From e063e29ff98e1b494de23d1691d033add6a64266 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 15 Jun 2021 05:04:25 +0000 Subject: [PATCH 01/12] Fix vpspath for release --- debian9-x86_64.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index bdbff00..cbb7d33 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -57,7 +57,7 @@ SHADOWSOCKS_VERSION="bf44f710b4a0c451809279383acc847995c35ead" SHADOWSOCKS_BINARY_VERSION="3.3.5-2" DEFAULT_USER="openmptcprouter" VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com)} -VPSPATH="server-test" +VPSPATH="server" VPSURL="https://www.openmptcprouter.com/" REPO="repo.openmptcprouter.com" CHINA=${CHINA:-no} From ce4516fac273a6de7384c11fa045e6601741eed7 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Mon, 23 Aug 2021 13:50:00 +0000 Subject: [PATCH 02/12] Commit latest small changes in script --- debian9-x86_64.sh | 12 ++++++++---- omr-pihole.sh | 5 +++++ omr-service | 25 ++++++++++++++++++------- omr-test-speed | 12 ++++++------ omr-test-speedv6 | 12 ++++++------ openmptcprouter-shorewall6.tar.gz | Bin 3780 -> 3803 bytes shorewall6/params.vpn | 1 + 7 files changed, 44 insertions(+), 23 deletions(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index cbb7d33..444a169 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -629,6 +629,8 @@ if [ "$OBFS" = "yes" ]; then cd /tmp rm -rf /tmp/simple-obfs else + rm -f /var/lib/dpkg/lock + rm -f /var/lib/dpkg/lock-frontend apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-simple-obfs=${OBFS_BINARY_VERSION} fi #sed -i 's%"mptcp": true%"mptcp": true,\n"plugin": "/usr/local/bin/obfs-server",\n"plugin_opts": "obfs=http;mptcp;fast-open;t=400"%' /etc/shadowsocks-libev/config.json @@ -662,6 +664,8 @@ if [ "$V2RAY_PLUGIN" = "yes" ]; then #cd /tmp #rm -rf /tmp/simple-obfs else + rm -f /var/lib/dpkg/lock + rm -f /var/lib/dpkg/lock-frontend apt-get -y install v2ray-plugin=${V2RAY_PLUGIN_VERSION} fi fi @@ -1188,11 +1192,11 @@ else cp ${DIR}/shorewall4/shorewall.conf /etc/shorewall/shorewall.conf cp ${DIR}/shorewall4/policy /etc/shorewall/policy cp ${DIR}/shorewall4/params /etc/shorewall/params - cp ${DIR}/shorewall4/params.vpn /etc/shorewall/params.vpn - cp ${DIR}/shorewall4/params.net /etc/shorewall/params.net + #cp ${DIR}/shorewall4/params.vpn /etc/shorewall/params.vpn + #cp ${DIR}/shorewall4/params.net /etc/shorewall/params.net cp ${DIR}/shorewall6/params /etc/shorewall6/params - cp ${DIR}/shorewall6/params.net /etc/shorewall6/params.net - cp ${DIR}/shorewall6/params.vpn /etc/shorewall6/params.vpn + #cp ${DIR}/shorewall6/params.net /etc/shorewall6/params.net + #cp ${DIR}/shorewall6/params.vpn /etc/shorewall6/params.vpn cp ${DIR}/shorewall6/interfaces /etc/shorewall6/interfaces cp ${DIR}/shorewall6/stoppedrules /etc/shorewall6/stoppedrules cp ${DIR}/shorewall6/snat /etc/shorewall6/snat diff --git a/omr-pihole.sh b/omr-pihole.sh index 20a023f..0981789 100644 --- a/omr-pihole.sh +++ b/omr-pihole.sh @@ -8,6 +8,11 @@ if [ "$ID" = "debian" ] && [ "$VERSION_ID" = "9" ]; then echo "This script doesn't work with Debian Stretch (9.x)" exit 1 fi +if [ "$(id -u)" -ne 0 ]; then + echo "You must run the script as root" + exit 1 +fi + echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "You can select any interface and set any IPs during Pi-hole configuration, this will be modified for OpenMPTCProuter at the end." echo "Don't apply Pi-hole firewall rules." diff --git a/omr-service b/omr-service index f388c5d..c94e748 100755 --- a/omr-service +++ b/omr-service @@ -42,6 +42,15 @@ _glorytun_tcp() { _dsvpn() { [ -n "$(ip -6 r show 64:ff9b::/96 dev dsvpn0)" ] && ip -6 r del 64:ff9b::/96 dev dsvpn0 2>&1 >/dev/null + if [ -f /etc/openmptcprouter-vps-admin/current-vpn ] && [ "$(cat /etc/openmptcprouter-vps-admin/current-vpn)" = "dsvpn" ]; then + localip="$(cat /etc/dsvpn/dsvpn0 | grep LOCALTUNIP | cut -d '=' -f2)" + [ -z "$localip" ] && localip="10.255.251.1" + remoteip="$(echo $localip | sed 's/\.1/\.2/')" + if [ "$(ping -c 5 -w 5 $remoteip | grep '100%')" != "" ] && [ "$(expr $(date +%s) - $(stat -c %Y /proc/$(pgrep dsvpn)/exe ))" -gt "300" ]; then + logger -t "OMR-Service" "No answer from VPN client end, restart DSVPN" + systemctl restart dsvpn@dsvpn0 + fi + fi } _shadowsocks() { @@ -66,13 +75,15 @@ _omr_api() { _lan_route() { cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -c '.users[0][]' | while IFS=$"\n" read -r c; do - vpnremoteip=$(echo "$c" | jq -r '.vpnremoteip') - if [ -n "$vpnremoteip" ] && [ "$vpnremoteip" != "null" ]; then - echo "$c" | jq -c -r '.lanips[] //empty' | - while IFS=$"\n" read -r d; do - network=$(ipcalc -n $d | grep Network | awk '{print $2}') - [ -n "$network" ] && [ -z "$(ip r show $network via $vpnremoteip)" ] && ip r replace $network via $vpnremoteip 2>&1 >/dev/null - done + if [ -n "$c" ]; then + vpnremoteip=$(echo "$c" | jq -r '.vpnremoteip') + if [ -n "$vpnremoteip" ] && [ "$vpnremoteip" != "null" ]; then + echo "$c" | jq -c -r '.lanips[] //empty' | + while IFS=$"\n" read -r d; do + network=$(ipcalc -n $d | grep Network | awk '{print $2}') + [ -n "$network" ] && [ -z "$(ip r show $network via $vpnremoteip)" ] && ip r replace $network via $vpnremoteip 2>&1 >/dev/null + done + fi fi done } diff --git a/omr-test-speed b/omr-test-speed index 863232f..15666e1 100644 --- a/omr-test-speed +++ b/omr-test-speed @@ -1,8 +1,8 @@ #!