diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index cbb7d33..444a169 100755 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -629,6 +629,8 @@ if [ "$OBFS" = "yes" ]; then cd /tmp rm -rf /tmp/simple-obfs else + rm -f /var/lib/dpkg/lock + rm -f /var/lib/dpkg/lock-frontend apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-simple-obfs=${OBFS_BINARY_VERSION} fi #sed -i 's%"mptcp": true%"mptcp": true,\n"plugin": "/usr/local/bin/obfs-server",\n"plugin_opts": "obfs=http;mptcp;fast-open;t=400"%' /etc/shadowsocks-libev/config.json @@ -662,6 +664,8 @@ if [ "$V2RAY_PLUGIN" = "yes" ]; then #cd /tmp #rm -rf /tmp/simple-obfs else + rm -f /var/lib/dpkg/lock + rm -f /var/lib/dpkg/lock-frontend apt-get -y install v2ray-plugin=${V2RAY_PLUGIN_VERSION} fi fi @@ -1188,11 +1192,11 @@ else cp ${DIR}/shorewall4/shorewall.conf /etc/shorewall/shorewall.conf cp ${DIR}/shorewall4/policy /etc/shorewall/policy cp ${DIR}/shorewall4/params /etc/shorewall/params - cp ${DIR}/shorewall4/params.vpn /etc/shorewall/params.vpn - cp ${DIR}/shorewall4/params.net /etc/shorewall/params.net + #cp ${DIR}/shorewall4/params.vpn /etc/shorewall/params.vpn + #cp ${DIR}/shorewall4/params.net /etc/shorewall/params.net cp ${DIR}/shorewall6/params /etc/shorewall6/params - cp ${DIR}/shorewall6/params.net /etc/shorewall6/params.net - cp ${DIR}/shorewall6/params.vpn /etc/shorewall6/params.vpn + #cp ${DIR}/shorewall6/params.net /etc/shorewall6/params.net + #cp ${DIR}/shorewall6/params.vpn /etc/shorewall6/params.vpn cp ${DIR}/shorewall6/interfaces /etc/shorewall6/interfaces cp ${DIR}/shorewall6/stoppedrules /etc/shorewall6/stoppedrules cp ${DIR}/shorewall6/snat /etc/shorewall6/snat diff --git a/omr-pihole.sh b/omr-pihole.sh index 20a023f..0981789 100644 --- a/omr-pihole.sh +++ b/omr-pihole.sh @@ -8,6 +8,11 @@ if [ "$ID" = "debian" ] && [ "$VERSION_ID" = "9" ]; then echo "This script doesn't work with Debian Stretch (9.x)" exit 1 fi +if [ "$(id -u)" -ne 0 ]; then + echo "You must run the script as root" + exit 1 +fi + echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "You can select any interface and set any IPs during Pi-hole configuration, this will be modified for OpenMPTCProuter at the end." echo "Don't apply Pi-hole firewall rules." diff --git a/omr-service b/omr-service index f388c5d..c94e748 100755 --- a/omr-service +++ b/omr-service @@ -42,6 +42,15 @@ _glorytun_tcp() { _dsvpn() { [ -n "$(ip -6 r show 64:ff9b::/96 dev dsvpn0)" ] && ip -6 r del 64:ff9b::/96 dev dsvpn0 2>&1 >/dev/null + if [ -f /etc/openmptcprouter-vps-admin/current-vpn ] && [ "$(cat /etc/openmptcprouter-vps-admin/current-vpn)" = "dsvpn" ]; then + localip="$(cat /etc/dsvpn/dsvpn0 | grep LOCALTUNIP | cut -d '=' -f2)" + [ -z "$localip" ] && localip="10.255.251.1" + remoteip="$(echo $localip | sed 's/\.1/\.2/')" + if [ "$(ping -c 5 -w 5 $remoteip | grep '100%')" != "" ] && [ "$(expr $(date +%s) - $(stat -c %Y /proc/$(pgrep dsvpn)/exe ))" -gt "300" ]; then + logger -t "OMR-Service" "No answer from VPN client end, restart DSVPN" + systemctl restart dsvpn@dsvpn0 + fi + fi } _shadowsocks() { @@ -66,13 +75,15 @@ _omr_api() { _lan_route() { cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -c '.users[0][]' | while IFS=$"\n" read -r c; do - vpnremoteip=$(echo "$c" | jq -r '.vpnremoteip') - if [ -n "$vpnremoteip" ] && [ "$vpnremoteip" != "null" ]; then - echo "$c" | jq -c -r '.lanips[] //empty' | - while IFS=$"\n" read -r d; do - network=$(ipcalc -n $d | grep Network | awk '{print $2}') - [ -n "$network" ] && [ -z "$(ip r show $network via $vpnremoteip)" ] && ip r replace $network via $vpnremoteip 2>&1 >/dev/null - done + if [ -n "$c" ]; then + vpnremoteip=$(echo "$c" | jq -r '.vpnremoteip') + if [ -n "$vpnremoteip" ] && [ "$vpnremoteip" != "null" ]; then + echo "$c" | jq -c -r '.lanips[] //empty' | + while IFS=$"\n" read -r d; do + network=$(ipcalc -n $d | grep Network | awk '{print $2}') + [ -n "$network" ] && [ -z "$(ip r show $network via $vpnremoteip)" ] && ip r replace $network via $vpnremoteip 2>&1 >/dev/null + done + fi fi done } diff --git a/omr-test-speed b/omr-test-speed index 863232f..15666e1 100644 --- a/omr-test-speed +++ b/omr-test-speed @@ -1,8 +1,8 @@ #!