled}" = "0" ] && return + [ -z "${interval_tries}" ] && interval_tries=1 + + procd_open_instance + # shellcheck disable=SC2086 + procd_set_param command /bin/omr-tracker-server "$1" $options + procd_append_param env "OMR_TRACKER_TIMEOUT=$timeout" + procd_append_param env "OMR_TRACKER_TRIES=$tries" + procd_append_param env "OMR_TRACKER_INTERVAL=$interval" + procd_append_param env "OMR_TRACKER_INTERVAL_TRIES=$interval_tries" + procd_set_param limits nofile="51200 51200" + procd_set_param respawn 0 10 0 + procd_set_param stderr 1 + procd_close_instance +} + _initialize_shadowsocks_tracker() { local redir_tcp server tracker_server config_get redir_tcp ss_rules redir_tcp @@ -146,6 +166,11 @@ _launch_shadowsocks_tracker() { procd_close_instance } +_multi_server() { + config_get backup $1 backup + [ "$backup" = "1" ] && multiserver=true +} + start_service() { local ss_disabled logger -t "omr-tracker" "Launching..." @@ -161,6 +186,11 @@ start_service() { else /etc/init.d/shadowsocks-libev rules_down fi + + multiserver=false + config_load openmptcprouter + config_foreach _multi_server server + [ "$multiserver" = true ] && _launch_server_tracker logger -t "omr-tracker" "Launched" } diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index de964e2b2..d93b43bbc 100644 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -36,7 +36,7 @@ MY_DEPENDS := \ libiwinfo-lua \ ca-bundle ca-certificates libustream-openssl \ luci-mod-admin-full luci-app-firewall luci-app-glorytun luci-app-shadowsocks-libev luci-app-unbound luci-theme-openmptcprouter luci-theme-argon luci-base \ - luci-app-nginx-ha luci-app-omr-tracker luci-app-omr-dscp \ + luci-app-omr-tracker luci-app-omr-dscp \ luci-app-sqm sqm-scripts-extra \ luci-app-vnstat2 omr-quota luci-app-omr-quota \ luci-app-mptcp luci-app-openmptcprouter luci-app-omr-bypass luci-app-mail luci-app-upnp \ @@ -79,10 +79,11 @@ MY_DEPENDS := \ !TARGET_mvebu:kmod-usb-net-huawei-cdc-ncm !TARGET_mvebu:kmod-usb-net-rndis !TARGET_mvebu:kmod-usb-net-cdc-ether !TARGET_mvebu:kmod-usb-net-ipheth !TARGET_mvebu:usbmuxd \ kmod-rt2800-usb kmod-rtl8xxxu kmod-rtl8192cu kmod-net-rtl8192su \ !TARGET_mvebu:luci-proto-qmi wpad-basic kmod-mt7601u kmod-rtl8187 \ - wireguard luci-app-mlvpn mlvpn 464xlat !TARGET_mvebu:kmod-usb-net-smsc75xx kmod-zram kmod-swconfig swconfig kmod-ipt-nat kmod-ipt-nat6 luci-app-advanced-reboot luci-app-https-dns-proxy kmod-tcp-nanqinlang iptables-mod-ipopt igmpproxy ss mptcpd iptraf-ng \ - luci-app-acl block-mount blockd fstools luci-app-shutdown -# luci-theme-openwrt-2020 luci-proto-bonding luci-app-statistics -# softethervpn5-client softethervpn5-server + wireguard luci-app-mlvpn mlvpn 464xlat !TARGET_mvebu:kmod-usb-net-smsc75xx kmod-zram kmod-swconfig swconfig kmod-ipt-nat kmod-ipt-nat6 luci-app-https-dns-proxy kmod-tcp-nanqinlang iptables-mod-ipopt igmpproxy ss mptcpd iptraf-ng \ + luci-app-acl block-mount blockd fstools luci-app-shutdown libwebp +# luci-theme-bootstrap luci-theme-openwrt-2020 luci-theme-openwrt luci-app-status +# luci-proto-bonding luci-app-statistics luci-proto-gre +# softethervpn5-client softethervpn5-server luci-app-nginx-ha # luci-app-mlvpn ubond \ # kmod-ath9k kmod-ath9k-htc diff --git a/openmptcprouter/files/etc/init.d/mptcpovervpn