From 952f3e1361a462930fb78513e8e1bf34c30ca16d Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Mon, 15 Oct 2018 16:01:03 +0200
Subject: [PATCH 1/8] net/mwan3: cleanup/prettify 80 characters code boundary

Prettify and cleanup source

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/mwan3/files/lib/mwan3/mwan3.sh | 239 +++++++++++++++++++++++------
 1 file changed, 193 insertions(+), 46 deletions(-)

diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index d0a47a523..7c4195394 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -242,7 +242,9 @@ mwan3_set_general_iptables()
 		if ! $IPT -S mwan3_connected &> /dev/null; then
 			$IPT -N mwan3_connected
 			$IPS -! create mwan3_connected list:set
-			$IPT -A mwan3_connected -m set --match-set mwan3_connected dst -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+			$IPT -A mwan3_connected \
+				-m set --match-set mwan3_connected dst \
+				-j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
 		fi
 
 		if ! $IPT -S mwan3_rules &> /dev/null; then
@@ -253,18 +255,43 @@ mwan3_set_general_iptables()
 			$IPT -N mwan3_hook
 			# do not mangle ipv6 ra service
 			if [ "$IPT" = "$IPT6" ]; then
-				$IPT6 -A mwan3_hook -p ipv6-icmp -m icmp6 --icmpv6-type 133 -j RETURN
-				$IPT6 -A mwan3_hook -p ipv6-icmp -m icmp6 --icmpv6-type 134 -j RETURN
-				$IPT6 -A mwan3_hook -p ipv6-icmp -m icmp6 --icmpv6-type 135 -j RETURN
-				$IPT6 -A mwan3_hook -p ipv6-icmp -m icmp6 --icmpv6-type 136 -j RETURN
-				$IPT6 -A mwan3_hook -p ipv6-icmp -m icmp6 --icmpv6-type 137 -j RETURN
+				$IPT6 -A mwan3_hook \
+					-p ipv6-icmp \
+					-m icmp6 --icmpv6-type 133 \
+					-j RETURN
+				$IPT6 -A mwan3_hook \
+					-p ipv6-icmp \
+					-m icmp6 --icmpv6-type 134 \
+					-j RETURN
+				$IPT6 -A mwan3_hook \
+					-p ipv6-icmp \
+					-m icmp6 --icmpv6-type 135 \
+					-j RETURN
+				$IPT6 -A mwan3_hook \
+					-p ipv6-icmp \
+					-m icmp6 --icmpv6-type 136 \
+					-j RETURN
+				$IPT6 -A mwan3_hook \
+					-p ipv6-icmp \
+					-m icmp6 --icmpv6-type 137 \
+					-j RETURN
 			fi
-			$IPT -A mwan3_hook -j CONNMARK --restore-mark --nfmask $MMX_MASK --ctmask $MMX_MASK
-			$IPT -A mwan3_hook -m mark --mark 0x0/$MMX_MASK -j mwan3_ifaces_in
-			$IPT -A mwan3_hook -m mark --mark 0x0/$MMX_MASK -j mwan3_connected
-			$IPT -A mwan3_hook -m mark --mark 0x0/$MMX_MASK -j mwan3_rules
-			$IPT -A mwan3_hook -j CONNMARK --save-mark --nfmask $MMX_MASK --ctmask $MMX_MASK
-			$IPT -A mwan3_hook -m mark ! --mark $MMX_DEFAULT/$MMX_MASK -j mwan3_connected
+			$IPT -A mwan3_hook \
+				-j CONNMARK --restore-mark --nfmask $MMX_MASK --ctmask $MMX_MASK
+			$IPT -A mwan3_hook \
+				-m mark --mark 0x0/$MMX_MASK \
+				-j mwan3_ifaces_in
+			$IPT -A mwan3_hook \
+				-m mark --mark 0x0/$MMX_MASK \
+				-j mwan3_connected
+			$IPT -A mwan3_hook \
+				-m mark --mark 0x0/$MMX_MASK \
+				-j mwan3_rules
+			$IPT -A mwan3_hook \
+				-j CONNMARK --save-mark --nfmask $MMX_MASK --ctmask $MMX_MASK
+			$IPT -A mwan3_hook \
+				-m mark ! --mark $MMX_DEFAULT/$MMX_MASK \
+				-j mwan3_connected
 		fi
 
 		if ! $IPT -S PREROUTING | grep mwan3_hook &> /dev/null; then
@@ -298,11 +325,24 @@ mwan3_create_iface_iptables()
 		fi
 
