From be8f287aaaa9f6ffba3e04e630606be162abfe18 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 14 Jul 2020 10:59:44 +0200 Subject: [PATCH 01/26] mwan3: move redirect error output to trash This suppress the following output on `mwan3 restart`: > Dump terminated Signed-off-by: Florian Eckert (cherry picked from commit facf8ea299b185a82ae803d68e2b54a9599d8c14) --- net/mwan3/files/lib/mwan3/mwan3.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 64b07d658..4e8ff99cf 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -46,7 +46,7 @@ mwan3_rtmon_ipv4() idx=$((idx+1)) tid=$idx [ "$(uci get mwan3.@interface[$((idx-1))].family)" = "ipv4" ] && { - tbl=$($IP4 route list table $tid) + tbl=$($IP4 route list table $tid 2>/dev/null) if echo "$tbl" | grep -q ^default; then (echo "$tbl" | grep -v "^default\|linkdown" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv4.$tid cat /tmp/mwan3rtmon/ipv4.$tid | grep -v -x -F -f /tmp/mwan3rtmon/ipv4.main | while read line; do @@ -79,7 +79,7 @@ mwan3_rtmon_ipv6() idx=$((idx+1)) tid=$idx [ "$(uci get mwan3.@interface[$((idx-1))].family)" = "ipv6" ] && { - tbl=$($IP6 route list table $tid) + tbl=$($IP6 route list table $tid 2>/dev/null) if echo "$tbl" | grep -q "^default\|^::/0"; then (echo "$tbl" | grep -v "^default\|^::/0\|^unreachable" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv6.$tid cat /tmp/mwan3rtmon/ipv6.$tid | grep -v -x -F -f /tmp/mwan3rtmon/ipv6.main | while read line; do From 3443eb3c7dbc6992dfb7d913d09364b00253dfcf Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 14 Jul 2020 09:24:28 +0200 Subject: [PATCH 02/26] mwan3: fix shellcheck warning SC2039 Replace all `==` with `=`. Signed-off-by: Florian Eckert (cherry picked from commit 0ed7524f810c5d994b7fd1d24be77f0469c8ccdc) --- net/mwan3/files/lib/mwan3/mwan3.sh | 48 +++++++++++++++--------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 4e8ff99cf..adfaeb79d 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -192,7 +192,7 @@ mwan3_get_iface_id() mwan3_get_id() { let _iface_count++ - [ "$1" == "$_iface" ] && _tmp=$_iface_count + [ "$1" = "$_iface" ] && _tmp=$_iface_count } config_foreach mwan3_get_id interface export "$1=$_tmp" @@ -396,7 +396,7 @@ mwan3_create_iface_iptables() [ -n "$id" ] || return 0 - if [ "$family" == "ipv4" ]; then + if [ "$family" = "ipv4" ]; then $IPS -! create mwan3_connected list:set if ! $IPT4 -S mwan3_ifaces_in &> /dev/null; then @@ -428,7 +428,7 @@ mwan3_create_iface_iptables() -j mwan3_iface_in_$1 fi - if [ "$family" == "ipv6" ]; then + if [ "$family" = "ipv6" ]; then $IPS -! create mwan3_connected_v6 hash:net family inet6 if ! $IPT6 -S mwan3_ifaces_in &> /dev/null; then @@ -462,7 +462,7 @@ mwan3_delete_iface_iptables() { config_get family $1 family ipv4 - if [ "$family" == "ipv4" ]; then + if [ "$family" = "ipv4" ]; then $IPT4 -D mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ @@ -471,7 +471,7 @@ mwan3_delete_iface_iptables() $IPT4 -X mwan3_iface_in_$1 &> /dev/null fi - if [ "$family" == "ipv6" ]; then + if [ "$family" = "ipv6" ]; then $IPT6 -D mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ @@ -490,7 +490,7 @@ mwan3_create_iface_route() [ -n "$id" ] || return 0 - if [ "$family" == "ipv4" ]; then + if [ "$family" = "ipv4" ]; then if ubus call network.interface.${1}_4 status &>/dev/null; then network_get_gateway route_args ${1}_4 else @@ -513,7 +513,7 @@ mwan3_create_iface_route() mwan3_rtmon_ipv4 fi - if [ "$family" == "ipv6" ]; then + if [ "$family" = "ipv6" ]; then if ubus call network.interface.${1}_6 status &>/dev/null; then network_get_gateway6 route_args ${1}_6 else @@ -546,11 +546,11 @@ mwan3_delete_iface_route() [ -n "$id" ] || return 0 - if [ "$family" == "ipv4" ]; then + if [ "$family" = "ipv4" ]; then $IP4 route flush table $id fi - if [ "$family" == "ipv6" ]; then + if [ "$family" = "ipv6" ]; then $IP6 route flush table $id fi } @@ -564,7 +564,7 @@ mwan3_create_iface_rules() [ -n "$id" ] || return 0 - if [ "$family" == "ipv4" ]; then + if [ "$family" = "ipv4" ]; then while [ -n "$($IP4 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do $IP4 rule del pref $(($id+1000)) @@ -578,7 +578,7 @@ mwan3_create_iface_rules() $IP4 rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup $id fi - if [ "$family" == "ipv6" ]; then + if [ "$family" = "ipv6" ]; then while [ -n "$($IP6 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do $IP6 rule del pref $(($id+1000)) @@ -602,7 +602,7 @@ mwan3_delete_iface_rules() [ -n "$id" ] || return 0 - if [ "$family" == "ipv4" ]; then + if [ "$family" = "ipv4" ]; then while [ -n "$($IP4 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do $IP4 rule del pref $(($id+1000)) @@ -613,7 +613,7 @@ mwan3_delete_iface_rules() done fi - if [ "$family" == "ipv6" ]; then + if [ "$family" = "ipv6" ]; then while [ -n "$($IP6 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do $IP6 rule del pref $(($id+1000)) @@ -698,7 +698,7 @@ mwan3_set_policy() config_get family $iface family ipv4 - if [ "$family" == "ipv4" ]; then + if [ "$family" = "ipv4" ]; then if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then if [ "$metric" -lt "$lowest_metric_v4" ]; then @@ -746,7 +746,7 @@ mwan3_set_policy() fi fi - if [ "$family" == "ipv6" ]; then + if [ "$family" = "ipv6" ]; then if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then if [ "$metric" -lt "$lowest_metric_v6" ]; then @@ -858,7 +858,7 @@ mwan3_set_sticky_iptables() for iface in $($IPT4 -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do - if [ "$iface" == "$1" ]; then + if [ "$iface" = "$1" ]; then mwan3_get_iface_id id $1 @@ -929,11 +929,11 @@ mwan3_set_user_iptables_rule() fi if [ -n "$use_policy" ]; then - if [ "$use_policy" == "default" ]; then + if [ "$use_policy" = "default" ]; then policy="MARK --set-xmark $MMX_DEFAULT/$MMX_MASK" - elif [ "$use_policy" == "unreachable" ]; then + elif [ "$use_policy" = "unreachable" ]; then policy="MARK --set-xmark $MMX_UNREACHABLE/$MMX_MASK" - elif [ "$use_policy" == "blackhole" ]; then + elif [ "$use_policy" = "blackhole" ]; then policy="MARK --set-xmark $MMX_BLACKHOLE/$MMX_MASK" else if [ "$sticky" -eq 1 ]; then @@ -989,8 +989,8 @@ mwan3_set_user_iptables_rule() fi fi for IPT in "$IPT4" "$IPT6"; do - [ "$family" == "ipv4" ] && [ "$IPT" == "$IPT6" ] && continue - [ "$family" == "ipv6" ] && [ "$IPT" == "$IPT4" ] && continue + [ "$family" = "ipv4" ] && [ "$IPT" = "$IPT6" ] && continue + [ "$family" = "ipv6" ] && [ "$IPT" = "$IPT4" ] && continue [ "$global_logging" = "1" ] && [ "$rule_logging" = "1" ] && { $IPT -A mwan3_rules \ -p $proto \ @@ -1057,12 +1057,12 @@ mwan3_report_iface_status() config_get enabled "$1" enabled 0 config_get family "$1" family ipv4 - if [ "$family" == "ipv4" ]; then + if [ "$family" = "ipv4" ]; then IP="$IP4" IPT="$IPT4" fi - if [ "$family" == "ipv6" ]; then + if [ "$family" = "ipv6" ]; then IP="$IP6" IPT="$IPT6" fi @@ -1079,7 +1079,7 @@ mwan3_report_iface_status() [ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ] || \ [ -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then result="error" - elif [ "$enabled" == "1" ]; then + elif [ "$enabled" = "1" ]; then result="offline" else result="disabled" From c0b111feabf08790347e84c9ff426de0f2a5007f Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 14 Jul 2020 09:42:17 +0200 Subject: [PATCH 03/26] mwan3: remove unused variable complained by shellcheck Signed-off-by: Florian Eckert (cherry picked from commit 644d9a25df0f352ff93646b50d5305b9837f4371) --- net/mwan3/files/lib/mwan3/mwan3.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index adfaeb79d..3c4f25cc4 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -1146,8 +1146,6 @@ mwan3_report_policies_v6() mwan3_report_connected_v4() { - local address - if [ -n "$($IPT4 -S mwan3_connected 2> /dev/null)" ]; then $IPS -o save list mwan3_connected_v4 | grep add | cut -d " " -f 3 fi @@ -1155,8 +1153,6 @@ mwan3_report_connected_v4() mwan3_report_connected_v6() { - local address - if [ -n "$($IPT6 -S mwan3_connected 2> /dev/null)" ]; then $IPS -o save list mwan3_connected_v6 | grep add | cut -d " " -f 3 fi From 7d0f2cdb63b389828dc85802d5cc8e7f762db1b8 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 14 Jul 2020 11:47:15 +0200 Subject: [PATCH 04/26] mwan3: fix shellcheck warning SC2166 Replace -o boolean check with ||. Signed-off-by: Florian Eckert (cherry picked from commit c0fdfaa17490f5e67bc24a326f10af1c7d0201cf) --- net/mwan3/files/lib/mwan3/mwan3.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 3c4f25cc4..6c8e50080 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -1067,7 +1067,7 @@ mwan3_report_iface_status() IPT="$IPT6" fi - if [ -z "$id" -o -z "$device" ]; then + if [ -z "$id" ] || [ -z "$device" ]; then result="offline" elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" ] && \ [ -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" ] && \ From db3c8326fed37052c6575bb910fb6715ccb299c6 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 14 Jul 2020 10:46:24 +0200 Subject: [PATCH 05/26] mwan3: fix shellcheck warning SC2086 Add double quote to prevent globbing and word splitting where there is no regression. Signed-off-by: Florian Eckert (cherry picked from commit feae9e57423897e14dfb9f45f2defb97f480a731) --- net/mwan3/files/lib/mwan3/mwan3.sh | 270 ++++++++++++++--------------- 1 file changed, 135 insertions(+), 135 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 6c8e50080..fd9f9fc41 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -204,7 +204,7 @@ mwan3_set_custom_ipset_v4() for custom_network_v4 in $($IP4 route list table "$1" | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do $LOG notice "Adding network $custom_network_v4 from table $1 to mwan3_custom_v4 ipset" - $IPS -! add mwan3_custom_v4_temp $custom_network_v4 + $IPS -! add mwan3_custom_v4_temp "$custom_network_v4" done } @@ -214,7 +214,7 @@ mwan3_set_custom_ipset_v6() for custom_network_v6 in $($IP6 route list table "$1" | awk '{print $1}' | egrep "$IPv6_REGEX"); do $LOG notice "Adding network $custom_network_v6 from table $1 to mwan3_custom_v6 ipset" - $IPS -! add mwan3_custom_v6_temp $custom_network_v6 + $IPS -! add mwan3_custom_v6_temp "$custom_network_v6" done } @@ -246,11 +246,11 @@ mwan3_set_connected_iptables() $IPS create mwan3_connected_v4_temp hash:net for connected_network_v4 in $($IP4 route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do - $IPS -! add mwan3_connected_v4_temp $connected_network_v4 + $IPS -! add mwan3_connected_v4_temp "$connected_network_v4" done for connected_network_v4 in $($IP4 route list table 0 | awk '{print $2}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do - $IPS -! add mwan3_connected_v4_temp $connected_network_v4 + $IPS -! add mwan3_connected_v4_temp "$connected_network_v4" done $IPS add mwan3_connected_v4_temp 224.0.0.0/3 @@ -262,7 +262,7 @@ mwan3_set_connected_iptables() $IPS create mwan3_connected_v6_temp hash:net family inet6 for connected_network_v6 in $($IP6 route | awk '{print $1}' | egrep "$IPv6_REGEX"); do - $IPS -! add mwan3_connected_v6_temp $connected_network_v6 + $IPS -! add mwan3_connected_v6_temp "$connected_network_v6" done $IPS swap mwan3_connected_v6_temp mwan3_connected_v6 @@ -275,7 +275,7 @@ mwan3_set_connected_iptables() $IPS -! create mwan3_source_v6 hash:net family inet6 $IPS create mwan3_source_v6_temp hash:net family inet6 for source_network_v6 in $($IP6 addr ls | sed -ne 's/ *inet6 \([^ \/]*\).