diff --git a/fullconenat/Makefile b/fullconenat/Makefile index d49155c7e..0fd188e3d 100755 --- a/fullconenat/Makefile +++ b/fullconenat/Makefile @@ -28,7 +28,7 @@ define Package/iptables-mod-fullconenat SECTION:=net CATEGORY:=Network TITLE:=FULLCONENAT iptables extension - DEPENDS:=+iptables +kmod-ipt-fullconenat + DEPENDS:=+iptables +kmod-ipt-fullconenat @LINUX_5_4 endef define Package/iptables-mod-fullconenat/install @@ -39,7 +39,7 @@ endef define KernelPackage/ipt-fullconenat SUBMENU:=Netfilter Extensions TITLE:=FULLCONENAT netfilter module - DEPENDS:=+kmod-nf-ipt +kmod-nf-nat + DEPENDS:=+kmod-nf-ipt +kmod-nf-nat @LINUX_5_4 KCONFIG:= \ CONFIG_NF_CONNTRACK_EVENTS=y \ CONFIG_NF_CONNTRACK_CHAIN_EVENTS=y diff --git a/iproute2/Makefile b/iproute2/Makefile index 7f4556e7d..2f9d2f2bc 100755 --- a/iproute2/Makefile +++ b/iproute2/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=iproute2 -PKG_VERSION:=6.5.0 +PKG_VERSION:=6.7.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/linux/utils/net/iproute2 -PKG_HASH:=a70179085fa1b96d3c33b040c809b75e2b57563adc505a4ad05e2609df373463 +PKG_HASH:=ff942dd9828d7d1f867f61fe72ce433078c31e5d8e4a78e20f02cb5892e8841d PKG_BUILD_PARALLEL:=1 PKG_BUILD_DEPENDS:=iptables PKG_LICENSE:=GPL-2.0 diff --git a/iproute2/patches/100-configure.patch b/iproute2/patches/100-configure.patch deleted file mode 100755 index 0c19b2086..000000000 --- a/iproute2/patches/100-configure.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/configure -+++ b/configure -@@ -34,7 +34,8 @@ int main(int argc, char **argv) { - } - EOF - -- if $CC -I$INCLUDE -o $TMPDIR/atmtest $TMPDIR/atmtest.c -latm >/dev/null 2>&1; then -+# OpenWrt: disable ATM support even if present on host system -+ if [ 1 -eq 0 ]; then - echo "TC_CONFIG_ATM:=y" >>$CONFIG - echo yes - else diff --git a/iproute2/patches/200-drop_libbsd_dependency.patch b/iproute2/patches/200-drop_libbsd_dependency.patch deleted file mode 100755 index 12a1ccfa3..000000000 --- a/iproute2/patches/200-drop_libbsd_dependency.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- a/configure -+++ b/configure -@@ -431,14 +431,8 @@ EOF - if $CC -I$INCLUDE -o $TMPDIR/strtest $TMPDIR/strtest.c >/dev/null 2>&1; then - echo "no" - else -- if ${PKG_CONFIG} libbsd --exists; then -- echo 'CFLAGS += -DHAVE_LIBBSD' `${PKG_CONFIG} libbsd --cflags` >>$CONFIG -- echo 'LDLIBS +=' `${PKG_CONFIG} libbsd --libs` >> $CONFIG -- echo "no" -- else -- echo 'CFLAGS += -DNEED_STRLCPY' >>$CONFIG -- echo "yes" -- fi -+ echo 'CFLAGS += -DNEED_STRLCPY' >>$CONFIG -+ echo "yes" - fi - rm -f $TMPDIR/strtest.c $TMPDIR/strtest - } diff --git a/luci-app-omr-tracker/htdocs/luci-static/resources/view/omr-tracker/network/interface.js b/luci-app-omr-tracker/htdocs/luci-static/resources/view/omr-tracker/network/interface.js index 2c11934e6..501a60a4e 100644 --- a/luci-app-omr-tracker/htdocs/luci-static/resources/view/omr-tracker/network/interface.js +++ b/luci-app-omr-tracker/htdocs/luci-static/resources/view/omr-tracker/network/interface.js @@ -104,11 +104,12 @@ return view.extend({ o.rmempty = false; o.modalonly = true; */ - + /* o = s.option(form.Value, 'reliability', _('Tracking reliability'), _('Acceptable values: 1-100. This many Tracking IP addresses must respond for the link to be deemed up')); o.datatype = 'range(1, 100)'; o.default = '1'; + */ o = s.option(form.ListValue, 'count', _('Ping count')); o.default = '1'; diff --git a/omr-schedule/files/bin/omr-schedule b/omr-schedule/files/bin/omr-schedule index c18a70434..753b53e69 100755 --- a/omr-schedule/files/bin/omr-schedule +++ b/omr-schedule/files/bin/omr-schedule @@ -2,7 +2,7 @@ . /lib/functions.sh . /lib/functions/network.sh -[ -n "$(pgrep -f 'omr-schedule')" ] && exit 0 +#[ -n "$(pgrep -f 'omr-schedule')" ] && exit 0 for schedule_bin in /usr/share/omr/schedule.d/*; do [ -x "$schedule_bin" ] && ( diff --git a/omr-schedule/files/usr/share/omr/schedule.d/010-services b/omr-schedule/files/usr/share/omr/schedule.d/010-services index d1cb77c22..b1976ba2a 100755 --- a/omr-schedule/files/usr/share/omr/schedule.d/010-services +++ b/omr-schedule/files/usr/share/omr/schedule.d/010-services @@ -101,10 +101,10 @@ if [ -z "$(pgrep ModemManager)" ] && [ -f /etc/init.d/modemmanager ] && [ -n "$( _log "Can't find ModemManager, restart it..." /etc/init.d/modemmanager restart 2>&1 >/dev/null sleep 5 -elif [ -n "$(pgrep ModemManager)" ] && [ -f /etc/init.d/modemmanager ] && [ -z "$(uci -q show network | grep modemmanager)" ]; then - _log "ModemManager not used, stop it..." - /etc/init.d/modemmanager stop 2>&1 >/dev/null - sleep 5 +#elif [ -n "$(pgrep ModemManager)" ] && [ -f /etc/init.d/modemmanager ] && [ -z "$(uci -q show network | grep modemmanager)" ]; then +# _log "ModemManager not used, stop it..." +# /etc/init.d/modemmanager stop 2>&1 >/dev/null +# sleep 5 fi if [ "$(uci -q get v2ray.main.enabled)" = "1" ] && [ -f /etc/init.d/v2ray ] && [ "$(pgrep -f omr-tracker-v2ray)" = "" ] && [ "$(pgrep -f '/etc/init.d/omr-tracker')" = "" ]; then diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker index c3c15a92f..8cf858c61 100755 --- a/omr-tracker/files/bin/omr-tracker +++ b/omr-tracker/files/bin/omr-tracker @@ -611,7 +611,7 @@ while true; do _restart if [ "$OMR_TRACKER_STATUS" = "ERROR" ]; then - sleep "${$OMR_TRACKER_FAILURE_INTERVAL:-5}" + sleep "${OMR_TRACKER_FAILURE_INTERVAL:-5}" else sleep "${OMR_TRACKER_INTERVAL:-2}" fi diff --git a/omr-tracker/files/etc/init.d/omr-tracker b/omr-tracker/files/etc/init.d/omr-tracker index 51101d8c2..202b5881b 100755 --- a/omr-tracker/files/etc/init.d/omr-tracker +++ b/omr-tracker/files/etc/init.d/omr-tracker @@ -16,7 +16,7 @@ . /lib/functions/network.sh _validate_section() { - local tmp_hosts=$hosts tmp_hosts6=$hosts6 tmp_timeout=$timeout