From 2b042ee3521eb1a0e55ac8e8af99c14123748eab Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 2 Apr 2024 16:31:03 +0200 Subject: [PATCH 1/4] Start openmptcprouter-vps is never correctly run on VPS --- omr-schedule/files/usr/share/omr/schedule.d/010-services | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/omr-schedule/files/usr/share/omr/schedule.d/010-services b/omr-schedule/files/usr/share/omr/schedule.d/010-services index acbbed0fbe..dcb6c5ced4 100755 --- a/omr-schedule/files/usr/share/omr/schedule.d/010-services +++ b/omr-schedule/files/usr/share/omr/schedule.d/010-services @@ -217,7 +217,7 @@ if [ "$(pgrep -f openmptcprouter-vps)" = "" ] && [ "$(uci -q show openmptcproute /etc/init.d/openmptcprouter-vps token >/dev/null 2>&1 & sleep 5 fi -if [ "$(pgrep -f openmptcprouter-vps)" = "" ] && ([ "$(uci -q show openmptcprouter | grep get_config=\'1\')" != "" ] || [ "$(uci -q show openmptcprouter | grep admin_error=\'1\')" != "" ]); then +if [ "$(pgrep -f openmptcprouter-vps)" = "" ] && ([ -z "$(uci -q show openmptcprouter | grep get_config)" ] || [ "$(uci -q show openmptcprouter | grep get_config=\'1\')" != "" ] || [ "$(uci -q show openmptcprouter | grep admin_error=\'1\')" != "" ]); then /etc/init.d/openmptcprouter-vps restart >/dev/null 2>&1 & sleep 5 fi From 178481a7494ddc7ca72eeaa2982ff66c5d839710 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 2 Apr 2024 16:31:50 +0200 Subject: [PATCH 2/4] Check if proxy config exist or not before actions on openmptcprouter-vps --- .../files/etc/init.d/openmptcprouter-vps | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index a0a3b365af..e4c98e048b 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -510,7 +510,7 @@ _get_vps_config() { ip6resolve="$(resolveip -6 $vpsip | head -n 1)" [ -n "$ip6resolve" ] && vpsip="$ip6resolve" fi - if [ "$(uci -q get shadowsocks-libev.sss0.server)" != "127.0.0.1" ] && [ "$(uci -q get shadowsocks-libev.sss0.server)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then + if [ -n "$(uci -q get shadowsocks-libev.sss0)" ] && [ "$(uci -q get shadowsocks-libev.sss0.server)" != "127.0.0.1" ] && [ "$(uci -q get shadowsocks-libev.sss0.server)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then config_foreach _set_ss_server server "server" $vpsip uci -q batch <<-EOF >/dev/null set shadowsocks-libev.sss0.server="$vpsip" @@ -521,7 +521,7 @@ _get_vps_config() { /etc/init.d/shadowsocks-libev restart fi fi - if [ "$(uci -q get shadowsocks-rust.sss0.server)" != "127.0.0.1" ] && [ "$(uci -q get shadowsocks-rust.sss0.server)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then + if [ -n "$(uci -q get shadowsocks-rust.sss0)" ] && [ "$(uci -q get shadowsocks-rust.sss0.server)" != "127.0.0.1" ] && [ "$(uci -q get shadowsocks-rust.sss0.server)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then config_foreach _set_ssrust_server server "server" $vpsip uci -q batch <<-EOF >/dev/null set shadowsocks-rust.sss0.server="$vpsip" @@ -532,7 +532,7 @@ _get_vps_config() { /etc/init.d/shadowsocks-rust restart fi fi - if [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ] && [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then + if [ -n "$(uci -q get v2ray.omrout)" ] && [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "127.0.0.1" ] && [ "$(uci -q get v2ray.omrout.s_vmess_address)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then uci -q batch <<-EOF >/dev/null set v2ray.omrout.s_vmess_address="$vpsip" set v2ray.omrout.s_vless_address="$vpsip" @@ -545,7 +545,7 @@ _get_vps_config() { /etc/init.d/v2ray restart fi fi - if [ "$(uci -q get xray.omrout.s_vmess_address)" != "127.0.0.1" ] && [ "$(uci -q get xray.omrout.s_vmess_address)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then + if [ -n "$(uci -q get xray.omrout)" ] && [ "$(uci -q get xray.omrout.s_vmess_address)" != "127.0.0.1" ] && [ "$(uci -q get xray.omrout.s_vmess_address)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then uci -q batch <<-EOF >/dev/null set xray.omrout.s_vmess_address="$vpsip" set