diff --git a/dsvpn/files/init b/dsvpn/files/init index 1d78ed4be..ca25fd3f0 100755 --- a/dsvpn/files/init +++ b/dsvpn/files/init @@ -29,6 +29,16 @@ validate_section() { 'externalip:string:auto' } +version_over_5_4() { + MAJOR_VERSION=$(uname -r | awk -F '.' '{print $1}') + MINOR_VERSION=$(uname -r | awk -F '.' '{print $2}') + if [ $MAJOR_VERSION -ge 5 ] && [ $MINOR_VERSION -gt 13 ] || [ $MAJOR_VERSION -gt 5 ] ; then + return 0 + else + return 1 + fi +} + start_instance() { local enable key host port dev @@ -58,6 +68,10 @@ start_instance() { _log "starting ${PROG_NAME} ${1} instance $*" + if version_over_5_4; then + PROG="mptcpize run ${PROG}" + fi + procd_open_instance procd_set_param command ${PROG} ${mode} \ diff --git a/glorytun/Makefile b/glorytun/Makefile index 6cd00b7ae..95d7ed3aa 100644 --- a/glorytun/Makefile +++ b/glorytun/Makefile @@ -9,11 +9,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=glorytun -PKG_VERSION:=0.0.35 PKG_RELEASE:=6 +PKG_SOURCE_PROTO:=git +PKG_SOURCE_VERSION:=6d58536f4232fea8eaa10fb60aace8ba11f29ed6 PKG_SOURCE:=glorytun-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://github.com/angt/glorytun/releases/download/v$(PKG_VERSION) -PKG_HASH:=49e4d8ea4ff2990300b37947b0bd0da3c8e0985bc6eddf29f4146306188fff64 +PKG_SOURCE_URL:=https://github.com/Ysurac/glorytun.git +PKG_VERSION:=0.0.35-$(PKG_SOURCE_VERSION) + +PKG_FIXUP:=autoreconf include $(INCLUDE_DIR)/package.mk diff --git a/luci-app-mptcp/luasrc/controller/mptcp.lua b/luci-app-mptcp/luasrc/controller/mptcp.lua index 33f39fcc6..c81458f80 100644 --- a/luci-app-mptcp/luasrc/controller/mptcp.lua +++ b/luci-app-mptcp/luasrc/controller/mptcp.lua @@ -210,13 +210,23 @@ function mptcp_monitor_data() luci.http.prepare_content("text/plain") local fullmesh fullmesh = io.popen("cat /proc/net/mptcp_net/snmp") - if fullmesh then + if fullmesh:read() ~= nil then while true do local ln = fullmesh:read("*l") if not ln then break end luci.http.write(ln) luci.http.write("\n") end + else + fullmesh = io.popen("nstat -z") + if fullmesh then + while true do + local ln = fullmesh:read("*l") + if not ln then break end + luci.http.write(ln) + luci.http.write("\n") + end + end end return end @@ -225,7 +235,7 @@ function mptcp_connections_data() luci.http.prepare_content("text/plain") local connections connections = io.popen("multipath -c") - if connections then + if connections:read() ~= nil then while true do local ln = connections:read("*l") if not ln then break end diff --git a/luci-app-mptcp/luasrc/model/cbi/mptcp.lua b/luci-app-mptcp/luasrc/model/cbi/mptcp.lua index 4b3bdb2b7..b9e7d0630 100644 --- a/luci-app-mptcp/luasrc/model/cbi/mptcp.lua +++ b/luci-app-mptcp/luasrc/model/cbi/mptcp.lua @@ -21,56 +21,74 @@ o:value(0, translate("disable")) o = s:option(ListValue, "mptcp_path_manager", translate("Multipath TCP path-manager"), translate("Default is fullmesh")) o:value("default", translate("default")) o:value("fullmesh", "fullmesh") -o:value("ndiffports", "ndiffports") -o:value("binder", "binder") -if uname.release:sub(1,4) ~= "4.14" then +if uname.release:sub(1,4) ~= "5.14" then + o:value("ndiffports", "ndiffports") + o:value("binder", "binder") + if uname.release:sub(1,4) ~= "4.14" then o:value("netlink", translate("Netlink")) + end end o = s:option(ListValue, "mptcp_scheduler", translate("Multipath TCP scheduler")) o:value("default", translate("default")) -o:value("roundrobin", "round-robin") -o:value("redundant", "redundant") -if uname.release:sub(1,4) ~= "4.14" then +if uname.release:sub(1,4) ~= "5.14" then + o:value("roundrobin", "round-robin") + o:value("redundant", "redundant") + if