/bin/sh # vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 : -OVH=false -if [ "$1" = "ovh" ]; then - OVH=true +HETZNER=false +if [ "$1" = "hetzner" ]; then + HETZNER=true INTERFACE="$2" else INTERFACE="$1" @@ -13,9 +13,9 @@ fi exit 0 } -if [ "$OVH" = false ]; then +if [ "$HETZNER" = false ]; then echo "Select best test server..." - HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://proof.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin" + HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin" bestping="9999" for pinghost in $HOSTLST; do domain=$(echo $pinghost | awk -F/ '{print $3}') @@ -32,7 +32,7 @@ if [ "$OVH" = false ]; then done fi -[ -z "$HOST" ] && HOST="http://proof.ovh.net/files/10Gio.dat" +[ -z "$HOST" ] && HOST="https://speed.hetzner.de/10GB.bin" echo "Best server is $HOST, running test:" trap : HUP INT TERM diff --git a/omr-test-speedv6 b/omr-test-speedv6 index ca3d64d..3db10fe 100644 --- a/omr-test-speedv6 +++ b/omr-test-speedv6 @@ -1,8 +1,8 @@ #!/bin/sh # vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 : -OVH=false -if [ "$1" = "ovh" ]; then - OVH=true +HETZNER=false +if [ "$1" = "hetzner" ]; then + HETZNER=true INTERFACE="$2" else INTERFACE="$1" @@ -14,9 +14,9 @@ fi } -if [ "$OVH" = false ]; then +if [ "$HETZNER" = false ]; then echo "Select best test server..." - HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://www.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv6.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin" + HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip https://speed.hetzner.de/10GB.bin http://ipv6.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin" bestping="9999" for pinghost in $HOSTLST; do domain=$(echo $pinghost | awk -F/ '{print $3}') @@ -33,7 +33,7 @@ if [ "$OVH" = false ]; then done fi -[ -z "$HOST" ] && HOST="http://proof.ovh.net/files/10Gio.dat" +[ -z "$HOST" ] && HOST="https://speed.hetzner.de/10GB.bin" echo "Best server is $HOST, running test:" trap : HUP INT TERM diff --git a/openmptcprouter-shorewall6.tar.gz b/openmptcprouter-shorewall6.tar.gz index d5769fae4f168217f983a780a6bdd3be7bb4e23a..eeb36f255423786ff3502b03dab8b9a259e435a2 100644 GIT binary patch delta 3749 zcmV;W4qEZV9oroTABzY8C#?OE2Sk4}Ju^K|_Y93@zURfEJ^SU={-_1iKRIFFK;`dt z|FrX}-90^Rb-SmnUi($6-99<(y&|nW%9PV8itUh)SE296pDOoU{{JZ*)DDPo?}yHV zy;$@~qd}TZJZnaIQgfDRNDa#l{gAlctsgG!*!4YP-}tMTI8efMBFG`}y&Hd#TX*3c zk@zuiNPTI0WL;e&udWXD{V-JZ32%~a?O?A|JKzOVQWcKl40Wmtl;cEdm>j3+s;P3K zrs^hVu+OPMbD%dcB}PWtM-HA&E4CKe`spk%(ro{=8R_n*J+p7 z#@$YLn@{JBQj4eUw}t#4kKcCNn>DvjJ7tk1UD&SL4QHE-{eJ(n#Hdj7Tv827F}C?V zC%$q0sNqE=3A^Q5H0`M&34-#NfaKj0tHCRDn>DgMrzCr?-!HRDPc(lTxxuEiy;i?G zT81)tiql(`Slj*b9GXwgeY`RG$k~6pW=y_!v;JK#cEVeG=0v-x?JY&6Tla1iGLvu&H41+4 z7`k`&F?lV#Asv|hMyG$(J|Q=cU>}@9gQjCInO!l_Y%JWH&<-C7T9D9jNaWwf4|eE$ zPagdhnSmh*ow*xBM-7MT0Fw5@D@gj%V5eYCYx_9Q8tV0yUNCg4&2i1SGZhlW37xJ;~Y}7i( z?X0!5#v=k__1cb6{*d?qGQI(!AIZW7=`zk^HUtJVguG}xiB5TOLXYELV>aHms}LI_ zb0@alMFb3uozmA^_O&`h^<7)@+)wE2yyke+hct|4%f8Arv1)?w!Z*>zy6C z_RRv2A-+%Wjd%{ACV-Taz?l>yjz_DzJ12@Ehn36Nh-ZH=Zo;lwe+*4QVA_^x-i0$4_TT!L-zmjwY}LCpz69}fh6WYsaaayI)Gg#KOL75XbP zZfAJICF^_O#P_ZAE?xcuw#Yp{TCT#|4My_1JWgx;11mN2!}*(}@&baOH+NX5KDB%f zFhr|G43d9?NxVs{Km-GX2FXnfN>U}cx4|$u4vbmo!U%bJ3n)8Qza{XF@lsL*c`8zp zXvHx!T}}e9dkNsGXeYFu$NjbO4F2N|pzQzmdYuaYUxISihN0i@Elou)O>5BJUmMS^ z{|@Z`Pr&EvcKR(W2kXD`|6YdFiEi}VzXU~gf9`jXJgv*m-0-1Y z@eEE=Wl6YR-^=QV$n=uR*}XK8%(L^UZkRPZg)8zB)WIV0f?d!7D^3g*5J1H;u~pO1bRJ%j%zC!JRL z{IB1w@c%{VGw@$W75Q5DKZ2{%$_D(2Z2&`(otuE)iL!u^9ED4UXxkEDAW0#;Twc|s zk)-gMVIn$jZahuGu#+ZyPk8+T?*&y+nDu{3^G#{8QGN{ifdMJGd@N$6n9o8A4#<}g zhQeguuZ=f(db!(05s^l^I@M}F7&I9@UY6H4z{;P?k};;@I#H)Gj6@+pQZ9K}DkMx5 zQ|EA)$*>1zV~g6R?~k#H1eDoQ{TXy{jv&@X9c*b@TB^nCVB7dg*$(Z)){|$ z^_&%tX8~KA3GuU;6U0PRj6zG%x{X^mg|*nv+I;Xs44eX%*NNkhjOF3*YNMS*y1X6M z8O`_em!#8JP!`r);D<5!2kG~~Ct;u)-P?2jA@XOxL`=%Ng&#h~E06fz#<=7I zu`!=z3CnuLzFA|9ey`W<{pLDW^X)o5(LKW$XA`&+!8@G}Yfc;s8c82tleK@QZmUmO zUziTEfU52jikoI&3pyD65W2!vCz~Z!cN<&lpS*qhw%F`!;i4uL*L|w22cp7fS^@2x zwOhyd*GU4&8my+j+|k$i0p>Bfa(ijx)BbkC%(xpK@?qimnDR2~TwRoDvQ0DFGjfoD&(Y#GSWW1BXmE zrY}9 zK4|=i>VrLsKZMcOLG~-?gG}Vz_h2aL^a@=6eRcx29-v4g_>*9bjCS9Na~U=ruv;-L zSshvIP!al*?oKw+@cJBgD2kZgt<|u@5@0M~%aUXcC7BMI@9eM%er|K=L=hrQlEs1? z2lX62&;AzSf1TyBtyX_hhslprMZO*=eyuj)g_4wrp0!%KvD%PS*PwNi>RW}4kEKth z`fxing$+nw_oVQOhwHiVF{IUMrl46vnI9Qjb>zFc4FPvOiw7KPi2#ajf}W^E0p(H2 zki#W_n2P&n9`r|qZ!ujK0+dzZO2Yiz>lJM5htkN>cym0cAHILbTT#+K6vpqYxr#!# zw?n6xdidTL^E%xu45~4rs-!{cpuqNPY~4A&8#HAKI;-_@<4q0JUyXejG|?pCf~g~D zkt$B11Xfe4DMN6_v4BQ(IjQ!>^_qbbE)bqj@MZ)lXHE9On$55Bi-kY47v)@z9B4=na3U)mTk%!!pJc(1SG^-9yIo+_*MS+CjaJO0^$g5n;lIpbk?|4U;K` zkf{wQN|Q`jijMYc_iB-BfGm*?`KfFUJlGo-ASg?&v+cPgOtk3eJoN4P%#PyZFym;l zTEuSQehzzY#gC0g@9Z#NV=Og21SuxtMqN~l&dr+nR2S3%t?&HVdT8{3X7I2F3R>UL|jW0j#!OH+xwr zDp(Im86|)I>iXVdFgHj7@gYN;NQz|e=LS_wxD+!F7hmYZVT0s#Li&c^I$^?JP-bDz zc|#Jc#6lWLO13Zub+GG4sZ(&2+cZ#3Va!X4WeB>YnQ5hh%ulq5kyIhbl-DhQGIpa* zG?|)7bFdV^62oG&03}sFepGV(AyjJ)L$hww~6`?Z*)*NMl(i|MO#hQ<6LmYg|6o63-TIxqI)9!OmX9pU0VfJRhUc0ur7JBfbJOmaSE=omA`wE zmSX-Dvx{~Z=f={~p)HD1ru{egOW?)fOGbav6!H#bw?DzynAx4COQ6)+pxz-}_J`kX z`0H%`p@~I31_t#~5;LVw()4LI!&4)Na+sM!BuvxB*RWoA*#ccG6otuKCnOFsC;~MM z*zTkqLM2dTQQ$SmH*&SVQuPZSIK{$=s{R_Z2Gj)Fx z4M4bT7t3&NpW6>nGBn&w;CQg0f_xKF%*mG7TGNZUSqwq8DJbTp@eKJMV7tA1+pwLL zY!J57*N*>o-rDtlx&u2N%O@sr!VXz3a1Y6oYnZ?