xray.omrout.s_vless_address="$vpsip" @@ -560,7 +560,7 @@ _get_vps_config() { /etc/init.d/xray restart fi fi - if [ "$(uci -q get openvpn.omr.remote)" != "127.0.0.1" ] && [ "$(uci -q get openvpn.omr.remote)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then + if [ -n "$(uci -q get openvpn.omr)" ] && [ "$(uci -q get openvpn.omr.remote)" != "127.0.0.1" ] && [ "$(uci -q get openvpn.omr.remote)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then uci -q batch <<-EOF >/dev/null set openvpn.omr.remote="$vpsip" commit openvpn @@ -573,7 +573,7 @@ _get_vps_config() { port="$(echo "$vps_config" | jsonfilter -q -e '@.dsvpn.port')" localip="$(echo "$vps_config" | jsonfilter -q -e '@.dsvpn.client_ip')" remoteip="$(echo "$vps_config" | jsonfilter -q -e '@.dsvpn.host_ip')" - if ([ "$(uci -q get dsvpn.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get dsvpn.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]) || [ "$(uci -q get dsvpn.vpn.port)" != "$port" ] || [ "$(uci -q get dsvpn.vpn.localip)" != "$localip" ] || [ "$(uci -q get dsvpn.vpn.remoteip)" != "$remoteip" ]; then + if [ -n "$(uci -q get dsvpn.vpn)" ] && ([ "$(uci -q get dsvpn.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get dsvpn.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]) || [ "$(uci -q get dsvpn.vpn.port)" != "$port" ] || [ "$(uci -q get dsvpn.vpn.localip)" != "$localip" ] || [ "$(uci -q get dsvpn.vpn.remoteip)" != "$remoteip" ]; then uci -q batch <<-EOF >/dev/null set dsvpn.vpn.port=$port set dsvpn.vpn.localip=$localip @@ -587,7 +587,7 @@ _get_vps_config() { fi fi - if [ "$(uci -q get mlvpn.general.host)" != "127.0.0.1" ] && [ "$(uci -q get mlvpn.general.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ] && [ -f /etc/init.d/mlvpn ]; then + if [ -n "$(uci -q get mlvpn.general)" ] && [ "$(uci -q get mlvpn.general.host)" != "127.0.0.1" ] && [ "$(uci -q get mlvpn.general.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ] && [ -f /etc/init.d/mlvpn ]; then uci -q batch <<-EOF >/dev/null set mlvpn.general=mlvpn set mlvpn.general.host="$vpsip" @@ -598,13 +598,13 @@ _get_vps_config() { /etc/init.d/mlvpn restart fi fi - if [ "$(uci -q get glorytun.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get glorytun.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then + if [ -n "$(uci -q get glorytun.vpn)" ] && [ "$(uci -q get glorytun.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get glorytun.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then uci -q batch <<-EOF >/dev/null set glorytun.vpn.host="$vpsip" EOF glorytun_change=1 fi - if [ "$(uci -q get glorytun-udp.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get glorytun-udp.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then + if [ -n "$(uci -q get glorytun-udp.vpn)" ] && [ "$(uci -q get glorytun-udp.vpn.host)" != "127.0.0.1" ] && [ "$(uci -q get glorytun-udp.vpn.host)" != "$vpsip" ] && [ "$(uci -q get openmptcprouter.settings.ha)" != "1" ]; then uci -q batch <<-EOF >/dev/null set glorytun-udp.vpn.host="$vpsip" EOF @@ -1572,7 +1572,7 @@ _set_config_from_vps() { #[ -z "$shadowsocks_disabled" ] && shadowsocks_disabled=0 ss_key="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.key')" ss_key="$(echo $ss_key | sed 's/-/+/g; s/_/\//g;')" - if [ -n "$ss_key" ] && [ "$ss_key" != "$(uci -q get shadowsocks-libev.sss0.key)" ]; then + if [ -n "$ss_key" ] && [ "$ss_key" != "$(uci -q get shadowsocks-libev.sss0.key)" ] && [ -n "$(uci -q get shadowsocks-libev.sss0)" ]; then ss_method="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.method')" ss_port="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.port')" ss_ebpf="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks.ebpf')" @@ -1630,7 +1630,7 @@ _set_config_from_vps() { #shadowsocks_disabled="$(uci -q get openmptcprouter.settings.shadowsocks_disable)" #[ -z "$shadowsocks_disabled" ] && shadowsocks_disabled=0 ssgo_sskey="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks_go.config.password')" - if [ -n "$ssgo_sskey" ] && [ "$ssgo_sskey" != "$(uci -q get