 		$IPT4 -F mwan3_iface_in_$1
-		$IPT4 -A mwan3_iface_in_$1 -i $2 -m set --match-set mwan3_connected src -m mark --mark 0x0/$MMX_MASK -m comment --comment "default" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
-		$IPT4 -A mwan3_iface_in_$1 -i $2 -m mark --mark 0x0/$MMX_MASK -m comment --comment "$1" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+		$IPT4 -A mwan3_iface_in_$1 \
+			-i $2 \
+			-m set --match-set mwan3_connected src \
+			-m mark --mark 0x0/$MMX_MASK \
+			-m comment --comment "default" \
+			-j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+		$IPT4 -A mwan3_iface_in_$1 \
+			-i $2 \
+			-m mark --mark 0x0/$MMX_MASK \
+			-m comment --comment "$1" \
+			-j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
 
-		$IPT4 -D mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1 &> /dev/null
-		$IPT4 -A mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1
+		$IPT4 -D mwan3_ifaces_in \
+			-m mark --mark 0x0/$MMX_MASK \
+			-j mwan3_iface_in_$1 &> /dev/null
+		$IPT4 -A mwan3_ifaces_in \
+			-m mark --mark 0x0/$MMX_MASK \
+			-j mwan3_iface_in_$1
 	fi
 
 	if [ "$family" == "ipv6" ]; then
@@ -317,11 +357,21 @@ mwan3_create_iface_iptables()
 		fi
 
 		$IPT6 -F mwan3_iface_in_$1
-		$IPT6 -A mwan3_iface_in_$1 -i $2 -m set --match-set mwan3_connected_v6 src -m mark --mark 0x0/$MMX_MASK -m comment --comment "default" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
-		$IPT6 -A mwan3_iface_in_$1 -i $2 -m mark --mark 0x0/$MMX_MASK -m comment --comment "$1" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+		$IPT6 -A mwan3_iface_in_$1 -i $2 \
+			-m set --match-set mwan3_connected_v6 src \
+			-m mark --mark 0x0/$MMX_MASK \
+			-m comment --comment "default" \
+			-j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+		$IPT6 -A mwan3_iface_in_$1 -i $2 -m mark --mark 0x0/$MMX_MASK \
+			-m comment --comment "$1" \
+			-j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
 
-		$IPT6 -D mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1 &> /dev/null
-		$IPT6 -A mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1
+		$IPT6 -D mwan3_ifaces_in \
+			-m mark --mark 0x0/$MMX_MASK \
+			-j mwan3_iface_in_$1 &> /dev/null
+		$IPT6 -A mwan3_ifaces_in \
+			-m mark --mark 0x0/$MMX_MASK \
+			-j mwan3_iface_in_$1
 	fi
 }
 
@@ -331,14 +381,18 @@ mwan3_delete_iface_iptables()
 
 	if [ "$family" == "ipv4" ]; then
 
-		$IPT4 -D mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1 &> /dev/null
+		$IPT4 -D mwan3_ifaces_in \
+			-m mark --mark 0x0/$MMX_MASK \
+			-j mwan3_iface_in_$1 &> /dev/null
 		$IPT4 -F mwan3_iface_in_$1 &> /dev/null
 		$IPT4 -X mwan3_iface_in_$1 &> /dev/null
 	fi
 
 	if [ "$family" == "ipv6" ]; then
 
-		$IPT6 -D mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1 &> /dev/null
+		$IPT6 -D mwan3_ifaces_in \
+			-m mark --mark 0x0/$MMX_MASK \
+			-j mwan3_iface_in_$1 &> /dev/null
 		$IPT6 -F mwan3_iface_in_$1 &> /dev/null
 		$IPT6 -X mwan3_iface_in_$1 &> /dev/null
 	fi
@@ -568,7 +622,10 @@ mwan3_set_policy()
 
 				total_weight_v4=$weight
 				$IPT4 -F mwan3_policy_$policy
-				$IPT4 -A mwan3_policy_$policy -m mark --mark 0x0/$MMX_MASK -m comment --comment "$iface $weight $weight" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+				$IPT4 -A mwan3_policy_$policy \
+					-m mark --mark 0x0/$MMX_MASK \
+					-m comment --comment "$iface $weight $weight" \
+					-j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
 
 				lowest_metric_v4=$metric
 
@@ -589,12 +646,19 @@ mwan3_set_policy()
 
 				probability="-m statistic --mode random --probability $probability"
 