* scope global.*/\1/p'); do - $IPS -! add mwan3_source_v6_temp $source_network_v6 + $IPS -! add mwan3_source_v6_temp "$source_network_v6" done $IPS swap mwan3_source_v6_temp mwan3_source_v6 $IPS destroy mwan3_source_v6_temp @@ -360,7 +360,7 @@ mwan3_set_general_iptables() fi $IPT -A mwan3_hook \ - -j CONNMARK --restore-mark --nfmask $MMX_MASK --ctmask $MMX_MASK + -j CONNMARK --restore-mark --nfmask "$MMX_MASK" --ctmask "$MMX_MASK" $IPT -A mwan3_hook \ -m mark --mark 0x0/$MMX_MASK \ -j mwan3_ifaces_in @@ -371,7 +371,7 @@ mwan3_set_general_iptables() -m mark --mark 0x0/$MMX_MASK \ -j mwan3_rules $IPT -A mwan3_hook \ - -j CONNMARK --save-mark --nfmask $MMX_MASK --ctmask $MMX_MASK + -j CONNMARK --save-mark --nfmask "$MMX_MASK" --ctmask "$MMX_MASK" $IPT -A mwan3_hook \ -m mark ! --mark $MMX_DEFAULT/$MMX_MASK \ -j mwan3_connected @@ -391,8 +391,8 @@ mwan3_create_iface_iptables() { local id family - config_get family $1 family ipv4 - mwan3_get_iface_id id $1 + config_get family "$1" family ipv4 + mwan3_get_iface_id id "$1" [ -n "$id" ] || return 0 @@ -403,29 +403,29 @@ mwan3_create_iface_iptables() $IPT4 -N mwan3_ifaces_in fi - if ! $IPT4 -S mwan3_iface_in_$1 &> /dev/null; then - $IPT4 -N mwan3_iface_in_$1 + if ! $IPT4 -S "mwan3_iface_in_$1" &> /dev/null; then + $IPT4 -N "mwan3_iface_in_$1" fi - $IPT4 -F mwan3_iface_in_$1 - $IPT4 -A mwan3_iface_in_$1 \ - -i $2 \ + $IPT4 -F "mwan3_iface_in_$1" + $IPT4 -A "mwan3_iface_in_$1" \ + -i "$2" \ -m set --match-set mwan3_connected src \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "default" \ -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK - $IPT4 -A mwan3_iface_in_$1 \ - -i $2 \ + $IPT4 -A "mwan3_iface_in_$1" \ + -i "$2" \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "$1" \ -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK $IPT4 -D mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ - -j mwan3_iface_in_$1 &> /dev/null + -j "mwan3_iface_in_$1" &> /dev/null $IPT4 -A mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ - -j mwan3_iface_in_$1 + -j "mwan3_iface_in_$1" fi if [ "$family" = "ipv6" ]; then @@ -435,49 +435,49 @@ mwan3_create_iface_iptables() $IPT6 -N mwan3_ifaces_in fi - if ! $IPT6 -S mwan3_iface_in_$1 &> /dev/null; then - $IPT6 -N mwan3_iface_in_$1 + if ! $IPT6 -S "mwan3_iface_in_$1" &> /dev/null; then + $IPT6 -N "mwan3_iface_in_$1" fi - $IPT6 -F mwan3_iface_in_$1 - $IPT6 -A mwan3_iface_in_$1 -i $2 \ + $IPT6 -F "mwan3_iface_in_$1" + $IPT6 -A "mwan3_iface_in_$1" -i "$2" \ -m set --match-set mwan3_connected_v6 src \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "default" \ -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK - $IPT6 -A mwan3_iface_in_$1 -i $2 -m mark --mark 0x0/$MMX_MASK \ + $IPT6 -A "mwan3_iface_in_$1" -i "$2" -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "$1" \ -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK $IPT6 -D mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ - -j mwan3_iface_in_$1 &> /dev/null + -j "mwan3_iface_in_$1" &> /dev/null $IPT6 -A mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ - -j mwan3_iface_in_$1 + -j "mwan3_iface_in_$1" fi } mwan3_delete_iface_iptables() { - config_get family $1 family ipv4 + config_get family "$1" family ipv4 if [ "$family" = "ipv4" ]; then $IPT4 -D mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ - -j mwan3_iface_in_$1 &> /dev/null - $IPT4 -F mwan3_iface_in_$1 &> /dev/null - $IPT4 -X mwan3_iface_in_$1 &> /dev/null + -j "mwan3_iface_in_$1" &> /dev/null + $IPT4 -F "mwan3_iface_in_$1" &> /dev/null + $IPT4 -X "mwan3_iface_in_$1" &> /dev/null fi if [ "$family" = "ipv6" ]; then $IPT6 -D mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ - -j mwan3_iface_in_$1 &> /dev/null - $IPT6 -F mwan3_iface_in_$1 &> /dev/null - $IPT6 -X mwan3_iface_in_$1 &> /dev/null + -j "mwan3_iface_in_$1" &> /dev/null + $IPT6 -F "mwan3_iface_in_$1" &> /dev/null + $IPT6 -X "mwan3_iface_in_$1" &> /dev/null fi } @@ -541,17 +541,17 @@ mwan3_delete_iface_route() { local id - config_get family $1 family ipv4 - mwan3_get_iface_id id $1 + config_get family "$1" family ipv4 + mwan3_get_iface_id id "$1" [ -n "$id" ] || return 0 if [ "$family" = "ipv4" ]; then - $IP4 route flush table $id + $IP4 route flush table "$id" fi if [ "$family" = "ipv6" ]; then - $IP6 route flush table $id + $IP6 route flush table "$id" fi } @@ -559,8 +559,8 @@ mwan3_create_iface_rules() { local id family - config_get family $1 family ipv4 - mwan3_get_iface_id id $1 + config_get family "$1" family ipv4 + mwan3_get_iface_id id "$1" [ -n "$id" ] || return 0 @@ -574,8 +574,8 @@ mwan3_create_iface_rules() $IP4 rule del pref $(($id+2000)) done - $IP4 rule add pref $(($id+1000)) iif $2 lookup $id - $IP4 rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup $id + $IP4 rule add pref $(($id+1000)) iif "$2" lookup "$id" + $IP4 rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup "$id" fi if [ "$family" = "ipv6" ]; then @@ -588,8 +588,8 @@ mwan3_create_iface_rules() $IP6 rule del pref $(($id+2000)) done - $IP6 rule add pref $(($id+1000)) iif $2 lookup $id - $IP6 rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup $id + $IP6 rule add pref $(($id+1000)) iif "$2" lookup "$id" + $IP6 rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup "$id" fi } @@ -597,8 +597,8 @@ mwan3_delete_iface_rules() { local id family - config_get family $1 family ipv4 - mwan3_get_iface_id id $1 + config_get family "$1" family ipv4 + mwan3_get_iface_id id "$1" [ -n "$id" ] || return 0 @@ -629,13 +629,13 @@ mwan3_delete_iface_ipset_entries() { local id setname entry - mwan3_get_iface_id id $1 + mwan3_get_iface_id id "$1" [ -n "$id" ] || return 0 for setname in $(ipset -n list | grep ^mwan3_sticky_); do - for entry in $(ipset list $setname | grep "$(echo $(mwan3_id2mask id MMX_MASK) | awk '{ printf "0x%08x", $1; }')" | cut -d ' ' -f 1); do - $IPS del $setname $entry + for entry in $(ipset list "$setname" | grep "$(echo $(mwan3_id2mask id MMX_MASK) | awk '{ printf "0x%08x", $1; }')" | cut -d ' ' -f 1); do + $IPS del "$setname" $entry done done } @@ -658,7 +658,7 @@ mwan3_track() { track_ips="$track_ips $1" } - config_list_foreach $1 track_ip mwan3_list_track_ips + config_list_foreach "$1" track_ip mwan3_list_track_ips for pid in $(pgrep -f "mwan3track $1 $2"); do kill -TERM "$pid" > /dev/null 2>&1 @@ -684,28 +684,28 @@ mwan3_set_policy() { local iface_count id iface family metric probability weight device - config_get iface $1 interface - config_get metric $1 metric 1 - config_get weight $1 weight 1 + config_get iface "$1" interface + config_get metric "$1" metric 1 + config_get weight "$1" weight 1 [ -n "$iface" ] || return 0 - network_get_device device $iface + network_get_device device "$iface" [ "$metric" -gt $DEFAULT_LOWEST_METRIC ] && $LOG warn "Member interface $iface has >$DEFAULT_LOWEST_METRIC metric. Not appending to policy" && return 0 - mwan3_get_iface_id id $iface + mwan3_get_iface_id id "$iface" [ -n "$id" ] || return 0 - config_get family $iface family ipv4 + config_get family "$iface" family ipv4 if [ "$family" = "ipv4" ]; then - if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then + if [ "$(mwan3_get_iface_hotplug_state "$iface")" = "online" ]; then if [ "$metric" -lt "$lowest_metric_v4" ]; then total_weight_v4=$weight - $IPT4 -F mwan3_policy_$policy - $IPT4 -A mwan3_policy_$policy \ + $IPT4 -F "mwan3_policy_$policy" + $IPT4 -A "mwan3_policy_$policy" \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "$iface $weight $weight" \ -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK @@ -729,16 +729,16 @@ mwan3_set_policy() probability="-m statistic --mode random --probability $probability" - $IPT4 -I mwan3_policy_$policy \ - -m mark --mark 0x0/$MMX_MASK $probability \ + $IPT4 -I "mwan3_policy_$policy" \ + -m mark --mark 0x0/$MMX_MASK "$probability" \ -m comment --comment "$iface $weight $total_weight_v4" \ -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK fi else [ -n "$device" ] && { - $IPT4 -S mwan3_policy_$policy | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \ - $IPT4 -I mwan3_policy_$policy \ - -o $device \ + $IPT4 -S "mwan3_policy_$policy" | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \ + $IPT4 -I "mwan3_policy_$policy" \ + -o "$device" \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "out $iface $device" \ -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK @@ -748,12 +748,12 @@ mwan3_set_policy() if [ "$family" = "ipv6" ]; then - if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then + if [ "$(mwan3_get_iface_hotplug_state "$iface")" = "online" ]; then if [ "$metric" -lt "$lowest_metric_v6" ]; then total_weight_v6=$weight - $IPT6 -F mwan3_policy_$policy - $IPT6 -A mwan3_policy_$policy \ + $IPT6 -F "mwan3_policy_$policy" + $IPT6 -A "mwan3_policy_$policy" \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "$iface $weight $weight" \ -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK @@ -777,17 +777,17 @@ mwan3_set_policy() probability="-m statistic --mode random --probability $probability" - $IPT6 -I mwan3_policy_$policy \ + $IPT6 -I "mwan3_policy_$policy" \ -m mark --mark 0x0/$MMX_MASK \ - $probability \ + "$probability" \ -m comment --comment "$iface $weight $total_weight_v6" \ -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK fi else [ -n "$device" ] && { - $IPT6 -S mwan3_policy_$policy | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \ - $IPT6 -I mwan3_policy_$policy \ - -o $device \ + $IPT6 -S "mwan3_policy_$policy" | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \ + $IPT6 -I "mwan3_policy_$policy" \ + -o "$device" \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "out $iface $device" \ -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK @@ -802,35 +802,35 @@ mwan3_create_policies_iptables() policy="$1" - config_get last_resort $1 last_resort unreachable + config_get last_resort "$1" last_resort unreachable - if [ "$1" != $(echo "$1" | cut -c1-15) ]; then + if [ "$1" != "$(echo "$1" | cut -c1-15)" ]; then $LOG warn "Policy $1 exceeds max of 15 chars. Not setting policy" && return 0 fi for IPT in "$IPT4" "$IPT6"; do - if ! $IPT -S mwan3_policy_$1 &> /dev/null; then - $IPT -N mwan3_policy_$1 + if ! $IPT -S "mwan3_policy_$1" &> /dev/null; then + $IPT -N "mwan3_policy_$1" fi - $IPT -F mwan3_policy_$1 + $IPT -F "mwan3_policy_$1" case "$last_resort" in blackhole) - $IPT -A mwan3_policy_$1 \ + $IPT -A "mwan3_policy_$1" \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "blackhole" \ -j MARK --set-xmark $MMX_BLACKHOLE/$MMX_MASK ;; default) - $IPT -A mwan3_policy_$1 \ + $IPT -A "mwan3_policy_$1" \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "default" \ -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK ;; *) - $IPT -A mwan3_policy_$1 \ + $IPT -A "mwan3_policy_$1" \ -m mark --mark 0x0/$MMX_MASK \ -m comment --comment "unreachable" \ -j MARK --set-xmark $MMX_UNREACHABLE/$MMX_MASK @@ -844,7 +844,7 @@ mwan3_create_policies_iptables() lowest_metric_v6=$DEFAULT_LOWEST_METRIC total_weight_v6=0 - config_list_foreach $1 use_member mwan3_set_policy + config_list_foreach "$1" use_member mwan3_set_policy } mwan3_set_policies_iptables() @@ -856,21 +856,21 @@ mwan3_set_sticky_iptables() { local id iface - for iface in $($IPT4 -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do + for iface in $($IPT4 -S "$policy" | cut -s -d'"' -f2 | awk '{print $1}'); do if [ "$iface" = "$1" ]; then - mwan3_get_iface_id id $1 + mwan3_get_iface_id id "$1" [ -n "$id" ] || return 0 for IPT in "$IPT4" "$IPT6"; do - if [ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ]; then - $IPT -I mwan3_rule_$rule \ + if [ -n "$($IPT -S "mwan3_iface_in_$1" 2> /dev/null)" ]; then + $IPT -I "mwan3_rule_$rule" \ -m mark --mark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK \ - -m set ! --match-set mwan3_sticky_$rule src,src \ + -m set ! --match-set "mwan3_sticky_$rule" src,src \ -j MARK --set-xmark 0x0/$MMX_MASK - $IPT -I mwan3_rule_$rule \ + $IPT -I "mwan3_rule_$rule" \ -m mark --mark 0/$MMX_MASK \ -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK fi @@ -887,18 +887,18 @@ mwan3_set_user_iptables_rule() rule="$1" - config_get sticky $1 sticky 0 - config_get timeout $1 timeout 600 - config_get ipset $1 ipset - config_get proto $1 proto all - config_get src_ip $1 src_ip - config_get src_iface $1 src_iface - network_get_device src_dev $src_iface - config_get src_port $1 src_port - config_get dest_ip $1 dest_ip - config_get dest_port $1 dest_port - config_get use_policy $1 use_policy - config_get family $1 family any + config_get sticky "$1" sticky 0 + config_get timeout "$1" timeout 600 + config_get ipset "$1" ipset + config_get proto "$1" proto all + config_get src_ip "$1" src_ip + config_get src_iface "$1" src_iface + network_get_device src_dev "$src_iface" + config_get src_port "$1" src_port + config_get dest_ip "$1" dest_ip + config_get dest_port "$1" dest_port + config_get use_policy "$1" use_policy + config_get family "$1" family any [ -z "$dest_ip" ] && unset dest_ip [ -z "$src_ip" ] && unset src_ip @@ -916,11 +916,11 @@ mwan3_set_user_iptables_rule() unset dest_port } - config_get rule_logging $1 logging 0 + config_get rule_logging "$1" logging 0 config_get global_logging globals logging 0 config_get loglevel globals loglevel notice - if [ "$1" != $(echo "$1" | cut -c1-15) ]; then + if [ "$1" != "$(echo "$1" | cut -c1-15)" ]; then $LOG warn "Rule $1 exceeds max of 15 chars. Not setting rule" && return 0 fi @@ -941,39 +941,39 @@ mwan3_set_user_iptables_rule() policy="mwan3_policy_$use_policy" for IPT in "$IPT4" "$IPT6"; do - if ! $IPT -S $policy &> /dev/null; then - $IPT -N $policy + if ! $IPT -S "$policy" &> /dev/null; then + $IPT -N "$policy" fi - if ! $IPT -S mwan3_rule_$1 &> /dev/null; then - $IPT -N mwan3_rule_$1 + if ! $IPT -S "mwan3_rule_$1" &> /dev/null; then + $IPT -N "mwan3_rule_$1" fi - $IPT -F mwan3_rule_$1 + $IPT -F "mwan3_rule_$1" done - $IPS -! create mwan3_sticky_v4_$rule \ - hash:ip,mark markmask $MMX_MASK \ - timeout $timeout - $IPS -! create mwan3_sticky_v6_$rule \ - hash:ip,mark markmask $MMX_MASK \ - timeout $timeout family inet6 - $IPS -! create mwan3_sticky_$rule list:set - $IPS -! add mwan3_sticky_$rule mwan3_sticky_v4_$rule - $IPS -! add mwan3_sticky_$rule mwan3_sticky_v6_$rule + $IPS -! create "mwan3_sticky_v4_$rule" \ + hash:ip,mark markmask "$MMX_MASK" \ + timeout "$timeout" + $IPS -! create "mwan3_sticky_v6_$rule" \ + hash:ip,mark markmask "$MMX_MASK" \ + timeout "$timeout" family inet6 + $IPS -! create "mwan3_sticky_$rule" list:set + $IPS -! add "mwan3_sticky_$rule" "mwan3_sticky_v4_$rule" + $IPS -! add "mwan3_sticky_$rule" "mwan3_sticky_v6_$rule" config_foreach mwan3_set_sticky_iptables interface for IPT in "$IPT4" "$IPT6"; do - $IPT -A mwan3_rule_$1 \ + $IPT -A "mwan3_rule_$1" \ -m mark --mark 0/$MMX_MASK \ - -j $policy - $IPT -A mwan3_rule_$1 \ + -j "$policy" + $IPT -A "mwan3_rule_$1" \ -m mark ! --mark 0xfc00/0xfc00 \ - -j SET --del-set mwan3_sticky_$rule src,src - $IPT -A mwan3_rule_$1 \ + -j SET --del-set "mwan3_sticky_$rule" src,src + $IPT -A "mwan3_rule_$1" \ -m mark ! --mark 0xfc00/0xfc00 \ - -j SET --add-set mwan3_sticky_$rule src,src + -j SET --add-set "mwan3_sticky_$rule" src,src done policy="mwan3_rule_$1" @@ -981,8 +981,8 @@ mwan3_set_user_iptables_rule() policy="mwan3_policy_$use_policy" for IPT in "$IPT4" "$IPT6"; do - if ! $IPT -S $policy &> /dev/null; then - $IPT -N $policy + if ! $IPT -S "$policy" &> /dev/null; then + $IPT -N "$policy" fi done @@ -993,10 +993,10 @@ mwan3_set_user_iptables_rule() [ "$family" = "ipv6" ] && [ "$IPT" = "$IPT4" ] && continue [ "$global_logging" = "1" ] && [ "$rule_logging" = "1" ] && { $IPT -A mwan3_rules \ - -p $proto \ + -p "$proto" \ ${src_ip:+-s} $src_ip \ ${src_dev:+-i} $src_dev \ - ${dest_ip:+-d} $dest_ip\ + ${dest_ip:+-d} $dest_ip \ $ipset \ ${src_port:+-m} ${src_port:+multiport} ${src_port:+--sports} $src_port \ ${dest_port:+-m} ${dest_port:+multiport} ${dest_port:+--dports} $dest_port \ @@ -1006,10 +1006,10 @@ mwan3_set_user_iptables_rule() } $IPT -A mwan3_rules \ - -p $proto \ + -p "$proto" \ ${src_ip:+-s} $src_ip \ ${src_dev:+-i} $src_dev \ - ${dest_ip:+-d} $dest_ip\ + ${dest_ip:+-d} $dest_ip \ $ipset \ ${src_port:+-m} ${src_port:+multiport} ${src_port:+--sports} $src_port \ ${dest_port:+-m} ${dest_port:+multiport} ${dest_port:+--dports} $dest_port \ @@ -1039,21 +1039,21 @@ mwan3_set_iface_hotplug_state() { local iface=$1 local state=$2 - echo -n $state > $MWAN3_STATUS_DIR/iface_state/$iface + echo "$state" > "$MWAN3_STATUS_DIR/iface_state/$iface" } mwan3_get_iface_hotplug_state() { local iface=$1 - cat $MWAN3_STATUS_DIR/iface_state/$iface 2>/dev/null || echo "offline" + cat "$MWAN3_STATUS_DIR/iface_state/$iface" 2>/dev/null || echo "offline" } mwan3_report_iface_status() { local device result track_ips tracking IP IPT - mwan3_get_iface_id id $1 - network_get_device device $1 + mwan3_get_iface_id id "$1" + network_get_device device "$1" config_get enabled "$1" enabled 0 config_get family "$1" family ipv4 @@ -1089,7 +1089,7 @@ mwan3_report_iface_status() { track_ips="$1 $track_ips" } - config_list_foreach $1 track_ip mwan3_list_track_ips + config_list_foreach "$1" track_ip mwan3_list_track_ips if [ -n "$track_ips" ]; then if [ -n "$(pgrep -f "mwan3track $1 $device")" ]; then @@ -1111,16 +1111,16 @@ mwan3_report_policies() local percent total_weight weight iface - total_weight=$($ipt -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}') + total_weight=$($ipt -S "$policy" | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}') if [ ! -z "${total_weight##*[!0-9]*}" ]; then - for iface in $($ipt -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}'); do - weight=$($ipt -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}') + for iface in $($ipt -S "$policy" | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}'); do + weight=$($ipt -S "$policy" | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}') percent=$(($weight*100/$total_weight)) echo " $iface ($percent%)" done else - echo " $($ipt -S $policy | grep -v '.*--comment "out .*" .*$' | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')" + echo " $($ipt -S "$policy" | grep -v '.*--comment "out .*" .*$' | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')" fi } From 2f2044ecb002fe6cc7b02d21c4c2484e50ff0c8b Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 14 Jul 2020 12:02:01 +0200 Subject: [PATCH 06/26] mwan3: cleanup function mwan3_create_iface_route Signed-off-by: Florian Eckert (cherry picked from commit d0c248a7dab92c81e348a31cf35c2e972f26ca39) --- net/mwan3/files/lib/mwan3/mwan3.sh | 54 ++++++++++++------------------ 1 file changed, 21 insertions(+), 33 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index fd9f9fc41..5ffef9405 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -483,56 +483,44 @@ mwan3_delete_iface_iptables() mwan3_create_iface_route() { - local id route_args metric + local id via metric - config_get family $1 family ipv4 - mwan3_get_iface_id id $1 + config_get family "$1" family ipv4 + mwan3_get_iface_id id "$1" [ -n "$id" ] || return 0 if [ "$family" = "ipv4" ]; then - if ubus call network.interface.