Add MPTCP upstream support

dsvpn/files/init

@@ -29,6 +29,16 @@ validate_section() {
 		'externalip:string:auto'
 }
 
+version_over_5_4() {
+	MAJOR_VERSION=$(uname -r | awk -F '.' '{print $1}')
+	MINOR_VERSION=$(uname -r | awk -F '.' '{print $2}')
+	if [ $MAJOR_VERSION -ge 5 ] && [ $MINOR_VERSION -gt 13 ] || [ $MAJOR_VERSION -gt 5 ] ; then
+		return 0
+	else
+		return 1
+	fi
+}
+
 start_instance() {
 	local enable key host port dev
 
@@ -58,6 +68,10 @@ start_instance() {
 
 	_log "starting ${PROG_NAME} ${1} instance $*"
 
+	if version_over_5_4; then
+		PROG="mptcpize run ${PROG}"
+	fi
+
 	procd_open_instance
 
 	procd_set_param command ${PROG} ${mode} \

glorytun/Makefile

@@ -9,11 +9,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=glorytun
-PKG_VERSION:=0.0.35
 PKG_RELEASE:=6
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=6d58536f4232fea8eaa10fb60aace8ba11f29ed6
 PKG_SOURCE:=glorytun-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/angt/glorytun/releases/download/v$(PKG_VERSION)
-PKG_HASH:=49e4d8ea4ff2990300b37947b0bd0da3c8e0985bc6eddf29f4146306188fff64
+PKG_SOURCE_URL:=https://github.com/Ysurac/glorytun.git
+PKG_VERSION:=0.0.35-$(PKG_SOURCE_VERSION)
+
+PKG_FIXUP:=autoreconf
 
 include $(INCLUDE_DIR)/package.mk
 

luci-app-mptcp/luasrc/controller/mptcp.lua

@@ -210,13 +210,23 @@ function mptcp_monitor_data()
 	luci.http.prepare_content("text/plain")
 	local fullmesh
 	fullmesh = io.popen("cat /proc/net/mptcp_net/snmp")
-	if fullmesh then
+	if fullmesh:read() ~= nil then
 		while true do
 			local ln = fullmesh:read("*l")
 			if not ln then break end
 			luci.http.write(ln)
 			luci.http.write("\n")
 		end
+	else
+		fullmesh = io.popen("nstat -z")
+		if fullmesh then
+			while true do
+				local ln = fullmesh:read("*l")
+				if not ln then break end
+				luci.http.write(ln)
+				luci.http.write("\n")
+			end
+		end
 	end
 	return
 end
@@ -225,7 +235,7 @@ function mptcp_connections_data()
 	luci.http.prepare_content("text/plain")
 	local connections
 	connections = io.popen("multipath -c")
-	if connections then
+	if connections:read() ~= nil then
 		while true do
 			local ln = connections:read("*l")
 			if not ln then break end

luci-app-mptcp/luasrc/model/cbi/mptcp.lua

@@ -21,56 +21,74 @@ o:value(0, translate("disable"))
 o = s:option(ListValue, "mptcp_path_manager", translate("Multipath TCP path-manager"), translate("Default is fullmesh"))
 o:value("default", translate("default"))
 o:value("fullmesh", "fullmesh")
-o:value("ndiffports", "ndiffports")
-o:value("binder", "binder")
-if uname.release:sub(1,4) ~= "4.14" then
+if uname.release:sub(1,4) ~= "5.14" then
+    o:value("ndiffports", "ndiffports")
+    o:value("binder", "binder")
+    if uname.release:sub(1,4) ~= "4.14" then
 	o:value("netlink", translate("Netlink"))
+    end
 end
 o = s:option(ListValue, "mptcp_scheduler", translate("Multipath TCP scheduler"))
 o:value("default", translate("default"))
-o:value("roundrobin", "round-robin")
-o:value("redundant", "redundant")
-if uname.release:sub(1,4) ~= "4.14" then
+if uname.release:sub(1,4) ~= "5.14" then
+    o:value("roundrobin", "round-robin")
+    o:value("redundant", "redundant")
+    if uname.release:sub(1,4) ~= "4.14" then
 	o:value("blest", "BLEST")
 	o:value("ecf", "ECF")
+    end
+end
+if uname.release:sub(1,4) ~= "5.14" then
+    o = s:option(Value, "mptcp_syn_retries", translate("Multipath TCP SYN retries"))
+    o.datatype = "uinteger"
+    o.rmempty = false
 end
-o = s:option(Value, "mptcp_syn_retries", translate("Multipath TCP SYN retries"))
-o.datatype = "uinteger"
-o.rmempty = false
 o = s:option(ListValue, "congestion", translate("Congestion Control"),translate("Default is cubic"))
 local availablecong = sys.exec("sysctl -n net.ipv4.tcp_available_congestion_control | xargs -n1 | sort | xargs")
 for cong in string.gmatch(availablecong, "[^%s]+") do
 	o:value(cong, translate(cong))
 end
 