tmp_count=$count tmp_tries=$tries tmp_size=$size tmp_max_ttl=$max_ttl tmp_failure_loss=$failure_loss tmp_failure_latency=$failure_latency tmp_recovery_loss=$recovery_loss tmp_recovery_latency=$recovery_latency + local tmp_hosts=$hosts tmp_hosts6=$hosts6 tmp_timeout=$timeout tmp_count=$count tmp_tries=$tries tmp_size=$size tmp_max_ttl=$max_ttl tmp_failure_loss=$failure_loss tmp_failure_latency=$failure_latency tmp_recovery_loss=$recovery_loss tmp_recovery_latency=$recovery_latency tmp_reliability=$reliability local tmp_interval=$interval tmp_interval_tries=$interval_tries tmp_options=$options tmp_type=$type tmp_enabled=$enabled tmp_wait_test=$wait_test tmp_server_http_test=$server_http_test tmp_check_quality=$check_quality tmp_failure_interval=$failure_interval tmp_tries_up=$tries_up tmp_family=$family uci_validate_section omr-tracker "$1" "$2" \ @@ -31,6 +31,7 @@ _validate_section() { 'recovery_latency:uinteger' \ 'check_quality:bool:0' \ 'count:uinteger' \ + 'reliability:uinteger' \ 'tries:uinteger' \ 'tries_up:uinteger' \ 'interval:uinteger' \ @@ -47,6 +48,7 @@ _validate_section() { [ -z "$hosts6" ] && hosts6=$tmp_hosts6 [ -z "$timeout" ] && timeout=$tmp_timeout [ -z "$count" ] && count=$tmp_count + [ -z "$reliability" ] && reliability=$tmp_reliability [ -z "$size" ] && size=$tmp_size [ -z "$failure_loss" ] && failure_loss=$tmp_failure_loss [ -z "$failure_latency" ] && failure_latency=$tmp_failure_latency @@ -72,7 +74,7 @@ _launch_tracker() { loopback|lan*|if0*) return;; esac [ -z "$1" ] && return - local hosts hosts6 timeout count tries tries_up interval interval_tries options type enabled wait_test ipv6 proto server_http_test size max_ttl failure_loss failure_interval failure_latency recovery_loss recovery_latency family + local hosts hosts6 timeout count tries tries_up interval interval_tries options type enabled wait_test ipv6 proto server_http_test size max_ttl failure_loss failure_interval failure_latency recovery_loss recovery_latency family reliability _validate_section "defaults" "defaults" _validate_section "interface" "$1" @@ -105,6 +107,7 @@ _launch_tracker() { [ -z "${size}" ] && size=56 [ -z "${check_quality}" ] && check_quality=0 [ -z "${tries}" ] && tries=5 + [ -z "${reliability}" ] && reliability=1 [ -z "${tries_up}" ] && tries_up=${tries} [ -z "${failure_interval}" ] && failure_interval=5 @@ -122,6 +125,7 @@ _launch_tracker() { procd_append_param env "OMR_TRACKER_RECOVERY_LOSS=$recovery_loss" procd_append_param env "OMR_TRACKER_RECOVERY_LATENCY=$recovery_latency" procd_append_param env "OMR_TRACKER_COUNT=$count" + procd_append_param env "OMR_TRACKER_RELIABILITY=$reliability" procd_append_param env "OMR_TRACKER_TRIES=$tries" procd_append_param env "OMR_TRACKER_TRIES_UP=$tries_up" procd_append_param env "OMR_TRACKER_INTERVAL=$interval" diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index 