(F?ZiAuDNr`M4-%8($>8?945Z_ zgf}j-TvX=d8i3^hgG30zCLW=QplpAtNpw06!SCPODWu|81R| zRPi4#LYwg)dCZ5Q@Md#jNB>zlp*?q;uMGd_SCJoo;>Zugkb2&c^i=)n6ZPgM7dua9 z-CRO)QHVcM9LW>E9>P5t|G}|e5J8tr;Lt%S{+I}d5g_bGN1*6Ae=fO8pSAPGm(>bYr|KmmIWAUH8f-g`| zkuUZG+MUV;_%piz1s&PLYXE;=8H~Bf_fq(dmol@;HP&g3b@Ge+pvP|{ z48r@Je&dFB%e}(@qL!S}<|1+vc_4-$Z{vSnu1|oZa{q(n)%xjH-efp~@TevJK zTS<)6srlJh|FOEWUuwzT3d@68vp`u4EzVypV>f?5l&`3wiYlt8qKcEL4iA%`4iOFL P&r1ITPlA_20C)fZM6_PA delta 3704 zcmV-;4u|pE9mE|6ABzY8V0I~y2Sk58Ju^K|_Y8w(zURfEJ^SU={-_1iKRIFFK;`dt z|FrX}-92rebWU3R?&+&myM1!ne??k*)G4P`6x$&ouR`CCKUMCz{Qpxrs2vdF-VdDz zd$H(~MuRk+c-D;aq~TR&XdvFm%pzVTNvaiE0jM36(`dpCa~x9-9@ zBJpG3kowa0$XZ+@7gq;)KMYlU!keU9JJ>7L4tT+oRE6U>L!IgZ~m^RoinZ^QyAB3Ke)H#ke{0Bn93T}4f4%5#Igj_GI@PO&7^>3@e^JVc`GSY z6U?)FXAwBznGJ29+h>}}H8_9#U(Exq-D-W;s{P=2bN4pmADY@W^KBfgIpbNtb=oDi zaktam=F@qjRO4y;Z6W{1v5s3)`aIaJI?V@Apqjj0!c+CDpJLW1HV| z;v3hG8eUY=uv?a*X-{=Y5S04_H1C#J4PK$!tdZ?GCEa`dewkHzqSAlJ4K}sywfg1W zGL*?voZhm;+U}Rf(0p?2b&i>mqWAeS5`R{tM6W-c0C)$m?r|4Py@Ak_0-|trV z|01-3|Kyz$Mu_Ss$1TzzhP@0H4v}&bAw$4*0^m>L2fvY<4gpNRb?;Uoa|y>FQSgJu z(7n5l$!p;a>A>(eI<0^93AuR$|KJoVG#z`%{ECTgW8vO}cKArpgM^MlBL6miutVp2 z^60O~3>-=5%-sll&CM!yh#M2Y*QOr=|I&v!@rX$)Z|;Pw8c=T;5&xFmjFc&nohX95 zk>fd`y&&4^X5r3&S$1cR7dga^NPub4y)(~r9ik#estCA05YK;_`8{!5$j7>~Uh5pU zv)WRLM+ExnwH>4WA@Kubd;>~9l7$W0Wt_*X3k;|TdC_?io$}&@9>>4NtiNwpAy!7_ zPHel22pAeWrLXtwYjcR|yY}XJoY2|17w{TM)i7Q#YT&ZCL-1*q zRLEpBzn=w1;7EUN7xrCr6b8^U&;du#fnX`~LHj6#{&Q|HaC#SboWBekeb+l_tiS~S zo(akMpJLk)#D9_kJG7U3#D1jb@W0*Zm+-%JdfKk=|0U@8_&>1_hERMIxpyAJuXlFn z+BXY8hWI|gH{v;fngCKx0%uZ;I3BI;?wlxw99Ax4Bc6Y~1l}9x4uItWfE0w1RRFOM zz&s%F!ii&st+7uK@m=q31+a|xxCGzeFAEC5gqjnEJ{~Ci$iy+YayHu*g#KOL6#6T3 zZfAJICG&gW#P_ZAE}i}ZHpx9dTCT#|4My_1+)r!#11~l6!}*&;cmY8$nma6rPd%Rl z4AE*4gXVwW5^oYO5J3l_Lvj;`l87YtHaI57fj$de=piq!0d+_5TMF+OFC|5gry?bZ zRUAXruR1s;Ut5dD^gF%zt<7Ih$1FZbH zEE!`et`l`CLr)YEB;}Hqr9#3~F?C+JD3(#^RV{Ct=zHJB=r#QZL?h3cG4l=F*)OXg z*(=6bg*%l8HOYHtFWmWS^v>9-=e&443)tLDh@Z`zASR+>6l#jrb=&GO;x07>3MFDV4j(FUAcy1J;9bAr&X&Pu z9&QUik;hnAfpy+TtA3_g8!}7vp-eIKgOafNjXkfke*drUImgEc;Uoy1cYrhrOfLMi z_>IFj7rsAt=En>qaoku<8@>0DUSNL;mGW@EJRQb@v9Rg_Ka9ygNWTX$2?O2e-k$pp zkw5z-Vp`rU{O~bedBpcN`X%p(jqxmNShg$n%_?j3d%bS&H_KSfw`F{yd4@6025={e zcRC$boj4XWl0Lp9YfIfWpR&C$8)OG+x=$Exnt?Uw;PgXi3Y(p5l$h)`*4BSNdHeQl zvD(?fMN2Bq`_xzuM1{|+0_r(yw~q0zlN=;!FiC&8Cl~7nSjQO3?WK-S$N%ki|FnGm zr_<|ps`&pUXy5Hy{DcmmuxTLeL4(fPeh#!F7x|_i-GYHJg7A4-dyVD?SNpE)$k$OU2{+c)8g9E(gb@=xPv?@I;5t zDbe7b5{RM5Ig#N?+JE6YbUDhqjgF1E};=RG)9GHO3=jX-8blx z>gTESQAgug`IXqKN6;+6+4^0r~=#EJ@~2 zlIfuN&JLRp=Qfv46d}?iS?rM8pq|6$+211kud`gX)JkNS{76;g>w)6eY7<^4X^H4r ztECI84NY|oYB#CARoH*{So&nD54TfO*nsqPOA1H)UC)h=A+1(31B85S~!+W&|l` zP4>a6&9Cx{g+H?wb1Ri~`-(1~Jb4VcwfO>o09#uU(lRT|wx#`N5{Hc;C^ zy^cn;A7Bw-z=wZe4pT4@c5WEH&K(DJJ7WT~v(F2@0w8 z8cO<-%Ijc5KTheCZZ_zNq~z(wm({T!@1nzCk72lV7;Jxy6JWR}Z0Hds_Au}|K%}5f z@C~BDw-Kza58q>48-0KaTyuQ*=i&S4F^Zk#2Y`UNgJ&UGWc=aVnr@5>ywUwO3#82a zCBB9P#rM)*rD%cythSyvdzmRJcn?V#CGqO|-eNE}NDg8{hB%QF$>7fos+e#oW)UvF z(1qOw$?JcF^bN0d!i2w|%)_4Zh9p>thcuFuY+?@T;Mb4Rpx`L?X<(Ydn3ojG5Ohg1 zQ=x*)Pqc}Vh!AAT>lQ#6yHO{aOwFV^mnU&~BLyIPs$3}Q74(5FC2j_pC1?@UW`cd<*i4hQNs25f6l9sgI4g+G$byO# z7{OE#38IFiavWvVtJN+j)hyk#Qb%^3L`=MxzB*-CEFNOXSwOUD40)=FaR$tokxVz& zJ=lLh3&t#OHjZEtVzExLjOlPF{WSOmQ>G^U$-+H(b!ra!ty&FF^iHIoDK0#+YpYe*qY0reUH12$!v58P4r<`5{V%hKmX84|b>^UxXBMvT3%q^kRQ* zc7`BZ6cqE)^9=bKV7tD2*|43JED*NS*Ma|b-a7Pux&b@x%O?hL!Zukha1F_mYZ$;O zF?U}r&bf2RM4-%O($>8?944{&gf}j-Tr}q78i3^h4~YZATvXzZbdKbSUytCPJpaM5Uy#6%OyDp;DgKxQ zhbKVTk4`|*bN*bCCG#3O4S*k(#X2v7)LZAf*4bIJ-8%Yr4eGd^xA68muJC^bDt0o= z&E)weKJNsx23ul%$R4=lk3gf^0hWB72(>{}`who|ycSn_8TBvs(6gePqSy}tXTH~C zpwFHE@Ab;>e|0)1)$c#N2z~7QXRi5KoLN70{w$R1!n{cRreT4P|J{%Xb+E=$T*5+ikLem2&BOm_B59obu9`C-=Vpe!Df WoDMP%sG^GgjPySSZ@`TJcmM!)=v)v0 diff --git a/shorewall6/params.vpn b/shorewall6/params.vpn index e69de29..a7a7058 100644 --- a/shorewall6/params.vpn +++ b/shorewall6/params.vpn @@ -0,0 +1 @@ +OMR_ADDR=fe80::a00:2 From 16e01d1120f6f9baf13ab5e80b601fec12e6e739 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 19 Nov 2021 21:03:15 +0000 Subject: [PATCH 03/12] Various fixes --- debian9-x86_64.sh | 8 ++++---- omr-service | 10 ++++++---- shadowsocks.conf | 2 +- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index 444a169..d71a6e9 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -166,7 +166,7 @@ echo "Remove lock and update packages list..." rm -f /var/lib/dpkg/lock rm -f /var/lib/dpkg/lock-frontend rm -f /var/cache/apt/archives/lock -apt-get update +apt-get update --allow-releaseinfo-change rm -f /var/lib/dpkg/lock rm -f /var/lib/dpkg/lock-frontend rm -f /var/cache/apt/archives/lock @@ -179,7 +179,7 @@ if [ "$ID" = "debian" ] && [ "$VERSION_ID" = "9" ] && [ "$UPDATE_OS" = "yes" ]; apt-get -y -f --force-yes upgrade apt-get -y -f --force-yes dist-upgrade sed -i 's:stretch:buster:g' /etc/apt/sources.list - apt-get update + apt-get update --allow-releaseinfo-change apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" upgrade apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" dist-upgrade VERSION_ID="10" @@ -189,7 +189,7 @@ if [ "$ID" = "ubuntu" ] && [ "$VERSION_ID" = "18.04" ] && [ "$UPDATE_OS" = "yes" apt-get -y -f --force-yes upgrade apt-get -y -f --force-yes dist-upgrade sed -i 's:bionic:focal:g' /etc/apt/sources.list - apt-get update + apt-get update --allow-releaseinfo-change apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" upgrade apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" dist-upgrade VERSION_ID="20.04" @@ -252,7 +252,7 @@ elif [ "$ID" = "ubuntu" ]; then fi # Install mptcp kernel and shadowsocks echo "Install mptcp kernel and shadowsocks..." -apt-get update +apt-get update --allow-releaseinfo-change