-				$IPT4 -I mwan3_policy_$policy -m mark --mark 0x0/$MMX_MASK $probability -m comment --comment "$iface $weight $total_weight_v4" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+				$IPT4 -I mwan3_policy_$policy \
+					-m mark --mark 0x0/$MMX_MASK $probability \
+					-m comment --comment "$iface $weight $total_weight_v4" \
+					-j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
 			fi
 		else
 			[ -n "$device" ] && {
 				$IPT4 -S mwan3_policy_$policy | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \
-					$IPT4 -I mwan3_policy_$policy -o $device -m mark --mark 0x0/$MMX_MASK -m comment --comment "out $iface $device" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+					$IPT4 -I mwan3_policy_$policy \
+					-o $device \
+					-m mark --mark 0x0/$MMX_MASK \
+					-m comment --comment "out $iface $device" \
+					-j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
 			}
 		fi
 	fi
@@ -606,7 +670,10 @@ mwan3_set_policy()
 
 				total_weight_v6=$weight
 				$IPT6 -F mwan3_policy_$policy
-				$IPT6 -A mwan3_policy_$policy -m mark --mark 0x0/$MMX_MASK -m comment --comment "$iface $weight $weight" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+				$IPT6 -A mwan3_policy_$policy \
+					-m mark --mark 0x0/$MMX_MASK \
+					-m comment --comment "$iface $weight $weight" \
+					-j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
 
 				lowest_metric_v6=$metric
 
@@ -627,12 +694,20 @@ mwan3_set_policy()
 
 				probability="-m statistic --mode random --probability $probability"
 
-				$IPT6 -I mwan3_policy_$policy -m mark --mark 0x0/$MMX_MASK $probability -m comment --comment "$iface $weight $total_weight_v6" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+				$IPT6 -I mwan3_policy_$policy \
+					-m mark --mark 0x0/$MMX_MASK \
+					$probability \
+					-m comment --comment "$iface $weight $total_weight_v6" \
+					-j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
 			fi
 		else
 			[ -n "$device" ] && {
 				$IPT6 -S mwan3_policy_$policy | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \
-					$IPT6 -I mwan3_policy_$policy -o $device -m mark --mark 0x0/$MMX_MASK -m comment --comment "out $iface $device" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+					$IPT6 -I mwan3_policy_$policy \
+					-o $device \
+					-m mark --mark 0x0/$MMX_MASK \
+					-m comment --comment "out $iface $device" \
+					-j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
 			}
 		fi
 	fi
@@ -660,13 +735,22 @@ mwan3_create_policies_iptables()
 
 		case "$last_resort" in
 			blackhole)
-				$IPT -A mwan3_policy_$1 -m mark --mark 0x0/$MMX_MASK -m comment --comment "blackhole" -j MARK --set-xmark $MMX_BLACKHOLE/$MMX_MASK
+				$IPT -A mwan3_policy_$1 \
+					-m mark --mark 0x0/$MMX_MASK \
+					-m comment --comment "blackhole" \
+					-j MARK --set-xmark $MMX_BLACKHOLE/$MMX_MASK
 			;;
 			default)
-				$IPT -A mwan3_policy_$1 -m mark --mark 0x0/$MMX_MASK -m comment --comment "default" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+				$IPT -A mwan3_policy_$1 \
+					-m mark --mark 0x0/$MMX_MASK \
+					-m comment --comment "default" \
+					-j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
 			;;
 			*)
-				$IPT -A mwan3_policy_$1 -m mark --mark 0x0/$MMX_MASK -m comment --comment "unreachable" -j MARK --set-xmark $MMX_UNREACHABLE/$MMX_MASK
+				$IPT -A mwan3_policy_$1 \
+					-m mark --mark 0x0/$MMX_MASK \
+					-m comment --comment "unreachable" \
+					-j MARK --set-xmark $MMX_UNREACHABLE/$MMX_MASK
 			;;
 		esac
 	done
@@ -699,8 +783,13 @@ mwan3_set_sticky_iptables()
 
 			for IPT in "$IPT4" "$IPT6"; do
 				if [ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ]; then
-					$IPT -I mwan3_rule_$rule -m mark --mark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK -m set ! --match-set mwan3_sticky_$rule src,src -j MARK --set-xmark 0x0/$MMX_MASK
-					$IPT -I mwan3_rule_$rule -m mark --mark 0/$MMX_MASK -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+					$IPT -I mwan3_rule_$rule \
+						-m mark --mark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK \
+						-m set ! --match-set mwan3_sticky_$rule src,src \
+						-j MARK --set-xmark 0x0/$MMX_MASK
+					$IPT -I mwan3_rule_$rule \
+						-m mark --mark 0/$MMX_MASK \
+						-j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
 				fi
 			done
 		fi
@@ -756,8 +845,12 @@ mwan3_set_user_iptables_rule()
 					$IPT -F mwan3_rule_$1
 				done
 