b/openmptcprouter/files/etc/init.d/mptcpovervpn index 27346a09b..83a8a2785 100755 --- a/openmptcprouter/files/etc/init.d/mptcpovervpn +++ b/openmptcprouter/files/etc/init.d/mptcpovervpn @@ -59,6 +59,7 @@ mptcp_over_vpn() { set openmptcprouter.ovpn${interface}="interface" set openmptcprouter.ovpn${interface}.multipath="${multipath}" set openmptcprouter.ovpn${interface}.vpn="1" + set openmptcprouter.ovpn${interface}.baseintf="${interface}" commit openmptcprouter EOF fi @@ -68,13 +69,14 @@ mptcp_over_vpn() { [ -z "$multipath" ] && multipath="on" uci -q batch <<-EOF >/dev/null delete network.ovpn${interface} - commit network delete openvpn.${interface} commit openvpn set openmptcprouter.${interface}.multipath="${multipath}" + set network.${interface}.multipath="${multipath}" set openmptcprouter.${interface}.multipathvpn="0" delete openmptcprouter.ovpn${interface} commit openmptcprouter + commit network EOF fi } diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index 0d700ef4e..353760cc7 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -275,26 +275,30 @@ _get_vps_config() { fi fi vpsip="$(uci -q get openmptcprouter.${servername}.ip)" - if [ "$(uci -q get shadowsocks-libev.sss0.server)" != "127.0.0.1" ] && [ "$(uci -q get shadowsocks-libev.sss0.server)" != "$vpsip" ]; then + if [ "$(uci -q get shadowsocks-libev.sss0.server)" != "127.0.0.1" ] && [ "$(uci -q get shadowsocks-libev.sss0.server)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then uci -q batch <<-EOF >/dev/null set shadowsocks-libev.sss0.server="$vpsip" commit shadowsocks-libev EOF - logger -t "OMR-VPS" "Restart shadowsocks..." - /etc/init.d/shadowsocks-libev restart + if [ "$(uci -q get shadowsocks-libev.sss0.disabled)" = "0" ]; then + logger -t "OMR-VPS" "Restart shadowsocks..." + /etc/init.d/shadowsocks-libev restart + fi fi - if [ "$(uci -q get openvpn.omr.remote)" != "127.0.0.1" ] && [ "$(uci -q get openvpn.omr.remote)" != "$vpsip" ]; then + if [ "$(uci -q get openvpn.omr.remote)" != "127.0.0.1" ] && [ "$(uci -q get openvpn.omr.remote)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then uci -q batch <<-EOF >/dev/null set openvpn.omr.remote="$vpsip" commit openvpn EOF - logger -t "OMR-VPS" "Restart OpenVPN..." - /etc/init.d/openvpn restart + if [ "$(uci -q get openvpn.omr.enabled)" = "1" ]; then + logger -t "OMR-VPS" "Restart OpenVPN..." + /etc/init.d/openvpn restart + fi fi port="$(echo "$vps_config" | jsonfilter -q -e '@.dsvpn.port')" localip="$(echo "$vps_config" | jsonfilter -q -e '@.dsvpn.client_ip')" remoteip="$(echo "$vps_config" | jsonfilter -q -e '@.dsvpn.host_ip')" - if ([ "$(uci -q get dsvpn.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get dsvpn.vpn.host)" != "$vpsip" ]) || [ "$(uci -q get dsvpn.vpn.port)" != "$port" ] || [ "$(uci -q get dsvpn.vpn.localip)" != "$localip" ] || [ "$(uci -q get dsvpn.vpn.remoteip)" != "$remoteip" ]; then + if ([ "$(uci -q get dsvpn.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get dsvpn.