sleep 2 apt-get -y install dirmngr patch rename curl libcurl4 unzip diff --git a/omr-service b/omr-service index c94e748..a51b564 100755 --- a/omr-service +++ b/omr-service @@ -73,15 +73,17 @@ _omr_api() { } _lan_route() { - cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -c '.users[0][]' | + cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -c '.users[0][]?' | while IFS=$"\n" read -r c; do if [ -n "$c" ]; then vpnremoteip=$(echo "$c" | jq -r '.vpnremoteip') if [ -n "$vpnremoteip" ] && [ "$vpnremoteip" != "null" ]; then - echo "$c" | jq -c -r '.lanips[] //empty' | + echo "$c" | jq -c -r '.lanips[]? //empty' | while IFS=$"\n" read -r d; do - network=$(ipcalc -n $d | grep Network | awk '{print $2}') - [ -n "$network" ] && [ -z "$(ip r show $network via $vpnremoteip)" ] && ip r replace $network via $vpnremoteip 2>&1 >/dev/null + if [ "$d" != "" ]; then + network=$(ipcalc -n $d | grep Network | awk '{print $2}') + [ -n "$network" ] && [ -z "$(ip r show $network via $vpnremoteip)" ] && ip r replace $network via $vpnremoteip 2>&1 >/dev/null + fi done fi fi diff --git a/shadowsocks.conf b/shadowsocks.conf index 5fb5da0..d6d760a 100644 --- a/shadowsocks.conf +++ b/shadowsocks.conf @@ -60,4 +60,4 @@ net.ipv4.conf.default.log_martians = 0 net.mptcp.mptcp_checksum = 0 net.mptcp.mptcp_syn_retries = 2 net.mptcp.mptcp_scheduler = blest -net.ipv4.tcp_ecn=1 +net.ipv4.tcp_ecn = 2 From a8553ba64f47afe4b544b093952b6b8c55919aae Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 11 Feb 2022 15:56:10 +0000 Subject: [PATCH 04/12] Add missing package --- debian9-x86_64.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index d71a6e9..e846ce2 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -471,7 +471,7 @@ if [ "$OMR_ADMIN" = "yes" ]; then else apt-get -y install python3-passlib python3-jwt python3-netaddr libuv1 python3-uvloop fi - apt-get -y install python3-uvicorn jq ipcalc python3-netifaces python3-aiofiles python3-psutil + apt-get -y install python3-uvicorn jq ipcalc python3-netifaces python3-aiofiles python3-psutil python3-requests echo '-- pip3 install needed python modules' #pip3 install pyjwt passlib uvicorn fastapi netjsonconfig python-multipart netaddr #pip3 -q install fastapi netjsonconfig python-multipart uvicorn -U From b3ef329cd0e415d56907baad464d2a438307d459 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Sun, 21 Aug 2022 18:25:29 +0000 Subject: [PATCH 05/12] Littles fixes on VPS script --- debian9-x86_64.sh | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index e846ce2..f792944 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -256,6 +256,16 @@ apt-get update --allow-releaseinfo-change sleep 2 apt-get -y install dirmngr patch rename curl libcurl4 unzip +if [ -z "$(dpkg-query -l | grep grub)" ]; then + if [ -d /boot/grub2 ]; then + apt-get -y install grub2 + elif [ -d /boot/grub ]; then + apt-get -y install grub-legacy + fi + [ -n "$(grep 'net.ifnames=0' /boot/grub/grub.cfg)" ] && [ ! -f /etc/default/grub ] && { + echo 'GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0"' > /etc/default/grub + } +fi if [ "$SOURCES" = "yes" ]; then wget -O /tmp/linux-image-${KERNEL_RELEASE}_amd64.deb ${VPSURL}kernel/linux-image-${KERNEL_RELEASE}_amd64.deb wget -O /tmp/linux-headers-${KERNEL_RELEASE}_amd64.deb ${VPSURL}kernel/linux-headers-${KERNEL_RELEASE}_amd64.deb @@ -290,6 +300,7 @@ if [ "$LOCALFILES" = "no" ]; then else cd ${DIR} fi +[ -f /boot/grub/grub.cfg ] && [ -z "$(grep ${KERNEL_VERSION}-mptcp /boot/grub/grub.cfg)" ] && [ -n "$(which grub-mkconfig)" ] && grub-mkconfig -o /boot/grub/grub.cfg rm -f /etc/grub.d/30_os-prober bash update-grub.sh ${KERNEL_VERSION}-mptcp bash update-grub.sh ${KERNEL_RELEASE} @@ -471,7 +482,7 @@ if [ "$OMR_ADMIN" = "yes" ]; then else apt-get -y install python3-passlib python3-jwt python3-netaddr libuv1 python3-uvloop fi - apt-get -y install python3-uvicorn jq ipcalc python3-netifaces python3-aiofiles python3-psutil python3-requests + apt-get -y install python3-uvicorn jq ipcalc python3-netifaces python3-aiofiles python3-psutil python3-requests pwgen echo '-- pip3 install needed python modules' #pip3 install pyjwt passlib uvicorn fastapi netjsonconfig python-multipart netaddr #pip3 -q install fastapi netjsonconfig python-multipart uvicorn -U @@ -901,7 +912,7 @@ if [ "$OPENVPN" = "yes" ]; then make-cadir /etc/openvpn/ca fi cd /etc/openvpn/ca - ./easyrsa init-pki + ./easyrsa init-pki 2>&1 >/dev/null ./easyrsa --batch build-ca nopass EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-server-full server nopass EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-client-full "openmptcprouter" nopass From 7a7a4a277828d8ea059fdb72c9a4fdc7d35f9b65 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 14 Oct 2022 07:01:41 +0000 Subject: [PATCH 06/12] Add current 0.1028 release --- debian9-x86_64.sh | 25 +++++++++++++++++-------- multipath | 12 +++++++++--- omr-service | 2 +- omr-update | 2 +- omr-update.service.in | 2 +- openmptcprouter-shorewall.tar.gz | Bin 4192 -> 4154 bytes shorewall4/shorewall.conf | 4 ++-- 7 files changed, 31 insertions(+), 16 deletions(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index aa273c8..e65d32b 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -55,8 +55,8 @@ MLVPN_BINARY_VERSION="3.0.0+20211028.git.ddafba3" UBOND_VERSION="f9fb6aa0a65e8e20950977bda970c90012f830d7" OBFS_VERSION="486bebd9208539058e57e23a12f23103016e09b4" OBFS_BINARY_VERSION="0.0.5-1" -OMR_ADMIN_VERSION="20314b11f21eb5878ba62c85d874528e0e394024" -OMR_ADMIN_BINARY_VERSION="0.3+20220715" +OMR_ADMIN_VERSION="4f8dc4f997c6c95971beea9d52512ed91c77479b" +OMR_ADMIN_BINARY_VERSION="0.3+20220827" DSVPN_VERSION="3b99d2ef6c02b2ef68b5784bec8adfdd55b29b1a" DSVPN_BINARY_VERSION="0.1.4-2" V2RAY_VERSION="4.43.0" @@ -76,7 +76,7 @@ VPSURL="https://www.openmptcprouter.com/" REPO="repo.openmptcprouter.com" CHINA=${CHINA:-no} -OMR_VERSION="0.1027" +OMR_VERSION="0.1028" DIR=$( pwd ) #" @@ -563,10 +563,15 @@ if [ "$OMR_ADMIN" = "yes" ]; then fi apt-get -y --allow-downgrades install python3-uvicorn jq ipcalc python3-netifaces python3-aiofiles python3-psutil python3-requests pwgen echo '-- pip3 install needed python modules' - echo "If you see any error here, I really don't care: it's about a not used module for home users" + echo "If you see any error here, I really don't care: it's about a module not used for home users" #pip3 install pyjwt passlib uvicorn fastapi netjsonconfig python-multipart netaddr #pip3 -q install fastapi netjsonconfig python-multipart uvicorn -U - pip3 -q install fastapi jsonschema netjsonconfig python-multipart jinja2 -U + pip3 -q install netjsonconfig + pip3 -q install fastapi -U + pip3 -q install jsonschema -U + pip3 -q install python-multipart jinja2 -U + pip3 -q install starlette + pip3 -q install starlette mkdir -p /etc/openmptcprouter-vps-admin/omr-6in4 mkdir -p /etc/openmptcprouter-vps-admin/intf [ ! -f "/etc/openmptcprouter-vps-admin/current-vpn" ] && echo "glorytun_tcp" > /etc/openmptcprouter-vps-admin/current-vpn @@ -578,7 +583,7 @@ if [ "$OMR_ADMIN" = "yes" ]; then cd /tmp unzip -q -o openmptcprouter-vps-admin.zip cp /tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION}/omr-admin.py /usr/local/bin/ - if [ -f /usr/local/bin/omr-admin.py ]; then + if [ -f /usr/local/bin/omr-admin.py ] || [ -f /etc/openmptcprouter-vps-admin/omr-admin-config.json ]; then OMR_ADMIN_PASS2=$(grep -Po '"'"pass"'"\s*:\s*"\K([^"]*)' /etc/openmptcprouter-vps-admin/omr-admin-config.json | tr -d "\n") [ -z "$OMR_ADMIN_PASS2" ] && OMR_ADMIN_PASS2=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].openmptcprouter.user_password | tr -d "\n") [ -n "$OMR_ADMIN_PASS2" ] && OMR_ADMIN_PASS=$OMR_ADMIN_PASS2 @@ -695,8 +700,12 @@ fi if [ "$LOCALFILES" = "no" ]; then wget -O /lib/systemd/system/omr-update.service ${VPSURL}${VPSPATH}/omr-update.service.in + wget -O /usr/bin/omr-update ${VPSURL}${VPSPATH}/omr-update + chmod 755 /usr/bin/omr-update else cp ${DIR}/omr-update.service.in /lib/systemd/system/omr-update.service + cp ${DIR}/omr-update /usr/bin/omr-update + chmod 755 /usr/bin/omr-update fi # Install simple-obfs @@ -1375,8 +1384,8 @@ fi if [ "$TLS" = "yes" ]; then VPS_CERT=0 - apt-get -y install dnsutils socat - if [ "$VPS_DOMAIN" != "" ] && [ "$(dig +noidnout +noall +answer $VPS_DOMAIN)" != "" ] && [ "$(ping -c 1 -w 1 $VPS_DOMAIN)" ]; then + apt-get -y install socat + if [ "$VPS_DOMAIN" != "" ] && [ "$(getent hosts $VPS_DOMAIN | awk '{ print $1; exit }')" != "" ] && [ "$(ping -c 1 -w 1 $VPS_DOMAIN)" ]; then if [ ! -f "/root/.acme.sh/$VPS_DOMAIN/$VPS_DOMAIN.cer" ]; then echo "Generate certificate for V2Ray" set +e diff --git a/multipath b/multipath index 41c3880..608f08a 100755 --- a/multipath +++ b/multipath @@ -126,15 +126,21 @@ else exit 0;; "on") [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null - ip mptcp endpoint add $IP dev $DEVICE subflow fullmesh + for i in $IP; do + ip mptcp endpoint add $i dev $DEVICE subflow fullmesh + done exit 0;; "signal") [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null - ip mptcp endpoint add $IP dev $DEVICE signal fullmesh + for i in $IP; do + ip mptcp endpoint add $i dev $DEVICE signal fullmesh + done exit 0;; "backup") [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null - ip mptcp endpoint add $IP dev $DEVICE backup fullmesh + for i in $IP; do + ip mptcp endpoint add $i dev $DEVICE backup fullmesh + done exit 0;; "") case "$IFF" in diff --git a/omr-service b/omr-service index e8de038..3898c5d 100755 --- a/omr-service +++ b/omr-service @@ -6,7 +6,7 @@ _multipath() { source /etc/shorewall/params.net for intf in `ls -1 /sys/class/net`; do if [ "$intf" != "bonding_masters" ]; then - if [ "$intf" = "$NET_IFACE" ]; then + if ([ "$(ip a show dev lo | grep -v inet6 | grep global)" != "" ] && [ "$intf" = "lo" ]) || ([ "$intf" = "$NET_IFACE" ] && [ "$(ip a show dev lo | grep -v inet6 | grep global)" = "" ]); then [ -f /proc/sys/net/mptcp/mptcp_enabled ] && [ "$(multipath $intf | tr -d '\n')" != "$intf is in default mode" ] && multipath $intf on [ -f /proc/sys/net/mptcp/enabled ] && [ "$(multipath $intf | tr -d '\n')" != "$intf is in signal mode" ] && { multipath $intf signal diff --git a/omr-update b/omr-update index 33b3fa6..ff2e201 100755 --- a/omr-update +++ b/omr-update @@ -1,6 +1,6 @@ #!