${1}_4 status &>/dev/null; then - network_get_gateway route_args ${1}_4 + if ubus call "network.interface.${1}_4" status &>/dev/null; then + network_get_gateway via "${1}_4" else - network_get_gateway route_args $1 + network_get_gateway via "$1" fi - if [ -n "$route_args" -a "$route_args" != "0.0.0.0" ]; then - route_args="via $route_args" - else - route_args="" - fi + network_get_metric metric "$1" - network_get_metric metric $1 - if [ -n "$metric" -a "$metric" != "0" ]; then - route_args="$route_args metric $metric" - fi - - $IP4 route flush table $id - $IP4 route add table $id default $route_args dev $2 + $IP4 route flush table "$id" + $IP4 route add table "$id" default \ + ${via:+via} $via \ + ${metric:+metric} $metric \ + dev "$2" mwan3_rtmon_ipv4 fi if [ "$family" = "ipv6" ]; then - if ubus call network.interface.${1}_6 status &>/dev/null; then - network_get_gateway6 route_args ${1}_6 + if ubus call "network.interface.${1}_6" status &>/dev/null; then + network_get_gateway6 via "${1}_6" else - network_get_gateway6 route_args $1 + network_get_gateway6 via "$1" fi - if [ -n "$route_args" -a "$route_args" != "::" ]; then - route_args="via $route_args" - else - route_args="" - fi + network_get_metric metric "$1" - network_get_metric metric $1 - if [ -n "$metric" -a "$metric" != "0" ]; then - route_args="$route_args metric $metric" - fi - - $IP6 route flush table $id - $IP6 route add table $id default $route_args dev $2 + $IP6 route flush table "$id" + $IP6 route add table "$id" default \ + ${via:+via} $via \ + ${metric:+metric} $metric \ + dev "$2" mwan3_rtmon_ipv6 fi } From f834ba0fcee5bd25c8038f4f6290c0cc759edaa6 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Tue, 14 Jul 2020 12:49:20 +0200 Subject: [PATCH 07/26] mwan3: update version to 2.8.9 Signed-off-by: Florian Eckert (cherry picked from commit 2594258c4b85e62c71cfbd267367c0dcfb34260b) --- net/mwan3/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile index 1ef345aac..cde88ae59 100644 --- a/net/mwan3/Makefile +++ b/net/mwan3/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mwan3 -PKG_VERSION:=2.8.8 +PKG_VERSION:=2.8.9 PKG_RELEASE:=1 PKG_MAINTAINER:=Florian Eckert PKG_LICENSE:=GPL-2.0 From d6b051b8c0c2df246a1567555030d21690bdc011 Mon Sep 17 00:00:00 2001 From: Aaron Goodman Date: Fri, 29 May 2020 19:47:38 -0400 Subject: [PATCH 08/26] mwan3: don't add single ipv4 to connected list if already covered by a cidr Signed-off-by: Aaron Goodman (cherry picked from commit da9a626f78791b953a58ccd30987983ff52c8afc) --- net/mwan3/files/lib/mwan3/mwan3.sh | 36 ++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 7 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 5ffef9405..eecd4a380 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -238,26 +238,48 @@ mwan3_set_custom_ipset() $IPS -! add mwan3_connected mwan3_custom_v6 } -mwan3_set_connected_iptables() + +mwan3_set_connected_ipv4() { - local connected_network_v4 connected_network_v6 source_network_v6 - - $IPS -! create mwan3_connected_v4 hash:net - $IPS create mwan3_connected_v4_temp hash:net - + local connected_network_v4 candidate_list cidr_list + candidate_list="" + cidr_list="" for connected_network_v4 in $($IP4 route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do - $IPS -! add mwan3_connected_v4_temp "$connected_network_v4" + [ -z "${connected_network_v4##*/*}" ] && + cidr_list="$cidr_list $connected_network_v4" || + candidate_list="$candidate_list $connected_network_v4" done for connected_network_v4 in $($IP4 route list table 0 | awk '{print $2}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do + [ -z "${connected_network_v4##*/*}" ] && + cidr_list="$cidr_list $connected_network_v4" || + candidate_list="$candidate_list $connected_network_v4" + done + + for connected_network_v4 in $cidr_list; do $IPS -! add mwan3_connected_v4_temp "$connected_network_v4" done + for connected_network_v4 in $candidate_list; do + ipset -q test mwan3_connected_v4_temp "$connected_network_v4" || + $IPS -! add mwan3_connected_v4_temp "$connected_network_v4" + done $IPS add mwan3_connected_v4_temp 224.0.0.0/3 $IPS swap mwan3_connected_v4_temp mwan3_connected_v4 $IPS destroy mwan3_connected_v4_temp +} + +mwan3_set_connected_iptables() +{ + local connected_network_v6 source_network_v6 + + $IPS -! create mwan3_connected_v4 hash:net + $IPS create mwan3_connected_v4_temp hash:net + + mwan3_set_connected_ipv4 + $IPS -! create mwan3_connected_v6 hash:net family inet6 $IPS create mwan3_connected_v6_temp hash:net family inet6 From ec45ff8052394f0d0fa711ba30e19e981312f79c Mon Sep 17 00:00:00 2001 From: Aaron Goodman Date: Thu, 4 Jun 2020 16:43:23 -0400 Subject: [PATCH 09/26] mwan3: be more efficient with sleep after killing trackers Signed-off-by: Aaron Goodman (cherry picked from commit 84a53b7c792217ccb0a3d95e8fcf63d2843cdc43) --- net/mwan3/files/lib/mwan3/mwan3.sh | 4 +++- net/mwan3/files/usr/sbin/mwan3 | 14 ++++++++++---- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index eecd4a380..ddc8f2012 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -672,7 +672,9 @@ mwan3_track() for pid in $(pgrep -f "mwan3track $1 $2"); do kill -TERM "$pid" > /dev/null 2>&1 - sleep 1 + done + sleep 1 + for pid in $(pgrep -f "mwan3track $1 $2"); do kill -KILL "$pid" > /dev/null 2>&1 done if [ -n "$track_ips" ]; then diff --git a/net/mwan3/files/usr/sbin/mwan3 b/net/mwan3/files/usr/sbin/mwan3 index a854dfda2..11e8e3dca 100755 --- a/net/mwan3/files/usr/sbin/mwan3 +++ b/net/mwan3/files/usr/sbin/mwan3 @@ -64,7 +64,7 @@ ifup() status=$(ubus -S call network.interface.$1 status) [ -n "$status" ] && { json_load "$status" - json_get_vars up l3_device + json_get_vars up l3_device } config_get enabled "$1" enabled 0 @@ -141,13 +141,19 @@ stop() for pid in $(pgrep -f "mwan3rtmon"); do kill -TERM "$pid" > /dev/null 2>&1 - sleep 1 - kill -KILL "$pid" > /dev/null 2>&1 done for pid in $(pgrep -f "mwan3track"); do kill -TERM "$pid" > /dev/null 2>&1 - sleep 1 + done + + sleep 1 + + for pid in $(pgrep -f "mwan3rtmon"); do + kill -KILL "$pid" > /dev/null 2>&1 + done + + for pid in $(pgrep -f "mwan3track"); do kill -KILL "$pid" > /dev/null 2>&1 done From dc25b38f1317ad5a849a6ef12b46f4edfe53a7e4 Mon Sep 17 00:00:00 2001 From: Aaron Goodman Date: Wed, 15 Jul 2020 21:40:16 -0400 Subject: [PATCH 10/26] mwan3: don't try to use ipv6 if not installed fix issue #11826 Signed-off-by: Aaron Goodman (cherry picked from commit a0d66d4eebefe6e89c582df2b4dc972ea7c5c7f5) --- net/mwan3/files/lib/mwan3/mwan3.sh | 69 +++++++++++++++++------------- net/mwan3/files/usr/sbin/mwan3 | 7 ++- 2 files changed, 44 insertions(+), 32 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index ddc8f2012..96fdca966 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -32,6 +32,9 @@ MM_BLACKHOLE="" MMX_UNREACHABLE="" MM_UNREACHABLE="" +command -v ip6tables > /dev/null +NO_IPV6=$? + # return true(=0) if has any mwan3 interface enabled # otherwise return false mwan3_rtmon_ipv4() @@ -280,33 +283,34 @@ mwan3_set_connected_iptables() mwan3_set_connected_ipv4 - $IPS -! create mwan3_connected_v6 hash:net family inet6 - $IPS create mwan3_connected_v6_temp hash:net family inet6 + [ $NO_IPV6 -eq 0 ] && { + $IPS -! create mwan3_connected_v6 hash:net family inet6 + $IPS create mwan3_connected_v6_temp hash:net family inet6 - for connected_network_v6 in $($IP6 route | awk '{print $1}' | egrep "$IPv6_REGEX"); do - $IPS -! add mwan3_connected_v6_temp "$connected_network_v6" - done + for connected_network_v6 in $($IP6 route | awk '{print $1}' | egrep "$IPv6_REGEX"); do + $IPS -! add mwan3_connected_v6_temp "$connected_network_v6" + done + $IPS swap mwan3_connected_v6_temp mwan3_connected_v6 + $IPS destroy mwan3_connected_v6_temp - $IPS swap mwan3_connected_v6_temp mwan3_connected_v6 - $IPS destroy mwan3_connected_v6_temp + $IPS -! create mwan3_source_v6 hash:net family inet6 + $IPS create mwan3_source_v6_temp hash:net family inet6 + for source_network_v6 in $($IP6 addr ls | sed -ne 's/ *inet6 \([^ \/]*\).* scope global.*/\1/p'); do + $IPS -! add mwan3_source_v6_temp "$source_network_v6" + done + $IPS swap mwan3_source_v6_temp mwan3_source_v6 + $IPS destroy mwan3_source_v6_temp + } $IPS -! create mwan3_connected list:set $IPS -! add mwan3_connected mwan3_connected_v4 - $IPS -! add mwan3_connected mwan3_connected_v6 - - $IPS -! create mwan3_source_v6 hash:net family inet6 - $IPS create mwan3_source_v6_temp hash:net family inet6 - for source_network_v6 in $($IP6 addr ls | sed -ne 's/ *inet6 \([^ \/]*\).* scope global.*/\1/p'); do - $IPS -! add mwan3_source_v6_temp "$source_network_v6" - done - $IPS swap mwan3_source_v6_temp mwan3_source_v6 - $IPS destroy mwan3_source_v6_temp + [ $NO_IPV6 -eq 0 ] && $IPS -! add mwan3_connected mwan3_connected_v6 $IPS -! create mwan3_dynamic_v4 hash:net $IPS -! add mwan3_connected mwan3_dynamic_v4 - $IPS -! create mwan3_dynamic_v6 hash:net family inet6 - $IPS -! add mwan3_connected mwan3_dynamic_v6 + [ $NO_IPV6 -eq 0 ] && $IPS -! create mwan3_dynamic_v6 hash:net family inet6 + [ $NO_IPV6 -eq 0 ] && $IPS -! add mwan3_connected mwan3_dynamic_v6 } mwan3_set_general_rules() @@ -314,7 +318,7 @@ mwan3_set_general_rules() local IP for IP in "$IP4" "$IP6"; do - + [ "$IP" = "$IP6" ] && [ $NO_IPV6 -ne 0 ] && continue RULE_NO=$(($MM_BLACKHOLE+2000)) if [ -z "$($IP rule list | awk -v var="$RULE_NO:" '$1 == var')" ]; then $IP rule add pref $RULE_NO fwmark $MMX_BLACKHOLE/$MMX_MASK blackhole @@ -332,7 +336,7 @@ mwan3_set_general_iptables() local IPT for IPT in "$IPT4" "$IPT6"; do - + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue if ! $IPT -S mwan3_ifaces_in &> /dev/null; then $IPT -N mwan3_ifaces_in fi @@ -450,7 +454,7 @@ mwan3_create_iface_iptables() -j "mwan3_iface_in_$1" fi - if [ "$family" = "ipv6" ]; then + if [ "$family" = "ipv6" ] && [ $NO_IPV6 = 0 ]; then $IPS -! create mwan3_connected_v6 hash:net family inet6 if ! $IPT6 -S mwan3_ifaces_in &> /dev/null; then @@ -493,7 +497,7 @@ mwan3_delete_iface_iptables() $IPT4 -X "mwan3_iface_in_$1" &> /dev/null fi - if [ "$family" = "ipv6" ]; then + if [ "$family" = "ipv6" ] && [ $NO_IPV6 = 0 ]; then $IPT6 -D mwan3_ifaces_in \ -m mark --mark 0x0/$MMX_MASK \ @@ -529,7 +533,7 @@ mwan3_create_iface_route() mwan3_rtmon_ipv4 fi - if [ "$family" = "ipv6" ]; then + if [ "$family" = "ipv6" ] && [ $NO_IPV6 = 0 ]; then if ubus call "network.interface.