70fb2ae0a..21baab06c 100755 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -90,7 +90,7 @@ MY_DEPENDS := \ luci-proto-external omr-schedule # keepalived disabled by default because it's running even with no configuration, would need a default OMR config with some changes - (TARGET_x86||TARGET_x86_64):keepalived (TARGET_x86||TARGET_x86_64):keepalived-sync +# (TARGET_x86||TARGET_x86_64):keepalived (TARGET_x86||TARGET_x86_64):keepalived-sync # !TARGET_mvebu:kmod-usb-net-smsc75xx diff --git a/shadowsocks-libev/files/firewall.ss-rules b/shadowsocks-libev/files/firewall.ss-rules index 3134150d8..5c8336a83 100755 --- a/shadowsocks-libev/files/firewall.ss-rules +++ b/shadowsocks-libev/files/firewall.ss-rules @@ -1,2 +1,2 @@ #!/bin/sh -/etc/init.d/shadowsocks-libev rules_up +[ "$(uci -q get shadowsocks-libev.sss0.disabled)" != "1" ] && /etc/init.d/shadowsocks-libev rules_up diff --git a/shadowsocks-libev/files/shadowsocks-libev.init-nft b/shadowsocks-libev/files/shadowsocks-libev.init-nft index 340a479d0..89cc846b2 100755 --- a/shadowsocks-libev/files/shadowsocks-libev.init-nft +++ b/shadowsocks-libev/files/shadowsocks-libev.init-nft @@ -15,7 +15,7 @@ ss_confdir=/var/etc/shadowsocks-libev ss_bindir=/usr/bin ssrules_uc="/usr/share/ss-rules/ss-rules.uc" -ssrules_nft="/etc/nftables.d/90-ss-rules.nft" +ssrules_nft="/etc/nftables.d/90-proxy-ss-rules.nft" ss_mkjson_server_conf() { local cfgserver @@ -219,8 +219,9 @@ ss_rules_nft_gen() { } ss_rules_nft_reset() { - if [ -f "$ssrules_nft" ]; then + if [ -f "$ssrules_nft" ] || [ -f "${ssrules_nft}.down" ]; then rm -f "$ssrules_nft" + rm -f "${ssrules_nft}.down" fw4 -q restart fi } @@ -255,7 +256,10 @@ rules_exist() { start_service() { local cfgtype - + [ -n "$(uci -q get firewall.ss_rules)" ] && { + uci -q del firewall.ss_rules + uci -q commit firewall + } mkdir -p "$ss_confdir" config_load shadowsocks-libev for cfgtype in ss_local ss_redir ss_server ss_tunnel; do diff --git a/shadowsocks-rust/files/firewall.ssr-rules b/shadowsocks-rust/files/firewall.ssr-rules index 87e4769b6..c5e7aa863 100644 --- a/shadowsocks-rust/files/firewall.ssr-rules +++ b/shadowsocks-rust/files/firewall.ssr-rules @@ -1,2 +1,2 @@ #!/bin/sh -/etc/init.d/shadowsocks-rust rules_up +[ "$(uci -q get shadowsocks-rust.sss0.disabled)" != "1" ] && /etc/init.d/shadowsocks-rust rules_up diff --git a/shadowsocks-rust/files/shadowsocks-rust.init-nft b/shadowsocks-rust/files/shadowsocks-rust.init-nft index d1d153deb..eaa60035a 100755 --- a/shadowsocks-rust/files/shadowsocks-rust.init-nft +++ b/shadowsocks-rust/files/shadowsocks-rust.init-nft @@ -15,7 +15,7 @@ ss_confdir=/var/etc/shadowsocks-rust ss_bindir=/usr/bin ssrules_uc="/usr/share/ssr-rules/ss-rules.uc" -ssrules_nft="/etc/nftables.d/90-proxy-rules.nft" +ssrules_nft="/etc/nftables.d/90-proxy-ssr-rules.nft" ss_mkjson_server_conf() { local cfgserver @@ -172,8 +172,9 @@ ss_rules_nft_gen() { } ss_rules_nft_reset() { - if [ -f "$ssrules_nft" ]; then + if [ -f "$ssrules_nft" ] || [ -f "${ssrules_nft}.down" ]; then rm -f "$ssrules_nft" + rm -f "${ssrules_nft}.down" fw4 -q restart fi } @@ -210,7 +211,10 @@ rules_exist() { start_service() { local cfgtype - + [ -n "$(uci -q get firewall.ssr_rules)" ] && { + uci -q del firewall.ssr_rules + uci -q commit firewall + } mkdir -p "$ss_confdir" config_load shadowsocks-rust for cfgtype in ss_local ss_redir ss_server ss_tunnel; do diff --git a/v2ray-core/files/etc/firewall.v2ray-rules b/v2ray-core/files/etc/firewall.v2ray-rules index 2c0ade3dd..a76fa56c0 100755 --- a/v2ray-core/files/etc/firewall.v2ray-rules +++ b/v2ray-core/files/etc/firewall.v2ray-rules @@ -1,2 +1,2 @@ #!/bin/sh -/etc/init.d/v2ray rules_up +[ "$(uci -q get v2ray.main_dns.enabled)" = "1" ] && /etc/init.d/v2ray rules_up diff --git a/v2ray-core/files/etc/init.d/v2ray-nft b/v2ray-core/files/etc/init.d/v2ray-nft index 30d342fac..110b3c6ff 100755 --- a/v2ray-core/files/etc/init.d/v2ray-nft +++ b/v2ray-core/files/etc/init.d/v2ray-nft @@ -13,7 +13,7 @@ NAME=v2ray CONFIG_FOLDER=/var/etc/$NAME v2rrules_uc="/usr/share/v2ray-rules/v2r-rules.uc" -v2rrules_nft="/etc/nftables.d/90-proxy-rules.nft" +v2rrules_nft="/etc/nftables.d/90-proxy-v2ray-rules.nft" FILE_V2RAY_DNSMASQ=/tmp/dnsmasq.d/$NAME FILE_V2RAY_DNSMASQ_CACHE=/tmp/$NAME.dnsmasq.cache @@ -2090,7 +2090,7 @@ clear_transparent_proxy() { fw4 -q restart fi - v2ray-rules -f + #v2ray-rules -f if [ -s "$FILE_V2RAY_DNSMASQ" ] ; then rm -f "$FILE_V2RAY_DNSMASQ" @@ -2100,6 +2100,10 @@ clear_transparent_proxy() { start_instance() { local section="$1" + [ -n "$(uci -q get firewall.v2ray)" ] && { + uci -q del firewall.v2ray + uci -q commit firewall + } if ! v2ray_section_validate "$section" ; then _err "Invalid config." diff --git a/xray-core/files/etc/firewall.xray-rules b/xray-core/files/etc/firewall.xray-rules index 2aac68055..2a82fba79 100644 --- a/xray-core/files/etc/firewall.xray-rules +++ b/xray-core/files/etc/firewall.xray-rules @@ -1,2 +1,2 @@ #!/bin/sh -/etc/init.d/xray rules_up +[ "$(uci -q get xray.main_dns.enabled)" = "1" ] && /etc/init.d/xray rules_up diff --git a/xray-core/files/etc/init.d/xray-nft b/xray-core/files/etc/init.d/xray-nft index a92efe7df..a4033ad3a 100755 --- a/xray-core/files/etc/init.d/xray-nft +++ b/xray-core/files/etc/init.d/xray-nft @@ -13,7 +13,7 @@ NAME=xray CONFIG_FOLDER=/var/etc/$NAME xrrules_uc="/usr/share/xray-rules/xr-rules.uc" -xrrules_nft="/etc/nftables.d/90-proxy-rules.nft" +xrrules_nft="/etc/nftables.d/90-proxy-x2ray-rules.nft" FILE_XRAY_DNSMASQ=/tmp/dnsmasq.d/$NAME FILE_XRAY_DNSMASQ_CACHE=/tmp/$NAME.dnsmasq.cache @@ -2321,6 +2321,10 @@ rules_down() { start_service() { + [ -n "$(uci -q get firewall.xray)" ] && { + uci -q del firewall.xray + uci -q commit firewall + } clear_transparent_proxy config_load "$NAME"