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]) || [ "$(uci -q get dsvpn.vpn.port)" != "$port" ] || [ "$(uci -q get dsvpn.vpn.localip)" != "$localip" ] || [ "$(uci -q get dsvpn.vpn.remoteip)" != "$remoteip" ]; then uci -q batch <<-EOF >/dev/null set dsvpn.vpn.port=$port set dsvpn.vpn.localip=$localip @@ -302,20 +306,24 @@ _get_vps_config() { set dsvpn.vpn.host="$vpsip" commit dsvpn EOF - logger -t "OMR-VPS" "Restart DSVPN..." - /etc/init.d/dsvpn restart + if [ "$(uci -q get dsvpn.vpn.enable)" = "1" ]; then + logger -t "OMR-VPS" "Restart DSVPN..." + /etc/init.d/dsvpn restart + fi fi - if [ "$(uci -q get mlvpn.general.host)" != "127.0.0.1" ] && [ "$(uci -q get mlvpn.general.host)" != "$vpsip" ] && [ -f /etc/init.d/mlvpn ]; then + if [ "$(uci -q get mlvpn.general.host)" != "127.0.0.1" ] && [ "$(uci -q get mlvpn.general.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ] && [ -f /etc/init.d/mlvpn ]; then uci -q batch <<-EOF >/dev/null set mlvpn.general=mlvpn set mlvpn.general.host="$vpsip" commit mlvpn EOF - logger -t "OMR-VPS" "Restart MLVPN..." - /etc/init.d/mlvpn restart + if [ "$(uci -q get mlvpn.general.enable)" = "1" ]; then + logger -t "OMR-VPS" "Restart MLVPN..." + /etc/init.d/mlvpn restart + fi fi - if [ "$(uci -q get glorytun.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get glorytun.vpn.host)" != "$vpsip" ]; then + if [ "$(uci -q get glorytun.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get glorytun.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then uci -q batch <<-EOF >/dev/null set glorytun.vpn.host="$vpsip" EOF @@ -323,12 +331,14 @@ _get_vps_config() { fi if [ "$glorytun_change" != "0" ]; then - logger -t "OMR-VPS" "Restart glorytun..." uci -q batch <<-EOF >/dev/null commit glorytun EOF - /etc/init.d/glorytun restart >/dev/null 2>&1 - /etc/init.d/glorytun-udp restart >/dev/null 2>&1 + if [ "$(uci -q get glorytun.vpn.enable)" = "1" ]; then + logger -t "OMR-VPS" "Restart glorytun..." + /etc/init.d/glorytun restart >/dev/null 2>&1 + /etc/init.d/glorytun-udp restart >/dev/null 2>&1 + fi fi } @@ -521,8 +531,10 @@ _set_vpn_ip() { vpnip_remote=$(ip -4 r list dev ${vpnifname} | grep via | grep -v default | grep -v / | grep -v metric | awk '{print $1}' | tr -d "\n") [ -z "$vpnip_remote" ] && vpnip_remote=$(ip -4 r list dev ${vpnifname} | grep kernel | awk '{print $1}' | tr -d "\n") [ -z "$vpnip_remote" ] && vpnip_remote=$(ip -4 r list dev ${vpnifname} | grep "proto static src" | awk '{print $3}' | tr -d "\n") - if [ "$vpnip_remote" != "" ] && [ "$vpnip_local" != "" ] && ([ "$vpnip_remote" != "$vpnip_remote_current" ] || [ "$vpnip_local" != "$vpnip_local_current" ]); then - settings='{"remoteip" : "'$vpnip_local'","localip" : "'$vpnip_remote'"}' + ula="$(uci -q get network.globals.ula_prefix)" + ula_current="$(echo "$vps_config" | jsonfilter -q -e '@.ip6in4.ula')" + if [ "$vpnip_remote" != "" ] && [ "$vpnip_local" != "" ] && ([ "$vpnip_remote" != "$vpnip_remote_current" ] || [ "$vpnip_local" != "$vpnip_local_current" ] || [ "$ula" != "$ula_current" ]); then + settings='{"remoteip" : "'$vpnip_local'","localip" : "'$vpnip_remote'","ula" : ["'$ula'"]}' result=$(_set_json "vpnips" "$settings") fi } @@ -564,8 +576,23 @@ _vps_firewall_redirect_port() { config_get src_dport $1 src_dport config_get family $1 family "ipv4" config_get enabled $1 enabled "1" + [ "$(echo $src_dport | cut -d'-' -f2)" -ge "65000" ] && { + logger -t "OMR-VPS" "You can't redirect ports >= 65000, they are needed by OpenMPTCProuter Server part" + uci -q delete firewall.