sync (#390)

luci-app-mptcp/luasrc/controller/mptcp.lua

@@ -1,19 +1,19 @@
 -- Copyright 2008 Steven Barth <steven@midlink.org>
 -- Copyright 2011 Jo-Philipp Wich <jow@openwrt.org>
--- Copyright 2018 Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
+-- Copyright 2018-2023 Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
 -- Licensed to the public under the Apache License 2.0.
 
 module("luci.controller.mptcp", package.seeall)
 
-local uname = nixio.uname()
 
 function index()
+	local uname = nixio.uname()
 	entry({"admin", "network", "mptcp"}, alias("admin", "network", "mptcp", "settings"), _("MPTCP"))
 	entry({"admin", "network", "mptcp", "settings"}, cbi("mptcp"), _("Settings"),2).leaf = true
 	entry({"admin", "network", "mptcp", "bandwidth"}, template("mptcp/multipath"), _("Bandwidth"), 3).leaf = true
 	entry({"admin", "network", "mptcp", "multipath_bandwidth"}, call("multipath_bandwidth")).leaf = true
 	entry({"admin", "network", "mptcp", "interface_bandwidth"}, call("interface_bandwidth")).leaf = true
-	if uname.release:sub(1,1) == "5" then
+	if uname ~= nil and uname.release:sub(1,1) == "5" then
 		entry({"admin", "network", "mptcp", "mptcp_check"}, template("mptcp/mptcp_check"), _("MPTCP Support Check"), 4).leaf = true
 	end
 	entry({"admin", "network", "mptcp", "mptcp_check_trace"}, post("mptcp_check_trace")).leaf = true

luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua

@@ -915,7 +915,8 @@ function wizard_add()
 		ucic:set("xray","omrout","s_vless_reality_user_security","none")
 		ucic:set("xray","omrout","s_trojan_user_security","none")
 		ucic:set("xray","omrout","s_socks_user_security","none")
-		ucic:set("xray","omrout","s_shadowsocks_method","none")
+		--ucic:set("xray","omrout","s_shadowsocks_method","none")
+		ucic:set("xray","omrout","s_shadowsocks_method","2022-blake3-aes-256-gcm")
 	elseif encryption == "aes-256-gcm" then
 		ucic:set("openmptcprouter","settings","encryption","aes-256-gcm")
 		ucic:set("shadowsocks-libev","sss0","method","aes-256-gcm")
@@ -974,6 +975,7 @@ function wizard_add()
 		ucic:set("xray","omrout","s_trojan_user_security","chacha20-poly1305")
 		ucic:set("xray","omrout","s_socks_user_security","chacha20-poly1305")
 		ucic:set("xray","omrout","s_shadowsocks_method","2022-blake3-chacha20-poly1305")
+		--ucic:set("xray","omrout","s_shadowsocks_method","2022-blake3-aes-256-gcm")
 		--ucic:set("shadowsocks-rust","sss0","method","2022-blake3-chacha20-poly1305")
 		--ucic:set("shadowsocks-rust","sss1","method","2022-blake3-chacha20-poly1305")
 		ucic:set("shadowsocks-rust","sss0","method","2022-blake3-aes-256-gcm")

mptcp/files/usr/share/omr/post-tracking.d/010-services

@@ -33,10 +33,16 @@ if [ "$(pgrep -f dnsmasq)" = "" ] && [ -f /etc/init.d/dnsmasq ]; then
 	/etc/init.d/dnsmasq restart 2>&1 >/dev/null
 	sleep 5
 fi
-if [ "$(pgrep -f unbound)" = "" ] && [ -f /etc/init.d/unbound ] && [ "$(uci -q get unbound.@unbound[0].enabled)" = "1" ]; then
-	_log "Can't find unbound, restart it..."
-	/etc/init.d/unbound restart 2>&1 >/dev/null
-	sleep 5
+if [ -f /etc/init.d/unbound ] && [ "$(uci -q get unbound.@unbound[0].enabled)" = "1" ]; then
+	if [ "$(pgrep -f unbound)" = "" ]; then
+		_log "Can't find unbound, restart it..."
+		/etc/init.d/unbound restart 2>&1 >/dev/null
+		sleep 5
+	elif [ "$(uci -q get openmptcprouter.settings.external_check)" != "0" ] && [ "$(uci -q get unbound.ub_main.listen_port)" = "5353" ] && [ -n "$(dig +timeout=4 +tries=1 openmptcprouter.com -p 5353 | grep 'ANSWER: 0')" ]; then
+		_log "Can't resolve via unbound, restart it..."
+		/etc/init.d/unbound restart 2>&1 >/dev/null
+		sleep 5
+	fi
 fi
 
