Merge pull request #4811 from marcin1j/pr/20170902-mwan3-fix-interface-bound-network-traffic
mwan3: fix interface-bound traffic when interface is offline
This commit is contained in:
Hannu Nyman
GitHub
commit
7e012770f8
5 changed files with 38 additions and 25 deletions
|
|
@ -8,7 +8,7 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=mwan3
|
||||
PKG_VERSION:=2.6.4
|
||||
PKG_VERSION:=2.6.5
|
||||
PKG_RELEASE:=1
|
||||
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
|
||||
PKG_LICENSE:=GPLv2
|
||||
|
|
|
|||
|
|
@ -65,21 +65,23 @@ case "$ACTION" in
|
|||
mwan3_set_general_rules
|
||||
mwan3_set_general_iptables
|
||||
mwan3_create_iface_iptables $INTERFACE $DEVICE
|
||||
mwan3_create_iface_rules $INTERFACE $DEVICE
|
||||
mwan3_create_iface_route $INTERFACE $DEVICE
|
||||
if [ ${running} -eq 1 -a "${status}" = "online" ]; then
|
||||
mwan3_create_iface_rules $INTERFACE $DEVICE
|
||||
mwan3_create_iface_route $INTERFACE $DEVICE
|
||||
$LOG notice "Starting tracker on interface $INTERFACE (${DEVICE:-unknown})"
|
||||
mwan3_set_iface_hotplug_state $INTERFACE "online"
|
||||
mwan3_track $INTERFACE $DEVICE "online" "$src_ip"
|
||||
mwan3_set_policies_iptables
|
||||
mwan3_set_user_rules
|
||||
mwan3_flush_conntrack $INTERFACE $DEVICE "ifup"
|
||||
else
|
||||
$LOG notice "Starting tracker on interface $INTERFACE (${DEVICE:-unknown})"
|
||||
mwan3_set_iface_hotplug_state $INTERFACE "offline"
|
||||
mwan3_track $INTERFACE $DEVICE "offline" "$src_ip"
|
||||
fi
|
||||
;;
|
||||
ifdown)
|
||||
mwan3_delete_iface_rules $INTERFACE
|
||||
mwan3_delete_iface_route $INTERFACE
|
||||
mwan3_set_iface_hotplug_state $INTERFACE "offline"
|
||||
mwan3_delete_iface_ipset_entries $INTERFACE
|
||||
mwan3_track_signal $INTERFACE $DEVICE
|
||||
mwan3_set_policies_iptables
|
||||
|
|
|
|||
|
|
@ -8,15 +8,16 @@ IPT6="ip6tables -t mangle -w"
|
|||
LOG="logger -t mwan3[$$] -p"
|
||||
CONNTRACK_FILE="/proc/net/nf_conntrack"
|
||||
|
||||
MWAN3_STATUS_DIR="/var/run/mwan3track"
|
||||
MWAN3_STATUS_DIR="/var/run/mwan3"
|
||||
MWAN3TRACK_STATUS_DIR="/var/run/mwan3track"
|
||||
|
||||
[ -d $MWAN3_STATUS_DIR ] || mkdir -p $MWAN3_STATUS_DIR/iface_state
|
||||
# mwan3's MARKing mask (at least 3 bits should be set)
|
||||
if [ -e "${MWAN3_STATUS_DIR}/mmx_mask" ]; then
|
||||
MMX_MASK=$(cat "${MWAN3_STATUS_DIR}/mmx_mask")
|
||||
else
|
||||
config_load mwan3
|
||||
config_get MMX_MASK globals mmx_mask '0xff00'
|
||||
mkdir -p "${MWAN3_STATUS_DIR}"
|
||||
echo "$MMX_MASK" > "${MWAN3_STATUS_DIR}/mmx_mask"
|
||||
$LOG notice "Using firewall mask ${MMX_MASK}"
|
||||
fi
|
||||
|
|
@ -499,7 +500,7 @@ mwan3_set_policy()
|
|||
|
||||
if [ "$family" == "ipv4" ]; then
|
||||
|
||||
if [ -n "$($IP4 route list table $id)" ]; then
|
||||
if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then
|
||||
if [ "$metric" -lt "$lowest_metric_v4" ]; then
|
||||
|
||||
total_weight_v4=$weight
|
||||
|
|
@ -532,7 +533,7 @@ mwan3_set_policy()
|
|||
|
||||
if [ "$family" == "ipv6" ]; then
|
||||
|
||||
if [ -n "$($IP6 route list table $id)" ]; then
|
||||
if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then
|
||||
if [ "$metric" -lt "$lowest_metric_v6" ]; then
|
||||
|
||||
total_weight_v6=$weight
|
||||
|
|
@ -763,6 +764,19 @@ mwan3_set_user_rules()
|
|||
config_foreach mwan3_set_user_iptables_rule rule
|
||||
}
|
||||
|
||||
mwan3_set_iface_hotplug_state() {
|
||||
local iface=$1
|
||||
local state=$2