-o = s:option(Value, "mptcp_fullmesh_num_subflows", translate("Fullmesh subflows for each pair of IP addresses"))
-o.datatype = "uinteger"
-o.rmempty = false
-o.default = 1
---o:depends("mptcp_path_manager","fullmesh")
+if uname.release:sub(1,4) == "5.14" then
+    o = s:option(Value, "mptcp_subflows", translate("specifies the maximum number of additional subflows allowed for each MPTCP connection"))
+    o.datatype = "uinteger"
+    o.rmempty = false
+    o.default = 3
+    
+    o = s:option(Value, "mptcp_add_addr_accepted", translate("specifies the maximum number of ADD_ADDR suboptions accepted for each MPTCP connection"))
+    o.datatype = "uinteger"
+    o.rmempty = false
+    o.default = 1
+else
+    o = s:option(Value, "mptcp_fullmesh_num_subflows", translate("Fullmesh subflows for each pair of IP addresses"))
+    o.datatype = "uinteger"
+    o.rmempty = false
+    o.default = 1
+    --o:depends("mptcp_path_manager","fullmesh")
 
-o = s:option(ListValue, "mptcp_fullmesh_create_on_err", translate("Re-create fullmesh subflows after a timeout"))
-o:value(1, translate("enable"))
-o:value(0, translate("disable"))
---o:depends("mptcp_path_manager","fullmesh")
+    o = s:option(ListValue, "mptcp_fullmesh_create_on_err", translate("Re-create fullmesh subflows after a timeout"))
+    o:value(1, translate("enable"))
+    o:value(0, translate("disable"))
+    --o:depends("mptcp_path_manager","fullmesh")
 
-o = s:option(Value, "mptcp_ndiffports_num_subflows", translate("ndiffports subflows number"))
-o.datatype = "uinteger"
-o.rmempty = false
-o.default = 1
---o:depends("mptcp_path_manager","ndiffports")
+    o = s:option(Value, "mptcp_ndiffports_num_subflows", translate("ndiffports subflows number"))
+    o.datatype = "uinteger"
+    o.rmempty = false
+    o.default = 1
+    --o:depends("mptcp_path_manager","ndiffports")
 
-o = s:option(ListValue, "mptcp_rr_cwnd_limited", translate("Fill the congestion window on all subflows for round robin"))
-o:value("Y", translate("enable"))
-o:value("N", translate("disable"))
-o.default = "Y"
---o:depends("mptcp_scheduler","roundrobin")
+    o = s:option(ListValue, "mptcp_rr_cwnd_limited", translate("Fill the congestion window on all subflows for round robin"))
+    o:value("Y", translate("enable"))
+    o:value("N", translate("disable"))
+    o.default = "Y"
+    --o:depends("mptcp_scheduler","roundrobin")
 
-o = s:option(Value, "mptcp_rr_num_segments", translate("Consecutive segments that should be sent for round robin"))
-o.datatype = "uinteger"
-o.rmempty = false
-o.default = 1
---o:depends("mptcp_scheduler","roundrobin")
+    o = s:option(Value, "mptcp_rr_num_segments", translate("Consecutive segments that should be sent for round robin"))
+    o.datatype = "uinteger"
+    o.rmempty = false
+    o.default = 1
+    --o:depends("mptcp_scheduler","roundrobin")
+end
 
 s = m:section(TypedSection, "interface", translate("Interfaces Settings"))
 o = s:option(ListValue, "multipath", translate("Multipath TCP"), translate("One interface must be set as master"))

mptcp/files/etc/init.d/mptcp

@@ -16,6 +16,9 @@ global_multipath_settings() {
 	config_get multipath globals multipath
 	config_get mptcp_path_manager globals mptcp_path_manager
 	config_get mptcp_scheduler globals mptcp_scheduler
+	config_get mptcp_subflows globals mptcp_subflows "3"
+	config_get mptcp_add_addr_accepted globals mptcp_add_addr_accepted "1"
+	config_get mptcp_add_addr_timeout globals mptcp_add_addr_timeout "120"
 	config_get mptcp_debug globals mptcp_debug
 	config_get congestion globals congestion
 	config_get mptcp_checksum globals mptcp_checksum
@@ -29,18 +32,25 @@ global_multipath_settings() {
 	[ "$multipath" = "enable" ] && multipath_status=1
 
