mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-03-09 15:40:03 +00:00
Code Issues Releases Wiki Activity

Merge branch 'test' into develop

Browse source
This commit is contained in:
suyuan 2023-12-30 21:14:41 +08:00
commit dca54c8057
7 changed files with 119 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

14
luci-app-omr-bypass/htdocs/luci-static/resources/view/services/omr-bypass.js
View file

@ -48,10 +48,13 @@ return L.view.extend({
o = s.option(form.Value, 'name', _('Domain')); o = s.option(form.Value, 'name', _('Domain'));
o.rmempty = false; o.rmempty = false;
o = s.option(form.Flag, 'vpn', _('VPN on server'),_('Bypass using VPN configured on server.'));
o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used.')); o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used.'));
o.noaliases = true; o.noaliases = true;
o.noinactive = true; o.noinactive = true;
o.nocreate = true; o.nocreate = true;
o.depends('vpn', '0');
o = s.option(form.Value, 'note', _('Note')); o = s.option(form.Value, 'note', _('Note'));
o.rmempty = true; o.rmempty = true;
@ -78,10 +81,13 @@ return L.view.extend({
o = s.option(form.Value, 'ip', _('IP')); o = s.option(form.Value, 'ip', _('IP'));
o.rmempty = false; o.rmempty = false;
o = s.option(form.Flag, 'vpn', _('VPN on server'),_('Bypass using VPN configured on server.'));
o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used.')); o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used.'));
o.noaliases = true; o.noaliases = true;
o.noinactive = true; o.noinactive = true;
o.nocreate = true; o.nocreate = true;
o.depends('vpn', '0');
o = s.option(form.Value, 'note', _('Note')); o = s.option(form.Value, 'note', _('Note'));
o.rmempty = true; o.rmempty = true;
@ -199,10 +205,14 @@ return L.view.extend({
o = s.option(form.Value, 'asn', _('ASN')); o = s.option(form.Value, 'asn', _('ASN'));
o.rmempty = false; o.rmempty = false;
o = s.option(form.Flag, 'vpn', _('VPN on server'),_('Bypass using VPN configured on server.'));
o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used.')); o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used.'));
o.noaliases = true; o.noaliases = true;
o.noinactive = true; o.noinactive = true;
o.nocreate = true; o.nocreate = true;
o.depends('vpn', '0');
o = s.option(form.Value, 'note', _('Note')); o = s.option(form.Value, 'note', _('Note'));
o.rmempty = true; o.rmempty = true;
@ -255,10 +265,13 @@ return L.view.extend({
},this)); },this));
}; };
o = s.option(form.Flag, 'vpn', _('VPN on server'),_('Bypass using VPN configured on server.'));
o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used (or an other interface if master is down).')); o = s.option(widgets.DeviceSelect, 'interface', _('Interface'),_('When none selected, MPTCP master interface is used (or an other interface if master is down).'));
o.noaliases = true; o.noaliases = true;
o.noinactive = true; o.noinactive = true;
o.nocreate = true; o.nocreate = true;
o.depends('vpn', '0');
o = s.option(form.Value, 'note', _('Note')); o = s.option(form.Value, 'note', _('Note'));
o.rmempty = true; o.rmempty = true;
@ -278,6 +291,7 @@ return L.view.extend({
o = s.option(form.Flag, 'ndpi', _('Enable ndpi')); o = s.option(form.Flag, 'ndpi', _('Enable ndpi'));
o.default = o.enabled; o.default = o.enabled;
o.modalonly = true o.modalonly = true
o.depends('vpn', '0');
} }
return m.render(); return m.render();