$1 + return + } [ "$src" = "vpn" ] && [ -n "$proto" ] && [ -n "$src_dport" ] && [ "$enabled" != "0" ] && { if [ "$proto" = "tcp udp" ]; then + checkfw="" + if [ "$family" = "ipv4" ]; then + checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port tcp") + else + checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port tcp") + fi + if [ "$checkfw" = "" ]; then + settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","proto" : "tcp","fwtype" : "DNAT","ipproto" : "'$family'"}' + _set_json "shorewallopen" "$settings" + fi if [ "$family" = "ipv4" ]; then vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port tcp") [ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port tcp") @@ -573,8 +600,17 @@ _vps_firewall_redirect_port() { vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port tcp") [ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port tcp") fi - settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","proto" : "tcp","fwtype" : "DNAT","ipproto" : "'$family'"}' - _set_json "shorewallopen" "$settings" + + checkfw="" + if [ "$family" = "ipv4" ]; then + checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port udp") + else + checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port udp") + fi + if [ "$checkfw" = "" ]; then + settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","proto" : "udp","fwtype" : "DNAT","ipproto" : "'$family'"}' + _set_json "shorewallopen" "$settings" + fi if [ "$family" = "ipv4" ]; then vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port udp") [ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port udp") @@ -582,9 +618,17 @@ _vps_firewall_redirect_port() { vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port udp") [ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port udp") fi - settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","proto" : "udp","fwtype" : "DNAT","ipproto" : "'$family'"}' - _set_json "shorewallopen" "$settings" else + checkfw="" + if [ "$family" = "ipv4" ]; then + checkfw=$(echo "$vpsfwlist" | grep "$src_dport # OMR $username redirect router $src_dport port $proto") + else + checkfw=$(echo "$vpsfw6list" | grep "$src_dport # OMR $username redirect router $src_dport port $proto") + fi + if [ "$checkfw" = "" ]; then + settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","proto" : "'$proto'","fwtype" : "DNAT","ipproto" : "'$family'"}' + _set_json "shorewallopen" "$settings" + fi if [ "$family" = "ipv4" ]; then vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR $username redirect router $src_dport port $proto") [ "$username" = "openmptcprouter" ] && vpsfwlist=$(echo "$vpsfwlist" | grep -v "$src_dport # OMR redirect router $src_dport port $proto") @@ -592,8 +636,6 @@ _vps_firewall_redirect_port() { vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR $username redirect router $src_dport port $proto") [ "$username" = "openmptcprouter" ] && vpsfw6list=$(echo "$vpsfw6list" | grep -v "$src_dport # OMR redirect router $src_dport port $proto") fi - settings='{"name" : "router '$src_dport'","port" : "'$src_dport'","proto" : "'$proto'","fwtype" : "DNAT","ipproto" : "'$family'"}' - _set_json "shorewallopen" "$settings" fi } } @@ -676,7 +718,7 @@ _set_config_from_vps() { [ -z "$vps_config" ] && return logger -t "OMR-VPS" "Get config from VPS..." - + noerror=1 # get VPS ip vpsip="$(uci -q get openmptcprouter.