Add an option for adding rules based on source interface.
The default 0.0.0.0/0 src and destination ip addresses has been removed. It is unclear
how the 'any' family of rules would have worked, as it appears each rule always required an
ipv4 or ipv6 address src and destination address. With this change, the any family will work
again.
I also cleaned up a bunch of repeated code around adding the iptables rules for
ipv4/ipv6/any in making the change.
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
(cherry picked from commit 5147dfc73a)
An interface can have both a /64 and a /128 from a provider.
In such a case, use the address from the /64 to do the ping check, not
the /128.
Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
(cherry picked from commit 49cf5eac5c)
Pinging IPv6 hosts using an interface as a source specifier seems
troublesome. See https://bugs.openwrt.org/index.php?do=details&task_id=2897
for more detail.
Use the desired source interface's IP address instead.
Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
(cherry picked from commit 6721587e8b)
Till now we could only ping http targets on port 80. With this change by
adding the config boolean config option httping_ssl we could also ping
https ping targets on port 443.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit a689e168aa)
The variable IPT is not valid at this point. Set the variable usage to IPT4
fixes this issue.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 581d7df844)
Since the merge of the luci master branch into the luci openwrt.19.07 branch,
the ubus API was not in sync anymore. So all commits from the master
branch where backported into the openwrt-19.07 branch. But this could
not be done linear. There were already some fixes cherry-picked from the
master and the version does not match anymore. This commit syncronized
the PKG_VERSION and the PKG_RELEASE again to make clear that the
version in master and openwrt-19.07 are even again and have so the
same software version until to this commit.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Maintainer: Florian Eckert @feckert
Compile tested: not needed
Run tested: x86_64
Description:
Only two of the four IPs defined for wan are found in wanb, adding it so it is the same.
Signed-off-by: Daniel A. Maierhofer <git@damadmai.at>
(cherry picked from commit 1e97156adc)
Sometimes the return value of `ubus -S call network.interface.wan status`
cause `json_load` to return `Failed to parse message data` error.
To avoid this, the JSON data always should be quoted with double quotes.
Signed-off-by: Evren Yurtesen <eyurtese@abo.fi>
Removed quoatation marks from commit heading
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Update the version string from 2.8.1 (master) to 2.7.15 (openwrt-19.07)
(cherry picked from commit 94e0c78826)
With this change it is now possible to combine interface action events.
If an interface action is generated by netifd or mwan3 for example ifup,
ifdown, connectd or disconnected and this action is configured in the inteface
uci section, then the conntrack table is flushed by mwan3.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This bug was introduced since dd206b7d0b
mwan3_remon_ipv4 and mwan3_remon_ipv6 is command to run not a variable
I add some comments on them hopefully people will notice it
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Before this change two disconnected events were generated. This is wrong!
The disconnected event is impliciet generated by the hotplug script on ifdown
event. The mwan3track script is notified by a USR1 signal which
generates the disconnectd event. The additional "disconnectd" event on
ifdown is not required.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Add to ubus the missing output information "policies" which could already
be observed with the command "mwan3 status".
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
If we set the option "local_source" in the globals mwan3 section to "none",
traffic generated by the router it self will always use the default route from
the wan interface with the lowest metric. If this interface is down
the router traffic still uses the connection with the lowest metric but
this is disconnected. Load balancing and failover from the lan site is
still possible. Only router generated traffic is not load balanced and
could not use failover.
To solve this issue with router initiated traffic add the additional
option "online_metric" to the mwan3 interface section.
If the interface is connected then this lower "online metric" is set in the
default routing table.
With this change we have at least a failover with router initiated
traffic.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
During runntime of mwan3 we could add dynamicly networks to this ipset
which would then treated as connected networks by mwan3.
This is also usefull for ipsec.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
With the list param "rt_table_lookup" in the mwan3 section globals,
it is now possible to add a additional routing table numbers which would get
also parsed and will be added to the connected network.
So mwan3 will treat them as they are directly connected to this device.
This could be usefull if we use ipsec.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
