mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-02-12 10:31:51 +00:00
Code Issues Releases Wiki Activity

New interface for Glorytun UDP VPN

Browse source
This commit is contained in:
Ycarus (Yannick Chabanois) 2020-12-03 11:23:57 +01:00
parent 9ceaa526a5
commit e4103cea03
8 changed files with 239 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
glorytun-udp/init
View file

@ -1,7 +1,7 @@
#!/bin/sh /etc/rc.common #!/bin/sh /etc/rc.common
# vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 : # vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 :
# Copyright (C) 2015 ovh.com # Copyright (C) 2015 ovh.com
# Copyright (C) 2017 Ycarus (Yannick Chabanois) <ycarus@zugaina.org> # Copyright (C) 2017-2020 Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
START=90 START=90
STOP=10 STOP=10
@ -19,22 +19,20 @@ _err() {
} }
validate_section() { validate_section() {
uci_validate_section glorytun glorytun "${1}" \ uci_validate_section glorytun-udp glorytun-udp "${1}" \
'enable:bool:0' \ 'enable:bool:0' \
'mode:string' \
'key:string' \ 'key:string' \
'host:host' \ 'host:host' \
'port:port' \ 'port:port' \
'proto:string' \ 'proto:string' \
'bind:string:0.0.0.0' \
'bindport:port' \
'mtu:uinteger:1450' \
'mtuauto:bool:0' \ 'mtuauto:bool:0' \
'chacha20:bool:0' \ 'chacha:bool:0' \
'dev:string' 'dev:string'
} }
start_instance() { start_instance() {
local enable key host port listener proto bind bindport mtu mtuauto chacha20 dev local enable key host port listener proto mtuauto chacha dev mode
validate_section "${1}" || { validate_section "${1}" || {
_err "validation failed" _err "validation failed"
@ -42,12 +40,12 @@ start_instance() {
} }
[ "${enable}" = "1" ] || return 1 [ "${enable}" = "1" ] || return 1
[ "${proto}" = "udp" ] || return 1
[ -n "${key}" ] || return 1 [ -n "${key}" ] || return 1
[ "${key}" != "secretkey" ] || return 1 [ "${key}" != "secretkey" ] || return 1
[ -n "${port}" ] || return 1 [ -n "${port}" ] || return 1
[ -n "${dev}" ] || return 1 [ -n "${dev}" ] || return 1
[ -n "${mode}" ] || return 1
echo "${key}" > /tmp/${PROG_NAME}-${1}.key echo "${key}" > /tmp/${PROG_NAME}-${1}.key
key="" key=""
@ -62,15 +60,13 @@ start_instance() {
procd_open_instance procd_open_instance
procd_set_param command ${PROG} \ procd_set_param command ${PROG} \
${bind:+bind from "$bind"} \ ${host:+bind ${mode} addr "$host"} \
${bindport:+port "$bindport"} \
${host:+to addr "$host"} \
${port:+port "$port"} \ ${port:+port "$port"} \
${dev:+dev "$dev"} \ ${dev:+dev "$dev"} \
keyfile /tmp/${PROG_NAME}-${1}.key \ keyfile /tmp/${PROG_NAME}-${1}.key \
persist persist
[ "${chacha20}" = "1" ] && procd_append_param command chacha [ "${chacha}" = "1" ] && procd_append_param command chacha
procd_set_param respawn 0 30 0 procd_set_param respawn 0 30 0
procd_set_param file /tmp/${PROG_NAME}-${1}.key procd_set_param file /tmp/${PROG_NAME}-${1}.key
@ -104,8 +100,8 @@ add_glorytun_path() {
start_service() { start_service() {
local dev local dev
config_load glorytun config_load glorytun-udp
config_foreach start_instance glorytun config_foreach start_instance glorytun-udp
} }
reload_service() { reload_service() {

16
luci-app-glorytun-udp/Makefile Normal file
View file

@ -0,0 +1,16 @@
#
# Copyright (C) 2018-2020 Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
#
#
include $(TOPDIR)/rules.mk
LUCI_TITLE:=LuCI Interface to Glorytun UDP
LUCI_DEPENDS:=+glorytun-udp
PKG_LICENSE:=GPLv3
#include ../luci/luci.mk
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

104
luci-app-glorytun-udp/htdocs/luci-static/resources/view/services/glorytun-udp.js Normal file
View file