/bin/sh if [ -f /etc/openmptcprouter-vps-admin/update ]; then - wget -O - http://www.openmptcprouter.com/server-test/debian10-x86_64.sh | sh + wget -O - http://www.openmptcprouter.com/server/debian10-x86_64.sh | sh rm -f /etc/openmptcprouter-vps-admin/update reboot fi diff --git a/omr-update.service.in b/omr-update.service.in index 231803a..99120f8 100644 --- a/omr-update.service.in +++ b/omr-update.service.in @@ -4,7 +4,7 @@ After=network.target network-online.target [Service] Type=simple -Restart=never +Restart=no ExecStart=/usr/bin/omr-update #ExecStart=/usr/share/omr-server/debian9-x86_64.sh AmbientCapabilities= diff --git a/openmptcprouter-shorewall.tar.gz b/openmptcprouter-shorewall.tar.gz index 67d46c4e05633e7be5618a85267cacb4c9a732fd..92957efcab04f4eca8eb09a1b98a997dd26d155f 100644 GIT binary patch literal 4154 zcmV-A5XJ8wiwFRpt_foR1MNKhbE8JG`z!h@rewd%Zk_c3`igy}%OOA#&j<)0J5F5{ zg(YlLkw6d7I)17B->+u|5JK{5FDrR-Ioi8|>FMd7kDl%xm|+(9ejGZpU*4S#ngHE) zn_K~kSGEWDY^&F6wpzVrhke&%*><<{4mD3$rwrCn?1Tut3xgp39NnS(|4=xqoFVfm z2;FCAu|TyNYPj*N5v7>MEY*(+rW^(#^8AM&TspBA_{g~r)-iH{!gC|YLGhCpp$Bi_ zUZD78<)Z4+@lnRDmT{{ByB~&{G2t!Ls+_$ERL*$8k~NiK7*m@Xg2XVQWLgZP8=9pt zqOKW`Fv(?VN(N)z%9b#$RDSRt&^bS~w6Ubp4`RC4X+&NgSm61YfO#7|JL&r!#11WH!DB5{@i;=%MUGmx9~%}+LVlED~4kW z#l|hJwOh{M&4R=pdzs7sv3}WNw>h&tu2?165O!I6;cUBLx7+O%3aXMdkTug*&E4|8 z8{d0DRP&=k4O>Mny1uVVR;yy4K+Ri)q9(6OyG0|%cMEmzbi2i(@*bg)x7x04r`av` zmZ?tmmGqZ|qHMP~hSuJ(kGBRNm+W3{3exM>&VSF3-SEMgxzRDK$$mIs|2a_2cWk=_ zL>$*_x3K;1vZeih6WF%@AKfs*cD-G1q8c)t)g*tE)g4IjtJwC5XFtRnS$+pq`3wQ`OC(v@8CGjj4b{q@uK6JttgndZp zx+n@B;%6sx|At1eUcCgiwANz-)NIsI@`)q5w#^$$_7!UaD-rC-p(f!d`d>!b@z5QNKO_lXRN7bj9Z z{xv53{jd(PFf?~#$6G{DpmtO^f^XkglIpP?dKM~hN9TO@v!+T2Az8H~W5^5m9)qUi zP{FK#vtrJ{o7pnXWadw^)dl#ChlTSPU4+m>F7yaA{K5~S z&pgJpcpgQ~B(k}}35FW?z8gO^lhi=qO{>qgnsu%NKD~*rog^>u3;k`=A3n_3 zOZNLbbM(H@lNqQKWgeKk7a3O-e#F2|f zBM-_OJvk7;xGr>W=s{=tnJC;&hAA|Td9^u5cDJ%BC{s~FRITbzp&|-A$G4sn|4pzN zh||e9VE@4bbc@gbIvuXG|8D_VXiE&>x2{bIZw+r@bq~(}-tPSGmCt|P1a5TG=0(xy zvm_88|JjN*F?O(A1=CVnL07cRauN3*5369|&0bC`wl&wbD6i&~TdeqW1nplgaO+-=f|HbRPYBPnTGp2*hKU}~6F z1wWI_mqoDV*-G<*AnDc)*~9Zbssa`jOT9w&ip(M!Pmer^hNhEestox_le0yF*i@Y$ zFg`)S>>5jGs40qeE32cl$0k$g$bp0u9(o3(F%0=Jr2mx!=&EmRl}dOk2-k~KzWOC_ z!2h?~?c)9)AZJVe{}%8C{@=hV^0n^&0`7Wc4Dct80f;3zdI<21Al)mLdEi1IvKxuu zJ!Cn2kzO<8k*xA*V1f+ZlJe#8hO-7-C%kcu(}Jd|Bzj5mEqSsp*ygES-sdLoCA z)f--sbBL*G8N6_vr%|QbO4c+n@V|?3#1uSZYvj8#qP{C{_RD%j-xlFngC8 zv+(BcaRh~1btv$PXDc!{De$wIyNZ#hnmI|)M#h7en6)@aWj+TX-Z}|I-qVPT_T~BT zc1sSeT_%S#M)&+j!n={MyU|r3!stA&V&n;|cW8>@pv>#y4m9Nu@3bjm7_16RtM|^l zO8Wf&1K+LJvH3=;(ESKjhMLGlkdWWIq~sz9=I*>s3?vbp4&3h0?Q8cw8vG(G8OWTv z5TUCejM3jww*yfLF}u-|GY_7lVD?Ky>iW0{!k2jMqrl(lC16UWZgoRZbWyX&l?bbK zJDpbN-{!HN@ACLe^GtJ`4(CxS&T$+OCyoUjcNcibIojyzt}@|?0JIO!^K_6H;7*n- zgpmQ>J%k#QX-EcxuwXIMZu|1`GS8jvUfG)9iH4quDsM65Z6{`Zb)G)Xq?<)+gwRZQWr-sab*Ks6w8X2FD|5=Xh^vLr+uEq7(F5p?N&6WE<-UN;wH({@`iSKWc z(73Z_Yst3i(USXvP_oUzjqyH^FNj15yDH^3ar~9@2$B6F3czSDJRk03^c2Udt48Db z`MJI+29}_)r1Vjta`mTpxj6pQErv;Ks);PbBLjY?NQbn9Aa+6nq`;kcbh#A>#0+by z+mZ?anI!h_+^BMj*3stOKqCxjj0Vk=p^10LZ_tfo3^Y@=?)vNr8v>xiu#9kfj^75I zA4x|4gw-EH?;B9}TWEuVl;gKxC>zo(g#4#$1S~l~kw)+*!yFkMzYzlk78|fiv1~;f z+2mm|v?p1WY~k?z0Iy6`F-gJV&60W5?5hDqZ1j>N2V^)|Ey>s+ zHebU}rp9m=o7fS+Z(5Sy5$?rxKvgQ1pxZ-*ADKHWven&I{f<4VXAIUF0TkZ?z0r^g z%A}zogQo`0Zkff)OOhBSON<|=%Xjdm=4T46W6w1tztzwjd2lSkcXfGQ&0zs zD1(ry3MfYdO$f%oKI{alK-NOGC=L0kV)cDk8|TbWimndAz?sjSD5i_xi^+Nsd%5%+ z7TjtOn=i1I$tDxQCQm)`XuLWXRWo!~Ic&9pIeoFjDrn1(Q)wz~SA7qPzE}D;7@x+0 z7%-M&7)=AlQfCAh%?TMI3t_D~=L7U)Xq5bb7ST>*khJ)7V6WrkC#HW9p{}#PO zvAg^P6MXLCjm{+O{q$YMFvq#F(bH}bz|4XrK3fXpC+V+3z(8!KzL^#$nFty<1X&%? zkaUx_i52V99mOjywukP}&zO@3fXss*=V8tmfJytsP-y+I_$ zdpC#)e=QL{1KyMcoBBq|Ih&vTDtPpZBtE#v+!*u1FS@2NMOHFw9RItfi(*@l#LAK$I|%ZH*-rKdeZoEi$`s>t!83!l3*` z+;T+%+)bAvz>GqSNpDpgD)2aT5${xf0`1$hiHMSZ(n0%d^2S(}%nYd+R^l=!YRE$z zKuj3n48hASZ-_Q+9e$n-BGRq}2Q*T_)KArGRl9{wGi2(Xa7h_@07O}!_;}E#v@gzN zRgqN*I9b9trNmy$1~Dq=Mp6yXheR~iAI+~+t|dvg4a>GRBF=D=lasclO~NQrI1Qe* z)hxqW3JI{(5%lKvqG`fI|A_Qu0TqE;Y{R%`{eZQA=726vbycUMc1AnVHmAd({8RrI zOaR7FCWj9Q`P7nrvhjm|ZEE$qO>oXraF7P1B-f>E>5ly1l{LG^x>LoM=$uPpp=+kZG}z;hA`Xg9K$ zPGE{Nrm6U;nQLV-129e>-@)AH6&vPAjug~tgP>tPsHkL`u!>7M0;?zJhQRBPZ)P+2 zRx_@7=n++m=zO}D9}OPhRNvhQWH#Mu={7c+bCua?-XUv~30E13NaIC5X^ z8N>;Bc65!G#yq-%0h}W1_+s^{*6;pt4;No&I)U0zIh^E%DN%1rOe4a0vph#=xT zwTwgie_Jf~j%_!)Y`4X=TV1^Wr`;}}|GxyY5$R|LK-H zfBwWff3OXyW(`T+tsHuoz%@N>)9%%q4X%Ch&kB=6e!mCVY3@U^`;go| zWNRO?y${*RBfFQB3~+2W!S!GgbSa8UP?s3>eL}|MzN3Lv1uP7Gd5>S_!{me+K{SE9 zHq74dN0l>7`TjgTsPuthnsxHmXadXZOi~$I{4R*%V6}4RC*1~o$p5!ny~6n)j%$_Y zf8GRM+yC3i#R54M`Q32<%atL(pE(4`>BtF=0e$6W-0gB-wJA2g88%7p?4V1&_mrh; zI~277=cL3wPU)wizMNB9Vuv>UjMQN+lyZkG{T|d|29$D#jDD)>aPhs>C*QIHpoiu6M2mEEBzQ#VxP&dh8}YyK`9HSPF3$gEw~YVa2EO3@ z-_KY@%H#iK^#5w~PmIV3!v5sjtf@0fK8A;iAgep5)J1)9tp6JC^aFh9LH_J0OL|Pk zTYYS2-wa3-vqhTt^GA>+lu$wmC6rJ?2_=+JLJ1|5P(leMlu$wmCHxWLU!*femH>DF E0Q3D=uCfpcRXkSbXqNP z1t?zGF5I&%uG4I`n%yqy*JNik%RlcVQ63pQGEC|33;Rl@nw>2BG`p z%;%_9Lv=Tv)}s_tpQidz!IXm_M4o>igbOG30v|bd!74^BPZ+lBAr<+@}%T{0Y7C^l+x z&FyjqZx$qW*^6BM59b$6c9S#P<%(634Pl$L7fv?|b~>GIp`a>ReOWVY)!Z)cyYZbD zL^VGu)Ua9PqU*c5WVtN%3DmqsUammibx*)xN?fm!r*bVQUsT&=_n(T%>_MZdQ#P+}2?6z2z zW3m13aP89mzXojD|Br4MVY}WsZ=f17oyBtQA~{nLGyuzv!2F~5DX3+tgTSocdk?FS zIE8cIC82o2P-rMR}#82F9L6Kw~Afl#Rx2GJqV%vB7oWOj8Q9p=7vNJRBsWX;GQIg z>I5ln6hYq5_1(~!BYkx@_oh%-@usdHxyXso662yrcb3+5fGc7q6#)kb>`62KhFlNw zvFx)`8vI zT#Hx!Ul}H&Njaq1VB0ClZi>YmeqSvAIo?kXFJ(>V%yjO-@YXQR?$Wd9b8;U-x3+@$ z^it_y5!UVk@KXN64vM!nd?gTAI-#>TqVLDBZ~ez{t#=UoK?u-lbedi8|BY_9QTqSa zfPL#fsvpEZ@loVG_{4jCbVAR$n}c77AE|dkz6(ART$D?lnH*y;9<3f8+$e?|LYEdp zzO#U`ckTnYl_zkcz!a^P5c7hQ2R}S_Mqk!{8xniS!GJY%Xzvp~k)E#*d98)fafv>aoqnIoAfC-oV#(l9%{} z-lpjf@2Bhq`(2(ndSB?twSR;tW*UUE4^)26!!Y!Q$fvid8=@hS3nin~JcdR>lkRA^ z5J6w!$i<_P2jz_(9f)9D7rHm}pfmkU6mBQO6dK38*qj5qTUiy9i6|keR_9QmA__dm zThEFACs+@}@nr0=|KI^S1^dso+s)GczXoKXEir&^U7HeK8(zce?w$YL?fDO=a{j*p zTb#s6)B(nmd}1)eD+JN$l;&+p3oPyCMaTdh{3`24riD);}q3Veb8H?WF)t@}TNyKWf+{E1@#Vo44j0=yBV zd&M#jTnI$ABN4oZEQc@BYlb|ORXz<&kilD0zC7M=R)_1DH?DA6&{UN~FG;>7k2mN? zpdWZET2?