mwan3: add "use" function to mwan3 utils

Use "mwan3 use" to wrap a command with interface bindings so that you can avoid the mwan3 rules and test behavior on a specific interface. eg "mwan3 use wan ping -c1 1.1.1.1" Additional binding arguments to the command will have their system calls intercepted and ignored. eg "mwan3 use wan ping -c1 -I tun0 1.1.1.1" will use the device associated with "wan", rather than "tun0". Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
2020-08-25 18:16:07 -04:00 · 2020-08-25 18:16:07 -04:00 · d49ca29eca
commit d49ca29eca
parent bbbc6127ab
3 changed files with 44 additions and 17 deletions
--- a/net/mwan3/files/lib/mwan3/common.sh
+++ b/net/mwan3/files/lib/mwan3/common.sh
@ -49,10 +49,12 @@ mwan3_get_true_iface()

 mwan3_get_src_ip()
 {
-	local family _src_ip true_iface device addr_cmd default_ip IP sed_str
-	true_iface=$2
+	local family _src_ip interface true_iface device addr_cmd default_ip IP sed_str
+	interface=$2
+	mwan3_get_true_iface true_iface $interface
+
 	unset "$1"
-	config_get family "$true_iface" family ipv4
+	config_get family "$interface" family ipv4
 	if [ "$family" = "ipv4" ]; then
 		addr_cmd='network_get_ipaddr'
 		default_ip="0.0.0.0"
--- a/net/mwan3/files/usr/sbin/mwan3
+++ b/net/mwan3/files/usr/sbin/mwan3
@ -12,17 +12,17 @@ help()
 Syntax: mwan3 [command]

 Available commands:
-	start           Load iptables rules, ip rules and ip routes
-	stop            Unload iptables rules, ip rules and ip routes
-	restart         Reload iptables rules, ip rules and ip routes
-	ifup <iface>    Load rules and routes for specific interface
-	ifdown <iface>  Unload rules and routes for specific interface
-	interfaces      Show interfaces status
-	policies        Show currently active policy
-	connected       Show directly connected networks
-	rules           Show active rules
-	status          Show all status
-
+	start               Load iptables rules, ip rules and ip routes
+	stop                Unload iptables rules, ip rules and ip routes
+	restart             Reload iptables rules, ip rules and ip routes
+	ifup <iface>        Load rules and routes for specific interface
+	ifdown <iface>      Unload rules and routes for specific interface
+	interfaces          Show interfaces status
+	policies            Show currently active policy
+	connected           Show directly connected networks
+	rules               Show active rules
+	status              Show all status
+	use <iface> <cmd>   Run a command bound to <iface> and avoid mwan3 rules
 EOF
 }

@ -123,8 +123,33 @@ restart() {
 	/etc/init.d/mwan3 start
 }

+wrap() {
+	# Run a command with the device, src_ip and fwmark set to avoid processing by mwan3
+	# firewall rules
+
+	local interface device src_ip family
+	mwan3_init
+	config_load mwan3
+
+	interface=$1 ; shift
+	[ -z "$*" ] && echo "no command specified for mwan3 wrap" && return
+	network_get_device device $interface
+	[ -z "$device" ] && echo "could not find device for $interface" && return
+
+	mwan3_get_src_ip src_ip $interface
+	[ -z "$src_ip" ] && echo "could not find src_ip for $interface" && return
+
+	config_get family $interface family
+	[ -z "$family" ] && echo "could not find family for $interface. Using ipv4." && family='ipv4'
+
+	echo "Running '$*' with DEVICE=$device SRCIP=$src_ip FWMARK=$MMX_DEFAULT FAMILY=$family"
+	# shellcheck disable=SC2048
+	FAMILY=$family DEVICE=$device SRCIP=$src_ip FWMARK=$MMX_DEFAULT LD_PRELOAD=/lib/mwan3/libwrap_mwan3_sockopt.so.1.0 $*
+
+}
+
 case "$1" in
-	ifup|ifdown|interfaces|policies|connected|rules|status|start|stop|restart)
+	ifup|ifdown|interfaces|policies|connected|rules|status|start|stop|restart|use)
 		mwan3_init
 		# shellcheck disable=SC2048
 		$*
--- a/net/mwan3/files/usr/sbin/mwan3track
+++ b/net/mwan3/files/usr/sbin/mwan3track
@ -129,7 +129,7 @@ firstconnect() {
 		return
 	fi

-	mwan3_get_src_ip SRC_IP $true_iface
+	mwan3_get_src_ip SRC_IP $INTERFACE

 	LOG debug "firstconnect: called on $INTERFACE/$true_iface ($DEVICE). Status is $STATUS. SRC_IP is $SRC_IP"

@ -223,7 +223,7 @@ main() {
 							wait $TRACK_PID
 							result=$?
 						else
-							WRAP $PING -${family#ipv} -I ${SOURCE} -c $count -W $timeout -s $size -t $max_ttl -q $track_ip 2>/dev/null > $TRACK_OUTPUT &
+							WRAP $PING -${family#ipv} -c $count -W $timeout -s $size -t $max_ttl -q $track_ip 2>/dev/null > $TRACK_OUTPUT &
 							TRACK_PID=$!
 							wait $TRACK_PID
 							ping_status=$?