From 25b68f62281c56638d10de5532eb15db4d767383 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 27 Oct 2020 08:26:54 +0000 Subject: [PATCH 01/10] Increase OMR API check --- omr-service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/omr-service b/omr-service index fd8d77d..3890f2b 100755 --- a/omr-service +++ b/omr-service @@ -30,7 +30,7 @@ _glorytun_tcp() { } _omr_api() { - [ -z "$(curl -s -k -m 3 https://127.0.0.1:65500/)" ] && { + [ -z "$(curl -s -k -m 30 https://127.0.0.1:65500/)" ] && { logger -t "OMR-Service" "Restart OMR-Admin" systemctl -q restart omr-admin } From a218449b4ad5aa178d52e259ec1a14a509f75eb9 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 27 Oct 2020 08:30:12 +0000 Subject: [PATCH 02/10] Set to 0.1018 --- debian9-x86_64.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index 82cca13..dd6820a 100644 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -47,10 +47,10 @@ V2RAY_PLUGIN_VERSION="v1.4.3" EASYRSA_VERSION="3.0.6" SHADOWSOCKS_VERSION="38871da8baf5cfa400983dcdf918397e48655203" VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com)} -VPSPATH="server-test" +VPSPATH="server" VPSURL="https://www.openmptcprouter.com/" -OMR_VERSION="0.1018-test" +OMR_VERSION="0.1018" DIR=$( pwd ) #" From cba153e2d77ddfd4836b74eb75257f9999f61e25 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Wed, 28 Oct 2020 14:55:21 +0000 Subject: [PATCH 03/10] Use cubic and bbr by default --- shadowsocks.conf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/shadowsocks.conf b/shadowsocks.conf index 8de0b56..302bbe0 100644 --- a/shadowsocks.conf +++ b/shadowsocks.conf @@ -45,7 +45,7 @@ net.ipv4.tcp_wmem = 4096 65536 33554432 net.ipv4.tcp_mtu_probing = 0 # for low-latency network, use cubic instead -net.ipv4.tcp_congestion_control = bbr +net.ipv4.tcp_congestion_control = cubic net.core.default_qdisc = fq # Default conntrack is too small net.netfilter.nf_conntrack_max = 131072 @@ -56,4 +56,5 @@ net.ipv4.conf.default.log_martians = 0 # MPTCP settings net.mptcp.mptcp_checksum = 0 net.mptcp.mptcp_syn_retries = 2 +net.mptcp.mptcp_scheduler = blest net.ipv4.tcp_ecn=1 From 9e09d25e9500030efc4c0357721c035c34e9eca7 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Thu, 29 Oct 2020 07:48:48 +0000 Subject: [PATCH 04/10] Update version --- debian9-x86_64.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index c7810b4..812dcb2 100644 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -50,7 +50,7 @@ VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com VPSPATH="server" VPSURL="https://www.openmptcprouter.com/" -OMR_VERSION="0.1018" +OMR_VERSION="0.1019" DIR=$( pwd ) #" From f4beb2f5a59c87f04b838fae244286dca6da822d Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Sat, 31 Oct 2020 11:53:25 +0000 Subject: [PATCH 05/10] Increase version --- debian9-x86_64.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index 812dcb2..3e4ada9 100644 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -50,7 +50,7 @@ VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com VPSPATH="server" VPSURL="https://www.openmptcprouter.com/" -OMR_VERSION="0.1019" +OMR_VERSION="0.1020" DIR=$( pwd ) #" From 68211f2033de3c476947167d7a4b6082e1138d48 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 3 Nov 2020 16:45:29 +0000 Subject: [PATCH 06/10] Fix on current-vpn file doesn't exist --- debian9-x86_64.sh | 1 + omr-service | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index 3e4ada9..3f1b13b 100644 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -389,6 +389,7 @@ if [ "$OMR_ADMIN" = "yes" ]; then pip3 -q install fastapi netjsonconfig python-multipart -U mkdir -p /etc/openmptcprouter-vps-admin/omr-6in4 mkdir -p /etc/openmptcprouter-vps-admin/intf + [ ! -f "/etc/openmptcprouter-vps-admin/current-vpn" ] && echo "glorytun_tcp" > /etc/openmptcprouter-vps-admin/current-vpn mkdir -p /var/opt/openmptcprouter if [ "$SOURCES" = "yes" ]; then wget -O /lib/systemd/system/omr-admin.service ${VPSURL}${VPSPATH}/omr-admin.service.in diff --git a/omr-service b/omr-service index 114c1b8..38002d3 100755 --- a/omr-service +++ b/omr-service @@ -27,7 +27,7 @@ _glorytun_tcp() { for intf in /etc/glorytun-tcp/tun*; do [ "$(echo $intf | grep key)" = "" ] && /etc/glorytun-tcp/post.sh ${intf} done - if [ "$(cat /etc/openmptcprouter-vps-admin/current-vpn)" = "glorytun_tcp" ]; then + if [ -f /etc/openmptcprouter-vps-admin/current-vpn ] && [ "$(cat /etc/openmptcprouter-vps-admin/current-vpn)" = "glorytun_tcp" ]; then if [ "$(ping -c 5 -w 5 10.255.255.2 | grep '100%')" != "" ]; then logger -t "OMR-Service" "No answer from VPN client end, restart Glorytun-TCP" systemctl restart glorytun-tcp@tun0 From 521a620e99324fd98951737763fefc4b3ce5acf9 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 6 Nov 2020 16:30:53 +0000 Subject: [PATCH 07/10] Update version --- debian9-x86_64.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index e4a8043..d76c87e 100644 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -50,7 +50,7 @@ VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com VPSPATH="server" VPSURL="https://www.openmptcprouter.com/" -OMR_VERSION="0.1020" +OMR_VERSION="0.1021" DIR=$( pwd ) #" From c1e2859ff3ed4e733e667213205199ab1b21353f Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 10 Nov 2020 07:53:59 +0000 Subject: [PATCH 08/10] Increase version number --- debian9-x86_64.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index 1a12d74..7ba12f8 100644 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -50,7 +50,7 @@ VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com VPSPATH="server" VPSURL="https://www.openmptcprouter.com/" -OMR_VERSION="0.1021" +OMR_VERSION="0.1022" DIR=$( pwd ) #" From c0a99de20c167332f1435106e30324f498dcb7c9 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 22 Dec 2020 11:32:08 +0000 Subject: [PATCH 09/10] Add openvpn-bonding --- openvpn-bonding1.conf | 17 +++++++++++++++++ openvpn-bonding2.conf | 17 +++++++++++++++++ openvpn-bonding3.conf | 17 +++++++++++++++++ openvpn-bonding4.conf | 17 +++++++++++++++++ openvpn-bonding5.conf | 17 +++++++++++++++++ openvpn-bonding6.conf | 17 +++++++++++++++++ openvpn-bonding7.conf | 17 +++++++++++++++++ openvpn-bonding8.conf | 17 +++++++++++++++++ 8 files changed, 136 insertions(+) create mode 100644 openvpn-bonding1.conf create mode 100644 openvpn-bonding2.conf create mode 100644 openvpn-bonding3.conf create mode 100644 openvpn-bonding4.conf create mode 100644 openvpn-bonding5.conf create mode 100644 openvpn-bonding6.conf create mode 100644 openvpn-bonding7.conf create mode 100644 openvpn-bonding8.conf diff --git a/openvpn-bonding1.conf b/openvpn-bonding1.conf new file mode 100644 index 0000000..d675d34 --- /dev/null +++ b/openvpn-bonding1.conf @@ -0,0 +1,17 @@ +dev ovpnbonding1 +dev-type tap +cipher AES-256-CBC +proto udp +port 65351 +persist-tun +persist-key +reneg-sec 0 +verb 3 +ca /etc/openvpn/ca/pki/ca.crt +cert /etc/openvpn/ca/pki/issued/server.crt +key /etc/openvpn/ca/pki/private/server.key +dh /etc/openvpn/server/dh2048.pem +crl-verify /etc/openvpn/ca/pki/crl.pem +keepalive 100 2400 +mode server +tls-server diff --git a/openvpn-bonding2.conf b/openvpn-bonding2.conf new file mode 100644 index 0000000..8920940 --- /dev/null +++ b/openvpn-bonding2.conf @@ -0,0 +1,17 @@ +dev ovpnbonding2 +dev-type tap +cipher AES-256-CBC +proto udp +port 65352 +persist-tun +persist-key +reneg-sec 0 +verb 3 +ca /etc/openvpn/ca/pki/ca.crt +cert /etc/openvpn/ca/pki/issued/server.crt +key /etc/openvpn/ca/pki/private/server.key +dh /etc/openvpn/server/dh2048.pem +crl-verify /etc/openvpn/ca/pki/crl.pem +keepalive 100 2400 +mode server +tls-server diff --git a/openvpn-bonding3.conf b/openvpn-bonding3.conf new file mode 100644 index 0000000..b04099e --- /dev/null +++ b/openvpn-bonding3.conf @@ -0,0 +1,17 @@ +dev ovpnbonding3 +dev-type tap +cipher AES-256-CBC +proto udp +port 65353 +persist-tun +persist-key +reneg-sec 0 +verb 3 +ca /etc/openvpn/ca/pki/ca.crt +cert /etc/openvpn/ca/pki/issued/server.crt +key /etc/openvpn/ca/pki/private/server.key +dh /etc/openvpn/server/dh2048.pem +crl-verify /etc/openvpn/ca/pki/crl.pem +keepalive 100 2400 +mode server +tls-server diff --git a/openvpn-bonding4.conf b/openvpn-bonding4.conf new file mode 100644 index 0000000..d977b4e --- /dev/null +++ b/openvpn-bonding4.conf @@ -0,0 +1,17 @@ +dev ovpnbonding4 +dev-type tap +cipher AES-256-CBC +proto udp +port 65354 +persist-tun +persist-key +reneg-sec 0 +verb 3 +ca /etc/openvpn/ca/pki/ca.crt +cert /etc/openvpn/ca/pki/issued/server.crt +key /etc/openvpn/ca/pki/private/server.key +dh /etc/openvpn/server/dh2048.pem +crl-verify /etc/openvpn/ca/pki/crl.pem +keepalive 100 2400 +mode server +tls-server diff --git a/openvpn-bonding5.conf b/openvpn-bonding5.conf new file mode 100644 index 0000000..e5866b4 --- /dev/null +++ b/openvpn-bonding5.conf @@ -0,0 +1,17 @@ +dev ovpnbonding5 +dev-type tap +cipher AES-256-CBC +proto udp +port 65355 +persist-tun +persist-key +reneg-sec 0 +verb 3 +ca /etc/openvpn/ca/pki/ca.crt +cert /etc/openvpn/ca/pki/issued/server.crt +key /etc/openvpn/ca/pki/private/server.key +dh /etc/openvpn/server/dh2048.pem +crl-verify /etc/openvpn/ca/pki/crl.pem +keepalive 100 2400 +mode server +tls-server diff --git a/openvpn-bonding6.conf b/openvpn-bonding6.conf new file mode 100644 index 0000000..fb9ad29 --- /dev/null +++ b/openvpn-bonding6.conf @@ -0,0 +1,17 @@ +dev ovpnbonding6 +dev-type tap +cipher AES-256-CBC +proto udp +port 65356 +persist-tun +persist-key +reneg-sec 0 +verb 3 +ca /etc/openvpn/ca/pki/ca.crt +cert /etc/openvpn/ca/pki/issued/server.crt +key /etc/openvpn/ca/pki/private/server.key +dh /etc/openvpn/server/dh2048.pem +crl-verify /etc/openvpn/ca/pki/crl.pem +keepalive 100 2400 +mode server +tls-server diff --git a/openvpn-bonding7.conf b/openvpn-bonding7.conf new file mode 100644 index 0000000..f197366 --- /dev/null +++ b/openvpn-bonding7.conf @@ -0,0 +1,17 @@ +dev ovpnbonding7 +dev-type tap +cipher AES-256-CBC +proto udp +port 65357 +persist-tun +persist-key +reneg-sec 0 +verb 3 +ca /etc/openvpn/ca/pki/ca.crt +cert /etc/openvpn/ca/pki/issued/server.crt +key /etc/openvpn/ca/pki/private/server.key +dh /etc/openvpn/server/dh2048.pem +crl-verify /etc/openvpn/ca/pki/crl.pem +keepalive 100 2400 +mode server +tls-server diff --git a/openvpn-bonding8.conf b/openvpn-bonding8.conf new file mode 100644 index 0000000..2e6d7a6 --- /dev/null +++ b/openvpn-bonding8.conf @@ -0,0 +1,17 @@ +dev ovpnbonding8 +dev-type tap +cipher AES-256-CBC +proto udp +port 65358 +persist-tun +persist-key +reneg-sec 0 +verb 3 +ca /etc/openvpn/ca/pki/ca.crt +cert /etc/openvpn/ca/pki/issued/server.crt +key /etc/openvpn/ca/pki/private/server.key +dh /etc/openvpn/server/dh2048.pem +crl-verify /etc/openvpn/ca/pki/crl.pem +keepalive 100 2400 +mode server +tls-server From e87ff9af8e9bec07a7db6e77ca8c6a6c2b7fcc68 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Wed, 6 Jan 2021 07:53:55 +0000 Subject: [PATCH 10/10] Update kernel, API and latest glorytun udp fix --- debian9-x86_64.sh | 17 +++++++++++------ glorytun-udp-post.sh | 3 ++- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index 1e8a1d3..e2ee6ef 100644 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -15,7 +15,7 @@ OBFS=${OBFS:-yes} V2RAY_PLUGIN=${V2RAY_PLUGIN:-yes} V2RAY=${V2RAY:-yes} V2RAY_UUID=${V2RAY_UUID:-$(cat /proc/sys/kernel/random/uuid | tr -d "\n")} -UPDATE_O7S=${UPDATE_OS:-yes} +UPDATE_OS=${UPDATE_OS:-yes} UPDATE=${UPDATE:-yes} TLS=${TLS:-yes} OMR_ADMIN=${OMR_ADMIN:-yes} @@ -32,15 +32,15 @@ NOINTERNET=${NOINTERNET:-no} SPEEDTEST=${SPEEDTEST:-no} LOCALFILES=${LOCALFILES:-no} INTERFACE=${INTERFACE:-$(ip -o -4 route show to default | grep -m 1 -Po '(?<=dev )(\S+)' | tr -d "\n")} -KERNEL_VERSION="5.4.81" -KERNEL_PACKAGE_VERSION="1.15+9d3f35b" +KERNEL_VERSION="5.4.86" +KERNEL_PACKAGE_VERSION="1.16+9d3f35b" KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_${KERNEL_PACKAGE_VERSION}" GLORYTUN_UDP_VERSION="32267e86a6da05b285bb3bf2b136c105dc0af4bb" #MLVPN_VERSION="8f9720978b28c1954f9f229525333547283316d2" MLVPN_VERSION="f45cec350a6879b8b020143a78134a022b5df2a7" UBOND_VERSION="672100fb57913ffd29caad63517e145a5974b078" OBFS_VERSION="486bebd9208539058e57e23a12f23103016e09b4" -OMR_ADMIN_VERSION="a3ffef1222177bb48d3de121c5be9159bdfaeb7a" +OMR_ADMIN_VERSION="f52acee888a39cc812ba6848aec5eeb1a82ab7ba" DSVPN_VERSION="3b99d2ef6c02b2ef68b5784bec8adfdd55b29b1a" V2RAY_VERSION="4.31.0" V2RAY_PLUGIN_VERSION="v1.4.3" @@ -51,7 +51,7 @@ VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com VPSPATH="server" VPSURL="https://www.openmptcprouter.com/" -OMR_VERSION="0.1023" +OMR_VERSION="0.1025-test" DIR=$( pwd ) #" @@ -568,8 +568,10 @@ fi if [ "$V2RAY" = "yes" ]; then #apt-get -y -o Dpkg::Options::="--force-overwrite" install v2ray - rm -f /etc/systemd/system/v2ray.service wget -O /tmp/v2ray-${V2RAY_VERSION}-amd64.deb ${VPSURL}/debian/v2ray-${V2RAY_VERSION}-amd64.deb + if [ -f /etc/v2ray/v2ray-server.conf ] && [ ! -f /etc/systemd/system/v2ray.service ]; then + wget -O /etc/systemd/system/v2ray.service ${VPSURL}${VPSPATH}/old-v2ray.service + fi dpkg --force-all -i -B /tmp/v2ray-${V2RAY_VERSION}-amd64.deb rm -f /tmp/v2ray-${V2RAY_VERSION}-amd64.deb if [ ! -f /etc/v2ray/v2ray-server.json ]; then @@ -578,6 +580,9 @@ if [ "$V2RAY" = "yes" ]; then rm /etc/v2ray/config.json ln -s /etc/v2ray/v2ray-server.json /etc/v2ray/config.json fi + if [ -f /etc/systemd/system/v2ray.service.dpkg-dist ]; then + mv -f /etc/systemd/system/v2ray.service.dpkg-dist /etc/systemd/system/v2ray.service + fi systemctl daemon-reload systemctl enable v2ray.service fi diff --git a/glorytun-udp-post.sh b/glorytun-udp-post.sh index 2c1dc40..51a20f0 100644 --- a/glorytun-udp-post.sh +++ b/glorytun-udp-post.sh @@ -13,4 +13,5 @@ done ip addr add ${LOCALIP}/30 brd ${BROADCASTIP} dev ${INTF} 2>&1 >/dev/null } tc qdisc replace dev $INTF root cake -ip link set $INTF txqlen 100 \ No newline at end of file +ip link set $INTF txqlen 100 +glorytun set dev gt-udp-tun0 kxtimeout 7d 2>&1 >/dev/null \ No newline at end of file