uname.release:sub(1,4) ~= "4.14" then o:value("blest", "BLEST") o:value("ecf", "ECF") + end +end +if uname.release:sub(1,4) ~= "5.14" then + o = s:option(Value, "mptcp_syn_retries", translate("Multipath TCP SYN retries")) + o.datatype = "uinteger" + o.rmempty = false end -o = s:option(Value, "mptcp_syn_retries", translate("Multipath TCP SYN retries")) -o.datatype = "uinteger" -o.rmempty = false o = s:option(ListValue, "congestion", translate("Congestion Control"),translate("Default is cubic")) local availablecong = sys.exec("sysctl -n net.ipv4.tcp_available_congestion_control | xargs -n1 | sort | xargs") for cong in string.gmatch(availablecong, "[^%s]+") do o:value(cong, translate(cong)) end -o = s:option(Value, "mptcp_fullmesh_num_subflows", translate("Fullmesh subflows for each pair of IP addresses")) -o.datatype = "uinteger" -o.rmempty = false -o.default = 1 ---o:depends("mptcp_path_manager","fullmesh") +if uname.release:sub(1,4) == "5.14" then + o = s:option(Value, "mptcp_subflows", translate("specifies the maximum number of additional subflows allowed for each MPTCP connection")) + o.datatype = "uinteger" + o.rmempty = false + o.default = 3 + + o = s:option(Value, "mptcp_add_addr_accepted", translate("specifies the maximum number of ADD_ADDR suboptions accepted for each MPTCP connection")) + o.datatype = "uinteger" + o.rmempty = false + o.default = 1 +else + o = s:option(Value, "mptcp_fullmesh_num_subflows", translate("Fullmesh subflows for each pair of IP addresses")) + o.datatype = "uinteger" + o.rmempty = false + o.default = 1 + --o:depends("mptcp_path_manager","fullmesh") -o = s:option(ListValue, "mptcp_fullmesh_create_on_err", translate("Re-create fullmesh subflows after a timeout")) -o:value(1, translate("enable")) -o:value(0, translate("disable")) ---o:depends("mptcp_path_manager","fullmesh") + o = s:option(ListValue, "mptcp_fullmesh_create_on_err", translate("Re-create fullmesh subflows after a timeout")) + o:value(1, translate("enable")) + o:value(0, translate("disable")) + --o:depends("mptcp_path_manager","fullmesh") -o = s:option(Value, "mptcp_ndiffports_num_subflows", translate("ndiffports subflows number")) -o.datatype = "uinteger" -o.rmempty = false -o.default = 1 ---o:depends("mptcp_path_manager","ndiffports") + o = s:option(Value, "mptcp_ndiffports_num_subflows", translate("ndiffports subflows number")) + o.datatype = "uinteger" + o.rmempty = false + o.default = 1 + --o:depends("mptcp_path_manager","ndiffports") -o = s:option(ListValue, "mptcp_rr_cwnd_limited", translate("Fill the congestion window on all subflows for round robin")) -o:value("Y", translate("enable")) -o:value("N", translate("disable")) -o.default = "Y" ---o:depends("mptcp_scheduler","roundrobin") + o = s:option(ListValue, "mptcp_rr_cwnd_limited", translate("Fill the congestion window on all subflows for round robin")) + o:value("Y", translate("enable")) + o:value("N", translate("disable")) + o.default = "Y" + --o:depends("mptcp_scheduler","roundrobin") -o = s:option(Value, "mptcp_rr_num_segments", translate("Consecutive segments that should be sent for round robin")) -o.datatype = "uinteger" -o.rmempty = false -o.default = 1 ---o:depends("mptcp_scheduler","roundrobin") + o = s:option(Value, "mptcp_rr_num_segments", translate("Consecutive segments that should be sent for round robin")) + o.datatype = "uinteger" + o.rmempty = false + o.default = 1 + --o:depends("mptcp_scheduler","roundrobin") +end s = m:section(TypedSection, "interface", translate("Interfaces Settings")) o = s:option(ListValue, "multipath", translate("Multipath TCP"), translate("One interface