-				$IPS -! create mwan3_sticky_v4_$rule hash:ip,mark markmask $MMX_MASK timeout $timeout
-				$IPS -! create mwan3_sticky_v6_$rule hash:ip,mark markmask $MMX_MASK timeout $timeout family inet6
+				$IPS -! create mwan3_sticky_v4_$rule \
+					hash:ip,mark markmask $MMX_MASK \
+					timeout $timeout
+				$IPS -! create mwan3_sticky_v6_$rule \
+					hash:ip,mark markmask $MMX_MASK \
+					timeout $timeout family inet6
 				$IPS -! create mwan3_sticky_$rule list:set
 				$IPS -! add mwan3_sticky_$rule mwan3_sticky_v4_$rule
 				$IPS -! add mwan3_sticky_$rule mwan3_sticky_v6_$rule
@@ -765,9 +858,15 @@ mwan3_set_user_iptables_rule()
 				config_foreach mwan3_set_sticky_iptables interface
 
 				for IPT in "$IPT4" "$IPT6"; do
-					$IPT -A mwan3_rule_$1 -m mark --mark 0/$MMX_MASK -j $policy
-					$IPT -A mwan3_rule_$1 -m mark ! --mark 0xfc00/0xfc00 -j SET --del-set mwan3_sticky_$rule src,src
-					$IPT -A mwan3_rule_$1 -m mark ! --mark 0xfc00/0xfc00 -j SET --add-set mwan3_sticky_$rule src,src
+					$IPT -A mwan3_rule_$1 \
+						-m mark --mark 0/$MMX_MASK \
+						-j $policy
+					$IPT -A mwan3_rule_$1 \
+						-m mark ! --mark 0xfc00/0xfc00 \
+						-j SET --del-set mwan3_sticky_$rule src,src
+					$IPT -A mwan3_rule_$1 \
+						-m mark ! --mark 0xfc00/0xfc00 \
+						-j SET --add-set mwan3_sticky_$rule src,src
 				done
 
 				policy="mwan3_rule_$1"
@@ -788,10 +887,24 @@ mwan3_set_user_iptables_rule()
 			for IPT in "$IPT4" "$IPT6"; do
 				case $proto in
 					tcp|udp)
-					$IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/$MMX_MASK -m comment --comment "$1" -j $policy &> /dev/null
+					$IPT -A mwan3_rules \
+						-p $proto \
+						-s $src_ip \
+						-d $dest_ip $ipset \
+						-m multiport --sports $src_port \
+						-m multiport --dports $dest_port \
+						-m mark --mark 0/$MMX_MASK \
+						-m comment --comment "$1" \
+						-j $policy &> /dev/null
 					;;
 					*)
-					$IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m mark --mark 0/$MMX_MASK -m comment --comment "$1" -j $policy &> /dev/null
+					$IPT -A mwan3_rules \
+						-p $proto \
+						-s $src_ip \
+						-d $dest_ip $ipset \
+						-m mark --mark 0/$MMX_MASK \
+						-m comment --comment "$1" \
+						-j $policy &> /dev/null
 					;;
 				esac
 			done
@@ -800,10 +913,24 @@ mwan3_set_user_iptables_rule()
 
 			case $proto in
 				tcp|udp)
-				$IPT4 -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/$MMX_MASK -m comment --comment "$1" -j $policy &> /dev/null
+				$IPT4 -A mwan3_rules \
+					-p $proto \
+					-s $src_ip \
+					-d $dest_ip $ipset \
+					-m multiport --sports $src_port \
+					-m multiport --dports $dest_port \
+					-m mark --mark 0/$MMX_MASK \
+					-m comment --comment "$1" \
+					-j $policy &> /dev/null
 				;;
 				*)
-				$IPT4 -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m mark --mark 0/$MMX_MASK -m comment --comment "$1" -j $policy &> /dev/null
+				$IPT4 -A mwan3_rules \
+					-p $proto \
+					-s $src_ip \
+					-d $dest_ip $ipset \
+					-m mark --mark 0/$MMX_MASK \
+					-m comment --comment "$1" \
+					-j $policy &> /dev/null
 				;;
 			esac
 
@@ -811,10 +938,24 @@ mwan3_set_user_iptables_rule()
 
 			case $proto in
 				tcp|udp)
-				$IPT6 -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/$MMX_MASK -m comment --comment "$1" -j $policy &> /dev/null
+				$IPT6 -A mwan3_rules \
+					-p $proto \
+					-s $src_ip \
+					-d $dest_ip $ipset \
+					-m multiport --sports $src_port \
+					-m multiport --dports $dest_port \
+					-m mark --mark 0/$MMX_MASK \
+					-m comment --comment "$1" \
+					-j $policy &> /dev/null
 				;;
 				*)
-				$IPT6 -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m mark --mark 0/$MMX_MASK -m comment --comment "$1" -j $policy &> /dev/null
+				$IPT6 -A mwan3_rules \
+					-p $proto \
+					-s $src_ip \
+					-d $dest_ip $ipset \
+					-m mark --mark 0/$MMX_MASK \
+					-m comment --comment "$1" \
+					-j $policy &> /dev/null
 				;;
 			esac
 		fi
@@ -871,9 +1012,15 @@ mwan3_report_iface_status()
 
 	if [ -z "$id" -o -z "$device" ]; then
 		result="unknown"
-	elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
+	elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" ] && \
+		[ -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" ] && \
+		[ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ] && \
+		[ -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
 		result="$(mwan3_get_iface_hotplug_state $1)"
-	elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -o -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -o -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -o -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
+	elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" ] || \
+		[ -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" ] || \
+		[ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ] || \
+		[ -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
 		result="error"
 	elif [ "$enabled" == "1" ]; then
 		result="offline"