shadowsocks-rust.sss0.password)" ]; then + if [ -n "$ssgo_sskey" ] && [ "$ssgo_sskey" != "$(uci -q get shadowsocks-rust.sss0.password)" ] && [ -n "$(uci -q get shadowsocks-rust.sss0)" ]; then ss_method="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks_go.config.protocol')" ss_port="65280" #ss_fast_open="$(echo "$vps_config" | jsonfilter -q -e '@.shadowsocks-rust.fast_open')" @@ -2282,7 +2282,7 @@ _config_service() { [ -z "$(_set_vpn_vps)" ] && error=1 [ -z "$(_set_proxy_vps)" ] && error=1 fi - [ "$(uci -q get shadowsocks-libev.sss0.key)" = "" ] && [ "$(uci -q get shadowsocks-rust.sss0.key)" = "" ] && uci -q set openmptcprouter.${servername}.get_config=1 + ([ -n "$(uci -q get shadowsocks-libev.sss0)" ] || [ -n "$(uci -q get shadowsocks-rust.sss0)" ]) && [ "$(uci -q get shadowsocks-libev.sss0.key)" = "" ] && [ "$(uci -q get shadowsocks-rust.sss0.key)" = "" ] && uci -q set openmptcprouter.${servername}.get_config=1 #_set_pihole [ -n "$wanips" ] && _set_wan_ip From 4e01f6563ed9b569f86531ea9d866d190b59e01b Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 2 Apr 2024 20:33:31 +0200 Subject: [PATCH 3/4] Disable ndpi for kernel 6.6 --- ndpi-netfilter2/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ndpi-netfilter2/Makefile b/ndpi-netfilter2/Makefile index 50ddd78ade..a066187855 100644 --- a/ndpi-netfilter2/Makefile +++ b/ndpi-netfilter2/Makefile @@ -41,7 +41,7 @@ define Package/iptables-mod-ndpi # DEPENDS:=+iptables +iptables-mod-conntrack-extra +kmod-ipt-ndpi +libpcap # DEPENDS:=+iptables +kmod-ipt-ndpi +libpcap @(LINUX_5_4||LINUX_5_15||TARGET_x86_64) # DEPENDS:=+iptables +kmod-ipt-ndpi +libpcap @(LINUX_5_4||LINUX_5_15) @!TARGET_ramips - DEPENDS:=+iptables +kmod-ipt-ndpi +libpcap @!TARGET_ramips + DEPENDS:=+iptables +kmod-ipt-ndpi +libpcap @!TARGET_ramips @!LINUX_6_6 MAINTAINER:=Ycarus (Yannick Chabanois) endef @@ -83,7 +83,7 @@ define KernelPackage/ipt-ndpi TITLE:= nDPI net netfilter module # DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +kmod-ipt-compat-xtables +libpcap @(LINUX_5_4||LINUX_5_15||TARGET_x86_64) # DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +kmod-ipt-compat-xtables +libpcap @(LINUX_5_4||LINUX_5_15) @!TARGET_ramips - DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +(LINUX_5_4||LINUX_6_1):kmod-ipt-compat-xtables +libpcap @!TARGET_ramips + DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +(LINUX_5_4||LINUX_6_1):kmod-ipt-compat-xtables +libpcap @!TARGET_ramips @!LINUX_6_6 # DEPENDS:=+kmod-nf-conntrack +kmod-nf-conntrack-netlink +kmod-ipt-compat-xtables +libpcap KCONFIG:=CONFIG_NF_CONNTRACK_LABELS=y \ CONFIG_NETFILTER_XT_MATCH_CONNLABEL=y From 1b182489c238159f626994fe3791810758377365 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 2 Apr 2024 20:34:37 +0200 Subject: [PATCH 4/4] Disable ndpi for kernel 6.6 --- openmptcprouter-full/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openmptcprouter-full/Makefile b/openmptcprouter-full/Makefile index 9422b75a62..dacbdf1bd0 100644 --- a/openmptcprouter-full/Makefile +++ b/openmptcprouter-full/Makefile @@ -85,7 +85,7 @@ MY_DEPENDS := \ luci-theme-openwrt-2020 luci-proto-wireguard luci-app-wireguard kmod-crypto-lib-blake2s (TARGET_x86||TARGET_x86_64):kmod-r8125 \ !(LINUX_5_4):mptcpd (TARGET_x86||TARGET_x86_64):kmod-igc !TARGET_mvebu:kmod-mmc-spi kmod-macsec usbutils v2ray-core LINUX_5_4:v2ray-config !LINUX_5_4:v2ray-config-nft syslogd \ (TARGET_x86||TARGET_x86_64):kmod-mlx4-core \ - !(TARGET_ips40xx||TARGET_ramips):iptables-mod-ndpi !(TARGET_ips40xx||TARGET_ramips):kmod-ipt-ndpi libip4tc libip6tc \ + !(TARGET_ips40xx||TARGET_ramips||KERNEL_6_6):iptables-mod-ndpi !(TARGET_ips40xx||TARGET_ramips||KERNEL_6_6):kmod-ipt-ndpi libip4tc libip6tc \ xray-core LINUX_5_4:xray-config !LINUX_5_4:xray-config-nft (LINUX_5_4&&(TARGET_x86_64||aarch64)):kmod-tcp-bbr2 kmod-ovpn-dco-v2 \ shadowsocks-rust-sslocal shadowsocks-rust-ssservice LINUX_5_4:shadowsocks-rust-config !LINUX_5_4:shadowsocks-rust-config-nft luci-app-shadowsocks-rust \ luci-proto-external omr-schedule jq luci-app-ddns