must be set as master")) diff --git a/mptcp/files/etc/init.d/mptcp b/mptcp/files/etc/init.d/mptcp index 64bb51d51..7dd629733 100755 --- a/mptcp/files/etc/init.d/mptcp +++ b/mptcp/files/etc/init.d/mptcp @@ -16,6 +16,9 @@ global_multipath_settings() { config_get multipath globals multipath config_get mptcp_path_manager globals mptcp_path_manager config_get mptcp_scheduler globals mptcp_scheduler + config_get mptcp_subflows globals mptcp_subflows "3" + config_get mptcp_add_addr_accepted globals mptcp_add_addr_accepted "1" + config_get mptcp_add_addr_timeout globals mptcp_add_addr_timeout "120" config_get mptcp_debug globals mptcp_debug config_get congestion globals congestion config_get mptcp_checksum globals mptcp_checksum @@ -29,18 +32,25 @@ global_multipath_settings() { [ "$multipath" = "enable" ] && multipath_status=1 # Global MPTCP configuration - sysctl -qw net.mptcp.mptcp_enabled="$multipath_status" - [ -z "$mptcp_path_manager" ] || sysctl -qw net.mptcp.mptcp_path_manager="$mptcp_path_manager" - [ -z "$mptcp_scheduler" ] || sysctl -qw net.mptcp.mptcp_scheduler="$mptcp_scheduler" + if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then + sysctl -qw net.mptcp.mptcp_enabled="$multipath_status" + [ -z "$mptcp_path_manager" ] || sysctl -qw net.mptcp.mptcp_path_manager="$mptcp_path_manager" + [ -z "$mptcp_scheduler" ] || sysctl -qw net.mptcp.mptcp_scheduler="$mptcp_scheduler" + [ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.mptcp_checksum="$mptcp_checksum" + [ -z "$mptcp_debug" ] || sysctl -qw net.mptcp.mptcp_debug="$mptcp_debug" + [ -z "$mptcp_syn_retries" ] || sysctl -qw net.mptcp.mptcp_syn_retries="$mptcp_syn_retries" + [ -z "$mptcp_fullmesh_num_subflows" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/num_subflows="$mptcp_fullmesh_num_subflows" + [ -z "$mptcp_fullmesh_create_on_err" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/create_on_err="$mptcp_fullmesh_create_on_err" + [ -z "$mptcp_ndiffports_num_subflows" ] || sysctl -qw /sys/module/mptcp_ndiffports/parameters/num_subflows="$mptcp_ndiffports_num_subflows" + [ -z "$mptcp_rr_cwnd_limited" ] || sysctl -qw /sys/module/mptcp_rr/parameters/cwnd_limited="$mptcp_rr_cwnd_limited" + [ -z "$mptcp_rr_num_segments" ] || sysctl -qw /sys/module/mptcp_rr/parameters/num_segments="$mptcp_rr_num_segments" + else + sysctl -qw net.mptcp.enabled="$multipath_status" + ip mptcp limits set add_addr_accepted $mptcp_add_addr_accepted subflows $mptcp_subflows 2>&1 >/dev/null + [ -z "$mptcp_add_addr_timeout" ] || sysctl -qw net.mptcp.add_addr_timeout="$mptcp_add_addr_timeout" + [ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.checksum_enabled="$mptcp_checksum" + fi [ -z "$congestion" ] || sysctl -qw net.ipv4.tcp_congestion_control="$congestion" - [ -z "$mptcp_checksum" ] || sysctl -qw net.mptcp.mptcp_checksum="$mptcp_checksum" - [ -z "$mptcp_debug" ] || sysctl -qw net.mptcp.mptcp_debug="$mptcp_debug" - [ -z "$mptcp_syn_retries" ] || sysctl -qw net.mptcp.mptcp_syn_retries="$mptcp_syn_retries" - [ -z "$mptcp_fullmesh_num_subflows" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/num_subflows="$mptcp_fullmesh_num_subflows" - [ -z "$mptcp_fullmesh_create_on_err" ] || sysctl -qw /sys/module/mptcp_fullmesh/parameters/create_on_err="$mptcp_fullmesh_create_on_err" - [ -z "$mptcp_ndiffports_num_subflows" ] || sysctl -qw /sys/module/mptcp_ndiffports/parameters/num_subflows="$mptcp_ndiffports_num_subflows" - [ -z "$mptcp_rr_cwnd_limited" ] || sysctl -qw /sys/module/mptcp_rr/parameters/cwnd_limited="$mptcp_rr_cwnd_limited" - [ -z "$mptcp_rr_num_segments" ] || sysctl -qw /sys/module/mptcp_rr/parameters/num_segments="$mptcp_rr_num_segments" } interface_macaddr_count() { diff --git a/mptcp/files/usr/bin/multipath b/mptcp/files/usr/bin/multipath index 896b169d2..62e029da5 100755 --- a/mptcp/files/usr/bin/multipath +++ b/mptcp/files/usr/bin/multipath @@ -12,8 +12,6 @@ if [ -d "/proc/sys/net/mptcp" ]; then fi else echo "Your device don't support multipath-TCP." - echo "You have to install the pached kernel to use MPTCP." - echo "See http://multipath-tcp.org/ for details" exit 1 fi @@ -22,7 +20,11 @@ case $1 in echo " Multipath-TCP configuration tool" echo "show/update flags:" echo " multipath [device]" - echo " multipath device {on | off | backup | handover}" + if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then + echo " multipath device {on | off | backup }" + else + echo " multipath device {on | off | signal | backup }" + fi echo echo "show established conections: -c" echo "show fullmesh info: -f" @@ -32,14 +34,21 @@ case $1 in echo "will allow a subflow to be established across this interface, but only be used" echo "as backup. Handover-flag indicates that his interface is not used at all (even " echo "no subflow being established), as long as there are other interfaces available." - echo "See http://multipath-tcp.org/ for details" echo exit 0 ;; "-c") - cat /proc/net/mptcp_net/mptcp + if [ -f /proc/net/mptcp_net/mptcp ]; then + cat /proc/net/mptcp_net/mptcp + else + ss -M + fi exit 0;; "-f") - cat /proc/net/mptcp_fullmesh + if [ -f /proc/net/mptcp_fullmesh ]; then + cat /proc/net/mptcp_fullmesh + else + ip mptcp endpoint | grep fullmesh + fi exit 0;; "-k") if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then @@ -65,7 +74,6 @@ case $1 in echo Debugmode: `cat /proc/sys/net/mptcp/mptcp_debug` fi echo - echo See http://multipath-tcp.org/ for details exit 0 ;; "") for ifpath in /sys/class/net/*; do @@ -128,7 +136,8 @@ else exit 0;; "signal") [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null - ip mptcp endpoint add $IP dev $DEVICE signal subflow fullmesh + #ip mptcp endpoint add $IP dev $DEVICE signal subflow fullmesh + ip mptcp endpoint add $IP dev $DEVICE signal exit 0;; "backup") [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index 4432da893..022951ded 100644 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -28,7 +28,7 @@ MY_DEPENDS := \ iperf3-ssl luci-app-iperf \ arptables \ bind-dig \ - libnetfilter-conntrack ebtables ebtables-utils ip-full \ + libnetfilter-conntrack ebtables ebtables-utils ip-full nstat \ iptables-mod-iface iptables-mod-ipmark iptables-mod-hashlimit iptables-mod-condition iptables-mod-trace iptables-mod-conntrack-extra iptables-mod-account \ kmod-nf-nat kmod-nf-nathelper kmod-nf-nathelper-extra iptables-mod-extra conntrack \ iptables-mod-ipsec kmod-crypto-authenc kmod-ipsec kmod-ipsec4 kmod-ipsec6 kmod-ipt-ipsec \ diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index 3104f2f74..2206fe064 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -221,6 +221,8 @@ _get_ss_redir() { [ "$cf_fast_open" = "1" ] && fast_open="true" config_get cf_no_delay $1 no_delay [ "$cf_no_delay" = "1" ] && no_delay="true" + config_get cf_mptcp $1 mptcp + [ "$cf_mptcp" = "1" ] && mptcp="true" } _get_ss_server() { @@ -253,10 +255,12 @@ _set_ss_server_vps() { current_obfs_type="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.obfs_type')" current_fast_open="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.fast_open')" current_no_delay="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.no_delay')" + current_mptcp="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.mptcp')" ebpf="false" fast_open="false" no_delay="false" + mptcp="false" obfs="false" obfs_plugin="v2ray" obfs_type="http" @@ -264,9 +268,9 @@ _set_ss_server_vps() { config_foreach _get_ss_redir ss_redir config_foreach _get_ss_server server - if [ "$current_obfs_plugin" != "$obfs_plugin" ] || [ "$current_obfs_type" != "$obfs_type" ] || [ "$current_port" != "$port" ] || [ "$current_method" != "$method" ] || [ "$current_key" != "$key" ] || [ "$current_ebpf" != "$ebpf" ] || [ "$current_obfs" != "$obfs" ] || [ "$current_fast_open" != "$fast_open" ] || [ "$current_no_delay" != "$no_delay" ]; then + if [ "$current_mptcp" != "$mptcp" ] || [ "$current_obfs_plugin" != "$obfs_plugin" ] || [ "$current_obfs_type" != "$obfs_type" ] || [ "$current_port" != "$port" ] || [ "$current_method" != "$method" ] || [ "$current_key" != "$key" ] || [ "$current_ebpf" != "$ebpf" ] || [ "$current_obfs" != "$obfs" ] || [ "$current_fast_open" != "$fast_open" ] || [ "$current_no_delay" != "$no_delay" ]; then local settings - settings='{"port": '$port',"method":"'$method'","fast_open":'$fast_open',"reuse_port":true,"no_delay":'$no_delay',"mptcp":true,"key":"'$key'","ebpf":'$ebpf',"obfs":'$obfs',"obfs_plugin":"'$obfs_plugin'","obfs_type":"'$obfs_type'"}' + settings='{"port": '$port',"method":"'$method'","fast_open":'$fast_open',"reuse_port":true,"no_delay":'$no_delay',"mptcp":'$mptcp',"key":"'$key'","ebpf":'$ebpf',"obfs":'$obfs',"obfs_plugin":"'$obfs_plugin'","obfs_type":"'$obfs_type'"}' _set_json "shadowsocks" "$settings" fi } @@ -736,7 +740,7 @@ _set_mptcp_vps() { syn_retries="$(uci -q get network.globals.mptcp_syn_retries)" congestion="$(uci -q get network.globals.congestion)" [ -z "$congestion" ] && congestion="bbr" - if [ "$mptcp_enabled_current" != "$mptcp_enabled" ] || [ "$checksum_current" != "$checksum" ] || [ "$path_manager_current" != "$path_manager" ] || [ "$scheduler_current" != "$scheduler" ] || [ "$syn_retries_current" != "$syn_retries" ] || [ "$congestion_control_current" != "$congestion" ]; then + if [ "$mptcp_enabled_current" != "$mptcp_enabled" ] || [ "$checksum_current" != "$checksum" ] || ([ "$path_manager_current" != "" ] && [ "$path_manager_current" != "$path_manager" ]) || ([ "$scheduler_current" != "" ] && [ "$scheduler_current" != "$scheduler" ]) || ([ "$syn_retries_current" != "" ] && [ "$syn_retries_current" != "$syn_retries" ]) || [ "$congestion_control_current" != "$congestion" ]; then settings='{"enabled" : "'$mptcp_enabled'", "checksum": "'$checksum'","path_manager": "'$path_manager'","scheduler": "'$scheduler'","syn_retries": "'$syn_retries'","congestion_control": "'$congestion'"}' echo $(_set_json "mptcp" "$settings") else @@ -1542,13 +1546,18 @@ _set_config_from_vps() { congestion="$(echo "$vps_config" | jsonfilter -q -e '@.network.congestion_control')" uci -q batch <<-EOF >/dev/null set network.globals.multipath=$mptcp_enabled - set network.globals.mptcp_path_manager=$mptcp_path_manager - set network.globals.mptcp_scheduler=$mptcp_scheduler set network.globals.mptcp_checksum=$mptcp_checksum - set network.globals.mptcp_syn_retries=$mptcp_syn_retries set network.globals.congestion=$congestion commit network EOF + if [ "$mptcp_path_manager" != "" ] && [ "$mptcp_scheduler" != "" ] && [ "$mptcp_syn_retries" != "" ]; then + uci -q batch <<-EOF >/dev/null + set network.globals.mptcp_path_manager=$mptcp_path_manager + set network.globals.mptcp_scheduler=$mptcp_scheduler + set network.globals.mptcp_syn_retries=$mptcp_syn_retries + commit network + EOF + fi # Check if server get an IPv6, if not disable IPv6 on OMR vps_ipv6_addr="$(echo "$vps_config" | jsonfilter -q -e '@.network.ipv6')"