 if [ "$(pgrep openvpn)" = "" ] && [ -f /etc/init.d/openvpn ]; then

openmptcprouter-api/files/usr/libexec/rpcd/openmptcprouter

@@ -789,7 +789,10 @@ function interfaces_status()
 	-- dns
 	mArray.openmptcprouter["dns"] = false
 	local timeout = uci:get("openmptcprouter","settings","status_getip_timeout") or "1"
-	local dns_test = sys.exec("dig +timeout=" .. timeout .. " +tries=1 openmptcprouter.com | grep 'ANSWER: 0'")
+	local dns_test =  ""
+	if uci:get("openmptcprouter","settings","external_check") ~= "0" then
+		dns_test = sys.exec("dig +timeout=" .. timeout .. " +tries=1 openmptcprouter.com | grep 'ANSWER: 0'")
+	end
 	if dns_test == "" then
 		mArray.openmptcprouter["dns"] = true
 	end

openmptcprouter-full/Makefile

@@ -85,7 +85,7 @@ MY_DEPENDS := \
     (LINUX_5_15||LINUX_6_1):mptcpd (TARGET_x86||TARGET_x86_64):kmod-igc !TARGET_mvebu:kmod-mmc-spi kmod-macsec usbutils v2ray-core syslogd \
     (TARGET_x86||TARGET_x86_64):kmod-mlx4-core \
     !(TARGET_ips40xx||TARGET_ramips):iptables-mod-ndpi !(TARGET_ips40xx||TARGET_ramips):kmod-ipt-ndpi libip4tc libip6tc \
-    xray-core shadowsocks-rust-sslocal shadowsocks-rust-ssservice shadowsocks-rust-config luci-app-shadowsocks-rust (LINUX_5_4&&(TARGET_x86_64||aarch64)):kmod-tcp-bbr2
+    xray-core shadowsocks-rust-sslocal shadowsocks-rust-ssservice shadowsocks-rust-config luci-app-shadowsocks-rust (LINUX_5_4&&(TARGET_x86_64||aarch64)):kmod-tcp-bbr2 kmod-ovpn-dco-v2
 #    !TARGET_mvebu:kmod-usb-net-smsc75xx
 #    libnetfilter-conntrack ebtables ebtables-utils ip-full nstat \
 

openmptcprouter/files/bin/omr-test-speed

@@ -13,9 +13,10 @@ if [ "$1" = "fasttest" ]; then
 fi
 for i in $@; do :; done
 INTERFACE="$i"
+[ "$INTERFACE" = "forcevps" ] || [ "$INTERFACE" = "fasttest" ] && INTERFACE=""
 
 [ -n "$INTERFACE" ] && [ ! -d "/sys/class/net/$INTERFACE" ] && {
-	echo "You must use a real interface. You wan find them using 'ip a' for example"
+	echo "You must use a real interface. You wan find them using 'ip a' for example (not $INTERFACE)"
 	exit 0
 }
 