${servername}.ip)" vps_lastchange="$(echo "$vps_config" | jsonfilter -q -e '@.vps.lastchange')" @@ -692,6 +734,13 @@ _set_config_from_vps() { /etc/init.d/omr-tracker restart fi + ula="$(echo "$vps_config" | jsonfilter -q -e '@.ip6in4.ula')" + if [ -n "$ula" ] && [[ "$ula" != *" "* ]]; then + uci -q batch <<-EOF >/dev/null + set network.globals.ula_prefix=$ula + EOF + fi + # Set current VPN current_vpn="$(uci -q get openmptcprouter.settings.vpn)" if [ -z "$current_vpn" ] || [ -n "$vps_lastchange" ] || [ "$user_permission" = "ro" ]; then @@ -937,14 +986,17 @@ _set_config_from_vps() { EOF fi - omr6in4_vps_localip="$(echo "$vps_config" | jsonfilter -q -e '@.6in4.localip')" - omr6in4_vps_remoteip="$(echo "$vps_config" | jsonfilter -q -e '@.6in4.remoteip')" + omr6in4_vps_localip="$(echo "$vps_config" | jsonfilter -q -e '@.ip6in4.localip')" + omr6in4_vps_remoteip="$(echo "$vps_config" | jsonfilter -q -e '@.ip6in4.remoteip')" if ([ -n "$omr6in4_vps_localip" ] && [ "$omr6in4_vps_localip" != "$(uci -q get network.omr6in4.gateway)" ]) || ([ -n "$omr6in4_vps_remoteip" ] && [ "$omr6in4_vps_remoteip" != "$(uci -q get network.omr6in4.ip6addr)" ]); then + logger -t "OMR-VPS" "Set omr6in4 ip address and gateway" uci -q batch <<-EOF >/dev/null - set network.omr6in4.ip6addr=$omr6in4_vps_remoteip - set network.omr6in4.gateway=$omr6in4_vps_localip + set network.omr6in4.ip6addr="$omr6in4_vps_remoteip" + set network.omr6in4.gateway="$omr6in4_vps_localip" commit network EOF + /etc/init.d/network restart + sleep 6 fi # Get VPS iperf config @@ -990,10 +1042,12 @@ _set_config_from_vps() { done fi fi - uci -q batch <<-EOF >/dev/null - set openmptcprouter.${servername}.get_config=0 - commit openmptcprouter - EOF + if [ "$noerror" = "1" ]; then + uci -q batch <<-EOF >/dev/null + set openmptcprouter.${servername}.get_config=0 + commit openmptcprouter + EOF + fi } _backup_send() { diff --git a/openmptcprouter/files/etc/uci-defaults/1920-omr-network b/openmptcprouter/files/etc/uci-defaults/1920-omr-network index 2c8a1231c..30693dae2 100755 --- a/openmptcprouter/files/etc/uci-defaults/1920-omr-network +++ b/openmptcprouter/files/etc/uci-defaults/1920-omr-network @@ -42,6 +42,15 @@ _setup_macvlan_update() { EOF } +_setup_mptcp_handover_to_on() { + if [ "$(uci -q get network.$1.multipath)" = "handover" ]; then + uci -q set network.$1.multipath=on + fi + if [ "$(uci -q get openmptcprouter.$1.multipath)" = "handover" ]; then + uci -q set openmptcprouter.$1.multipath=on + fi +} + _setup_multipath_off() { uci -q get "network.$1.multipath" >/dev/null && return uci -q set "network.