 	# Global MPTCP configuration
-	sysctl -qw net.mptcp.mptcp_enabled="$multipath_status"
-	[ -z "$mptcp_path_manager" ] || sysctl -qw net.mptcp.mptcp_path_manager="$mptcp_path_manager"
-	[ -z "$mptcp_scheduler" ] || sysctl -qw net.mptcp.mptcp_scheduler="$mptcp_scheduler"
+	if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then
+		sysctl -qw net.mptcp.mptcp_enabled="$multipath_status"
+		[ -z "$mptcp_path_manager" ] || sysctl -qw net.mptcp.mptcp_path_manager="$mptcp_path_manager"
+		[ -z "$mptcp_scheduler" ] || sysctl -qw net.mptcp.mptcp_scheduler="$mptcp_scheduler"
+		[ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.mptcp_checksum="$mptcp_checksum"
+		[ -z "$mptcp_debug" ] || sysctl -qw net.mptcp.mptcp_debug="$mptcp_debug"
+		[ -z "$mptcp_syn_retries" ] || sysctl -qw net.mptcp.mptcp_syn_retries="$mptcp_syn_retries"
+		[ -z "$mptcp_fullmesh_num_subflows" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/num_subflows="$mptcp_fullmesh_num_subflows"
+		[ -z "$mptcp_fullmesh_create_on_err" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/create_on_err="$mptcp_fullmesh_create_on_err"
+		[ -z "$mptcp_ndiffports_num_subflows" ] || sysctl -qw /sys/module/mptcp_ndiffports/parameters/num_subflows="$mptcp_ndiffports_num_subflows"
+		[ -z "$mptcp_rr_cwnd_limited" ] || sysctl -qw /sys/module/mptcp_rr/parameters/cwnd_limited="$mptcp_rr_cwnd_limited"
+		[ -z "$mptcp_rr_num_segments" ] || sysctl -qw /sys/module/mptcp_rr/parameters/num_segments="$mptcp_rr_num_segments"
+	else
+		sysctl -qw net.mptcp.enabled="$multipath_status"
+		ip mptcp limits set add_addr_accepted $mptcp_add_addr_accepted subflows $mptcp_subflows 2>&1 >/dev/null
+		[ -z "$mptcp_add_addr_timeout" ] || sysctl -qw net.mptcp.add_addr_timeout="$mptcp_add_addr_timeout"
+		[ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.checksum_enabled="$mptcp_checksum"
+	fi
 	[ -z "$congestion" ] || sysctl -qw net.ipv4.tcp_congestion_control="$congestion"
-	[ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.mptcp_checksum="$mptcp_checksum"
-	[ -z "$mptcp_debug" ] || sysctl -qw net.mptcp.mptcp_debug="$mptcp_debug"
-	[ -z "$mptcp_syn_retries" ] || sysctl -qw net.mptcp.mptcp_syn_retries="$mptcp_syn_retries"
-	[ -z "$mptcp_fullmesh_num_subflows" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/num_subflows="$mptcp_fullmesh_num_subflows"
-	[ -z "$mptcp_fullmesh_create_on_err" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/create_on_err="$mptcp_fullmesh_create_on_err"
-	[ -z "$mptcp_ndiffports_num_subflows" ] || sysctl -qw /sys/module/mptcp_ndiffports/parameters/num_subflows="$mptcp_ndiffports_num_subflows"
-	[ -z "$mptcp_rr_cwnd_limited" ] || sysctl -qw /sys/module/mptcp_rr/parameters/cwnd_limited="$mptcp_rr_cwnd_limited"
-	[ -z "$mptcp_rr_num_segments" ] || sysctl -qw /sys/module/mptcp_rr/parameters/num_segments="$mptcp_rr_num_segments"
 }
 
 interface_macaddr_count() {

mptcp/files/usr/bin/multipath

@@ -12,8 +12,6 @@ if [ -d "/proc/sys/net/mptcp" ]; then
         fi
 else
         echo "Your device don't support multipath-TCP."
-        echo "You have to install the pached kernel to use MPTCP."
-        echo "See http://multipath-tcp.org/ for details"
         exit 1
 fi
 