From ac8c4512d194a5d0b891a88a9e41e45d6ec2f9bb Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Mon, 15 Oct 2018 16:24:25 +0200
Subject: [PATCH 2/8] net/mwan3: reduce duplicate code

The generation for reporting the policies uses the same code add a
common function to reduce duplication.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/mwan3/files/lib/mwan3/mwan3.sh | 58 +++++++++++++-----------------
 1 file changed, 24 insertions(+), 34 deletions(-)

diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index 7c4195394..e7a865b43 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -1047,53 +1047,43 @@ mwan3_report_iface_status()
 	echo " interface $1 is $result and tracking is $tracking"
 }
 
+mwan3_report_policies()
+{
+	local ipt="$1"
+	local policy="$2"
+
+	local percent total_weight weight iface
+
+	total_weight=$($ipt -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
+
+	if [ ! -z "${total_weight##*[!0-9]*}" ]; then
+		for iface in $($ipt -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}'); do
+			weight=$($ipt -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
+			percent=$(($weight*100/$total_weight))
+			echo " $iface ($percent%)"
+		done
+	else
+		echo " $($ipt -S $policy | grep -v '.*--comment "out .*" .*$' | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
+	fi
+}
+
 mwan3_report_policies_v4()
 {
-	local percent policy share total_weight weight iface
+	local policy
 
 	for policy in $($IPT4 -S | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
 		echo "$policy:" | sed 's/mwan3_policy_//'
-
-		[ -n "$total_weight" ] || total_weight=$($IPT4 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
-
-		if [ ! -z "${total_weight##*[!0-9]*}" ]; then
-			for iface in $($IPT4 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}'); do
-				weight=$($IPT4 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
-				percent=$(($weight*100/$total_weight))
-				echo " $iface ($percent%)"
-			done
-		else
-			echo " $($IPT4 -S $policy | grep -v '.*--comment "out .*" .*$' | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
-		fi
-
-		unset total_weight
-
-		echo -e
+		mwan3_report_policies "$IPT4" "$policy"
 	done
 }
 
 mwan3_report_policies_v6()
 {
-	local percent policy share total_weight weight iface
+	local policy
 
 	for policy in $($IPT6 -S | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
 		echo "$policy:" | sed 's/mwan3_policy_//'
-
-		[ -n "$total_weight" ] || total_weight=$($IPT6 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
-
-		if [ ! -z "${total_weight##*[!0-9]*}" ]; then
-			for iface in $($IPT6 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}'); do
-				weight=$($IPT6 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
-				percent=$(($weight*100/$total_weight))
-				echo " $iface ($percent%)"
-			done
-		else
-			echo " $($IPT6 -S $policy | grep -v '.*--comment "out .*" .*$' | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
-		fi
-
-		unset total_weight
-
-		echo -e
+		mwan3_report_policies "$IPT6" "$policy"
 	done
 }
 

From 84007a272302b15e9cd139d55f8d026ca12b75e1 Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Mon, 15 Oct 2018 08:58:57 +0200
Subject: [PATCH 3/8] net/mwan3: enhance ipset status generation

This change should optimize and speed up the status output generation.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/mwan3/files/lib/mwan3/mwan3.sh     | 8 ++------
 net/mwan3/files/usr/libexec/rpcd/mwan3 | 4 ++--
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index e7a865b43..8c8f23523 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -1092,9 +1092,7 @@ mwan3_report_connected_v4()
 	local address
 
 	if [ -n "$($IPT4 -S mwan3_connected 2> /dev/null)" ]; then
-		for address in $($IPS list mwan3_connected_v4 | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
-			echo " $address"
-		done
+		$IPS -o save list mwan3_connected_v4 | grep add | cut -d " " -f 3
 	fi
 }
 