@@ -41,7 +42,12 @@ done
 [ "$FASTTEST" = true ] || echo "Best server is $HOST, running test:"
 trap : HUP INT TERM
 if [ -z "$INTERFACE" ]; then
-	curl -4 -o /dev/null $HOST || echo
+	if [ "$FASTTEST" = true ]; then 
+		avg_speed=$(curl -4 --max-time 10 -o /dev/null -qfsS -w '%{speed_download}' $HOST 2>/dev/null)
+		echo "$avg_speed"
+	else
+		curl -4 -o /dev/null $HOST || echo
+	fi
 else
 	[ -n "$(tc qdisc show dev $INTERFACE | grep ingress)" ] && /etc/init.d/sqm stop $INTERFACE
 	domain=$(echo $HOST | awk -F/ '{print $3}')

openmptcprouter/files/bin/omr-test-speedv6

@@ -1,5 +1,4 @@
 #!/bin/sh
-#!/bin/sh
 # (c) Yannick Chabanois (ycarus@zugaina.org) for OpenMPTCProuter
 #
 #
@@ -14,6 +13,7 @@ if [ "$1" = "fasttest" ]; then
 fi
 for i in $@; do :; done
 INTERFACE="$i"
+[ "$INTERFACE" = "forcevps" ] || [ "$INTERFACE" = "fasttest" ] && INTERFACE=""
 
 [ -n "$INTERFACE" ] && [ ! -d "/sys/class/net/$INTERFACE" ] && {
 	echo "You must use a real interface. You wan find them using 'ip a' for example"

openmptcprouter/files/etc/init.d/openmptcprouter-vps

@@ -353,6 +353,7 @@ _set_xray_server_vps() {
 	enabled=$(uci -q get xray.main.enabled)
 	userid=$(uci -q get xray.omrout.s_vless_user_id)
 	protocol=$(uci -q get xray.omrout.protocol)
+	ss_method=$(uci -q get xray.omrout.s_shadowsocks_method)
 	if [ "$protocol" = "vless-reality" ] && [ "$enabled" = "1" ]; then
 		vless_reality='true'
 	else
@@ -363,10 +364,11 @@ _set_xray_server_vps() {
 	[ -z "$vps_config" ] && return
 	current_userid="$(echo "$vps_config" | jsonfilter -q -e '@.xray.config.key')"
 	current_vlessreality="$(echo "$vps_config" | jsonfilter -q -e '@.xray.config.vless_reality')"
+	current_method="$(echo "$vps_config" | jsonfilter -q -e '@.xray.config.ss_method')"
 
-	if [ "$current_userid" != "$userid" ] || [ "$current_vlessreality" != "$vless_reality" ]; then
+	if [ "$current_userid" != "$userid" ] || [ "$current_vlessreality" != "$vless_reality" ] || [ "$current_method" != "$ss_method" ]; then
 		local settings
-		settings='{"userid": "'$userid'","vless_reality": '$vless_reality'}'
+		settings='{"userid": "'$userid'","vless_reality": '$vless_reality',"ss_method": "'$ss_method'"}'
 		echo $(_set_json "xray" "$settings")
 	fi
 }

openmptcprouter/files/etc/uci-defaults/2020-omr-vpn

@@ -45,9 +45,18 @@ if [ "$(uci -q get openvpn.omr.proto)" != "tcp-client" ]; then
 		set openvpn.omr.sndbuf=0
 		set openvpn.omr.rcvbuf=0
 		set openvpn.omr.route_delay=5
+		set openvpn.omr.disable_dco=1
 		commit openvpn
 	EOF
 fi
+if [ -z "$(uci -q get openvpn.omr.disable_dco)" ]; then
+	uci -q batch <<-EOF >/dev/null
+		set openvpn.omr.disable_dco=1
+		commit openvpn
+	EOF
+
+fi
+
 
 uci -q delete openvpn.omr.secret
 uci -q delete openvpn.omr.ncp_disable=0

openvpn/files/openvpn.options

@@ -149,6 +149,7 @@ client
 client_to_client
 comp_noadapt
 disable
+disable_dco
 disable_occ
 down_pre
 duplicate_cn