=@S1q4UHWQto-v@XTTzY+Pe#r2}X6LJjVQ6R*z4E;&(ca?~Wu1Vcd|#2x zktD8>hNM7G+`?0Sj@E3y12N=bEmskHYRwYp(mosTMT*IiCJHs zrjIk}X3-j9^%*L%M>C;%>-g;0kooU(9LXI=#^>XImSel*`Cq5OwKxvbv0STJ#{aJZ z2alVuS6RpR*GXvH-m$f0Q}t-c-9aeX=HSM7AIKL(qJ&+Q@*6w;(s_W$ejWv2wCA1= z_c3~mg!)K< zJMrLhD-eho){j*djJx!jC7$U>lp*5x}oolHU>T#pi&kR4hTa2MRwlw^(GWyN&uCdQ?vs ztTh5Cz6E-tAr+KKLjwj+32bBWI+_Q465%Q)(?kGT4en%|e|SCP4IM9sB@>zpi~WH- zv~}JZ^{S`8;-n}WpVnP@dHSn4;tgpN3+gbGG+761ufB>x$ZxPiBj|B&LJv z>5`%JQu6xJ4d+-NO-nN*B0O}X7#ahbG}5T;u+5PK7KG48kB~9xo3|#eZLeCzigX;~ zBEldKKm{hC4i-@cAypMnjyf6>jDdaF5mbS!g=|q8@Ds)A`LH(5nV}S2?T3Lgn>tZU z7r|%a)jalc=@~4z)gU&XVJ(wQCW1|#dgRe~buOxA=q_{EY6WxpVu@AImLDe4MB1$S z4itT_^cxr-$AK6ymLnKV1IAKk1Q^XR8Cg8>k1(zVSUo`-<71({ZzEVXpZ(L#`kRgh;tlQv{c~he97Nbm9(HD?oS(Qz`Z%V2Kw_+OX z;?umidjY*hB*%McNl1_RD~TlfyeSJdb&WJTo1VQYIP|k5JUGj|8P;H7#LKE}3I^C< zlS&a3eyop8%0o~j-mt-vhUsa8vDB0ae&|UVh!Q5Ut&ybSXB7#x zMJ5++ysYCV7?i(=8?H!zyY5f~SWyTu>8*+*1zzm=_jYzF+m5^?JWN&a}71-p?^gB?tqHGEw(`qvVOo? zL32PgC%UTBQ9PlYXq%J4K>o4!GbR9ADU-7ZgnVL2Kic>`fHtvuod)>o3HVC`Qj%>9 z1iWLP5aKffWBDhk*I3`%xv8a+ppY13T2UMjNdbhJ# zKd7i=ny{!#Is&UF=!U@SkZ)!)`bIOZc<2#Tq=kQy49%wfN0OQc zX5LDIUlWXcx>hHq{+Np_Fj6{RA>sZY+gh@vRz4@S0P8uJ&rNr&q${0#Ua}2lz2eyx zNY^$y@Gq8FFK4#%)(e{54LERL?ij=|d6aa8SIRuPg#nx(>+oXnoa@ULw&Cea+DdDK z0bOm3dGjjG#mY?Y%l*S|4-rJ1$Cj~g|8JA!-m$Glhi!KN8hHOttKBM}|Gx$l&VQzR zesCmRA3M>%S8nLcT=y%t|8&ZoKY!w#KiGy;vxX$^R`$JDA*INB71GQFp!1dZBkd#F z@!=?D=l&mtd^-vUtpbBXxcq0N7`y|Bd~XU!`+Q$kWa}0>4P4_76UpF3;F_McX?4#V zb*^>xuL_exezybJZtOy`yO7*2WOEm?wF}wKBRdzA3~+2G!F6F0bSR2TP!|~WT|&m> zzN3Lv1uP7Gd5>S_!{me+K{SE9Hq74dN0k#y`TjILsPuth8t3G%-T;=_nWQq7_+1di z!E))&j=BwapZ{+)yX*5m?GAqb4?0}>|JQ(*_W!nXu|Q5mes>(ea%BkcXAS{!I&y?# zKwr5TceC7AZHmorhE392JLr<{J!R?I7DcVVIVrJ=Q~GJBFXxn&*rH88BekCkrQ9M* zzX!FS0j1m`qo1nUUwmiv$+xWbmj$vdn%tMJ_A^)${~sKLil@i_0_48)|7?eR|FPX| zG#gE>jr~8{F2DcuDsWQ#@Erx~R?i`1wbtiV@kSP{?1+IjvDU~+?h|>8^b7qMQ{`kG zoimJ_e4^>C8(hK$;EniieEyGZx7Oc(<+?0A|5twh<5l1b&j0;{Rir%rUq=5gM*qZ! z93kvazRj9CqvT_Fs0gyUg-Tu27svW9@lHR$mmcKLj Date: Fri, 14 Oct 2022 07:02:36 +0000 Subject: [PATCH 07/12] Update changelog --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 12a86ee..ef7d9d2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +omr-server (0.1028) unstable; urgency=medium + + * Many changes + + -- OpenMPTCProuter Fri, 14 Oct 2022 09:02:22 +0200 + omr-server (0.1026) unstable; urgency=medium * Many changes From 4e09734f4163e6c77c91eb848d9593058d588c72 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Sun, 19 Feb 2023 17:52:12 +0000 Subject: [PATCH 08/12] Set syn retries to 4 --- shadowsocks.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shadowsocks.conf b/shadowsocks.conf index d6d760a..0b813e7 100644 --- a/shadowsocks.conf +++ b/shadowsocks.conf @@ -58,6 +58,6 @@ net.ipv4.conf.default.log_martians = 0 # MPTCP settings net.mptcp.mptcp_checksum = 0 -net.mptcp.mptcp_syn_retries = 2 +net.mptcp.mptcp_syn_retries = 4 net.mptcp.mptcp_scheduler = blest net.ipv4.tcp_ecn = 2 From 838d1b69e5028fa82b04f59ed614015c9de021f9 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Sun, 19 Feb 2023 17:52:37 +0000 Subject: [PATCH 09/12] Fix multipath --- multipath | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/multipath b/multipath index 608f08a..23d87e1 100755 --- a/multipath +++ b/multipath @@ -115,29 +115,45 @@ if [ -f /proc/sys/net/mptcp/mptcp_enabled ]; then printf "0x%02x" $(($(($IFF^$(($IFF&$IFF_MASK))))|$FLAG)) > $FLAG_PATH else - ID=$(ip mptcp endpoint show | grep "dev $DEVICE" | awk '{print $3}') - IFF=$(ip mptcp endpoint show | grep "dev $DEVICE" | awk '{print $4}') + ID=$(ip mptcp endpoint show | grep -m 1 "dev $DEVICE" | awk '{print $3}') + IFF=$(ip mptcp endpoint show | grep -m 1 "dev $DEVICE" | awk '{print $4}') IP=$(ip a show $DEVICE | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p') RMID=$(ip mptcp endpoint show | grep '::ffff' | awk '{ print $3 }') [ -n "$RMID" ] && ip mptcp endpoint delete id $RMID 2>&1 >/dev/null case $TYPE in "off") - [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null + [ -n "$ID" ] && { + for i in $ID; do + ip mptcp endpoint delete id $i 2>&1 >/dev/null + done + } exit 0;; "on") - [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null + [ -n "$ID" ] && { + for i in $ID; do + ip mptcp endpoint delete id $i 2>&1 >/dev/null + done + } for i in $IP; do ip mptcp endpoint add $i dev $DEVICE subflow fullmesh done exit 0;; "signal") - [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null + [ -n "$ID" ] && { + for i in $ID; do + ip mptcp endpoint delete id $i 2>&1 >/dev/null + done + } for i in $IP; do - ip mptcp endpoint add $i dev $DEVICE signal fullmesh + ip mptcp endpoint add $i dev $DEVICE signal done exit 0;; "backup") - [ -n "$ID" ] && ip mptcp endpoint delete id $ID 2>&1 >/dev/null + [ -n "$ID" ] && { + for i in $ID; do + ip mptcp endpoint delete id $i 2>&1 >/dev/null + done + } for i in $IP; do ip mptcp endpoint add $i dev $DEVICE backup fullmesh done From 9c3f955a6131346aee2f40a83eb22d994fa8b501 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Sun, 19 Feb 2023 17:53:04 +0000 Subject: [PATCH 10/12] Add 6.1.0 support --- debian9-x86_64.sh | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index e65d32b..3aa4beb 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -7,6 +7,7 @@ # UPSTREAM=${UPSTREAM:-no} +UPSTREAM6=${UPSTREAM6:-no} SHADOWSOCKS_PASS=${SHADOWSOCKS_PASS:-$(head -c 32 /dev/urandom | base64 -w0)} GLORYTUN_PASS=${GLORYTUN_PASS:-$(od -vN "32" -An -tx1 /dev/urandom | tr '[:lower:]' '[:upper:]' | tr -d " \n")} DSVPN_PASS=${DSVPN_PASS:-$(od -vN "32" -An -tx1 /dev/urandom | tr '[:lower:]' '[:upper:]' | tr -d " \n")} @@ -30,7 +31,7 @@ OPENVPN=${OPENVPN:-yes} DSVPN=${DSVPN:-yes} WIREGUARD=${WIREGUARD:-yes} SOURCES=${SOURCES:-no} -if [ "$UPSTREAM" = "yes" ]; then +if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" ]; then SOURCES="yes" fi NOINTERNET=${NOINTERNET:-no} @@ -46,6 +47,11 @@ if [ "$UPSTREAM" = "yes" ]; then KERNEL_PACKAGE_VERSION="1.6" KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_${KERNEL_VERSION}-${KERNEL_PACKAGE_VERSION}" fi +if [ "$UPSTREAM6" = "yes" ]; then + KERNEL_VERSION="6.1.0" + KERNEL_PACKAGE_VERSION="1.30" + KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_${KERNEL_PACKAGE_VERSION}" +fi GLORYTUN_UDP_VERSION="32267e86a6da05b285bb3bf2b136c105dc0af4bb" GLORYTUN_UDP_BINARY_VERSION="0.3.4-5" GLORYTUN_TCP_BINARY_VERSION="0.0.35-3" @@ -63,7 +69,7 @@ V2RAY_VERSION="4.43.0" V2RAY_PLUGIN_VERSION="4.43.0" EASYRSA_VERSION="3.0.6" SHADOWSOCKS_VERSION="7407b214f335f0e2068a8622ef3674d868218e17" -if [ "$UPSTREAM" = "yes" ]; then +if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then SHADOWSOCKS_VERSION="410950d87d8cdf8502d8f59a79dc0ff4c7677543" fi IPROUTE2_VERSION="29da83f89f6e1fe528c59131a01f5d43bcd0a000" @@ -255,6 +261,14 @@ else Pin: origin ${REPO} Pin-Priority: 1001 EOF + if [ "$ID" = "debian" ] && [ "$VERSION_ID" = "11" ]; then + cat <<-EOF | tee /etc/apt/preferences.d/openmptcprouter.pref + Explanation: Prefer libuv1 Debian native package + Package: libuv1 + Pin: version * + Pin-Priority: 1003 + EOF + fi if [ -n "$(echo $OMR_VERSION | grep test)" ]; then echo "deb [arch=amd64] https://${REPO} next main" > /etc/apt/sources.list.d/openmptcprouter-test.list cat <<-EOF | tee /etc/apt/preferences.d/openmptcprouter.pref @@ -358,7 +372,7 @@ apt-get -y -o Dpkg::Options::="--force-overwrite" install tracebox echo "Install iperf3 OpenMPTCProuter edition" apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-iperf3 -if [ "$UPSTREAM" = "yes" ]; then +if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then echo "Compile and install mptcpize..." apt-get -y install --no-install-recommends build-essential cd /tmp @@ -630,7 +644,7 @@ if [ "$OMR_ADMIN" = "yes" ]; then systemctl enable omr-admin-ipv6.service } systemctl enable omr-admin.service - if [ "$UPSTREAM" = "yes" ]; then + if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then mptcpize enable omr-admin.service [ "$(ip -6 a)" != "" ] && mptcpize enable omr-admin-ipv6.service fi @@ -803,7 +817,7 @@ if [ "$V2RAY" = "yes" ]; then fi systemctl daemon-reload systemctl enable v2ray.service - if [ "$UPSTREAM" = "yes" ]; then + if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then mptcpize enable v2ray fi fi @@ -1076,7 +1090,7 @@ if [ "$OPENVPN" = "yes" ]; then mkdir -p /etc/openvpn/ccd systemctl enable openvpn@tun0.service systemctl enable openvpn@tun1.service - if [ "$UPSTREAM" = "yes" ]; then + if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then mptcpize enable openvpn@tun0 fi systemctl enable openvpn@bonding1.service @@ -1192,7 +1206,7 @@ if [ "$DSVPN" = "yes" ]; then apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-dsvpn=${DSVPN_BINARY_VERSION} DSVPN_PASS=$(cat /etc/dsvpn/dsvpn0.key | tr -d "\n") fi - if [ "$UPSTREAM" = "yes" ]; then + if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then mptcpize enable dsvpn-server@dsvpn0 fi fi @@ -1217,13 +1231,13 @@ if [ "$SOURCES" = "yes" ]; then apt-get -y install build-essential pkg-config autoconf automake rm -rf /tmp/glorytun-0.0.35 cd /tmp - if [ "$UPSTREAM" = "yes" ]; then + if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then wget -O /tmp/glorytun-0.0.35.tar.gz https://github.com/Ysurac/glorytun/archive/refs/heads/tcp.tar.gz else wget -O /tmp/glorytun-0.0.35.tar.gz http://github.com/angt/glorytun/releases/download/v0.0.35/glorytun-0.0.35.tar.gz fi tar xzf glorytun-0.0.35.tar.gz - if [ "$UPSTREAM" = "yes" ]; then + if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then mv /tmp/glorytun-tcp /tmp/glorytun-0.0.35 fi cd glorytun-0.0.35 From cc756de52dd3e4495b94cdc01afc7170d4b8b874 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Wed, 1 Mar 2023 19:26:13 +0000 Subject: [PATCH 11/12] Prepare for 0.1029 test --- debian9-x86_64.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index 3aa4beb..9b19d00 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -82,7 +82,7 @@ VPSURL="https://www.openmptcprouter.com/" REPO="repo.openmptcprouter.com" CHINA=${CHINA:-no} -OMR_VERSION="0.1028" +OMR_VERSION="0.1029-test" DIR=$( pwd ) #" From dfdfaa248790773346abe9a1f81a9721f8b872c4 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 10 Mar 2023 18:59:45 +0000 Subject: [PATCH 12/12] Optimize glorytun TCP --- tun0.glorytun | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tun0.glorytun b/tun0.glorytun index a7fd471..2a6c695 100644 --- a/tun0.glorytun +++ b/tun0.glorytun @@ -4,4 +4,4 @@ DEV=tun0 SERVER=true MPTCP=true IPV6=true -OPTIONS="chacha20 retry count -1 const 500000 timeout 5000 keepalive count 5 idle 20 interval 2 buffer-size 32768 multiqueue" \ No newline at end of file +OPTIONS="chacha20 retry count -1 const 5000000 timeout 5000 keepalive count 5 idle 20 interval 2 buffer-size 1024 multiqueue" \ No newline at end of file