@@ -1103,9 +1101,7 @@ mwan3_report_connected_v6()
 	local address
 
 	if [ -n "$($IPT6 -S mwan3_connected 2> /dev/null)" ]; then
-		for address in $($IPS list mwan3_connected_v6 | egrep '([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])'); do
-			echo " $address"
-		done
+		$IPS -o save list mwan3_connected_v6 | grep add | cut -d " " -f 3
 	fi
 }
 
diff --git a/net/mwan3/files/usr/libexec/rpcd/mwan3 b/net/mwan3/files/usr/libexec/rpcd/mwan3
index a9b31f222..dc4eeb6df 100755
--- a/net/mwan3/files/usr/libexec/rpcd/mwan3
+++ b/net/mwan3/files/usr/libexec/rpcd/mwan3
@@ -15,7 +15,7 @@ report_connected_v4() {
 	local address
 
 	if [ -n "$($IPT4 -S mwan3_connected 2> /dev/null)" ]; then
-		for address in $($IPS list mwan3_connected_v4 | tail -n +8); do
+		for address in $($IPS -o save list mwan3_connected_v4 | grep add | cut -d " " -f 3); do
 			json_add_string "" "${address}"
 		done
 	fi
@@ -25,7 +25,7 @@ report_connected_v6() {
 	local address
 
 	if [ -n "$($IPT6 -S mwan3_connected 2> /dev/null)" ]; then
-		for address in $($IPS list mwan3_connected_v6 | tail -n +8); do
+		for address in $($IPS -o save list mwan3_connected_v6 | grep add | cut -d " " -f 3); do
 			json_add_string "" "${address}"
 		done
 	fi

From 1335e4f3dde65192ae0376792f3d18711439d24f Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Mon, 15 Oct 2018 11:02:55 +0200
Subject: [PATCH 4/8] net/mwan3: cleanup egrep ipv6 regex

The IPv6 egrep regex is confusing and hard to maintain.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/mwan3/files/lib/mwan3/mwan3.sh | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index 8c8f23523..eff51892b 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -7,6 +7,18 @@ IPT4="iptables -t mangle -w"
 IPT6="ip6tables -t mangle -w"
 LOG="logger -t mwan3[$$] -p"
 CONNTRACK_FILE="/proc/net/nf_conntrack"
+IPv6_REGEX="([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|"
+IPv6_REGEX="${IPv6_REGEX}([0-9a-fA-F]{1,4}:){1,7}:|"
+IPv6_REGEX="${IPv6_REGEX}([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|"
+IPv6_REGEX="${IPv6_REGEX}([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|"
+IPv6_REGEX="${IPv6_REGEX}([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|"
+IPv6_REGEX="${IPv6_REGEX}([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|"
+IPv6_REGEX="${IPv6_REGEX}([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|"
+IPv6_REGEX="${IPv6_REGEX}[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|"
+IPv6_REGEX="${IPv6_REGEX}:((:[0-9a-fA-F]{1,4}){1,7}|:)|"
+IPv6_REGEX="${IPv6_REGEX}fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|"
+IPv6_REGEX="${IPv6_REGEX}::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|"
+IPv6_REGEX="${IPv6_REGEX}([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])"
 
 MWAN3_STATUS_DIR="/var/run/mwan3"
 MWAN3TRACK_STATUS_DIR="/var/run/mwan3track"
@@ -199,7 +211,7 @@ mwan3_set_connected_iptables()
 	$IPS -! create mwan3_connected_v6 hash:net family inet6
 	$IPS create mwan3_connected_v6_temp hash:net family inet6
 
-	for connected_network_v6 in $($IP6 route | awk '{print $1}' | egrep '([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])'); do
+	for connected_network_v6 in $($IP6 route | awk '{print $1}' | egrep "$IPv6_REGEX"); do
 		$IPS -! add mwan3_connected_v6_temp $connected_network_v6
 	done
 

From dcb7ad17ba1ee17f0db71073327a909cdd1db55b Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Mon, 15 Oct 2018 11:22:35 +0200
Subject: [PATCH 5/8] net/mwan3: add custom address from ip tables to connected
 ipset

With the list param "rt_table_lookup" in the mwan3 section globals,
it is now possible to add a additional routing table numbers which would get
also parsed and will be added to the connected network.
So mwan3 will treat them as they are directly connected to this device.

This could be usefull if we use ipsec.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/mwan3/files/etc/hotplug.d/iface/15-mwan3 |  1 +
 net/mwan3/files/lib/mwan3/mwan3.sh           | 40 ++++++++++++++++++++
 2 files changed, 41 insertions(+)

diff --git a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3
index a02f88baa..897872e68 100644
--- a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3
+++ b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3
@@ -19,6 +19,7 @@ config_get_bool enabled globals 'enabled' '0'
 mwan3_lock
 mwan3_init
 mwan3_set_connected_iptables
+mwan3_set_custom_ipset
 mwan3_unlock
 
 config_get enabled $INTERFACE enabled 0
diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index eff51892b..712abe07c 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -188,6 +188,46 @@ mwan3_get_iface_id()
 	export "$1=$_tmp"
 }
 