|
||||
|
||||
echo -n $state > $MWAN3_STATUS_DIR/iface_state/$iface
|
||||
}
|
||||
|
||||
mwan3_get_iface_hotplug_state() {
|
||||
local iface=$1
|
||||
|
||||
cat $MWAN3_STATUS_DIR/iface_state/$iface 2>/dev/null || echo "unknown"
|
||||
}
|
||||
|
||||
mwan3_report_iface_status()
|
||||
{
|
||||
local device result track_ips tracking IP IPT
|
||||
|
|
@ -784,16 +798,14 @@ mwan3_report_iface_status()
|
|||
|
||||
if [ -z "$id" -o -z "$device" ]; then
|
||||
result="unknown"
|
||||
elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')"i -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
|
||||
result="online"
|
||||
elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
|
||||
result="$(mwan3_get_iface_hotplug_state $1)"
|
||||
elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -o -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -o -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -o -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -o -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
|
||||
result="error"
|
||||
elif [ "$enabled" == "1" ]; then
|
||||
result="offline"
|
||||
else
|
||||
if [ "$enabled" == "1" ]; then
|
||||
result="offline"
|
||||
else
|
||||
result="disabled"
|
||||
fi
|
||||
result="disabled"
|
||||
fi
|
||||
|
||||
mwan3_list_track_ips()
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
. /lib/functions/network.sh
|
||||
. /usr/share/libubox/jshn.sh
|
||||
|
||||
MWAN3_STATUS_DIR="/var/run/mwan3track"
|
||||
MWAN3TRACK_STATUS_DIR="/var/run/mwan3track"
|
||||
|
||||
IPS="ipset"
|
||||
IPT4="iptables -t mangle -w"
|
||||
|
|
@ -45,7 +45,7 @@ get_mwan3_status() {
|
|||
running="1"
|
||||
fi
|
||||
|
||||
time_p="$(cat "$MWAN3_STATUS_DIR/${iface}/TIME")"
|
||||
time_p="$(cat "$MWAN3TRACK_STATUS_DIR/${iface}/TIME")"
|
||||
[ -z "${time_p}" ] || {
|
||||
time_n="$(date +'%s')"
|
||||
let age=time_n-time_p
|
||||
|
|
@ -53,13 +53,13 @@ get_mwan3_status() {
|
|||
|
||||
json_add_object "${iface}"
|
||||
json_add_int age "$age"
|
||||
json_add_int "score" "$(cat "$MWAN3_STATUS_DIR/${iface}/SCORE")"
|
||||
json_add_int "lost" "$(cat "$MWAN3_STATUS_DIR/${iface}/LOST")"
|
||||
json_add_int "turn" "$(cat "$MWAN3_STATUS_DIR/${iface}/TURN")"
|
||||
json_add_string "status" "$(cat "$MWAN3_STATUS_DIR/${iface}/STATUS")"
|
||||
json_add_int "score" "$(cat "$MWAN3TRACK_STATUS_DIR/${iface}/SCORE")"
|
||||
json_add_int "lost" "$(cat "$MWAN3TRACK_STATUS_DIR/${iface}/LOST")"
|
||||
json_add_int "turn" "$(cat "$MWAN3TRACK_STATUS_DIR/${iface}/TURN")"
|
||||
json_add_string "status" "$(cat "$MWAN3TRACK_STATUS_DIR/${iface}/STATUS")"
|
||||
json_add_boolean "running" "${running}"
|
||||
json_add_array "track_ip"
|
||||
for file in $MWAN3_STATUS_DIR/${iface}/*; do
|
||||
for file in $MWAN3TRACK_STATUS_DIR/${iface}/*; do
|
||||
track="${file#*/TRACK_}"
|
||||
if [ "${track}" != "${file}" ]; then
|
||||
json_add_object
|
||||
|
|
|
|||
|
|
@ -37,7 +37,6 @@ ifdown()
|
|||
ACTION=ifdown INTERFACE=$1 /sbin/hotplug-call iface
|
||||
|
||||
kill $(pgrep -f "mwan3track $1 $2") &> /dev/null
|
||||
mwan3_delete_iface_iptables $1
|
||||
mwan3_track_clean $1
|
||||
}
|
||||
|
||||
|
|
@ -160,7 +159,7 @@ stop()
|
|||
done
|
||||
|
||||
mwan3_lock_clean
|
||||
rm -rf "${MWAN3_STATUS_DIR}/mmx_mask"
|
||||
rm -rf $MWAN3_STATUS_DIR $MWAN3TRACK_STATUS_DIR
|
||||
}
|
||||
|
||||
restart() {
|
||||
|
|
|
|||
Loading…
Reference in a new issue