${1}_6" status &>/dev/null; then network_get_gateway6 via "${1}_6" else @@ -560,7 +564,7 @@ mwan3_delete_iface_route() $IP4 route flush table "$id" fi - if [ "$family" = "ipv6" ]; then + if [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then $IP6 route flush table "$id" fi } @@ -588,7 +592,7 @@ mwan3_create_iface_rules() $IP4 rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup "$id" fi - if [ "$family" = "ipv6" ]; then + if [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then while [ -n "$($IP6 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do $IP6 rule del pref $(($id+1000)) @@ -623,7 +627,7 @@ mwan3_delete_iface_rules() done fi - if [ "$family" = "ipv6" ]; then + if [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then while [ -n "$($IP6 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do $IP6 rule del pref $(($id+1000)) @@ -758,7 +762,7 @@ mwan3_set_policy() fi fi - if [ "$family" = "ipv6" ]; then + if [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then if [ "$(mwan3_get_iface_hotplug_state "$iface")" = "online" ]; then if [ "$metric" -lt "$lowest_metric_v6" ]; then @@ -821,8 +825,8 @@ mwan3_create_policies_iptables() fi for IPT in "$IPT4" "$IPT6"; do - - if ! $IPT -S "mwan3_policy_$1" &> /dev/null; then + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue + if ! $IPT -S mwan3_policy_$1 &> /dev/null; then $IPT -N "mwan3_policy_$1" fi @@ -877,6 +881,7 @@ mwan3_set_sticky_iptables() [ -n "$id" ] || return 0 for IPT in "$IPT4" "$IPT6"; do + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continuea if [ -n "$($IPT -S "mwan3_iface_in_$1" 2> /dev/null)" ]; then $IPT -I "mwan3_rule_$rule" \ -m mark --mark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK \ @@ -953,6 +958,7 @@ mwan3_set_user_iptables_rule() policy="mwan3_policy_$use_policy" for IPT in "$IPT4" "$IPT6"; do + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue if ! $IPT -S "$policy" &> /dev/null; then $IPT -N "$policy" fi @@ -977,6 +983,7 @@ mwan3_set_user_iptables_rule() config_foreach mwan3_set_sticky_iptables interface for IPT in "$IPT4" "$IPT6"; do + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue $IPT -A "mwan3_rule_$1" \ -m mark --mark 0/$MMX_MASK \ -j "$policy" @@ -993,6 +1000,7 @@ mwan3_set_user_iptables_rule() policy="mwan3_policy_$use_policy" for IPT in "$IPT4" "$IPT6"; do + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue if ! $IPT -S "$policy" &> /dev/null; then $IPT -N "$policy" fi @@ -1001,6 +1009,7 @@ mwan3_set_user_iptables_rule() fi fi for IPT in "$IPT4" "$IPT6"; do + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue [ "$family" = "ipv4" ] && [ "$IPT" = "$IPT6" ] && continue [ "$family" = "ipv6" ] && [ "$IPT" = "$IPT4" ] && continue [ "$global_logging" = "1" ] && [ "$rule_logging" = "1" ] && { @@ -1036,7 +1045,7 @@ mwan3_set_user_rules() local IPT for IPT in "$IPT4" "$IPT6"; do - + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue if ! $IPT -S mwan3_rules &> /dev/null; then $IPT -N mwan3_rules fi diff --git a/net/mwan3/files/usr/sbin/mwan3 b/net/mwan3/files/usr/sbin/mwan3 index 11e8e3dca..b9a5afb9e 100755 --- a/net/mwan3/files/usr/sbin/mwan3 +++ b/net/mwan3/files/usr/sbin/mwan3 @@ -90,6 +90,7 @@ policies() echo "Current ipv4 policies:" mwan3_report_policies_v4 echo -e + [ $NO_IPV6 -ne 0 ] && return echo "Current ipv6 policies:" mwan3_report_policies_v6 echo -e @@ -100,6 +101,7 @@ connected() echo "Directly connected ipv4 networks:" mwan3_report_connected_v4 echo -e + [ $NO_IPV6 -ne 0 ] && return echo "Directly connected ipv6 networks:" mwan3_report_connected_v6 echo -e @@ -110,6 +112,7 @@ rules() echo "Active ipv4 user rules:" mwan3_report_rules_v4 echo -e + [ $NO_IPV6 -ne 0 ] && return echo "Active ipv6 user rules:" mwan3_report_rules_v6 echo -e @@ -161,7 +164,7 @@ stop() config_foreach mwan3_track_clean interface for IP in "$IP4" "$IP6"; do - + [ "$IP" = "$IP6" ] && [ $NO_IPV6 -ne 0 ] && continue for route in $(seq 1 $MWAN3_INTERFACE_MAX); do $IP route flush table $route &> /dev/null done @@ -172,7 +175,7 @@ stop() done for IPT in "$IPT4" "$IPT6"; do - + [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue $IPT -D PREROUTING -j mwan3_hook &> /dev/null $IPT -D OUTPUT -j mwan3_hook &> /dev/null From 383555d0760d33c29f3e7118dc2e78059bb04917 Mon Sep 17 00:00:00 2001 From: Aaron Goodman Date: Wed, 15 Jul 2020 21:41:46 -0400 Subject: [PATCH 11/26] mwan3: add default rule for ipv6 in example config default rule only applied to ipv4 with dest_ip 0.0.0.0/0 and error was hidden when trying to apply it in ip6table Signed-off-by: Aaron Goodman (cherry picked from commit 2a5e9be83eaac46ed18a1784c03e38ce5712fed3) --- net/mwan3/files/etc/config/mwan3 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/net/mwan3/files/etc/config/mwan3 b/net/mwan3/files/etc/config/mwan3 index 3f09d9569..750d6c4ae 100644 --- a/net/mwan3/files/etc/config/mwan3 +++ b/net/mwan3/files/etc/config/mwan3 @@ -139,7 +139,12 @@ config rule 'https' option proto 'tcp' option use_policy 'balanced' -config rule 'default_rule' +config rule 'default_rule_v4' option dest_ip '0.0.0.0/0' option use_policy 'balanced' + option family 'ipv4' +config rule 'default_rule_v6' + option dest_ip '::/0' + option use_policy 'balanced' + option family 'ipv6' From db46d3ab03d3127d0ceabeb0e6b924e8ad99b0d5 Mon Sep 17 00:00:00 2001 From: Aaron Goodman Date: Thu, 16 Jul 2020 02:09:11 -0400 Subject: [PATCH 12/26] mwan3: don't send iptable setup failures to /dev/null silencing failing rules makes debugging more difficult Signed-off-by: Aaron Goodman (cherry picked from commit 702a104f9c516fdddd5e71207d1ad91eb70f9a41) --- net/mwan3/files/lib/mwan3/mwan3.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 96fdca966..f4bfc37e9 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -1023,7 +1023,7 @@ mwan3_set_user_iptables_rule() ${dest_port:+-m} ${dest_port:+multiport} ${dest_port:+--dports} $dest_port \ -m mark --mark 0/$MMX_MASK \ -m comment --comment "$1" \ - -j LOG --log-level "$loglevel" --log-prefix "MWAN3($1)" &> /dev/null + -j LOG --log-level "$loglevel" --log-prefix "MWAN3($1)" } $IPT -A mwan3_rules \ @@ -1035,7 +1035,7 @@ mwan3_set_user_iptables_rule() ${src_port:+-m} ${src_port:+multiport} ${src_port:+--sports} $src_port \ ${dest_port:+-m} ${dest_port:+multiport} ${dest_port:+--dports} $dest_port \ -m mark --mark 0/$MMX_MASK \ - -j $policy &> /dev/null + -j $policy done fi } From b9e34612505a6a6b33e738550a025a08cfa02c3d Mon Sep 17 00:00:00 2001 From: Aaron Goodman Date: Sun, 19 Jul 2020 23:19:50 -0400 Subject: [PATCH 13/26] mwan3: cleanup duplicate ipv4 and ipv6 logic Signed-off-by: Aaron Goodman (cherry picked from commit 30a46bdc9e409134c95c7e7760b438ef6f1dbdd0) --- net/mwan3/files/lib/mwan3/mwan3.sh | 326 ++++++++++++----------------- 1 file changed, 135 insertions(+), 191 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index f4bfc37e9..b377a64df 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -415,7 +415,7 @@ mwan3_set_general_iptables() mwan3_create_iface_iptables() { - local id family + local id family connected_name IPT config_get family "$1" family ipv4 mwan3_get_iface_id id "$1" @@ -423,93 +423,73 @@ mwan3_create_iface_iptables() [ -n "$id" ] || return 0 if [ "$family" = "ipv4" ]; then - $IPS -! create mwan3_connected list:set + connected_name=mwan3_connected + IPT="$IPT4" + $IPS -! create $connected_name list:set - if ! $IPT4 -S mwan3_ifaces_in &> /dev/null; then - $IPT4 -N mwan3_ifaces_in - fi - - if ! $IPT4 -S "mwan3_iface_in_$1" &> /dev/null; then - $IPT4 -N "mwan3_iface_in_$1" - fi - - $IPT4 -F "mwan3_iface_in_$1" - $IPT4 -A "mwan3_iface_in_$1" \ - -i "$2" \ - -m set --match-set mwan3_connected src \ - -m mark --mark 0x0/$MMX_MASK \ - -m comment --comment "default" \ - -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK - $IPT4 -A "mwan3_iface_in_$1" \ - -i "$2" \ - -m mark --mark 0x0/$MMX_MASK \ - -m comment --comment "$1" \ - -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK - - $IPT4 -D mwan3_ifaces_in \ - -m mark --mark 0x0/$MMX_MASK \ - -j "mwan3_iface_in_$1" &> /dev/null - $IPT4 -A mwan3_ifaces_in \ - -m mark --mark 0x0/$MMX_MASK \ - -j "mwan3_iface_in_$1" + elif [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then + connected_name=mwan3_connected_v6 + IPT="$IPT6" + $IPS -! create $connected_name hash:net family inet6 + else + return fi - if [ "$family" = "ipv6" ] && [ $NO_IPV6 = 0 ]; then - $IPS -! create mwan3_connected_v6 hash:net family inet6 - - if ! $IPT6 -S mwan3_ifaces_in &> /dev/null; then - $IPT6 -N mwan3_ifaces_in - fi - - if ! $IPT6 -S "mwan3_iface_in_$1" &> /dev/null; then - $IPT6 -N "mwan3_iface_in_$1" - fi - - $IPT6 -F "mwan3_iface_in_$1" - $IPT6 -A "mwan3_iface_in_$1" -i "$2" \ - -m set --match-set mwan3_connected_v6 src \ - -m mark --mark 0x0/$MMX_MASK \ - -m comment --comment "default" \ - -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK - $IPT6 -A "mwan3_iface_in_$1" -i "$2" -m mark --mark 0x0/$MMX_MASK \ - -m comment --comment "$1" \ - -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK - - $IPT6 -D mwan3_ifaces_in \ - -m mark --mark 0x0/$MMX_MASK \ - -j "mwan3_iface_in_$1" &> /dev/null - $IPT6 -A mwan3_ifaces_in \ - -m mark --mark 0x0/$MMX_MASK \ - -j "mwan3_iface_in_$1" + if ! $IPT -S mwan3_ifaces_in &> /dev/null; then + $IPT -N mwan3_ifaces_in fi + + if ! $IPT -S "mwan3_iface_in_$1" &> /dev/null; then + $IPT -N "mwan3_iface_in_$1" + fi + + $IPT -F "mwan3_iface_in_$1" + $IPT -A "mwan3_iface_in_$1" \ + -i "$2" \ + -m set --match-set $connected_name src \ + -m mark --mark 0x0/$MMX_MASK \ + -m comment --comment "default" \ + -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK + $IPT -A "mwan3_iface_in_$1" \ + -i "$2" \ + -m mark --mark 0x0/$MMX_MASK \ + -m comment --comment "$1" \ + -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK + + $IPT -D mwan3_ifaces_in \ + -m mark --mark 0x0/$MMX_MASK \ + -j "mwan3_iface_in_$1" &> /dev/null + $IPT -A mwan3_ifaces_in \ + -m mark --mark 0x0/$MMX_MASK \ + -j "mwan3_iface_in_$1" + } mwan3_delete_iface_iptables() { + local IPT config_get family "$1" family ipv4 if [ "$family" = "ipv4" ]; then - - $IPT4 -D mwan3_ifaces_in \ - -m mark --mark 0x0/$MMX_MASK \ - -j "mwan3_iface_in_$1" &> /dev/null - $IPT4 -F "mwan3_iface_in_$1" &> /dev/null - $IPT4 -X "mwan3_iface_in_$1" &> /dev/null + IPT="$IPT4" fi - if [ "$family" = "ipv6" ] && [ $NO_IPV6 = 0 ]; then - - $IPT6 -D mwan3_ifaces_in \ - -m mark --mark 0x0/$MMX_MASK \ - -j "mwan3_iface_in_$1" &> /dev/null - $IPT6 -F "mwan3_iface_in_$1" &> /dev/null - $IPT6 -X "mwan3_iface_in_$1" &> /dev/null + if [ "$family" = "ipv6" ]; then + [ $NO_IPV6 -ne 0 ] && return + IPT="$IPT6" fi + + $IPT -D mwan3_ifaces_in \ + -m mark --mark 0x0/$MMX_MASK \ + -j "mwan3_iface_in_$1" &> /dev/null + $IPT -F "mwan3_iface_in_$1" &> /dev/null + $IPT -X "mwan3_iface_in_$1" &> /dev/null + } mwan3_create_iface_route() { - local id via metric + local id via metric V V_ IP config_get family "$1" family ipv4 mwan3_get_iface_id id "$1" @@ -517,38 +497,32 @@ mwan3_create_iface_route() [ -n "$id" ] || return 0 if [ "$family" = "ipv4" ]; then - if ubus call "network.interface.