@@ -22,7 +20,11 @@ case $1 in
         echo "          Multipath-TCP configuration tool"
         echo "show/update flags:"
         echo "  multipath [device]"
-        echo "  multipath device {on | off | backup | handover}"
+        if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then
+                echo "  multipath device {on | off | backup }"
+        else
+                echo "  multipath device {on | off | signal | backup }"
+        fi
         echo
         echo "show established conections: -c"
         echo "show fullmesh info: -f"
@@ -32,14 +34,21 @@ case $1 in
         echo "will allow a subflow to be established across this interface, but only be used"
         echo "as backup. Handover-flag indicates that his interface is not used at all (even "
         echo "no subflow being established), as long as there are other interfaces available."
-        echo "See http://multipath-tcp.org/ for details"
         echo
         exit 0 ;;
    "-c")
-        cat /proc/net/mptcp_net/mptcp
+        if [ -f /proc/net/mptcp_net/mptcp ]; then
+            cat /proc/net/mptcp_net/mptcp
+        else
+            ss -M
+        fi
         exit 0;;
    "-f")
-        cat /proc/net/mptcp_fullmesh
+        if [ -f /proc/net/mptcp_fullmesh ]; then
+            cat /proc/net/mptcp_fullmesh
+        else
+            ip mptcp endpoint | grep fullmesh
+        fi
         exit 0;;
    "-k")
         if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then
@@ -65,7 +74,6 @@ case $1 in
             echo Debugmode: `cat /proc/sys/net/mptcp/mptcp_debug`
         fi
         echo
-        echo See http://multipath-tcp.org/ for details
         exit 0 ;;
    "")
         for ifpath in /sys/class/net/*; do
@@ -128,7 +136,8 @@ else
                         exit 0;;
                 "signal")
                         [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null
-                        ip mptcp endpoint add $IP dev $DEVICE signal subflow fullmesh
+                        #ip mptcp endpoint add $IP dev $DEVICE signal subflow fullmesh
+                        ip mptcp endpoint add $IP dev $DEVICE signal
                         exit 0;;
                 "backup")
                         [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null

openmptcprouter-full/Makefile

@@ -28,7 +28,7 @@ MY_DEPENDS := \
     iperf3-ssl luci-app-iperf \
     arptables \
     bind-dig \
-    libnetfilter-conntrack ebtables ebtables-utils ip-full \
+    libnetfilter-conntrack ebtables ebtables-utils ip-full nstat \
     iptables-mod-iface iptables-mod-ipmark iptables-mod-hashlimit iptables-mod-condition iptables-mod-trace iptables-mod-conntrack-extra iptables-mod-account \
     kmod-nf-nat kmod-nf-nathelper kmod-nf-nathelper-extra iptables-mod-extra conntrack \
     iptables-mod-ipsec kmod-crypto-authenc kmod-ipsec kmod-ipsec4 kmod-ipsec6 kmod-ipt-ipsec \

openmptcprouter/files/etc/init.d/openmptcprouter-vps

@@ -221,6 +221,8 @@ _get_ss_redir() {
 	[ "$cf_fast_open" = "1" ] && fast_open="true"
 	config_get cf_no_delay $1 no_delay
 	[ "$cf_no_delay" = "1" ] && no_delay="true"
+	config_get cf_mptcp $1 mptcp
+	[ "$cf_mptcp" = "1" ] && mptcp="true"
 }
 
 _get_ss_server() {
@@ -253,10 +255,12 @@ _set_ss_server_vps() {
 	current_obfs_type="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.obfs_type')"
 	current_fast_open="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.fast_open')"
 	current_no_delay="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.no_delay')"
+	current_mptcp="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.mptcp')"
 	
 	ebpf="false"
 	fast_open="false"
 	no_delay="false"
+	mptcp="false"
 	obfs="false"
 	obfs_plugin="v2ray"
 	obfs_type="http"
@@ -264,9 +268,9 @@ _set_ss_server_vps() {
 	config_foreach _get_ss_redir ss_redir
 	config_foreach _get_ss_server server
 