63
omr-bypass/files/etc/init.d/omr-bypass
View file

@ -73,8 +73,8 @@ _bypass_domains() {
config_get enabled $1 enabled config_get enabled $1 enabled
config_get noipv6 $1 noipv6 config_get noipv6 $1 noipv6
config_get family $1 family config_get family $1 family
config_get vpn $1 vpn
[ -z "$intf" ] && intf="all" [ -z "$intf" ] && intf="all"
config_get vpn $1 vpn
[ "$vpn" = "1" ] && intf="srv_vpn1" [ "$vpn" = "1" ] && intf="srv_vpn1"
[ "$enabled" = "0" ] && return [ "$enabled" = "0" ] && return
[ -z "$domain" ] && return [ -z "$domain" ] && return
@ -391,6 +391,9 @@ _bypass_proto() {
config_get ndpi $1 ndpi config_get ndpi $1 ndpi
config_get noipv6 $1 noipv6 config_get noipv6 $1 noipv6
config_get family $1 family config_get family $1 family
config_get vpn $1 vpn
[ "$vpn" = "1" ] && intf="srv_vpn1"
[ "$enabled" = "0" ] && return [ "$enabled" = "0" ] && return
[ -z "$noipv6" ] && noipv6="0" [ -z "$noipv6" ] && noipv6="0"
[ -z "$family" ] && family="ipv4ipv6" [ -z "$family" ] && family="ipv4ipv6"
@ -400,7 +403,7 @@ _bypass_proto() {
[ -z "$intf" ] && intf="all" [ -z "$intf" ] && intf="all"
[ -z "$proto" ] && return [ -z "$proto" ] && return
if [ "$(uci -q get openmptcprouter.settings.ndpi)" != "0" ] && [ "$ndpi" != "0" ]; then if [ "$(uci -q get openmptcprouter.settings.ndpi)" != "0" ] && [ "$ndpi" != "0" ] && [ "$vpn" != "1" ]; then
if [ "$intf" = "all" ]; then if [ "$intf" = "all" ]; then
if [ "$family" = "ipv4" ] || [ "$family" = "ipv4ipv6" ]; then if [ "$family" = "ipv4" ] || [ "$family" = "ipv4ipv6" ]; then
$IPTABLESRESTORE -w --wait=60 --noflush <<-EOF $IPTABLESRESTORE -w --wait=60 --noflush <<-EOF
@ -487,6 +490,9 @@ _bypass_proto_without_ndpi() {
config_get ndpi $1 ndpi "0" config_get ndpi $1 ndpi "0"
config_get noipv6 $1 noipv6 config_get noipv6 $1 noipv6
config_get family $1 family config_get family $1 family
config_get vpn $1 vpn
[ "$vpn" = "1" ] && intf="srv_vpn1"
[ "$enabled" = "0" ] && return [ "$enabled" = "0" ] && return
[ -z "$noipv6" ] && noipv6="0" [ -z "$noipv6" ] && noipv6="0"
[ -z "$family" ] && family="ipv4ipv6" [ -z "$family" ] && family="ipv4ipv6"
@ -496,22 +502,32 @@ _bypass_proto_without_ndpi() {
[ -z "$intf" ] && intf="all" [ -z "$intf" ] && intf="all"
[ -z "$proto" ] && return [ -z "$proto" ] && return
if [ "$(uci -q get openmptcprouter.settings.ndpi)" == "0" ] || [ "$ndpi" == "0" ]; then if [ "$(uci -q get openmptcprouter.settings.ndpi)" == "0" ] || [ "$ndpi" == "0" ] || [ "$vpn" = "1" ]; then
ALLIPS=$(sqlite3 /usr/share/omr-bypass/omr-bypass.db "select ip from ipproto where proto=\"$proto\";" ".exit") ALLIPS=$(sqlite3 /usr/share/omr-bypass/omr-bypass.db "select ip from ipproto where proto=\"$proto\";" ".exit")
if [ -n "$ALLIPS" ]; then if [ -n "$ALLIPS" ]; then
ipset -q flush bypass_$proto > /dev/null 2>&1 if [ "$vpn" != "1" ]; then
ipset -q flush bypass6_$proto > /dev/null 2>&1 ipset -q flush bypass_$proto > /dev/null 2>&1
ipset -q --exist restore <<-EOF ipset -q flush bypass6_$proto > /dev/null 2>&1
create bypass_$proto hash:net hashsize 64 ipset -q --exist restore <<-EOF
create bypass6_$proto hash:net family inet6 hashsize 64 create bypass_$proto hash:net hashsize 64
EOF create bypass6_$proto hash:net family inet6 hashsize 64
EOF
fi
for ip in $ALLIPS; do for ip in $ALLIPS; do
valid_ip4=$( valid_subnet4 $ip) valid_ip4=$( valid_subnet4 $ip)
valid_ip6=$( valid_subnet6 $ip) valid_ip6=$( valid_subnet6 $ip)
if [ "$valid_ip4" = "ok" ]; then if [ "$valid_ip4" = "ok" ]; then
ipset -q add bypass_$proto $ip if [ "$vpn" != "1" ]; then
ipset -q add bypass_$proto $ip
else
ipset -q add omr_dst_bypass_$intf $ip
fi
elif [ "$valid_ip6" = "ok" ]; then elif [ "$valid_ip6" = "ok" ]; then
ipset -q add bypass6_$proto $ip if [ "$vpn" != "1" ]; then
ipset -q add bypass6_$proto $ip
else
ipset -q add omr6_dst_bypass_$intf $ip
fi
fi fi
done done
if [ "$intf" = "all" ]; then if [ "$intf" = "all" ]; then
@ -531,7 +547,7 @@ _bypass_proto_without_ndpi() {
COMMIT COMMIT
EOF EOF
fi fi
else elif [ "$vpn" != "1" ]; then
if [ "$family" = "ipv4" ] || [ "$family" = "ipv4ipv6" ]; then if [ "$family" = "ipv4" ] || [ "$family" = "ipv4ipv6" ]; then
$IPTABLESRESTORE -w --wait=60 --noflush <<-EOF $IPTABLESRESTORE -w --wait=60 --noflush <<-EOF
*mangle *mangle
@ -1025,6 +1041,12 @@ start_service() {
-A PREROUTING -j omr-bypass6 -A PREROUTING -j omr-bypass6
COMMIT COMMIT
EOF EOF
$IP6TABLESRESTORE -w --wait=60 --noflush <<-EOF
*mangle
:omr-bypass6-local -
-A OUTPUT -m addrtype ! --dst-type LOCAL -j omr-bypass6-local
COMMIT
EOF
fi fi
config_load network config_load network
@ -1080,7 +1102,22 @@ start_service() {
COMMIT COMMIT
EOF EOF
fi fi
if [ "$disableipv6" = "0" ]; then
if [ "$($IP6TABLES --wait=40 -t mangle -L -n | grep 'match-set omr6_dst_bypass_all dst MARK set')" = "" ]; then
$IP6TABLESRESTORE -w --wait=60 --noflush <<-EOF
*mangle
-A omr-bypass6 -m set --match-set omr6_dst_bypass_all dst -j MARK --set-mark 0x539
-A omr-bypass6 -m mark --mark 0x539 -j RETURN
COMMIT
EOF
$IP6TABLESRESTORE -w --wait=60 --noflush <<-EOF
*mangle
-A omr-bypass6-local -m set --match-set omr6_dst_bypass_all dst -j MARK --set-mark 0x539
-A omr-bypass6-local -m mark --mark 0x539 -j RETURN
COMMIT
EOF
fi
fi
config_load shadowsocks-libev config_load shadowsocks-libev
config_foreach _ss_rules_config config_foreach _ss_rules_config
config_load shadowsocks-rust config_load shadowsocks-rust