ovpn-dco/Makefile

@@ -0,0 +1,63 @@
+#
+# Copyright (C) 2021 Jianhui Zhao <zhaojh329@gmail.com>
+# Copyright (C) 2023 Yannick Chabanois (Ycarus) <contact@openmptcprouter.com> for OpenMPTCProuter
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=ovpn-dco
+PKG_VERSION:=0.2.20231127
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/OpenVPN/ovpn-dco.git
+PKG_SOURCE_VERSION:=c24380cdb8f5eef5a04059bbe82ad4ba4d3616c3
+
+PKG_MAINTAINER:=Yannick Chabanois <contact@openmptcprouter.com>
+PKG_LICENSE:=GPL-2.0-only
+
+
+include $(INCLUDE_DIR)/package.mk
+
+define KernelPackage/ovpn-dco-v2
+  SUBMENU:=Network Support
+  TITLE:=OpenVPN data channel offload
+  DEPENDS:=+kmod-crypto-aead +kmod-udptunnel4 +IPV6:kmod-udptunnel6
+  FILES:=$(PKG_BUILD_DIR)/drivers/net/ovpn-dco/ovpn-dco-v2.ko
+  AUTOLOAD:=$(call AutoLoad,30,ovpn-dco-v2)
+endef
+
+define KernelPackage/ovpn-dco-v2/description
+  This module enhances the performance of the OpenVPN userspace software
+  by offloading the data channel processing to kernelspace.
+endef
+
+NOSTDINC_FLAGS += \
+	$(KERNEL_NOSTDINC_FLAGS) \
+	-I$(PKG_BUILD_DIR)/include \
+	-include $(PKG_BUILD_DIR)/linux-compat.h \
+	-I$(PKG_BUILD_DIR)/compat-include/
+
+EXTRA_KCONFIG:= \
+	CONFIG_OVPN_DCO_V2=m
+
+PKG_EXTMOD_SUBDIRS = drivers/net/ovpn-dco
+
+MAKE_OPTS:= \
+	$(KERNEL_MAKE_FLAGS) \
+	M="$(PKG_BUILD_DIR)/drivers/net/ovpn-dco" \
+	NOSTDINC_FLAGS="$(NOSTDINC_FLAGS)" \
+	$(EXTRA_KCONFIG)
+
+define Build/Compile
+	$(MAKE) -C "$(LINUX_DIR)" \
+		$(MAKE_OPTS) \
+		modules
+endef
+
+$(eval $(call KernelPackage,ovpn-dco-v2))

shadowsocks-libev/files/shadowsocks.conf

@@ -52,6 +52,9 @@ net.ipv4.tcp_mtu_probing = 0
 # Default conntrack is too small
 net.netfilter.nf_conntrack_max = 131072
 
+net.ipv4.conf.all.ignore_routes_with_linkdown = 1
+net.ipv4.conf.default.ignore_routes_with_linkdown = 1
+
 net.ipv4.tcp_ecn = 2
 #net.ipv4.tcp_sack = 0
 #net.ipv4.tcp_dsack = 0

sqm-autorate/files/usr/share/sqm-autorate/config.sh

@@ -10,7 +10,7 @@
 # Modified by Ycarus (Yannick Chabanois) for OpenMPTCProuter:
 #  * Get configuration via uci
 
-INTERFACE=$1
+INTERFACE="$1"
 
 # *** OUTPUT OPTIONS ***
 
@@ -26,10 +26,10 @@ debug=1
 
 #dl_if=ifb4eth1 # download interface
 #dl_if=$(uci -q get sqm.${INTERFACE}.download_interface)
-dl_if=ifb4$(uci -q get sqm.${INTERFACE}.interface)
+dl_if="ifb4$(uci -q get sqm.${INTERFACE}.interface)"
 #ul_if=eth1        # upload interface
 #ul_if=$(uci -q get sqm.${INTERFACE}.upload_interface)
-ul_if=$(uci -q get sqm.${INTERFACE}.interface)
+ul_if="$(uci -q get sqm.${INTERFACE}.interface)"
 
 #reflector_ping_interval_s=0.2 # (seconds, e.g. 0.2s or 2s)
 reflector_ping_interval_s=$(uci -q get sqm.${INTERFACE}.reflector_ping_interval_s || echo "0.2")