+mwan3_set_custom_ipset_v4()
+{
+	local custom_network_v4
+
+	for custom_network_v4 in $($IP4 route list table "$1" | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
+		$LOG notice "Adding network $custom_network_v4 from table $1 to mwan3_custom_v4 ipset"
+		$IPS -! add mwan3_custom_v4_temp $custom_network_v4
+	done
+}
+
+mwan3_set_custom_ipset_v6()
+{
+	local custom_network_v6
+
+	for custom_network_v6 in $($IP6 route list table "$1" | awk '{print $1}' | egrep "$IPv6_REGEX"); do
+		$LOG notice "Adding network $custom_network_v6 from table $1 to mwan3_custom_v6 ipset"
+		$IPS -! add mwan3_custom_v6_temp $custom_network_v6
+	done
+}
+
+mwan3_set_custom_ipset()
+{
+	$IPS -! create mwan3_custom_v4 hash:net
+	$IPS create mwan3_custom_v4_temp hash:net
+	config_list_foreach "globals" "rt_table_lookup" mwan3_set_custom_ipset_v4
+	$IPS swap mwan3_custom_v4_temp mwan3_custom_v4
+	$IPS destroy mwan3_custom_v4_temp
+
+
+	$IPS -! create mwan3_custom_v6 hash:net family inet6
+	$IPS create mwan3_custom_v6_temp hash:net family inet6
+	config_list_foreach "globals" "rt_table_lookup" mwan3_set_custom_ipset_v6
+	$IPS swap mwan3_custom_v6_temp mwan3_custom_v6
+	$IPS destroy mwan3_custom_v6_temp
+
+	$IPS -! create mwan3_connected list:set
+	$IPS -! add mwan3_connected mwan3_custom_v4
+	$IPS -! add mwan3_connected mwan3_custom_v6
+}
+
 mwan3_set_connected_iptables()
 {
 	local connected_network_v4 connected_network_v6

From 181174b64b69545517bf702add35253c2b54957e Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Fri, 10 Aug 2018 14:31:59 +0200
Subject: [PATCH 6/8] net/mwan3: add dynamic ipsets to mwan3_connected ipsets

During runntime of mwan3 we could add dynamicly networks to this ipset
which would then treated as connected networks by mwan3.

This is also usefull for ipsec.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/mwan3/files/lib/mwan3/mwan3.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index 712abe07c..89ef06841 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -261,6 +261,12 @@ mwan3_set_connected_iptables()
 	$IPS -! create mwan3_connected list:set
 	$IPS -! add mwan3_connected mwan3_connected_v4
 	$IPS -! add mwan3_connected mwan3_connected_v6
+
+	$IPS -! create mwan3_dynamic_v4 hash:net
+	$IPS -! add mwan3_connected mwan3_dynamic_v4
+
+	$IPS -! create mwan3_dynamic_v6 hash:net family inet6
+	$IPS -! add mwan3_connected mwan3_dynamic_v6
 }
 
 mwan3_set_general_rules()

From be91e71805116ac1fd852a1ac0480737538d0b04 Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Wed, 22 Aug 2018 13:41:00 +0200
Subject: [PATCH 7/8] net/mwan3: add online_metric for local_source none

If we set the option "local_source" in the globals mwan3 section to "none",
traffic generated by the router it self will always use the default route from
the wan interface with the lowest metric. If this interface is down
the router traffic still uses the connection with the lowest metric but
this is disconnected. Load balancing and failover from the lan site is
still possible. Only router generated traffic is not load balanced and
could not use failover.

To solve this issue with router initiated traffic add the additional
option "online_metric" to the mwan3 interface section.

If the interface is connected then this lower "online metric" is set in the
default routing table.

With this change we have at least a failover with router initiated
traffic.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/mwan3/files/etc/hotplug.d/iface/13-mwan3 | 98 ++++++++++++++++++++
 net/mwan3/files/lib/mwan3/mwan3.sh           | 22 +++++
 net/mwan3/files/usr/sbin/mwan3               |  1 +
 3 files changed, 121 insertions(+)
 create mode 100644 net/mwan3/files/etc/hotplug.d/iface/13-mwan3