26
omr-bypass/files/usr/share/omr-bypass/omr-bypass-proto.lst
View file

@ -6,6 +6,7 @@ adultcontent
alibaba alibaba
amazon amazon
amazonalexa amazonalexa
amazon_aws
amazonaws amazonaws
amazonvideo amazonvideo
anydesk anydesk
@ -16,6 +17,7 @@ applepush
applesiri applesiri
applestore applestore
appletvplus appletvplus
avast
azure azure
badoo badoo
bittorrent bittorrent
@ -38,20 +40,24 @@ doh_dot
dropbox dropbox
eaq eaq
ebay ebay
edgecast
epicgames
ethereum
facebook facebook
fbookreelstory fbookreelstory
fuze fuze
geforcenow
github github
gitlab gitlab
gmail gmail
google google
googleclassroom googleclassroom
google_cloud
googlecloud googlecloud
googledocs googledocs
googledrive googledrive
googlehangout googlehangout
googlemaps googlemaps
googleplus
googleservices googleservices
goto goto
hbo hbo
@ -69,15 +75,22 @@ linkedin
livestream livestream
messenger messenger
microsoft microsoft
microsoft_365
microsoft365 microsoft365
microsoft_azure
ms_one_drive
ms_onedrive ms_onedrive
ms_outlook
mullvad
netflix netflix
nintendo nintendo
ntop ntop
nvidia
ocs ocs
ocsp ocsp
ookla ookla
opendns opendns
operavpn
outlook outlook
pandora pandora
pastebin pastebin
@ -86,15 +99,17 @@ playstation
playstore playstore
pluralsight pluralsight
ppstream ppstream
protonvpn
psiphon psiphon
qq qq
reddit reddit
riotgames riotgames
roblox
salesforce salesforce
showtime showtime
signal signal
sina sina
sina(weibo) sinaweibo
siriusxmradio siriusxmradio
skype_teams skype_teams
slack slack
@ -102,13 +117,17 @@ snapchat
softether softether
soundcloud soundcloud
spotify spotify
starcraft
steam steam
syncthing syncthing
tailscale tailscale
teams teams
teamviewer teamviewer
telegram telegram
tencent
tencentvideo tencentvideo
teslaservices
threema
tidal tidal
tiktok tiktok
tor tor
@ -137,6 +156,7 @@ xbox
xiaomi xiaomi
yahoo yahoo
yandex yandex
yandex_cloud
yandexcloud yandexcloud
yandexdirect yandexdirect
yandexdisk yandexdisk
@ -147,4 +167,4 @@ yandexmusic
youtube youtube
youtubeupload youtubeupload
zattoo zattoo
zoom zoom