/bin/sh # vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 : -OVH=false -if [ "$1" = "ovh" ]; then - OVH=true +HETZNER=false +if [ "$1" = "hetzner" ]; then + HETZNER=true INTERFACE="$2" else INTERFACE="$1" @@ -13,9 +13,9 @@ fi exit 0 } -if [ "$OVH" = false ]; then +if [ "$HETZNER" = false ]; then echo "Select best test server..." - HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://proof.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin" + HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip https://speed.hetzner.de/10GB.bin http://ipv4.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin" bestping="9999" for pinghost in $HOSTLST; do domain=$(echo $pinghost | awk -F/ '{print $3}') @@ -32,7 +32,7 @@ if [ "$OVH" = false ]; then done fi -[ -z "$HOST" ] && HOST="http://proof.ovh.net/files/10Gio.dat" +[ -z "$HOST" ] && HOST="https://speed.hetzner.de/10GB.bin" echo "Best server is $HOST, running test:" trap : HUP INT TERM diff --git a/omr-test-speedv6 b/omr-test-speedv6 index ca3d64d..3db10fe 100644 --- a/omr-test-speedv6 +++ b/omr-test-speedv6 @@ -1,8 +1,8 @@ #!/bin/sh # vim: set noexpandtab tabstop=4 shiftwidth=4 softtabstop=4 : -OVH=false -if [ "$1" = "ovh" ]; then - OVH=true +HETZNER=false +if [ "$1" = "hetzner" ]; then + HETZNER=true INTERFACE="$2" else INTERFACE="$1" @@ -14,9 +14,9 @@ fi } -if [ "$OVH" = false ]; then +if [ "$HETZNER" = false ]; then echo "Select best test server..." - HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip http://www.ovh.net/files/10Gb.dat https://speed.hetzner.de/10GB.bin http://ipv6.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin" + HOSTLST="http://speedtest.frankfurt.linode.com/garbage.php?ckSize=10000 http://speedtest.tokyo2.linode.com/garbage.php?ckSize=10000 http://speedtest.singapore.linode.com/garbage.php?ckSize=10000 http://speedtest.newark.linode.com/garbage.php?ckSize=10000 http://speedtest.atlanta.linode.com/garbage.php?ckSize=10000 http://speedtest.dallas.linode.com/garbage.php?ckSize=10000 http://speedtest.fremont.linode.com/garbage.php?ckSize=10000 http://speedtest.tele2.net/1000GB.zip https://speed.hetzner.de/10GB.bin http://ipv6.bouygues.testdebit.info/10G.iso http://par.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin http://ams.download.datapacket.com/10000mb.bin http://fra.download.datapacket.com/10000mb.bin http://lon.download.datapacket.com/10000mb.bin http://mad.download.datapacket.com/10000mb.bin http://prg.download.datapacket.com/10000mb.bin http://sto.download.datapacket.com/10000mb.bin http://vie.download.datapacket.com/10000mb.bin http://war.download.datapacket.com/10000mb.bin http://atl.download.datapacket.com/10000mb.bin http://chi.download.datapacket.com/10000mb.bin http://lax.download.datapacket.com/10000mb.bin http://mia.download.datapacket.com/10000mb.bin http://nyc.download.datapacket.com/10000mb.bin" bestping="9999" for pinghost in $HOSTLST; do domain=$(echo $pinghost | awk -F/ '{print $3}') @@ -33,7 +33,7 @@ if [ "$OVH" = false ]; then done fi -[ -z "$HOST" ] && HOST="http://proof.ovh.net/files/10Gio.dat" +[ -z "$HOST" ] && HOST="https://speed.hetzner.de/10GB.bin" echo "Best server is $HOST, running test:" trap : HUP INT TERM diff --git a/openmptcprouter-shorewall6.tar.gz b/openmptcprouter-shorewall6.tar.gz index d5769fa..eeb36f2 100644 Binary files a/openmptcprouter-shorewall6.tar.gz and b/openmptcprouter-shorewall6.tar.gz differ diff --git a/shorewall6/params.vpn b/shorewall6/params.vpn index e69de29..a7a7058 100644 --- a/shorewall6/params.vpn +++ b/shorewall6/params.vpn @@ -0,0 +1 @@ +OMR_ADDR=fe80::a00:2