${1}_4" status &>/dev/null; then - network_get_gateway via "${1}_4" - else - network_get_gateway via "$1" - fi - - network_get_metric metric "$1" - - $IP4 route flush table "$id" - $IP4 route add table "$id" default \ - ${via:+via} $via \ - ${metric:+metric} $metric \ - dev "$2" - mwan3_rtmon_ipv4 + V=4 + V_="" + IP="$IP4" + elif [ "$family" = "ipv6" ]; then + V=6 + V_=6 + IP="$IP6" + else + return fi - if [ "$family" = "ipv6" ] && [ $NO_IPV6 = 0 ]; then - if ubus call "network.interface.${1}_6" status &>/dev/null; then - network_get_gateway6 via "${1}_6" - else - network_get_gateway6 via "$1" - fi - - network_get_metric metric "$1" - - $IP6 route flush table "$id" - $IP6 route add table "$id" default \ - ${via:+via} $via \ - ${metric:+metric} $metric \ - dev "$2" - mwan3_rtmon_ipv6 + if ubus call network.interface.${1}_${V} status &>/dev/null; then + network_get_gateway${V_} via "${1}_${V}" + else + network_get_gateway${V_} via "$1" fi + + network_get_metric metric "$1" + + $IP route flush table "$id" + $IP route add table "$id" default \ + ${via:+via} $via \ + ${metric:+metric} $metric \ + dev "$2" + mwan3_rtmon_ipv${V} + } mwan3_delete_iface_route() @@ -698,8 +672,9 @@ mwan3_track_signal() mwan3_set_policy() { - local iface_count id iface family metric probability weight device + local iface_count id iface family metric probability weight device is_lowest is_offline IPT total_weight + is_lowest=0 config_get iface "$1" interface config_get metric "$1" metric 1 config_get weight "$1" weight 1 @@ -710,105 +685,74 @@ mwan3_set_policy() mwan3_get_iface_id id "$iface" + [ "$(mwan3_get_iface_hotplug_state "$iface")" = "online" ] + is_offline=$? + [ -n "$id" ] || return 0 config_get family "$iface" family ipv4 if [ "$family" = "ipv4" ]; then - - if [ "$(mwan3_get_iface_hotplug_state "$iface")" = "online" ]; then - if [ "$metric" -lt "$lowest_metric_v4" ]; then - - total_weight_v4=$weight - $IPT4 -F "mwan3_policy_$policy" - $IPT4 -A "mwan3_policy_$policy" \ - -m mark --mark 0x0/$MMX_MASK \ - -m comment --comment "$iface $weight $weight" \ - -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK - - lowest_metric_v4=$metric - - elif [ "$metric" -eq "$lowest_metric_v4" ]; then - - total_weight_v4=$(($total_weight_v4+$weight)) - probability=$(($weight*1000/$total_weight_v4)) - - if [ "$probability" -lt 10 ]; then - probability="0.00$probability" - elif [ $probability -lt 100 ]; then - probability="0.0$probability" - elif [ $probability -lt 1000 ]; then - probability="0.$probability" - else - probability="1" - fi - - probability="-m statistic --mode random --probability $probability" - - $IPT4 -I "mwan3_policy_$policy" \ - -m mark --mark 0x0/$MMX_MASK "$probability" \ - -m comment --comment "$iface $weight $total_weight_v4" \ - -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK - fi - else - [ -n "$device" ] && { - $IPT4 -S "mwan3_policy_$policy" | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \ - $IPT4 -I "mwan3_policy_$policy" \ - -o "$device" \ - -m mark --mark 0x0/$MMX_MASK \ - -m comment --comment "out $iface $device" \ - -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK - } - fi + IPT="$IPT4" + elif [ "$family" = "ipv6" ]; then + IPT="$IPT6" fi - if [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then - - if [ "$(mwan3_get_iface_hotplug_state "$iface")" = "online" ]; then - if [ "$metric" -lt "$lowest_metric_v6" ]; then - - total_weight_v6=$weight - $IPT6 -F "mwan3_policy_$policy" - $IPT6 -A "mwan3_policy_$policy" \ - -m mark --mark 0x0/$MMX_MASK \ - -m comment --comment "$iface $weight $weight" \ - -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK - - lowest_metric_v6=$metric - - elif [ "$metric" -eq "$lowest_metric_v6" ]; then - - total_weight_v6=$(($total_weight_v6+$weight)) - probability=$(($weight*1000/$total_weight_v6)) - - if [ "$probability" -lt 10 ]; then - probability="0.00$probability" - elif [ $probability -lt 100 ]; then - probability="0.0$probability" - elif [ $probability -lt 1000 ]; then - probability="0.$probability" - else - probability="1" - fi - - probability="-m statistic --mode random --probability $probability" - - $IPT6 -I "mwan3_policy_$policy" \ - -m mark --mark 0x0/$MMX_MASK \ - "$probability" \ - -m comment --comment "$iface $weight $total_weight_v6" \ - -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK - fi + if [ "$family" = "ipv4" ] && [ $is_offline -eq 0 ]; then + if [ "$metric" -lt "$lowest_metric_v4" ]; then + is_lowest=1 + total_weight_v4=$weight + lowest_metric_v4=$metric + elif [ "$metric" -eq "$lowest_metric_v4" ]; then + total_weight_v4=$(($total_weight_v4+$weight)) + total_weight=$total_weight_v4 else - [ -n "$device" ] && { - $IPT6 -S "mwan3_policy_$policy" | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \ - $IPT6 -I "mwan3_policy_$policy" \ - -o "$device" \ - -m mark --mark 0x0/$MMX_MASK \ - -m comment --comment "out $iface $device" \ - -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK - } + return fi + elif [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ] && [ $is_offline -eq 0 ]; then + if [ "$metric" -lt "$lowest_metric_v6" ]; then + is_lowest=1 + total_weight_v6=$weight + lowest_metric_v6=$metric + elif [ "$metric" -eq "$lowest_metric_v6" ]; then + total_weight_v6=$(($total_weight_v6+$weight)) + total_weight=$total_weight_v6 + else + return + fi + fi + if [ $is_lowest -eq 1 ]; then + $IPT -F "mwan3_policy_$policy" + $IPT -A "mwan3_policy_$policy" \ + -m mark --mark 0x0/$MMX_MASK \ + -m comment --comment "$iface $weight $weight" \ + -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK + elif [ $is_offline -eq 0 ]; then + probability=$(($weight*1000/$total_weight)) + if [ "$probability" -lt 10 ]; then + probability="0.00$probability" + elif [ $probability -lt 100 ]; then + probability="0.0$probability" + elif [ $probability -lt 1000 ]; then + probability="0.$probability" + else + probability="1" + fi + + $IPT -I "mwan3_policy_$policy" \ + -m mark --mark 0x0/$MMX_MASK \ + -m statistic \ + --mode random \ + --probability "$probability" \ + -m comment --comment "$iface $weight $total_weight" \ + -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK + elif [ -n "$device" ]; then + $IPT -S "mwan3_policy_$policy" | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \ + $IPT -I "mwan3_policy_$policy" \ + -o "$device" \ + -m mark --mark 0x0/$MMX_MASK \ + -m comment --comment "out $iface $device" \ + -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK fi } @@ -826,7 +770,7 @@ mwan3_create_policies_iptables() for IPT in "$IPT4" "$IPT6"; do [ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue - if ! $IPT -S mwan3_policy_$1 &> /dev/null; then + if ! $IPT -S "mwan3_policy_$1" &> /dev/null; then $IPT -N "mwan3_policy_$1" fi From 37e2f882081f02192b8e54a53b4214d7e4add500 Mon Sep 17 00:00:00 2001 From: Aaron Goodman Date: Wed, 15 Jul 2020 23:19:13 -0400 Subject: [PATCH 14/26] mwan3: version bump Signed-off-by: Aaron Goodman (cherry picked from commit ca8bc3d115e43d95f6d12fc9d5ce51b5001c8574) --- net/mwan3/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile index cde88ae59..6849617f2 100644 --- a/net/mwan3/Makefile +++ b/net/mwan3/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mwan3 -PKG_VERSION:=2.8.9 +PKG_VERSION:=2.8.10 PKG_RELEASE:=1 PKG_MAINTAINER:=Florian Eckert PKG_LICENSE:=GPL-2.0 From 447d51edbf58a843a0fff77df6a11dab36af8b58 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Wed, 15 Jul 2020 11:46:25 +0200 Subject: [PATCH 15/26] mwan3: fix idx calculation Signed-off-by: Florian Eckert [aaronjg@stanford.edu: fix syntax error] Signed-off-by: Aaron Goodman (cherry picked from commit a796b7a84e8bce84b01c5fb23e6e5953e643b57d) --- net/mwan3/files/lib/mwan3/mwan3.sh | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index b377a64df..d7def8672 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -39,16 +39,17 @@ NO_IPV6=$? # otherwise return false mwan3_rtmon_ipv4() { - local tid=1 local idx=0 local ret=1 local tbl="" + + local tid + mkdir -p /tmp/mwan3rtmon ($IP4 route list table main | grep -v "^default\|linkdown" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv4.main while uci get mwan3.@interface[$idx] >/dev/null 2>&1 ; do - idx=$((idx+1)) - tid=$idx - [ "$(uci get mwan3.@interface[$((idx-1))].family)" = "ipv4" ] && { + tid=$((idx+1)) + [ "$(uci get mwan3.@interface[$idx].family)" = "ipv4" ] && { tbl=$($IP4 route list table $tid 2>/dev/null) if echo "$tbl" | grep -q ^default; then (echo "$tbl" | grep -v "^default\|linkdown" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv4.$tid @@ -60,9 +61,10 @@ mwan3_rtmon_ipv4() done fi } - if [ "$(uci get mwan3.@interface[$((idx-1))].enabled)" = "1" ]; then + if [ "$(uci get mwan3.@interface[$idx].enabled)" = "1" ]; then ret=0 fi + idx=$((idx+1)) done rm -f /tmp/mwan3rtmon/ipv4.* return $ret @@ -72,16 +74,17 @@ mwan3_rtmon_ipv4() # otherwise return false mwan3_rtmon_ipv6() { - local tid=1 local idx=0 local ret=1 local tbl="" + + local tid + mkdir -p /tmp/mwan3rtmon ($IP6 route list table main | grep -v "^default\|^::/0\|^fe80::/64\|^unreachable" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv6.main while uci get mwan3.