BIN
omr-bypass/files/usr/share/omr-bypass/omr-bypass.db
View file

Binary file not shown.

9
omr-tracker/files/bin/omr-tracker-server
View file

@ -37,6 +37,11 @@ _check_server() {
done done
} }
_disable_current() {
local serv=$1
config_set $serv current "0"
}
_disable_redir() { _disable_redir() {
local redir=$1 local redir=$1
config_get server $redir server config_get server $redir server
@ -86,6 +91,8 @@ _check_master() {
set shadowsocks-rust.sss${count}.server=$ip set shadowsocks-rust.sss${count}.server=$ip
EOF EOF
if [ "$count" -eq "0" ]; then if [ "$count" -eq "0" ]; then
config_load openmptcprouter
config_foreach _disable_current server
uci -q batch <<-EOF >/dev/null uci -q batch <<-EOF >/dev/null
set xray.omrout.s_vmess_address=$ip set xray.omrout.s_vmess_address=$ip
set xray.omrout.s_vless_address=$ip set xray.omrout.s_vless_address=$ip
@ -225,6 +232,8 @@ _check_backup() {
set shadowsocks-rust.sss${count}.server=$ip set shadowsocks-rust.sss${count}.server=$ip
EOF EOF
if [ "$count" -eq "0" ]; then if [ "$count" -eq "0" ]; then
config_load openmptcprouter
config_foreach _disable_current server
uci -q batch <<-EOF >/dev/null uci -q batch <<-EOF >/dev/null
set xray.omrout.s_vmess_address=$ip set xray.omrout.s_vmess_address=$ip
set xray.omrout.s_vless_address=$ip set xray.omrout.s_vless_address=$ip

4
openmptcprouter-api/files/usr/libexec/rpcd/openmptcprouter
View file

@ -870,9 +870,10 @@ function interfaces_status()
ucic:foreach("openmptcprouter", "server", function(s) ucic:foreach("openmptcprouter", "server", function(s)
local serverips = uci:get("openmptcprouter",s[".name"],"ip") or { "" } local serverips = uci:get("openmptcprouter",s[".name"],"ip") or { "" }
local master = uci:get("openmptcprouter",s[".name"],"master") or "1" local master = uci:get("openmptcprouter",s[".name"],"master") or "1"
local current = uci:get("openmptcprouter",s[".name"],"current") or "0"
for key, value in pairs(serverips) do for key, value in pairs(serverips) do
serverip = value serverip = value
if serverip ~= "" and (master == "1" or mArray.openmptcprouter["wan_addr"] == serverip or mArray.openmptcprouter["wan_addr6"] == serverip) and mArray.openmptcprouter["vps_admin"] == false then if serverip ~= "" and (current == "1" or mArray.openmptcprouter["wan_addr"] == serverip or mArray.openmptcprouter["wan_addr6"] == serverip) and mArray.openmptcprouter["vps_admin"] == false then
mArray.openmptcprouter["vps_omr_version"] = uci:get("openmptcprouter", s[".name"], "omr_version") or "" mArray.openmptcprouter["vps_omr_version"] = uci:get("openmptcprouter", s[".name"], "omr_version") or ""
mArray.openmptcprouter["vps_kernel"] = uci:get("openmptcprouter",s[".name"],"kernel") or "" mArray.openmptcprouter["vps_kernel"] = uci:get("openmptcprouter",s[".name"],"kernel") or ""
mArray.openmptcprouter["vps_machine"] = uci:get("openmptcprouter",s[".name"],"machine") or "" mArray.openmptcprouter["vps_machine"] = uci:get("openmptcprouter",s[".name"],"machine") or ""
@ -980,6 +981,7 @@ function interfaces_status()
else else
mArray.openmptcprouter["vps_admin"] = false mArray.openmptcprouter["vps_admin"] = false
mArray.openmptcprouter["vps_admin_error_msg"] = "No token yet available" mArray.openmptcprouter["vps_admin_error_msg"] = "No token yet available"
uci:set("openmptcprouter",s[".name"],"token_error","1")
end end
if mArray.openmptcprouter["vps_admin"] == false then if mArray.openmptcprouter["vps_admin"] == false then
if mArray.openmptcprouter["service_addr_ip"] ~= "" then if mArray.openmptcprouter["service_addr_ip"] ~= "" then