diff --git a/net/mwan3/files/etc/hotplug.d/iface/13-mwan3 b/net/mwan3/files/etc/hotplug.d/iface/13-mwan3
new file mode 100644
index 000000000..c21e1db98
--- /dev/null
+++ b/net/mwan3/files/etc/hotplug.d/iface/13-mwan3
@@ -0,0 +1,98 @@
+#!/bin/sh
+
+. /lib/functions.sh
+. /lib/functions/network.sh
+. /lib/mwan3/mwan3.sh
+
+LOG="logger -t mwan3[$$] -p"
+
+[ "$ACTION" = "connected" -o "$ACTION" = "disconnected" ] || exit 1
+[ -n "$INTERFACE" ] || exit 2
+
+if [ "$ACTION" = "connected" ]; then
+	[ -n "$DEVICE" ] || exit 3
+fi
+
+config_load mwan3
+config_get_bool enabled globals 'enabled' '0'
+config_get local_source globals 'local_source' 'none'
+[ ${enabled} = "1" ] || exit 0
+[ ${local_source} = "none" ] || exit 0
+
+config_get enabled $INTERFACE enabled 0
+config_get online_metric $INTERFACE online_metric 0
+[ "$enabled" == "1" ] || exit 0
+
+if [ "$online_metric" = 0 ]; then
+	$LOG notice "No online metric for interface "$INTERFACE" found"
+	exit 0
+fi
+
+mwan3_add_failover_metric() {
+	local iface="$1"
+	local device="$2"
+	local metric="$3"
+
+	local route_args
+
+	config_get family $iface family ipv4
+
+	if [ "$family" == "ipv4" ]; then
+		if ubus call network.interface.${iface}_4 status 1>/dev/null 2>&1; then
+			network_get_gateway route_args ${iface}_4
+		else
+			network_get_gateway route_args $iface
+		fi
+
+		if [ -n "$route_args" -a "$route_args" != "0.0.0.0" ]; then
+			route_args="via $route_args"
+		else
+			route_args=""
+		fi
+
+		$IP4 route add default $route_args dev $device proto static metric $metric 1>/dev/null 2>&1
+	fi
+
+	if [ "$family" == "ipv6" ]; then
+		if ubus call network.interface.${iface}_6 status 1>/dev/null 2>&1; then
+			network_get_gateway6 route_args ${iface}_6
+		else
+			network_get_gateway6 route_args $iface
+		fi
+
+		if [ -n "$route_args" -a "$route_args" != "::" ]; then
+			route_args="via $route_args"
+		else
+			route_args=""
+		fi
+
+		$IP6 route add default $route_args dev $device proto static metric $metric 1>/dev/null 2>&1
+	fi
+}
+
+mwan3_del_failover_metric() {
+	local iface="$1"
+	local device="$2"
+	local metric="$3"
+
+	config_get family $iface family ipv4
+
+	if [ "$family" == "ipv4" ]; then
+		$IP4 route del default dev $device proto static metric $metric 1>/dev/null 2>&1
+	fi
+
+	if [ "$family" == "ipv6" ]; then
+		$IP6 route del default dev $device proto static metric $metric 1>/dev/null 2>&1
+	fi
+}
+
+case "$ACTION" in
+	connected)
+		mwan3_add_failover_metric "$INTERFACE" "$DEVICE" "$online_metric"
+		;;
+	disconnected)
+		mwan3_del_failover_metric "$INTERFACE" "$DEVICE" "$online_metric"
+		;;
+esac
+
+exit 0
diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index 89ef06841..42e08beb9 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -1219,3 +1219,25 @@ mwan3_track_clean()
 		fi
 	}
 }
+
+mwan3_online_metric_clean() {
+	local iface="$1"
+
+	local online_metric ifname
+
+	config_get family $iface family ipv4
+	config_get online_metric $iface online_metric ""
+	ifname=$(uci_get_state network $iface ifname)
+
+	if [ "$family" == "ipv4" ] \
+		&& [ "$online_metric" != "" ] \
+		&& [ "$ifname" != "" ]; then
+		$IP4 route del default dev $ifname proto static metric $online_metric 1>/dev/null 2>&1
+	fi
+
+	if [ "$family" == "ipv6" ] \
+		&& [ "$online_metric" != "" ] \
+		&& [ "$ifname" != "" ]; then
+		$IP6 route del default dev $ifname proto static metric $online_metric 1>/dev/null 2>&1
+	fi
+}
diff --git a/net/mwan3/files/usr/sbin/mwan3 b/net/mwan3/files/usr/sbin/mwan3
index 4ad3bc391..139da3d25 100755
--- a/net/mwan3/files/usr/sbin/mwan3
+++ b/net/mwan3/files/usr/sbin/mwan3
@@ -175,6 +175,7 @@ stop()
 
 	config_load mwan3
 	config_foreach mwan3_track_clean interface
+	config_foreach mwan3_online_metric_clean interface
 
 	for IP in "$IP4" "$IP6"; do
 

From 8b28ab282ba0af297f7c99ae69ce7d4bc349a4ec Mon Sep 17 00:00:00 2001
From: Florian Eckert <fe@dev.tdt.de>
Date: Tue, 23 Oct 2018 15:18:45 +0200
Subject: [PATCH 8/8] net/mwan3: update version to 2.7.5

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
---
 net/mwan3/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile
index d9a085a37..2e7d2ec99 100644
--- a/net/mwan3/Makefile
+++ b/net/mwan3/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mwan3
-PKG_VERSION:=2.7.4
+PKG_VERSION:=2.7.5
 PKG_RELEASE:=1
 PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
 PKG_LICENSE:=GPLv2