@interface[$idx] >/dev/null 2>&1 ; do - idx=$((idx+1)) - tid=$idx - [ "$(uci get mwan3.@interface[$((idx-1))].family)" = "ipv6" ] && { + tid=$((idx+1)) + [ "$(uci get mwan3.@interface[$idx].family)" = "ipv6" ] && { tbl=$($IP6 route list table $tid 2>/dev/null) if echo "$tbl" | grep -q "^default\|^::/0"; then (echo "$tbl" | grep -v "^default\|^::/0\|^unreachable" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv6.$tid @@ -93,9 +96,10 @@ mwan3_rtmon_ipv6() done fi } - if [ "$(uci get mwan3.@interface[$((idx-1))].enabled)" = "1" ]; then + if [ "$(uci get mwan3.@interface[$idx].enabled)" = "1" ]; then ret=0 fi + idx=$((idx+1)) done rm -f /tmp/mwan3rtmon/ipv6.* return $ret From 2c89e14c31e4d73710ba100b39c121719346b007 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Thu, 16 Jul 2020 15:08:04 +0200 Subject: [PATCH 16/26] mwan3: fix IPv6 routing add handling This fixes routing handling. Introduced with the last version update. The following message disappears on the shell when mwan3 is called with 'mwna3 restart`. `Error: Invalid gateway address.` Signed-off-by: Florian Eckert [aaronjg@stanford.edu: fully unset variable and handle ipv4 as well] Signed-off-by: Aaron Goodman (cherry picked from commit 8e3e6f8dde654bdf2f1e1cf7bac6c0a2894a3fe8) --- net/mwan3/files/lib/mwan3/mwan3.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index d7def8672..3ce880fd2 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -518,6 +518,8 @@ mwan3_create_iface_route() network_get_gateway${V_} via "$1" fi + ( [ -z "$via" ] || [ "$via" = "0.0.0.0" ] || [ "$via" = "::" ] ) && unset via + network_get_metric metric "$1" $IP route flush table "$id" From b5ed0033c8cfc26c50f86252f54944394a1f11d1 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Thu, 16 Jul 2020 14:02:57 +0200 Subject: [PATCH 17/26] mwan3: fix rtmon routing table function generation If the uci option family is not set in the interface section, then there is no default value set as in the `config_load / config_get` API. The problem here is that if the family is not set, the default value ipv4 is normaly assumed. But the comparison fails here because the value is empty and therefore the dedicated routing table for this interface is not compared with the other routes from the main table and so not updated. To fix this set the default value for this config option which is`false` for enabled and `ipv4` for family. Signed-off-by: Florian Eckert (cherry picked from commit bcd13ba95cd5b96d04e490b576faab54404cbf69) --- net/mwan3/files/lib/mwan3/mwan3.sh | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 3ce880fd2..652cbfd42 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -43,13 +43,20 @@ mwan3_rtmon_ipv4() local ret=1 local tbl="" - local tid + local tid family enabled mkdir -p /tmp/mwan3rtmon ($IP4 route list table main | grep -v "^default\|linkdown" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv4.main while uci get mwan3.@interface[$idx] >/dev/null 2>&1 ; do tid=$((idx+1)) - [ "$(uci get mwan3.@interface[$idx].family)" = "ipv4" ] && { + + family="$(uci -q get mwan3.@interface[$idx].family)" + [ -z "$family" ] && family="ipv4" + + enabled="$(uci -q get mwan3.@interface[$idx].enabled)" + [ -z "$enabled" ] && enabled="0" + + [ "$family" = "ipv4" ] && { tbl=$($IP4 route list table $tid 2>/dev/null) if echo "$tbl" | grep -q ^default; then (echo "$tbl" | grep -v "^default\|linkdown" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv4.$tid @@ -61,7 +68,7 @@ mwan3_rtmon_ipv4() done fi } - if [ "$(uci get mwan3.@interface[$idx].enabled)" = "1" ]; then + if [ "$enabled" = "1" ]; then ret=0 fi idx=$((idx+1)) @@ -78,13 +85,21 @@ mwan3_rtmon_ipv6() local ret=1 local tbl="" - local tid + local tid family enabled mkdir -p /tmp/mwan3rtmon ($IP6 route list table main | grep -v "^default\|^::/0\|^fe80::/64\|^unreachable" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv6.main while uci get mwan3.@interface[$idx] >/dev/null 2>&1 ; do tid=$((idx+1)) - [ "$(uci get mwan3.@interface[$idx].family)" = "ipv6" ] && { + + family="$(uci -q get mwan3.@interface[$idx].family)" + # Set default family to ipv4 that is no mistake + [ -z "$family" ] && family="ipv4" + + enabled="$(uci -q get mwan3.@interface[$idx].enabled)" + [ -z "$enabled" ] && enabled="0" + + [ "$family" = "ipv6" ] && { tbl=$($IP6 route list table $tid 2>/dev/null) if echo "$tbl" | grep -q "^default\|^::/0"; then (echo "$tbl" | grep -v "^default\|^::/0\|^unreachable" | sort -n; echo empty fixup) >/tmp/mwan3rtmon/ipv6.$tid @@ -96,7 +111,7 @@ mwan3_rtmon_ipv6() done fi } - if [ "$(uci get mwan3.@interface[$idx].enabled)" = "1" ]; then + if [ "$enabled" = "1" ]; then ret=0 fi idx=$((idx+1)) From b340df6824c0a74f0bee6bc2e93ca108e5f237bb Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Fri, 17 Jul 2020 10:35:11 +0200 Subject: [PATCH 18/26] mwan3: also cleanup lock on mwan3 stop Signed-off-by: Florian Eckert (cherry picked from commit cde2a77ed3b3b0df9e693e121dccdc97ef163156) --- net/mwan3/files/lib/mwan3/mwan3.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 652cbfd42..105aafa0c 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -202,6 +202,13 @@ mwan3_unlock() { } mwan3_lock_clean() { + for pid in $(pgrep -f "lock /var/run/mwan3.lock"); do + kill -TERM "$pid" > /dev/null 2>&1 + done + sleep 1 + for pid in $(pgrep -f "lock /var/run/mwan3.lock"); do + kill -KILL "$pid" > /dev/null 2>&1 + done rm -rf /var/run/mwan3.lock } From 538d2fd7c3b20ecbe26d2d9b94e307f3122d2c14 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Fri, 17 Jul 2020 10:34:32 +0200 Subject: [PATCH 19/26] mwan3: add workaround for procd change Signed-off-by: Florian Eckert (cherry picked from commit 058a2b6f3057d849cbe4f2c4fda258d32d6da2fd) --- net/mwan3/files/etc/init.d/mwan3 | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/net/mwan3/files/etc/init.d/mwan3 b/net/mwan3/files/etc/init.d/mwan3 index af750e55e..e0c65889a 100755 --- a/net/mwan3/files/etc/init.d/mwan3 +++ b/net/mwan3/files/etc/init.d/mwan3 @@ -10,17 +10,22 @@ boot() { rc_procd start_service } +# FIXME +# fd 1000 is an inherited lock file descriptor for preventing concurrent +# init script executions. Close it here to prevent the mwan3 daemon from +# inheriting it further to avoid holding the lock indefinitely. + reload_service() { - /usr/sbin/mwan3 restart + /usr/sbin/mwan3 restart 1000>&- } start_service() { [ -n "${mwan3_boot}" ] && return 0 - /usr/sbin/mwan3 start + /usr/sbin/mwan3 start 1000>&- } stop_service() { - /usr/sbin/mwan3 stop + /usr/sbin/mwan3 stop 1000>&- } service_triggers() { From e02cac8152827b100f59c4608746e08c0f505c4f Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Fri, 28 Jun 2019 13:55:29 +0200 Subject: [PATCH 20/26] mwan3: add online and uptime to detail output Add also online time value and uptime time value from netifd to the detail output view. Signed-off-by: Florian Eckert (cherry picked from commit b0acbf057e05bbfb165fd83a181c0d1607da5558) --- net/mwan3/files/lib/mwan3/mwan3.sh | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 105aafa0c..2ec760f9a 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -1,5 +1,7 @@ #!/bin/sh +. /usr/share/libubox/jshn.sh + IP4="ip -4" IP6="ip -6" IPS="ipset" @@ -1066,7 +1068,18 @@ mwan3_report_iface_status() [ -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" ] && \ [ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ] && \ [ -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then - result="$(mwan3_get_iface_hotplug_state $1)" + json_init + json_add_string section interfaces + json_add_string interface "$1" + json_load "$(ubus call mwan3 status "$(json_dump)")" + json_select "interfaces" + json_select "$1" + json_get_vars online uptime + json_select .. + json_select .. + online="$(printf '%02dh:%02dm:%02ds\n' $(($online/3600)) $(($online%3600/60)) $(($online%60)))" + uptime="$(printf '%02dh:%02dm:%02ds\n' $(($uptime/3600)) $(($uptime%3600/60)) $(($uptime%60)))" + result="$(mwan3_get_iface_hotplug_state $1) $online, uptime $uptime" elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" ] || \ [ -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" ] || \ [ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ] || \ From 5bfc1c9cfd7e3c45043276d50c8a13cb9771930f Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Mon, 20 Jul 2020 08:15:50 +0200 Subject: [PATCH 21/26] mwan3: update version to 2.8.11 Signed-off-by: Florian Eckert (cherry picked from commit f601e6cfa4a93954336b740dffdad2464a2b2b45) --- net/mwan3/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile index 6849617f2..ce4bfcec2 100644 --- a/net/mwan3/Makefile +++ b/net/mwan3/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mwan3 -PKG_VERSION:=2.8.10 +PKG_VERSION:=2.8.11 PKG_RELEASE:=1 PKG_MAINTAINER:=Florian Eckert PKG_LICENSE:=GPL-2.0 From 294e7503b575f9d5be3161c36ad8aaefece87d15 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Wed, 22 Jul 2020 09:19:55 +0200 Subject: [PATCH 22/26] mwan3: fix race condition on mwan3 restart This adjustment of the locks fixes the race condition when a mwan3 hotplug script and a mwan3 command are running at the same time. Signed-off-by: Florian Eckert (cherry picked from commit 2dac1bcdc969a940fa34396db89ae3f1f2a3073f) --- net/mwan3/files/etc/hotplug.d/iface/15-mwan3 | 14 +++++++----- net/mwan3/files/etc/hotplug.d/iface/16-mwan3 | 11 +++++++--- .../files/etc/hotplug.d/iface/16-mwan3-user | 16 ++++++++++++-- net/mwan3/files/usr/sbin/mwan3 | 22 ++++++++++++++----- 4 files changed, 47 insertions(+), 16 deletions(-) diff --git a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 index 5bfbd2462..db2dc237a 100644 --- a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 +++ b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 @@ -12,19 +12,24 @@ if [ "$ACTION" == "ifup" ]; then [ -n "$DEVICE" ] || exit 3 fi +mwan3_lock "$ACTION" "$INTERFACE" config_load mwan3 config_get_bool enabled globals 'enabled' '0' -[ ${enabled} -gt 0 ] || exit 0 +[ ${enabled} -gt 0 ] || { + mwan3_unlock "$ACTION" "$INTERFACE" + exit 0 +} -mwan3_lock "$ACTION" "$INTERFACE" mwan3_init mwan3_set_connected_iptables