23
openmptcprouter/files/etc/init.d/openmptcprouter-vps
View file

@ -1,12 +1,12 @@
#!/bin/sh /etc/rc.common #!/bin/sh /etc/rc.common
# Copyright (C) 2018-2019 Ycarus (Yannick Chabanois) <ycarus@zugaina.org> # Copyright (C) 2018-2023 Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
# Released under GPL 3. See LICENSE for the full terms. # Released under GPL 3. See LICENSE for the full terms.
START=99 START=99
USE_PROCD=1 USE_PROCD=1
EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key set_gre_tunnel token" EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key set_gre_tunnel token set_bypass_ips"
. /usr/lib/unbound/iptools.sh . /usr/lib/unbound/iptools.sh
@ -944,6 +944,22 @@ _set_lan_ip() {
fi fi
} }
_set_bypass_ips() {
local settings
[ -z "$servername" ] && servername=$1
bypassipv4s=$(ipset -q -o save list omr_dst_bypass_srv_vpn1 | awk '/add/ NF {print "\""$3"\""}' | tr '\n' ',' | sed 's/,$//')
bypassipv6s=$(ipset -q -o save list omr6_dst_bypass_srv_vpn1 | awk '/add/ NF {print "\""$3"\""}' | tr '\n' ',' | sed 's/,$//')
if [ "$bypassipv4s" != "" ] || [ "$bypassipv6s" != "" ]; then
settings='{"ipv4s" : ['$bypassipv4s'],"ipv6s" : ['$bypassipv6s'],"intf" : "vpn1"}'
result=$(_set_json "bypass" "$settings")
fi
}
set_bypass_ips() {
config_load openmptcprouter
config_foreach _set_bypass_ips server
}
_set_vpn_ip() { _set_vpn_ip() {
local settings local settings
[ -z "$vps_config" ] && vps_config=$(_get_json "config") [ -z "$vps_config" ] && vps_config=$(_get_json "config")
@ -997,7 +1013,7 @@ _set_client2client() {
c2cid=$((c2cid+1)) c2cid=$((c2cid+1))
targetip=$(echo $lanip | awk -F '/' '{print $1}' | tr -d "\n") targetip=$(echo $lanip | awk -F '/' '{print $1}' | tr -d "\n")
netmask=$(echo $lanip | awk -F '/' '{print $2}' | tr -d "\n") netmask=$(echo $lanip | awk -F '/' '{print $2}' | tr -d "\n")
target=$(ipcalc.sh $targetip $netmask | grep NETWORK | awk -F '=' '{print $2}' | tr -d "\n") target=$(ipcalc.sh $targetip/$netmask | grep NETWORK | awk -F '=' '{print $2}' | tr -d "\n")
uci -q batch <<-EOF >/dev/null uci -q batch <<-EOF >/dev/null
set network.omr_client2client_${c2cid}=route set network.omr_client2client_${c2cid}=route
set network.omr_client2client_${c2cid}.interface=omrvpn set network.omr_client2client_${c2cid}.interface=omrvpn
@ -2264,6 +2280,7 @@ _config_service() {
config_foreach _get_lan_ip interface config_foreach _get_lan_ip interface
_set_lan_ip _set_lan_ip
_set_sipalg _set_sipalg
_set_bypass_ips
config_foreach _delete_client2client route config_foreach _delete_client2client route
if [ "$(uci -q get openmptcprouter.settings.vpn)" != "openvpn" ] && [ "$(echo "$vps_config" | jsonfilter -q -e '@.client2client.enabled')" == "true" ]; then if [ "$(uci -q get openmptcprouter.settings.vpn)" != "openvpn" ] && [ "$(echo "$vps_config" | jsonfilter -q -e '@.client2client.enabled')" == "true" ]; then
_set_client2client _set_client2client