-	if [ "$current_obfs_plugin" != "$obfs_plugin" ] || [ "$current_obfs_type" != "$obfs_type" ] || [ "$current_port" != "$port" ] || [ "$current_method" != "$method" ] || [ "$current_key" != "$key" ] || [ "$current_ebpf" != "$ebpf" ] || [ "$current_obfs" != "$obfs" ] || [ "$current_fast_open" != "$fast_open" ] || [ "$current_no_delay" != "$no_delay" ]; then
+	if [ "$current_mptcp" != "$mptcp" ] || [ "$current_obfs_plugin" != "$obfs_plugin" ] || [ "$current_obfs_type" != "$obfs_type" ] || [ "$current_port" != "$port" ] || [ "$current_method" != "$method" ] || [ "$current_key" != "$key" ] || [ "$current_ebpf" != "$ebpf" ] || [ "$current_obfs" != "$obfs" ] || [ "$current_fast_open" != "$fast_open" ] || [ "$current_no_delay" != "$no_delay" ]; then
 		local settings
-		settings='{"port": '$port',"method":"'$method'","fast_open":'$fast_open',"reuse_port":true,"no_delay":'$no_delay',"mptcp":true,"key":"'$key'","ebpf":'$ebpf',"obfs":'$obfs',"obfs_plugin":"'$obfs_plugin'","obfs_type":"'$obfs_type'"}'
+		settings='{"port": '$port',"method":"'$method'","fast_open":'$fast_open',"reuse_port":true,"no_delay":'$no_delay',"mptcp":'$mptcp',"key":"'$key'","ebpf":'$ebpf',"obfs":'$obfs',"obfs_plugin":"'$obfs_plugin'","obfs_type":"'$obfs_type'"}'
 		_set_json "shadowsocks" "$settings"
 	fi
 }
@@ -736,7 +740,7 @@ _set_mptcp_vps() {
 	syn_retries="$(uci -q get network.globals.mptcp_syn_retries)"
 	congestion="$(uci -q get network.globals.congestion)"
 	[ -z "$congestion" ] && congestion="bbr"
-	if [ "$mptcp_enabled_current" != "$mptcp_enabled" ] || [ "$checksum_current" != "$checksum" ] || [ "$path_manager_current" != "$path_manager" ] || [ "$scheduler_current" != "$scheduler" ] || [ "$syn_retries_current" != "$syn_retries" ] || [ "$congestion_control_current" != "$congestion" ]; then
+	if [ "$mptcp_enabled_current" != "$mptcp_enabled" ] || [ "$checksum_current" != "$checksum" ] || ([ "$path_manager_current" != "" ] && [ "$path_manager_current" != "$path_manager" ]) || ([ "$scheduler_current" != "" ] && [ "$scheduler_current" != "$scheduler" ]) || ([ "$syn_retries_current" != "" ] && [ "$syn_retries_current" != "$syn_retries" ]) || [ "$congestion_control_current" != "$congestion" ]; then
 		settings='{"enabled" : "'$mptcp_enabled'", "checksum": "'$checksum'","path_manager": "'$path_manager'","scheduler": "'$scheduler'","syn_retries": "'$syn_retries'","congestion_control": "'$congestion'"}'
 		echo $(_set_json "mptcp" "$settings")
 	else
@@ -1542,13 +1546,18 @@ _set_config_from_vps() {
 	congestion="$(echo "$vps_config" | jsonfilter -q -e '@.network.congestion_control')"
 	uci -q batch <<-EOF >/dev/null
 		set network.globals.multipath=$mptcp_enabled
-		set network.globals.mptcp_path_manager=$mptcp_path_manager
-		set network.globals.mptcp_scheduler=$mptcp_scheduler
 		set network.globals.mptcp_checksum=$mptcp_checksum
-		set network.globals.mptcp_syn_retries=$mptcp_syn_retries
 		set network.globals.congestion=$congestion
 		commit network
 	EOF
+	if [ "$mptcp_path_manager" != "" ] && [ "$mptcp_scheduler" != "" ] && [ "$mptcp_syn_retries" != "" ]; then
+		uci -q batch <<-EOF >/dev/null
+			set network.globals.mptcp_path_manager=$mptcp_path_manager
+			set network.globals.mptcp_scheduler=$mptcp_scheduler
+			set network.globals.mptcp_syn_retries=$mptcp_syn_retries
+			commit network
+		EOF
+	fi
 
 	# Check if server get an IPv6, if not disable IPv6 on OMR
 	vps_ipv6_addr="$(echo "$vps_config" | jsonfilter -q -e '@.network.ipv6')"