mwan3_set_custom_ipset -mwan3_unlock "$ACTION" "$INTERFACE" config_get enabled $INTERFACE enabled 0 config_get initial_state $INTERFACE initial_state "online" -[ "$enabled" == "1" ] || exit 0 +[ "${enabled}" == "1" ] || { + mwan3_unlock "$ACTION" "$INTERFACE" + exit 0 +} if [ "$ACTION" == "ifup" ]; then config_get family $INTERFACE family ipv4 @@ -58,7 +63,6 @@ else running=1 fi -mwan3_lock "$ACTION" "$INTERFACE" $LOG notice "Execute "$ACTION" event on interface $INTERFACE (${DEVICE:-unknown})" case "$ACTION" in diff --git a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3 b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3 index c243d55ff..d68401fed 100644 --- a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3 +++ b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3 @@ -4,14 +4,17 @@ . /lib/functions/network.sh . /lib/mwan3/mwan3.sh +mwan3_lock "$ACTION" "mwan3rtmon" + config_load mwan3 config_get_bool enabled globals 'enabled' '0' -[ ${enabled} -gt 0 ] || exit 0 +[ ${enabled} -gt 0 ] || { + mwan3_unlock "$ACTION" "mwan3rtmon" + exit 0 +} if [ "$ACTION" == "ifup" ]; then - mwan3_lock "$ACTION" "mwan3rtmon" mwan3_rtmon - mwan3_unlock "$ACTION" "mwan3rtmon" fi config_get enabled $INTERFACE enabled 0 @@ -19,4 +22,6 @@ config_get enabled $INTERFACE enabled 0 mwan3_flush_conntrack "$INTERFACE" "$ACTION" } +mwan3_unlock "$ACTION" "mwan3rtmon" + exit 0 diff --git a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user index 9372c736e..ef490e183 100644 --- a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user +++ b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user @@ -2,13 +2,25 @@ [ -f "/etc/mwan3.user" ] && { . /lib/functions.sh + . /lib/mwan3/mwan3.sh + + mwan3_lock "$ACTION" "user" config_load mwan3 config_get_bool enabled globals 'enabled' '0' - [ ${enabled} -gt 0 ] || exit 0 + [ ${enabled} -gt 0 ] || { + mwan3_unlock "$ACTION" "user" + exit 0 + } config_get enabled "$INTERFACE" enabled 0 - [ "${enabled}" = "1" ] || exit 0 + [ "${enabled}" = "1" ] || { + mwan3_unlock "$ACTION" "user" + exit 0 + } + + mwan3_unlock "$ACTION" "user" + env -i ACTION="$ACTION" INTERFACE="$INTERFACE" DEVICE="$DEVICE" \ /bin/sh /etc/mwan3.user } diff --git a/net/mwan3/files/usr/sbin/mwan3 b/net/mwan3/files/usr/sbin/mwan3 index b9a5afb9e..dc65279be 100755 --- a/net/mwan3/files/usr/sbin/mwan3 +++ b/net/mwan3/files/usr/sbin/mwan3 @@ -45,30 +45,39 @@ ifup() { local device enabled up l3_device status + mwan3_lock "command" "mwan3" + config_load mwan3 config_get_bool enabled globals 'enabled' 0 + [ ${enabled} -gt 0 ] || { echo "The service mwan3 is global disabled." echo "Please execute \"/etc/init.d/mwan3 start\" first." + mwan3_unlock "command" "mwan3" exit 1 } if [ -z "$1" ]; then - echo "Expecting interface. Usage: mwan3 ifup " && exit 0 + echo "Expecting interface. Usage: mwan3 ifup " + mwan3_unlock "command" "mwan3" + exit 0 fi if [ -n "$2" ]; then - echo "Too many arguments. Usage: mwan3 ifup " && exit 0 + echo "Too many arguments. Usage: mwan3 ifup " + mwan3_unlock "command" "mwan3" + exit 0 fi + config_get enabled "$1" enabled 0 + mwan3_unlock "command" "mwan3" + status=$(ubus -S call network.interface.$1 status) [ -n "$status" ] && { json_load "$status" json_get_vars up l3_device } - config_get enabled "$1" enabled 0 - if [ "$up" = "1" ] \ && [ -n "$l3_device" ] \ && [ "$enabled" = "1" ]; then @@ -130,7 +139,9 @@ start() { local enabled + mwan3_lock "command" "mwan3" uci_toggle_state mwan3 globals enabled "1" + mwan3_unlock "command" "mwan3" config_load mwan3 config_foreach ifup interface @@ -141,6 +152,7 @@ stop() local ipset route rule table IP IPT pid mwan3_lock "command" "mwan3" + uci_toggle_state mwan3 globals enabled "0" for pid in $(pgrep -f "mwan3rtmon"); do kill -TERM "$pid" > /dev/null 2>&1 @@ -200,8 +212,6 @@ stop() mwan3_lock_clean rm -rf $MWAN3_STATUS_DIR $MWAN3TRACK_STATUS_DIR - - uci_toggle_state mwan3 globals enabled "0" } restart() { From 520eeb08046d905a665770ee3a821a59ae7cd57b Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Fri, 24 Jul 2020 08:02:49 +0200 Subject: [PATCH 23/26] mwan3: revert: also cleanup lock on mwan3 stop This reverts commit cde2a77ed3b3b0df9e693e121dccdc97ef163156. Applying this change has shown that it is even quicker to provoke the race condtition on simultan mwan3 commands execution. By reversing the change we have the same behaviour as before. But the race condition on mwan3 execute at the same time still exists. Signed-off-by: Florian Eckert (cherry picked from commit b5bd6d757b8ac9b3eb7fd1e19880924057cce7a7) --- net/mwan3/files/lib/mwan3/mwan3.sh | 7 ------- 1 file changed, 7 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index 2ec760f9a..ab21ad3b2 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -204,13 +204,6 @@ mwan3_unlock() { } mwan3_lock_clean() { - for pid in $(pgrep -f "lock /var/run/mwan3.lock"); do - kill -TERM "$pid" > /dev/null 2>&1 - done - sleep 1 - for pid in $(pgrep -f "lock /var/run/mwan3.lock"); do - kill -KILL "$pid" > /dev/null 2>&1 - done rm -rf /var/run/mwan3.lock } From 138d02cfcb0c27040376d39de13b5975c0f5203f Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Mon, 27 Jul 2020 09:02:40 +0200 Subject: [PATCH 24/26] mwan3: remove lock file entirely Removing the lock file ist not necessary Signed-off-by: Florian Eckert (cherry picked from commit ab747fe0fb3b60c0bd42ea2c4fc045273eb46f6f) --- net/mwan3/files/lib/mwan3/mwan3.sh | 4 ---- net/mwan3/files/usr/sbin/mwan3 | 1 - 2 files changed, 5 deletions(-) diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh index ab21ad3b2..3c7422dc0 100644 --- a/net/mwan3/files/lib/mwan3/mwan3.sh +++ b/net/mwan3/files/lib/mwan3/mwan3.sh @@ -203,10 +203,6 @@ mwan3_unlock() { lock -u /var/run/mwan3.lock } -mwan3_lock_clean() { - rm -rf /var/run/mwan3.lock -} - mwan3_get_iface_id() { local _tmp _iface _iface_count diff --git a/net/mwan3/files/usr/sbin/mwan3 b/net/mwan3/files/usr/sbin/mwan3 index dc65279be..79a0eba25 100755 --- a/net/mwan3/files/usr/sbin/mwan3 +++ b/net/mwan3/files/usr/sbin/mwan3 @@ -210,7 +210,6 @@ stop() mwan3_unlock "command" "mwan3" - mwan3_lock_clean rm -rf $MWAN3_STATUS_DIR $MWAN3TRACK_STATUS_DIR } From 5f934c6678f695ce93fda3555b247f7aeb38f3e7 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Mon, 27 Jul 2020 10:24:59 +0200 Subject: [PATCH 25/26] mwan3: unify variable check Signed-off-by: Florian Eckert (cherry picked from commit 981d1eb83a3b0676c71559ac8b514c4f8ff56e1b) --- net/mwan3/files/etc/hotplug.d/iface/15-mwan3 | 12 ++++++------ net/mwan3/files/etc/hotplug.d/iface/16-mwan3 | 8 ++++---- net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user | 6 +++--- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 index db2dc237a..645cdd3e4 100644 --- a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 +++ b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 @@ -9,13 +9,13 @@ [ -n "$INTERFACE" ] || exit 2 if [ "$ACTION" == "ifup" ]; then - [ -n "$DEVICE" ] || exit 3 + [ -n "$DEVICE" ] || exit 3 fi mwan3_lock "$ACTION" "$INTERFACE" config_load mwan3 config_get_bool enabled globals 'enabled' '0' -[ ${enabled} -gt 0 ] || { +[ "${enabled}" -gt 0 ] || { mwan3_unlock "$ACTION" "$INTERFACE" exit 0 } @@ -24,14 +24,14 @@ mwan3_init mwan3_set_connected_iptables mwan3_set_custom_ipset -config_get enabled $INTERFACE enabled 0 config_get initial_state $INTERFACE initial_state "online" -[ "${enabled}" == "1" ] || { +config_get_bool enabled $INTERFACE 'enabled' '0' +[ "${enabled}" -eq 1 ] || { mwan3_unlock "$ACTION" "$INTERFACE" exit 0 } -if [ "$ACTION" == "ifup" ]; then +if [ "$ACTION" = "ifup" ]; then config_get family $INTERFACE family ipv4 if [ "$family" = "ipv4" ]; then ubus call network.interface.${INTERFACE}_4 status &>/dev/null @@ -72,7 +72,7 @@ case "$ACTION" in mwan3_create_iface_iptables $INTERFACE $DEVICE mwan3_create_iface_rules $INTERFACE $DEVICE mwan3_create_iface_route $INTERFACE $DEVICE - if [ ${running} -eq 1 -a "${status}" = "online" ]; then + if [ "${running}" -eq 1 ] && [ "${status}" = "online" ]; then $LOG notice "Starting tracker on interface $INTERFACE (${DEVICE:-unknown})" mwan3_set_iface_hotplug_state $INTERFACE "online" mwan3_track $INTERFACE $DEVICE "online" "$src_ip" diff --git a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3 b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3 index d68401fed..dd09358eb 100644 --- a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3 +++ b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3 @@ -8,17 +8,17 @@ mwan3_lock "$ACTION" "mwan3rtmon" config_load mwan3 config_get_bool enabled globals 'enabled' '0' -[ ${enabled} -gt 0 ] || { +[ "${enabled}" -gt 0 ] || { mwan3_unlock "$ACTION" "mwan3rtmon" exit 0 } -if [ "$ACTION" == "ifup" ]; then +if [ "$ACTION" = "ifup" ]; then mwan3_rtmon fi -config_get enabled $INTERFACE enabled 0 -[ "${enabled}" = "0" ] || { +config_get_bool enabled "$INTERFACE" 'enabled' '0' +[ "${enabled}" -eq 0 ] || { mwan3_flush_conntrack "$INTERFACE" "$ACTION" } diff --git a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user index ef490e183..af28b1f4f 100644 --- a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user +++ b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user @@ -8,13 +8,13 @@ config_load mwan3 config_get_bool enabled globals 'enabled' '0' - [ ${enabled} -gt 0 ] || { + [ "${enabled}" -gt 0 ] || { mwan3_unlock "$ACTION" "user" exit 0 } - config_get enabled "$INTERFACE" enabled 0 - [ "${enabled}" = "1" ] || { + config_get_bool enabled "$INTERFACE" enabled 0 + [ "${enabled}" -eq 1 ] || { mwan3_unlock "$ACTION" "user" exit 0 } From b32500958b6fa3fac7e16b244f21af0a55cdc010 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Fri, 24 Jul 2020 08:09:05 +0200 Subject: [PATCH 26/26] mwan3: update version to 2.8.12 Signed-off-by: Florian Eckert (cherry picked from commit 85e91377cf2f1b74e469ad2a921fbcfc0846db9c) --- net/mwan3/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile index ce4bfcec2..958c21061 100644 --- a/net/mwan3/Makefile +++ b/net/mwan3/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mwan3 -PKG_VERSION:=2.8.11 +PKG_VERSION:=2.8.12 PKG_RELEASE:=1 PKG_MAINTAINER:=Florian Eckert PKG_LICENSE:=GPL-2.0