$1.multipath=off" @@ -64,6 +73,7 @@ _setup_wan_interface() { config_load network config_foreach _setup_macvlan_update interface +config_foreach _setup_mptcp_handover_to_on interface if [ "$(uci -q show network.lan | grep multipath)" != "" ]; then exit 0 diff --git a/openmptcprouter/files/etc/uci-defaults/2030-omr-wifi b/openmptcprouter/files/etc/uci-defaults/2030-omr-wifi deleted file mode 100755 index 9ade889b2..000000000 --- a/openmptcprouter/files/etc/uci-defaults/2030-omr-wifi +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh - -if [ "$(uci -q get openmptcprouter.latest_versions)" = "" ]; then - uci -q show wireless.default_radio0 && { - uci -q batch <<-EOF >/dev/null - delete wireless.default_radio0 - commit wireless - EOF - } -fi - -exit 0 \ No newline at end of file diff --git a/openmptcprouter/files/etc/uci-defaults/2040-omr-sqm b/openmptcprouter/files/etc/uci-defaults/2040-omr-sqm index 805fa559b..578747e9c 100755 --- a/openmptcprouter/files/etc/uci-defaults/2040-omr-sqm +++ b/openmptcprouter/files/etc/uci-defaults/2040-omr-sqm @@ -16,6 +16,8 @@ if [ "$(uci -q get openmptcprouter.latest_versions)" = "" ]; then set sqm.wan1.upload='0' set sqm.wan1.debug_logging='0' set sqm.wan1.verbosity='5' + set sqm.wan1.iqdisc_opts='autorate-ingress nat dual-dsthost' + set sqm.wan1.eqdisc_opts='nat dual-srchost' set sqm.wan2=queue set sqm.wan2.qdisc="fq_codel" set sqm.wan2.script="simple.qos" @@ -27,6 +29,8 @@ if [ "$(uci -q get openmptcprouter.latest_versions)" = "" ]; then set sqm.wan2.upload='0' set sqm.wan2.debug_logging='0' set sqm.wan2.verbosity='5' + set sqm.wan2.iqdisc_opts='autorate-ingress nat dual-dsthost' + set sqm.wan2.eqdisc_opts='nat dual-srchost' commit sqm EOF if [ "$(uci -q get network.wan3)" != "" ]; then @@ -43,6 +47,8 @@ if [ "$(uci -q get openmptcprouter.latest_versions)" = "" ]; then set sqm.wan3.upload='0' set sqm.wan3.debug_logging='0' set sqm.wan3.verbosity='5' + set sqm.wan3.iqdisc_opts='autorate-ingress nat dual-dsthost' + set sqm.wan3.eqdisc_opts='nat dual-srchost' commit sqm EOF fi @@ -60,6 +66,8 @@ if [ "$(uci -q get openmptcprouter.latest_versions)" = "" ]; then set sqm.wan4.upload='0' set sqm.wan4.debug_logging='0' set sqm.wan4.verbosity='5' + set sqm.wan4.iqdisc_opts='autorate-ingress nat dual-dsthost' + set sqm.wan4.eqdisc_opts='nat dual-srchost' commit sqm EOF fi @@ -79,6 +87,8 @@ if [ "$(uci -q get sqm.omrvpn)" = "" ]; then set sqm.omrvpn.upload='0' set sqm.omrvpn.debug_logging='0' set sqm.omrvpn.verbosity='5' + set sqm.omrvpn.iqdisc_opts='autorate-ingress nat dual-dsthost' + set sqm.omrvpn.eqdisc_opts='nat dual-srchost' commit sqm EOF fi diff --git a/openmptcprouter/files/etc/uci-defaults/2060-omr-system b/openmptcprouter/files/etc/uci-defaults/2060-omr-system index 12cb92bdd..a22438426 100755 --- a/openmptcprouter/files/etc/uci-defaults/2060-omr-system +++ b/openmptcprouter/files/etc/uci-defaults/2060-omr-system @@ -4,7 +4,7 @@ uci -q batch <<-EOF >/dev/null set system.ntp.use_dhcp='0' set system.ntp.enable_server='1' commit system - set rpcd.@rpcd[0].timeout=90 + set rpcd.@rpcd[0].timeout=120 commit rpcd EOF exit 0 \ No newline at end of file diff --git a/rpi-eeprom/Makefile b/rpi-eeprom/Makefile deleted file mode 100644 index b142ccd99..000000000 --- a/rpi-eeprom/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# -# Copyright (C) 2012 OpenWrt.org -# Copyright (C) 2018-2019 Ycarus (Yannick Chabanois) for OpenMPTCProuter -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# -include $(TOPDIR)/rules.mk - -PKG_NAME:=rpi-eeprom -PKG_VERSION:=20200319 -PKG_RELEASE:=1 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/raspberrypi/rpi-eeprom.git -PKG_SOURCE_VERSION:=a9ca308223c1d0426b9ab320696b95954078c3b4 - -CMAKE_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/rpi-eeprom - SECTION:=rpi - CATEGORY:=Raspberry Pi - URL:=https://github.com/raspberrypi/rpi-eeprom - TITLE:=rpi-eeprom - DEPENDS:=+fwtool +pciutils +blkid -endef - -define Package/rpi-eeprom/description - Update Raspberry PI 4 bootloader EEPROM -endef - -define Build/Compile -endef - -define Package/rpi-eeprom/install - $(INSTALL_DIR) $(1)/lib/firmware/raspberrypi/bootloader \ - $(1)/usr/bin \ - $(1)/etc/default - $(CP) $(PKG_BUILD_DIR)/rpi-eeprom-update $(1)/usr/bin - $(CP) $(PKG_BUILD_DIR)/rpi-eeprom-config $(1)/usr/bin - $(CP) $(PKG_BUILD_DIR)/rpi-eeprom-update-default $(1)/etc/default/rpi-eeprom-update - $(CP) $(PKG_BUILD_DIR)/firmware/vl805 $(1)/usr/bin - $(CP) -r $(PKG_BUILD_DIR)/firmware/critical $(1)/lib/firmware/raspberrypi/bootloader/critical - $(CP) -r $(PKG_BUILD_DIR)/firmware/beta $(1)/lib/firmware/raspberrypi/bootloader/beta -endef - -$(eval $(call BuildPackage,rpi-eeprom)) diff --git a/shadowsocks-libev/files/shadowsocks.conf b/shadowsocks-libev/files/shadowsocks.conf index d6390e2c4..1c4703f5b 100644 --- a/shadowsocks-libev/files/shadowsocks.conf +++ b/shadowsocks-libev/files/shadowsocks.conf @@ -2,14 +2,14 @@ # max open files fs.file-max = 512000 # max read buffer -net.core.rmem_max = 15000000 +net.core.rmem_max = 67108864 # max write buffer -net.core.wmem_max = 7500000 -net.core.optmem_max = 7500000 +net.core.wmem_max = 67108864 +net.core.optmem_max = 33554432 # default read buffer -net.core.rmem_default = 131072 +#net.core.rmem_default = 131072 # default write buffer -net.core.wmem_default = 131072 +#net.core.wmem_default = 131072 # max processor input queue net.core.netdev_max_backlog = 4096 # max backlog @@ -34,13 +34,13 @@ net.ipv4.tcp_max_tw_buckets = 10000 # turn on TCP Fast Open on both client and server side #net.ipv4.tcp_fastopen = 3 # TCP receive buffer -net.ipv4.tcp_rmem = 4096 524288 7500000 +net.ipv4.tcp_rmem = 4096 87380 33554432 # TCP write buffer -net.ipv4.tcp_wmem = 4096 524288 7500000 +net.ipv4.tcp_wmem = 4096 65536 33554432 # TCP buffer -net.ipv4.tcp_mem = 768174 7500000 15000000 +net.ipv4.tcp_mem = 8092 131072 67108864 # UDP buffer -net.ipv4.udp_mem = 768174 75000000 150000000 +net.ipv4.udp_mem = 8092 131072 67108864 # turn off path MTU discovery net.ipv4.tcp_mtu_probing = 0 @@ -48,7 +48,8 @@ net.ipv4.tcp_mtu_probing = 0 # net.ipv4.tcp_congestion_control = balia # Default conntrack is too small -net.netfilter.nf_conntrack_max=131072 +net.netfilter.nf_conntrack_max = 131072 -net.ipv4.tcp_ecn=1 -net.ipv4.tcp_retries2=10 \ No newline at end of file +net.ipv4.tcp_ecn = 1 +net.ipv4.tcp_retries2 = 10 +#net.ipv4.tcp_sack = 0 diff --git a/tracebox/Makefile b/tracebox/Makefile index 792d9659c..59778d4bd 100644 --- a/tracebox/Makefile +++ b/tracebox/Makefile @@ -1,3 +1,11 @@ +# +# Copyright (C) 2018-2020 Ycarus (Yannick Chabanois) for OpenMPTCProuter project +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + + include $(TOPDIR)/rules.mk PKG_NAME:=tracebox @@ -7,7 +15,7 @@ PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) PKG_SOURCE_URL:=https://github.com/tracebox/tracebox.git -PKG_MAINTAINER:=Gregory Detal +PKG_MAINTAINER:=Ycarus PKG_SOURCE_PROTO:=git PKG_SOURCE_VERSION:=v0.4.4