@ -0,0 +1,104 @@
'use strict';
'require rpc';
'require poll';
'require form';
'require fs';
'require uci';
'require tools.widgets as widgets';
var callHostHints;
var callServiceList = rpc.declare({
object: 'service',
method: 'list',
params: [ 'name' ],
expect: { '': {} }
});
return L.view.extend({
callHostHints: rpc.declare({
object: 'luci-rpc',
method: 'getHostHints',
expect: { '': {} }
}),
load: function() {
return this.callHostHints();
},
render: function(hosts) {
var m, s, o;
m = new form.Map('glorytun-udp', _('Glorytun UDP'));
s = m.section(form.GridSection, 'glorytun-udp', _('Instances'));
s.addremove = true;
s.anonymous = true;
s.nodescriptions = true;
s.tab('general', _('General Settings'));
s.tab('advanced', _('Advanced Settings'));
o = s.taboption('general', form.Flag, 'enable', _('Enabled'));
o.default = o.enabled;
o = s.taboption('general', form.ListValue, 'mode', _('Mode'));
o.value('to',_('Client'));
o.value('from',_('Server'));
o.modalonly = true;
o = s.taboption('general', form.Value, 'host', _('Host'));
o.rmempty = false;
o = s.taboption('general', form.Value, 'port', _('Port'));
o.rmempty = false;
o = s.taboption('general', form.Value, 'key', _('Key'));
o.rmempty = false;
o.modalonly = true;
o = s.taboption('general', form.Value, 'dev', _('Interface name'));
o.rmempty = false;
o.modalonly = true;
o = s.taboption('general', form.Value, 'localip', _('Local IP'));
o.datatype = 'or(ip4addr,ip6addr)';
o.rmempty = false;
o = s.taboption('general', form.Value, 'remoteip', _('Remote IP'));
o.datatype = 'or(ip4addr,ip6addr)';
o.rmempty = false;
o = s.taboption('advanced', form.Flag, 'persist', _('Persist'), _('Keep the tunnel device after exiting'));
o.default = o.enabled;
o.modalonly = true;
o = s.taboption('advanced', form.Flag, 'chacha', _('chacha'), _('Force fallback cipher'));
o.default = o.enabled;
o.modalonly = true;
o = s.taboption('advanced', form.Value, 'kxtimeout', _('Key rotation timeout'));
o.default = '7d';
o.rmempty = false;
o.modalonly = true;
o = s.taboption('advanced', form.Value, 'timetolerance', _('Clock sync tolerance'));
o.default = '10m';
o.rmempty = false;
o.modalonly = true;
o = s.taboption('advanced', form.Value, 'keepalive', _('Keep alive timeout'));
o.default = '25s';
o.rmempty = false;
o.modalonly = true;
o = s.taboption('advanced', form.Flag, 'auto', _('Dynamic rate detection'));
o.rmempty = false;
o.modalonly = true;
o = s.taboption('general',form.Value, 'label', _('Label'));
o.rmempty = true;
return m.render();
}
});

10
luci-app-glorytun-udp/root/etc/config/glorytun-udp Normal file
View file

@ -0,0 +1,10 @@
config glorytun-udp 'vpn'
option enable '0'
option host '127.0.0.1'
option port '65001'
option dev 'tun0'
option key ''
option chacha '1'
option localip '10.255.254.2'
option remoteip '10.255.254.1'
option mode 'to'

28
luci-app-glorytun-udp/root/etc/hotplug.d/iface/30-glorytun-udp Normal file
View file

@ -0,0 +1,28 @@
#!/bin/sh
#
# Load the glorytun config
#
# Author: Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
# Released under GPL 3 or later
[ "$ACTION" = ifup -o "$ACTION" = ifupdate ] || exit 0
. /lib/functions.sh
. /lib/functions/network.sh
set_default() {
local localip
local remoteip
local config="$1"
local iface
config_get enable "$config" enable
config_get iface "$config" dev
[ "$iface" = "$DEVICE" ] && [ "$enable" = "1" ] && {
config_get localip "$config" localip
config_get remoteip "$config" remoteip
[ "$remoteip" != "" ] && [ "$localip" != "" ] && ifconfig $DEVICE $localip pointopoint $remoteip up
}
}
config_load glorytun-udp
config_foreach set_default glorytun-udp

47
luci-app-glorytun-udp/root/etc/uci-defaults/1201-luci-glorytun-udp Normal file
View file

@ -0,0 +1,47 @@
#!/bin/sh
uci -q batch <<-EOF >/dev/null
delete glorytun-udp[-1]
add ucitrack glorytun-udp
set ucitrack.@glorytun-udp[-1].init=glorytun-udp
commit ucitrack
EOF
if [ "$(uci -q get network.glorytun-udp)" = "" ] && [ "$(uci -q get network.omrvpn)" = "" ]; then
uci -q batch <<-EOF >/dev/null
delete network.glorytun-udp
set network.glorytun-udp=interface
set network.glorytun-udp.ifname=tun0
set network.glorytun-udp.proto=dhcp
set network.glorytun-udp.ip4table=vpn
set network.glorytun-udp.multipath=off
set network.glorytun-udp.leasetime=12h
commit network
EOF
fi
if [ "$(uci -q show firewall | grep glorytun-udp)" = "" ] && [ "$(uci -q get network.omrvpn)" = "" ]; then
uci -q batch <<-EOF >/dev/null
set firewall.zone_vpn=zone
set firewall.zone_vpn.name=vpn
set firewall.zone_vpn.network=glorytun-udp
set firewall.zone_vpn.masq=1
set firewall.zone_vpn.input=REJECT
set firewall.zone_vpn.forward=ACCEPT
set firewall.zone_vpn.output=ACCEPT
commit firewall
EOF
fi
if [ "$(uci -q show firewall | grep Allow-All-LAN-to-VPN)" = "" ]; then
uci -q batch <<-EOF >/dev/null
add firewall rule
set firewall.@rule[-1].enabled='1'
set firewall.@rule[-1].target='ACCEPT'
set firewall.@rule[-1].name='Allow-All-LAN-to-VPN'
set firewall.@rule[-1].dest='vpn'
set firewall.@rule[-1].src='lan'
commit firewall
EOF
fi
rm -f /tmp/luci-indexcache
exit 0

13
luci-app-glorytun-udp/root/usr/share/luci/menu.d/luci-app-glorytun-udp.json Normal file
View file

@ -0,0 +1,13 @@
{
"admin/vpn/glorytun-udp": {
"title": "Glorytun UDP",
"order": 60,
"action": {
"type": "view",
"path": "services/glorytun-udp"
},
"depends": {
"acl": [ "luci-app-glorytun-udp" ]
}
}
}

11
luci-app-glorytun-udp/root/usr/share/rpcd/acl.d/luci-app-glorytun-udp.json Normal file
View file

@ -0,0 +1,11 @@
{
"luci-app-glorytun-udp": {
"description": "Grant access to glorytun UDP",
"read": {
"uci": [ "glorytun-udp" ]
},
"write": {
"uci": [ "glorytun-udp" ]
}
}
}